From 5e4b657dd44dce601c91bc77a41f6e382bc32000 Mon Sep 17 00:00:00 2001 From: Vladislav Vaintroub Date: Wed, 13 Feb 2019 09:08:06 +0100 Subject: [PATCH 1/6] MDEV-18531 : Use WolfSSL instead of YaSSL as "bundled" SSL/encryption library - Add new submodule for WolfSSL - Build and use wolfssl and wolfcrypt instead of yassl/taocrypt - Use HAVE_WOLFSSL instead of HAVE_YASSL - Increase MY_AES_CTX_SIZE, to avoid compile time asserts in my_crypt.cc (sizeof(EVP_CIPHER_CTX) is larger on WolfSSL) --- .gitmodules | 3 + CMakeLists.txt | 4 +- cmake/libutils.cmake | 2 +- cmake/mariadb_connector_c.cmake | 2 +- cmake/ssl.cmake | 36 +++----- config.h.cmake | 1 + extra/mariabackup/CMakeLists.txt | 4 +- extra/wolfssl/CMakeLists.txt | 89 +++++++++++++++++++ extra/wolfssl/wolfssl | 1 + include/my_global.h | 1 - include/mysql/service_my_crypt.h | 2 +- include/ssl_compat.h | 30 ++++--- include/sslopt-case.h | 4 +- mysql-test/main/ssl_7937.test | 10 +-- mysql-test/main/ssl_cipher.test | 2 +- mysql-test/suite.pm | 9 +- mysys/my_rnd.c | 13 +-- mysys_ssl/CMakeLists.txt | 1 - mysys_ssl/my_crypt.cc | 26 ++++-- mysys_ssl/my_md5.cc | 17 ++-- mysys_ssl/my_sha.ic | 41 ++++++--- .../aws_key_management_plugin.cc | 2 +- plugin/file_key_management/parser.cc | 8 -- plugin/locale_info/CMakeLists.txt | 3 +- plugin/qc_info/CMakeLists.txt | 3 +- sql-common/client.c | 12 ++- sql/mysqld.cc | 37 +++----- support-files/compiler_warnings.supp | 11 --- unittest/json_lib/CMakeLists.txt | 1 - unittest/my_decimal/CMakeLists.txt | 1 - vio/vio.c | 4 +- vio/viossl.c | 49 +--------- vio/viosslfactories.c | 35 ++++++-- 33 files changed, 263 insertions(+), 201 deletions(-) create mode 100644 extra/wolfssl/CMakeLists.txt create mode 160000 extra/wolfssl/wolfssl diff --git a/.gitmodules b/.gitmodules index 61d4c06dd4e..53a7787232a 100644 --- a/.gitmodules +++ b/.gitmodules @@ -8,3 +8,6 @@ path = wsrep-lib url = https://github.com/codership/wsrep-lib.git branch = master +[submodule "extra/wolfssl/wolfssl"] + path = extra/wolfssl/wolfssl + url = https://github.com/WolfSSL/wolfssl diff --git a/CMakeLists.txt b/CMakeLists.txt index c20520181db..1aff1e73b2a 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -346,7 +346,7 @@ IF(NOT HAVE_CXX_NEW) ENDIF() # Find header files from the bundled libraries -# (yassl, readline, pcre, etc) +# (wolfssl, readline, pcre, etc) # before the ones installed in the system SET(CMAKE_INCLUDE_DIRECTORIES_PROJECT_BEFORE ON) @@ -359,7 +359,7 @@ INCLUDE_DIRECTORIES(${CMAKE_CURRENT_BINARY_DIR}/include) # Add bundled or system zlib. MYSQL_CHECK_ZLIB_WITH_COMPRESS() -# Add bundled yassl/taocrypt or system openssl. +# Add bundled wolfssl/wolfcrypt or system openssl. MYSQL_CHECK_SSL() # Add readline or libedit. MYSQL_CHECK_READLINE() diff --git a/cmake/libutils.cmake b/cmake/libutils.cmake index 002d5a4cabc..6b2a2e9b2bb 100644 --- a/cmake/libutils.cmake +++ b/cmake/libutils.cmake @@ -317,7 +317,7 @@ ELSEIF(UNIX) ENDIF() ENDIF() -# We try to hide the symbols in yassl/zlib to avoid name clashes with +# We try to hide the symbols in bundled libraries to avoid name clashes with # other libraries like openssl. FUNCTION(RESTRICT_SYMBOL_EXPORTS target) IF(VISIBILITY_HIDDEN_FLAG) diff --git a/cmake/mariadb_connector_c.cmake b/cmake/mariadb_connector_c.cmake index 0f08c3464c4..4fb4be44831 100644 --- a/cmake/mariadb_connector_c.cmake +++ b/cmake/mariadb_connector_c.cmake @@ -8,7 +8,7 @@ SET(CONC_WITH_SIGNCODE ${SIGNCODE}) SET(SIGN_OPTIONS ${SIGNTOOL_PARAMETERS}) SET(CONC_WITH_EXTERNAL_ZLIB ON) -IF(SSL_DEFINES MATCHES "YASSL") +IF(SSL_DEFINES MATCHES "WOLFSSL") IF(WIN32) SET(CONC_WITH_SSL "SCHANNEL") ELSE() diff --git a/cmake/ssl.cmake b/cmake/ssl.cmake index 2ec370404df..0d2570f1336 100644 --- a/cmake/ssl.cmake +++ b/cmake/ssl.cmake @@ -15,7 +15,7 @@ # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1335 USA # We support different versions of SSL: -# - "bundled" uses source code in /extra/yassl +# - "bundled" uses source code in /extra/wolfssl # - "system" (typically) uses headers/libraries in /usr/lib and /usr/lib64 # - a custom installation of openssl can be used like this # - cmake -DCMAKE_PREFIX_PATH= -DWITH_SSL="system" @@ -35,7 +35,7 @@ # 'set path=\bin;%PATH% # in order to find the .dll files at runtime. -SET(WITH_SSL_DOC "bundled (use yassl)") +SET(WITH_SSL_DOC "bundled (use wolfssl)") SET(WITH_SSL_DOC "${WITH_SSL_DOC}, yes (prefer os library if present, otherwise use bundled)") SET(WITH_SSL_DOC @@ -48,29 +48,19 @@ MACRO (CHANGE_SSL_SETTINGS string) ENDMACRO() MACRO (MYSQL_USE_BUNDLED_SSL) - SET(INC_DIRS - ${CMAKE_SOURCE_DIR}/extra/yassl/include - ${CMAKE_SOURCE_DIR}/extra/yassl/taocrypt/include + SET(INC_DIRS + ${CMAKE_SOURCE_DIR}/extra/wolfssl/wolfssl + ${CMAKE_SOURCE_DIR}/extra/wolfssl/wolfssl/wolfssl ) - SET(SSL_LIBRARIES yassl taocrypt) + SET(SSL_LIBRARIES wolfssl wolfcrypt) SET(SSL_INCLUDE_DIRS ${INC_DIRS}) - SET(SSL_INTERNAL_INCLUDE_DIRS ${CMAKE_SOURCE_DIR}/extra/yassl/taocrypt/mySTL) - SET(SSL_DEFINES "-DHAVE_YASSL -DYASSL_PREFIX -DHAVE_OPENSSL -DMULTI_THREADED") - SET(HAVE_ERR_remove_thread_state OFF CACHE INTERNAL "yassl doesn't have ERR_remove_thread_state") - SET(HAVE_EncryptAes128Ctr OFF CACHE INTERNAL "yassl doesn't support AES-CTR") - SET(HAVE_EncryptAes128Gcm OFF CACHE INTERNAL "yassl doesn't support AES-GCM") + SET(SSL_DEFINES "-DHAVE_OPENSSL -DHAVE_WOLFSSL -DOPENSSL_ALL -DWOLFSSL_MYSQL_COMPATIBLE -DWC_NO_HARDEN") + SET(HAVE_ERR_remove_thread_state ON CACHE INTERNAL "wolfssl doesn't have ERR_remove_thread_state") + SET(HAVE_EncryptAes128Ctr ON CACHE INTERNAL "wolfssl does support AES-CTR") + SET(HAVE_EncryptAes128Gcm OFF CACHE INTERNAL "wolfssl does not support AES-GCM") + SET(HAVE_X509_check_host ON CACHE INTERNAL "wolfssl does support X509_check_host") CHANGE_SSL_SETTINGS("bundled") - ADD_SUBDIRECTORY(extra/yassl) - ADD_SUBDIRECTORY(extra/yassl/taocrypt) - GET_TARGET_PROPERTY(src yassl SOURCES) - FOREACH(file ${src}) - SET(SSL_SOURCES ${SSL_SOURCES} ${CMAKE_SOURCE_DIR}/extra/yassl/${file}) - ENDFOREACH() - GET_TARGET_PROPERTY(src taocrypt SOURCES) - FOREACH(file ${src}) - SET(SSL_SOURCES ${SSL_SOURCES} - ${CMAKE_SOURCE_DIR}/extra/yassl/taocrypt/${file}) - ENDFOREACH() + ADD_SUBDIRECTORY(extra/wolfssl) MESSAGE_ONCE(SSL_LIBRARIES "SSL_LIBRARIES = ${SSL_LIBRARIES}") ENDMACRO() @@ -155,6 +145,8 @@ MACRO (MYSQL_CHECK_SSL) HAVE_EncryptAes128Ctr) CHECK_SYMBOL_EXISTS(EVP_aes_128_gcm "openssl/evp.h" HAVE_EncryptAes128Gcm) + CHECK_SYMBOL_EXISTS(X509_check_host "openssl/x509v3.h" + HAVE_X509_check_host) SET(CMAKE_REQUIRED_INCLUDES) SET(CMAKE_REQUIRED_LIBRARIES) ELSE() diff --git a/config.h.cmake b/config.h.cmake index b1092fa5df7..78fe1d9498f 100644 --- a/config.h.cmake +++ b/config.h.cmake @@ -380,6 +380,7 @@ #cmakedefine HAVE_SVR3_SIGNALS 1 #cmakedefine HAVE_V7_SIGNALS 1 #cmakedefine HAVE_ERR_remove_thread_state 1 +#cmakedefine HAVE_X509_check_host 1 #cmakedefine HAVE_SOLARIS_STYLE_GETHOST 1 diff --git a/extra/mariabackup/CMakeLists.txt b/extra/mariabackup/CMakeLists.txt index 638fa2f740a..5326ba9f8f5 100644 --- a/extra/mariabackup/CMakeLists.txt +++ b/extra/mariabackup/CMakeLists.txt @@ -52,8 +52,8 @@ ELSE() SET(NT_SERVICE_SOURCE) ENDIF() -ADD_DEFINITIONS(-DPCRE_STATIC=1 -DHAVE_OPENSSL=1) - +ADD_DEFINITIONS(-DPCRE_STATIC=1) +ADD_DEFINITIONS(${SSL_DEFINES}) MYSQL_ADD_EXECUTABLE(mariabackup xtrabackup.cc innobackupex.cc diff --git a/extra/wolfssl/CMakeLists.txt b/extra/wolfssl/CMakeLists.txt new file mode 100644 index 00000000000..6de9ea5d5d3 --- /dev/null +++ b/extra/wolfssl/CMakeLists.txt @@ -0,0 +1,89 @@ +SET(WOLFSSL_SRCDIR ${CMAKE_CURRENT_SOURCE_DIR}/wolfssl/src) +ADD_DEFINITIONS(${SSL_DEFINES}) +ADD_DEFINITIONS( + -DHAVE_CRL + -DWOLFSSL_MYSQL_COMPATIBLE + -DHAVE_ECC + -DECC_TIMING_RESISTANT + -DBUILDING_WOLFSSL + -DHAVE_HASHDRBG + -DWOLFSSL_AES_DIRECT + -DWOLFSSL_SHA384 + -DWOLFSSL_SHA512 + -DWOLFSSL_SHA224 + -DSESSION_CERT + -DKEEP_OUR_CERT + -DWOLFSSL_STATIC_RSA + -DWC_RSA_BLINDING + -DHAVE_TLS_EXTENSIONS + -DHAVE_AES_ECB + -DWOLFSSL_AES_COUNTER + -DNO_WOLFSSL_STUB) + +SET(WOLFSSL_SOURCES + ${WOLFSSL_SRCDIR}/crl.c + ${WOLFSSL_SRCDIR}/internal.c + ${WOLFSSL_SRCDIR}/keys.c + ${WOLFSSL_SRCDIR}/tls.c + ${WOLFSSL_SRCDIR}/wolfio.c + ${WOLFSSL_SRCDIR}/ocsp.c + ${WOLFSSL_SRCDIR}/ssl.c) +ADD_DEFINITIONS(-DWOLFSSL_LIB) +INCLUDE_DIRECTORIES(BEFORE ${CMAKE_CURRENT_SOURCE_DIR}/wolfssl) +IF(MSVC) + # size_t to long truncation warning + SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -wd4267") + IF(CMAKE_C_COMPILER_ID MATCHES Clang) + # Workaround a bug with clang-cl, see https://github.com/wolfSSL/wolfssl/pull/2090 + ADD_DEFINITIONS(-DMP_16BIT) + ENDIF() +ENDIF() + +ADD_CONVENIENCE_LIBRARY(wolfssl ${WOLFSSL_SOURCES}) + +# Workaround linker crash with older Ubuntu binutils +# e.g aborting at ../../bfd/merge.c line 873 in _bfd_merged_section_offset +IF(CMAKE_SYSTEM_NAME MATCHES "Linux") + STRING(REPLACE "-g " "-g1 " CMAKE_C_FLAGS_RELWITHDEBINFO + ${CMAKE_C_FLAGS_RELWITHDEBINFO}) + STRING(REPLACE "-g " "-g1 " CMAKE_C_FLAGS_DEBUG + ${CMAKE_C_FLAGS_DEBUG}) + STRING(REPLACE "-ggdb3 " " " CMAKE_C_FLAGS_RELWITHDEBINFO + ${CMAKE_C_FLAGS_RELWITHDEBINFO}) + STRING(REPLACE "-ggdb3 " " " CMAKE_C_FLAGS_DEBUG + ${CMAKE_C_FLAGS_DEBUG}) +ENDIF() + +SET(WOLFCRYPT_SRCDIR ${CMAKE_CURRENT_SOURCE_DIR}/wolfssl/wolfcrypt/src) +SET(WOLFCRYPT_SOURCES +${WOLFCRYPT_SRCDIR}/aes.c +${WOLFCRYPT_SRCDIR}/arc4.c +${WOLFCRYPT_SRCDIR}/asn.c +${WOLFCRYPT_SRCDIR}/coding.c +${WOLFCRYPT_SRCDIR}/des3.c +${WOLFCRYPT_SRCDIR}/dh.c +${WOLFCRYPT_SRCDIR}/dsa.c +${WOLFCRYPT_SRCDIR}/ecc.c +${WOLFCRYPT_SRCDIR}/error.c +${WOLFCRYPT_SRCDIR}/hmac.c +${WOLFCRYPT_SRCDIR}/integer.c +${WOLFCRYPT_SRCDIR}/logging.c +${WOLFCRYPT_SRCDIR}/md4.c +${WOLFCRYPT_SRCDIR}/md5.c +${WOLFCRYPT_SRCDIR}/memory.c +${WOLFCRYPT_SRCDIR}/pkcs12.c +${WOLFCRYPT_SRCDIR}/pwdbased.c +${WOLFCRYPT_SRCDIR}/rabbit.c +${WOLFCRYPT_SRCDIR}/random.c +${WOLFCRYPT_SRCDIR}/rsa.c +${WOLFCRYPT_SRCDIR}/sha.c +${WOLFCRYPT_SRCDIR}/sha256.c +${WOLFCRYPT_SRCDIR}/sha512.c +${WOLFCRYPT_SRCDIR}/wc_port.c +${WOLFCRYPT_SRCDIR}/wc_encrypt.c +${WOLFCRYPT_SRCDIR}/hash.c +${WOLFCRYPT_SRCDIR}/wolfmath.c +) + +ADD_CONVENIENCE_LIBRARY(wolfcrypt ${WOLFCRYPT_SOURCES}) + diff --git a/extra/wolfssl/wolfssl b/extra/wolfssl/wolfssl new file mode 160000 index 00000000000..21f2beca9f3 --- /dev/null +++ b/extra/wolfssl/wolfssl @@ -0,0 +1 @@ +Subproject commit 21f2beca9f320199fcea4a96df3e19967804144b diff --git a/include/my_global.h b/include/my_global.h index e2b2b7635cc..248320e301f 100644 --- a/include/my_global.h +++ b/include/my_global.h @@ -989,7 +989,6 @@ typedef struct st_mysql_lex_string LEX_STRING; #if defined(__WIN__) #define socket_errno WSAGetLastError() #define SOCKET_EINTR WSAEINTR -#define SOCKET_EAGAIN WSAEINPROGRESS #define SOCKET_ETIMEDOUT WSAETIMEDOUT #define SOCKET_EWOULDBLOCK WSAEWOULDBLOCK #define SOCKET_EADDRINUSE WSAEADDRINUSE diff --git a/include/mysql/service_my_crypt.h b/include/mysql/service_my_crypt.h index de4a8bb69da..2de698fe41c 100644 --- a/include/mysql/service_my_crypt.h +++ b/include/mysql/service_my_crypt.h @@ -45,7 +45,7 @@ extern "C" { /* The max key length of all supported algorithms */ #define MY_AES_MAX_KEY_LENGTH 32 -#define MY_AES_CTX_SIZE 512 +#define MY_AES_CTX_SIZE 560 enum my_aes_mode { MY_AES_ECB, MY_AES_CBC diff --git a/include/ssl_compat.h b/include/ssl_compat.h index c94b9671d5f..9b63c24399a 100644 --- a/include/ssl_compat.h +++ b/include/ssl_compat.h @@ -17,11 +17,7 @@ #include /* OpenSSL version specific definitions */ -#if !defined(HAVE_YASSL) && defined(OPENSSL_VERSION_NUMBER) - -#if OPENSSL_VERSION_NUMBER >= 0x10002000L && !defined(LIBRESSL_VERSION_NUMBER) -#define HAVE_X509_check_host 1 -#endif +#if defined(OPENSSL_VERSION_NUMBER) #if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER) #define HAVE_OPENSSL11 1 @@ -49,27 +45,39 @@ #else #define HAVE_OPENSSL10 1 +#ifdef HAVE_WOLFSSL +#define SSL_LIBRARY "WolfSSL " WOLFSSL_VERSION +#else #define SSL_LIBRARY SSLeay_version(SSLEAY_VERSION) +#endif -#ifdef HAVE_ERR_remove_thread_state +#ifdef HAVE_WOLFSSL +#undef ERR_remove_state +#define ERR_remove_state(x) do {} while(0) +#elif defined (HAVE_ERR_remove_thread_state) #define ERR_remove_state(X) ERR_remove_thread_state(NULL) #endif /* HAVE_ERR_remove_thread_state */ #endif /* HAVE_OPENSSL11 */ +#endif -#elif defined(HAVE_YASSL) -#define SSL_LIBRARY "YaSSL " YASSL_VERSION -#define BN_free(X) do { } while(0) -#endif /* !defined(HAVE_YASSL) */ +#ifdef HAVE_WOLFSSL +#define EVP_MD_CTX_SIZE sizeof(wc_Md5) +#endif #ifndef HAVE_OPENSSL11 +#ifndef ASN1_STRING_get0_data #define ASN1_STRING_get0_data(X) ASN1_STRING_data(X) +#endif +#ifndef EVP_MD_CTX_SIZE +#define EVP_MD_CTX_SIZE sizeof(EVP_MD_CTX) +#endif + #define OPENSSL_init_ssl(X,Y) SSL_library_init() #define DH_set0_pqg(D,P,Q,G) ((D)->p= (P), (D)->g= (G)) #define EVP_CIPHER_CTX_buf_noconst(ctx) ((ctx)->buf) #define EVP_CIPHER_CTX_encrypting(ctx) ((ctx)->encrypt) #define EVP_CIPHER_CTX_SIZE sizeof(EVP_CIPHER_CTX) -#define EVP_MD_CTX_SIZE sizeof(EVP_MD_CTX) #define EVP_MD_CTX_reset(X) EVP_MD_CTX_cleanup(X) #define EVP_CIPHER_CTX_reset(X) EVP_CIPHER_CTX_cleanup(X) diff --git a/include/sslopt-case.h b/include/sslopt-case.h index fe53088e89b..87eeff28231 100644 --- a/include/sslopt-case.h +++ b/include/sslopt-case.h @@ -29,8 +29,8 @@ One can disable SSL later by using --skip-ssl or --ssl=0 */ opt_use_ssl= 1; - /* crl has no effect in yaSSL */ -#ifdef HAVE_YASSL +#ifdef HAVE_WOLFSSL + /* CRL does not work with WolfSSL */ opt_ssl_crl= NULL; opt_ssl_crlpath= NULL; #endif diff --git a/mysql-test/main/ssl_7937.test b/mysql-test/main/ssl_7937.test index aa8cd225d7b..264da3a6daa 100644 --- a/mysql-test/main/ssl_7937.test +++ b/mysql-test/main/ssl_7937.test @@ -22,14 +22,14 @@ create procedure have_ssl() --echo mysql --ssl --ssl-verify-server-cert -e "call test.have_ssl()" # this is the test where certificate verification fails. -# but yassl doesn't support certificate verification, so -# we fake the test result for yassl -let yassl=`select variable_value='Unknown' from information_schema.session_status where variable_name='Ssl_session_cache_mode'`; -if (!$yassl) { +# but client library may not support certificate verification, so +# we fake the test result for it. We assume client is openssl, when server is openssl +let client_supports_cert_verification =`select variable_value not in('Unknown','OFF') from information_schema.session_status where variable_name='Ssl_session_cache_mode'`; +if ($client_supports_cert_verification) { --replace_result "self signed certificate in certificate chain" "Failed to verify the server certificate" "Error in the certificate." "Failed to verify the server certificate" --exec $MYSQL --ssl --ssl-verify-server-cert -e "call test.have_ssl()" 2>&1 } -if ($yassl) { +if (!$client_supports_cert_verification) { --echo ERROR 2026 (HY000): SSL connection error: Failed to verify the server certificate } drop procedure have_ssl; diff --git a/mysql-test/main/ssl_cipher.test b/mysql-test/main/ssl_cipher.test index 27854654a9f..36549d76d02 100644 --- a/mysql-test/main/ssl_cipher.test +++ b/mysql-test/main/ssl_cipher.test @@ -43,7 +43,7 @@ drop user ssl_user1@localhost, ssl_user2@localhost, ssl_user3@localhost, ssl_use # # Bug#21611 Slave can't connect when master-ssl-cipher specified # - Apparently selecting a cipher doesn't work at all -# - Use a cipher that both yaSSL and OpenSSL supports +# - Use a cipher that both WolfSSL and OpenSSL supports # --write_file $MYSQLTEST_VARDIR/tmp/test.sql SHOW STATUS LIKE 'Ssl_cipher'; diff --git a/mysql-test/suite.pm b/mysql-test/suite.pm index 76bfab714df..7f9838f645e 100644 --- a/mysql-test/suite.pm +++ b/mysql-test/suite.pm @@ -66,9 +66,14 @@ sub skip_combinations { unless $::mysqld_variables{'version-ssl-library'} =~ /OpenSSL (\S+)/ and $1 ge "1.0.1d" and $1 lt "1.1.1"; + sub x509v3_ok() { + return ($::mysqld_variables{'version-ssl-library'} =~ /WolfSSL/) || + ($::mysqld_variables{'version-ssl-library'} =~ /OpenSSL (\S+)/ + and $1 ge "1.0.2"); + } + $skip{'main/ssl_7937.combinations'} = [ 'x509v3' ] - unless $::mysqld_variables{'version-ssl-library'} =~ /OpenSSL (\S+)/ - and $1 ge "1.0.2"; + unless x509v3_ok(); $skip{'main/ssl_verify_ip.test'} = 'x509v3 support required' unless $::mysqld_variables{'version-ssl-library'} =~ /OpenSSL (\S+)/ diff --git a/mysys/my_rnd.c b/mysys/my_rnd.c index c38682a2012..0af251b4ade 100644 --- a/mysys/my_rnd.c +++ b/mysys/my_rnd.c @@ -78,20 +78,11 @@ double my_rnd(struct my_rnd_struct *rand_st) double my_rnd_ssl(struct my_rnd_struct *rand_st) { - -#if defined(HAVE_YASSL) || defined(HAVE_OPENSSL) - int rc; - unsigned int res; - -#if defined(HAVE_YASSL) - rc= yaSSL::RAND_bytes((unsigned char *) &res, sizeof (unsigned int)); -#else +#if defined(HAVE_OPENSSL) rc= RAND_bytes((unsigned char *) &res, sizeof (unsigned int)); -#endif /* HAVE_YASSL */ - if (rc) return (double)res / (double)UINT_MAX; -#endif /* defined(HAVE_YASSL) || defined(HAVE_OPENSSL) */ +#endif /* defined(HAVE_OPENSSL) */ return my_rnd(rand_st); } diff --git a/mysys_ssl/CMakeLists.txt b/mysys_ssl/CMakeLists.txt index 86749128664..1c3f60b5bb0 100644 --- a/mysys_ssl/CMakeLists.txt +++ b/mysys_ssl/CMakeLists.txt @@ -36,7 +36,6 @@ SET(MYSYS_SSL_SOURCES my_crypt.cc ) -# We do RESTRICT_SYMBOL_EXPORTS(yassl) elsewhere. # In order to get correct symbol visibility, these files # must be compiled with "-fvisibility=hidden" IF(WITH_SSL STREQUAL "bundled" AND HAVE_VISIBILITY_HIDDEN) diff --git a/mysys_ssl/my_crypt.cc b/mysys_ssl/my_crypt.cc index 65dd5cd769e..e83c949f21e 100644 --- a/mysys_ssl/my_crypt.cc +++ b/mysys_ssl/my_crypt.cc @@ -18,14 +18,10 @@ #include #include -#ifdef HAVE_YASSL -#include "yassl.cc" -#else #include #include #include #include -#endif #include #include @@ -54,7 +50,7 @@ public: if (unlikely(!cipher)) return MY_AES_BAD_KEYSIZE; - if (!EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, encrypt)) + if (EVP_CipherInit_ex(ctx, cipher, NULL, key, iv, encrypt) != 1) return MY_AES_OPENSSL_ERROR; DBUG_ASSERT(EVP_CIPHER_CTX_key_length(ctx) == (int)klen); @@ -64,14 +60,30 @@ public: } virtual int update(const uchar *src, uint slen, uchar *dst, uint *dlen) { - if (!EVP_CipherUpdate(ctx, dst, (int*)dlen, src, slen)) + if (EVP_CipherUpdate(ctx, dst, (int*)dlen, src, slen) != 1) return MY_AES_OPENSSL_ERROR; return MY_AES_OK; } virtual int finish(uchar *dst, uint *dlen) { - if (!EVP_CipherFinal_ex(ctx, dst, (int*)dlen)) +#ifdef HAVE_WOLFSSL + /* + Bug in WolfSSL - sometimes EVP_CipherFinal_ex + returns success without setting destination length + when it should return error. + We catch it by presetting invalid value for length, + and checking if it has changed after the call. + + See https://github.com/wolfSSL/wolfssl/issues/2224 + */ + *dlen= UINT_MAX; +#endif + if (EVP_CipherFinal_ex(ctx, dst, (int*)dlen) != 1) return MY_AES_BAD_DATA; +#ifdef HAVE_WOLFSSL + if (*dlen == UINT_MAX) + return MY_AES_BAD_DATA; +#endif return MY_AES_OK; } }; diff --git a/mysys_ssl/my_md5.cc b/mysys_ssl/my_md5.cc index 85490c1de77..407dee3bc69 100644 --- a/mysys_ssl/my_md5.cc +++ b/mysys_ssl/my_md5.cc @@ -27,26 +27,23 @@ #include #include -#if defined(HAVE_YASSL) -#include "md5.hpp" +#if defined(HAVE_WOLFSSL) +#include #include - -typedef TaoCrypt::MD5 EVP_MD_CTX; - +typedef wc_Md5 EVP_MD_CTX; static void md5_init(EVP_MD_CTX *context) { - context= new(context) EVP_MD_CTX; - context->Init(); + wc_InitMd5(context);; } static void md5_input(EVP_MD_CTX *context, const uchar *buf, unsigned len) { - context->Update((const TaoCrypt::byte *) buf, len); + wc_Md5Update(context, buf, len); } static void md5_result(EVP_MD_CTX *context, uchar digest[MD5_HASH_SIZE]) { - context->Final((TaoCrypt::byte *) digest); + wc_Md5Final(context,digest); } #elif defined(HAVE_OPENSSL) @@ -74,7 +71,7 @@ static void md5_result(EVP_MD_CTX *context, uchar digest[MD5_HASH_SIZE]) EVP_MD_CTX_reset(context); } -#endif /* HAVE_YASSL */ +#endif /* HAVE_WOLFSSL */ /** Wrapper function to compute MD5 message digest. diff --git a/mysys_ssl/my_sha.ic b/mysys_ssl/my_sha.ic index 97344dc0415..6bba614765e 100644 --- a/mysys_ssl/my_sha.ic +++ b/mysys_ssl/my_sha.ic @@ -28,35 +28,50 @@ #define HASH_SIZE (NUM > 1 ? NUM/8 : 20) -#if defined(HAVE_YASSL) -#include "sha.hpp" - -#define xCONTEXT(x) TaoCrypt::SHA ## x +#if defined(HAVE_WOLFSSL) +#define WOLFSSL_SHA512 +#define WOLFSSL_SHA384 +#define WOLFSSL_SHA224 +#include +#include +#include +#define xCONTEXT(x) wc_Sha ## x #define yCONTEXT(y) xCONTEXT(y) #define CONTEXT yCONTEXT(NUM) -#define SHA1 SHA +#define wc_InitSha1 wc_InitSha +#define wc_Sha1Final wc_ShaFinal +#define wc_Sha1Update wc_ShaUpdate +#define wc_Sha1 wc_Sha +#define SHA224_CTX SHA256_CTX +#define SHA384_CTX SHA512_CTX +#define xSHA_Init(x) wc_InitSha ## x +#define xSHA_Update(x) wc_Sha ## x ## Update +#define xSHA_Final(x) wc_Sha ## x ## Final +#define ySHA_Init(y) xSHA_Init(y) +#define ySHA_Update(y) xSHA_Update(y) +#define ySHA_Final(y) xSHA_Final(y) +#define SHA_Init ySHA_Init(NUM) +#define SHA_Update ySHA_Update(NUM) +#define SHA_Final ySHA_Final(NUM) static void sha_init(CONTEXT *context) { - context->Init(); + SHA_Init(context); } -/* - this is a variant of sha_init to be used in this file only. - does nothing for yassl, because the context's constructor was called automatically. -*/ static void sha_init_fast(CONTEXT *context) { + sha_init(context); } static void sha_input(CONTEXT *context, const uchar *buf, unsigned len) { - context->Update((const TaoCrypt::byte *) buf, len); + SHA_Update(context, buf, len); } static void sha_result(CONTEXT *context, uchar digest[HASH_SIZE]) { - context->Final((TaoCrypt::byte *) digest); + SHA_Final(context, digest); } #elif defined(HAVE_OPENSSL) @@ -99,7 +114,7 @@ static void sha_result(CONTEXT *context, uchar digest[HASH_SIZE]) SHA_Final(digest, context); } -#endif /* HAVE_YASSL */ +#endif /* HAVE_WOLFSSL */ #define xmy_sha_multi(x) my_sha ## x ## _multi #define xmy_sha_context_size(x) my_sha ## x ## _context_size diff --git a/plugin/aws_key_management/aws_key_management_plugin.cc b/plugin/aws_key_management/aws_key_management_plugin.cc index d76b000b721..489dd375387 100644 --- a/plugin/aws_key_management/aws_key_management_plugin.cc +++ b/plugin/aws_key_management/aws_key_management_plugin.cc @@ -214,7 +214,7 @@ Aws::SDKOptions sdkOptions; static int aws_init() { -#ifdef HAVE_YASSL +#ifdef HAVE_WOLFSSL sdkOptions.cryptoOptions.initAndCleanupOpenSSL = true; #else /* Server initialized OpenSSL already, thus AWS must skip it */ diff --git a/plugin/file_key_management/parser.cc b/plugin/file_key_management/parser.cc index 5a9e5e55d63..818c026495f 100644 --- a/plugin/file_key_management/parser.cc +++ b/plugin/file_key_management/parser.cc @@ -96,14 +96,6 @@ openssl enc -aes-256-cbc -md sha1 -k "secret" -in keys.txt -out keys.enc @param secret [in] the given secret as String, provided by the user @param key [out] 32 Bytes of key are written to this pointer @param iv [out] 16 Bytes of iv are written to this pointer - - Note, that in openssl this whole function can be reduced to - - #include - EVP_BytesToKey(EVP_aes_256_cbc(), EVP_sha1(), salt, - secret, strlen(secret), 1, key, iv); - - but alas! we want to support yassl too */ void Parser::bytes_to_key(const unsigned char *salt, const char *input, diff --git a/plugin/locale_info/CMakeLists.txt b/plugin/locale_info/CMakeLists.txt index 8f1dfa0d715..c988d652d40 100644 --- a/plugin/locale_info/CMakeLists.txt +++ b/plugin/locale_info/CMakeLists.txt @@ -1,5 +1,4 @@ -INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/sql ${CMAKE_SOURCE_DIR}/regex - ${CMAKE_SOURCE_DIR}/extra/yassl/include) +INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/sql ${CMAKE_SOURCE_DIR}/regex) MYSQL_ADD_PLUGIN(LOCALES locale_info.cc RECOMPILE_FOR_EMBEDDED) diff --git a/plugin/qc_info/CMakeLists.txt b/plugin/qc_info/CMakeLists.txt index 821ffb79225..b8c5f926cff 100644 --- a/plugin/qc_info/CMakeLists.txt +++ b/plugin/qc_info/CMakeLists.txt @@ -1,5 +1,4 @@ INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/sql - ${PCRE_INCLUDES} - ${CMAKE_SOURCE_DIR}/extra/yassl/include) + ${PCRE_INCLUDES}) MYSQL_ADD_PLUGIN(QUERY_CACHE_INFO qc_info.cc RECOMPILE_FOR_EMBEDDED) diff --git a/sql-common/client.c b/sql-common/client.c index 8596d1cafee..00d3464167a 100644 --- a/sql-common/client.c +++ b/sql-common/client.c @@ -1576,9 +1576,15 @@ static int ssl_verify_server_cert(Vio *vio, const char* server_hostname, const c #ifdef HAVE_X509_check_host ret_validation= - (X509_check_host(server_cert, server_hostname, - strlen(server_hostname), 0, 0) != 1) && - (X509_check_ip_asc(server_cert, server_hostname, 0) != 1); + X509_check_host(server_cert, server_hostname, + strlen(server_hostname), 0, 0) != 1; +#ifndef HAVE_WOLFSSL + if (ret_validation) + { + ret_validation= + X509_check_ip_asc(server_cert, server_hostname, 0) != 1; + } +#endif #else subject= X509_get_subject_name(server_cert); cn_loc= X509_NAME_get_index_by_NID(subject, NID_commonName, -1); diff --git a/sql/mysqld.cc b/sql/mysqld.cc index 403d91b6285..5b14b9f7790 100644 --- a/sql/mysqld.cc +++ b/sql/mysqld.cc @@ -1453,7 +1453,7 @@ scheduler_functions *thread_scheduler= &thread_scheduler_struct, #ifdef HAVE_OPENSSL #include -#ifdef HAVE_OPENSSL10 +#if defined(HAVE_OPENSSL10) && !defined(HAVE_WOLFSSL) typedef struct CRYPTO_dynlock_value { mysql_rwlock_t lock; @@ -2112,7 +2112,7 @@ static void clean_up_mutexes() mysql_mutex_destroy(&LOCK_global_index_stats); #ifdef HAVE_OPENSSL mysql_mutex_destroy(&LOCK_des_key_file); -#ifdef HAVE_OPENSSL10 +#if defined(HAVE_OPENSSL10) && !defined(HAVE_WOLFSSL) for (int i= 0; i < CRYPTO_num_locks(); ++i) mysql_rwlock_destroy(&openssl_stdlocks[i].lock); OPENSSL_free(openssl_stdlocks); @@ -4550,7 +4550,7 @@ static int init_thread_environment() #ifdef HAVE_OPENSSL mysql_mutex_init(key_LOCK_des_key_file, &LOCK_des_key_file, MY_MUTEX_INIT_FAST); -#ifdef HAVE_OPENSSL10 +#if defined(HAVE_OPENSSL10) && !defined(HAVE_WOLFSSL) openssl_stdlocks= (openssl_lock_t*) OPENSSL_malloc(CRYPTO_num_locks() * sizeof(openssl_lock_t)); for (int i= 0; i < CRYPTO_num_locks(); ++i) @@ -4595,7 +4595,7 @@ static int init_thread_environment() } -#ifdef HAVE_OPENSSL10 +#if defined(HAVE_OPENSSL10) && !defined(HAVE_WOLFSSL) static openssl_lock_t *openssl_dynlock_create(const char *file, int line) { openssl_lock_t *lock= new openssl_lock_t; @@ -4767,9 +4767,7 @@ int reinit_ssl() { my_printf_error(ER_UNKNOWN_ERROR, "Failed to refresh SSL, error: %s", MYF(0), sslGetErrString(error)); -#ifndef HAVE_YASSL ERR_clear_error(); -#endif return 1; } mysql_rwlock_wrlock(&LOCK_ssl_refresh); @@ -5943,7 +5941,7 @@ int mysqld_main(int argc, char **argv) CloseHandle(hEventShutdown); } #endif -#if (defined(HAVE_OPENSSL) && !defined(HAVE_YASSL)) && !defined(EMBEDDED_LIBRARY) +#if (defined(HAVE_OPENSSL) && !defined(EMBEDDED_LIBRARY)) ERR_remove_state(0); #endif mysqld_exit(0); @@ -7105,8 +7103,8 @@ struct my_option my_long_options[]= MYSQL_COMPATIBILITY_OPTION("slave-checkpoint-period"), // HAVE_REPLICATION MYSQL_COMPATIBILITY_OPTION("slave-checkpoint-group"), // HAVE_REPLICATION MYSQL_SUGGEST_ANALOG_OPTION("slave-pending-jobs-size-max", "--slave-parallel-max-queued"), // HAVE_REPLICATION - MYSQL_TO_BE_IMPLEMENTED_OPTION("sha256-password-private-key-path"), // HAVE_OPENSSL && !HAVE_YASSL - MYSQL_TO_BE_IMPLEMENTED_OPTION("sha256-password-public-key-path"), // HAVE_OPENSSL && !HAVE_YASSL + MYSQL_TO_BE_IMPLEMENTED_OPTION("sha256-password-private-key-path"), // HAVE_OPENSSL + MYSQL_TO_BE_IMPLEMENTED_OPTION("sha256-password-public-key-path"), // HAVE_OPENSSL /* The following options exist in 5.5 and 5.6 but not in 10.0 */ MYSQL_SUGGEST_ANALOG_OPTION("abort-slave-event-count", "--debug-abort-slave-event-count"), @@ -7338,13 +7336,13 @@ static int show_ssl_get_verify_mode(THD *thd, SHOW_VAR *var, char *buff, { var->type= SHOW_LONG; var->value= buff; -#ifndef HAVE_YASSL +#ifndef HAVE_WOLFSSL if( thd->net.vio && thd->net.vio->ssl_arg ) *((long *)buff)= (long)SSL_get_verify_mode((SSL*)thd->net.vio->ssl_arg); else *((long *)buff)= 0; #else - *((long *)buff) = 0; + *((long *)buff)= 0; #endif return 0; } @@ -7354,14 +7352,10 @@ static int show_ssl_get_verify_depth(THD *thd, SHOW_VAR *var, char *buff, { var->type= SHOW_LONG; var->value= buff; -#ifndef HAVE_YASSL if( thd->vio_ok() && thd->net.vio->ssl_arg ) *((long *)buff)= (long)SSL_get_verify_depth((SSL*)thd->net.vio->ssl_arg); else *((long *)buff)= 0; -#else - *((long *)buff)= 0; -#endif return 0; } @@ -7422,15 +7416,6 @@ DEF_SHOW_FUNC(net_wait_num, SHOW_LONGLONG) DEF_SHOW_FUNC(avg_net_wait_time, SHOW_LONG) DEF_SHOW_FUNC(avg_trx_wait_time, SHOW_LONG) -#ifdef HAVE_YASSL - -static char * -my_asn1_time_to_string(const ASN1_TIME *time, char *buf, size_t len) -{ - return yaSSL_ASN1_TIME_to_string(time, buf, len); -} - -#else /* openssl */ static char * my_asn1_time_to_string(const ASN1_TIME *time, char *buf, size_t len) @@ -7458,8 +7443,6 @@ end: return res; } -#endif - /** Handler function for the 'ssl_get_server_not_before' variable @@ -8145,7 +8128,7 @@ static int mysql_init_variables(void) #if defined(HAVE_OPENSSL) && !defined(EMBEDDED_LIBRARY) have_ssl=SHOW_OPTION_YES; -#if defined(HAVE_YASSL) +#if defined(HAVE_WOLFSSL) have_openssl= SHOW_OPTION_NO; #else have_openssl= SHOW_OPTION_YES; diff --git a/support-files/compiler_warnings.supp b/support-files/compiler_warnings.supp index 3f7a79556f9..92f856f7c35 100644 --- a/support-files/compiler_warnings.supp +++ b/support-files/compiler_warnings.supp @@ -98,17 +98,6 @@ # .*/oqgraph/graphcore\.cc : may be used uninitialized in this function -# -# Yassl -# -.*/include/runtime.hpp: .*pure_error.* -.*/extra/yassl/.*taocrypt/.*: comparison with string literal -.*/extra/yassl/taocrypt/src/blowfish\.cpp: array subscript is above array bounds -.*/extra/yassl/taocrypt/src/file\.cpp: ignoring return value -.*/extra/yassl/taocrypt/src/integer\.cpp: control reaches end of non-void function -.*/mySTL/algorithm\.hpp: is used uninitialized in this function -.*/include/pwdbased\.hpp: comparison of unsigned expression - # # OpenSSL # diff --git a/unittest/json_lib/CMakeLists.txt b/unittest/json_lib/CMakeLists.txt index afe81eff64a..1b2a89b28cd 100644 --- a/unittest/json_lib/CMakeLists.txt +++ b/unittest/json_lib/CMakeLists.txt @@ -16,7 +16,6 @@ INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include ${CMAKE_SOURCE_DIR}/sql ${CMAKE_SOURCE_DIR}/regex - ${CMAKE_SOURCE_DIR}/extra/yassl/include ${CMAKE_SOURCE_DIR}/unittest/mytap) # diff --git a/unittest/my_decimal/CMakeLists.txt b/unittest/my_decimal/CMakeLists.txt index d8f74b87494..0b5b228276d 100644 --- a/unittest/my_decimal/CMakeLists.txt +++ b/unittest/my_decimal/CMakeLists.txt @@ -16,7 +16,6 @@ INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include ${CMAKE_SOURCE_DIR}/sql ${CMAKE_SOURCE_DIR}/regex - ${CMAKE_SOURCE_DIR}/extra/yassl/include ${CMAKE_SOURCE_DIR}/unittest/mytap) # diff --git a/vio/vio.c b/vio/vio.c index 33533f20e85..3f92c1e6853 100644 --- a/vio/vio.c +++ b/vio/vio.c @@ -329,8 +329,8 @@ void vio_delete(Vio* vio) */ void vio_end(void) { -#ifdef HAVE_YASSL - yaSSL_CleanUp(); +#ifdef HAVE_WOLFSSL + wolfSSL_Cleanup(); #elif defined(HAVE_OPENSSL) // This one is needed on the client side ERR_remove_state(0); diff --git a/vio/viossl.c b/vio/viossl.c index 30946d3261c..a5b3396953e 100644 --- a/vio/viossl.c +++ b/vio/viossl.c @@ -26,19 +26,7 @@ #ifdef HAVE_OPENSSL -#ifdef HAVE_YASSL -/* - yassl seem to be different here, SSL_get_error() value can be - directly passed to ERR_error_string(), and these errors don't go - into ERR_get_error() stack. - in openssl, apparently, SSL_get_error() values live in a different - namespace, one needs to use ERR_get_error() as an argument - for ERR_error_string(). -*/ -#define SSL_errno(X,Y) SSL_get_error(X,Y) -#else #define SSL_errno(X,Y) ERR_get_error() -#endif /** Obtain the equivalent system error status for the last SSL I/O operation. @@ -124,9 +112,7 @@ static my_bool ssl_should_retry(Vio *vio, int ret, enum enum_vio_io_event *event default: should_retry= FALSE; ssl_set_sys_error(ssl_error); -#ifndef HAVE_YASSL ERR_clear_error(); -#endif break; } @@ -197,25 +183,6 @@ size_t vio_ssl_write(Vio *vio, const uchar *buf, size_t size) DBUG_RETURN(ret < 0 ? -1 : ret); } -#ifdef HAVE_YASSL - -/* Emulate a blocking recv() call with vio_read(). */ -static long yassl_recv(void *ptr, void *buf, size_t len, - int flag __attribute__((unused))) -{ - return (long)vio_read(ptr, buf, len); -} - - -/* Emulate a blocking send() call with vio_write(). */ -static long yassl_send(void *ptr, const void *buf, size_t len, - int flag __attribute__((unused))) -{ - return (long)vio_write(ptr, buf, len); -} - -#endif - int vio_ssl_close(Vio *vio) { int r= 0; @@ -335,21 +302,13 @@ static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio, long timeout, SSL_SESSION_set_timeout(SSL_get_session(ssl), timeout); SSL_set_fd(ssl, (int)sd); - /* - Since yaSSL does not support non-blocking send operations, use - special transport functions that properly handles non-blocking - sockets. These functions emulate the behavior of blocking I/O - operations by waiting for I/O to become available. - */ -#ifdef HAVE_YASSL +#ifdef HAVE_WOLFSSL /* Set first argument of the transport functions. */ - yaSSL_transport_set_ptr(ssl, vio); - /* Set functions to use in order to send and receive data. */ - yaSSL_transport_set_recv_function(ssl, yassl_recv); - yaSSL_transport_set_send_function(ssl, yassl_send); + wolfSSL_SetIOReadCtx(ssl, vio); + wolfSSL_SetIOWriteCtx(ssl, vio); #endif -#if !defined(HAVE_YASSL) && defined(SSL_OP_NO_COMPRESSION) +#if defined(SSL_OP_NO_COMPRESSION) SSL_set_options(ssl, SSL_OP_NO_COMPRESSION); #endif diff --git a/vio/viosslfactories.c b/vio/viosslfactories.c index 8ab7565a666..033d71779ab 100644 --- a/vio/viosslfactories.c +++ b/vio/viosslfactories.c @@ -18,10 +18,8 @@ #include #ifdef HAVE_OPENSSL -#ifndef HAVE_YASSL #include #include -#endif static my_bool ssl_algorithms_added = FALSE; static my_bool ssl_error_strings_loaded= FALSE; @@ -166,6 +164,25 @@ static void check_ssl_init() } } +#ifdef HAVE_WOLFSSL +static int wolfssl_recv(WOLFSSL* ssl, char* buf, int sz, void* vio) +{ + size_t ret; + (void)ssl; + ret = vio_read((Vio *)vio, (uchar *)buf, sz); + /* check if connection was closed */ + if (ret == 0) + return WOLFSSL_CBIO_ERR_CONN_CLOSE; + + return (int)ret; +} + +static int wolfssl_send(WOLFSSL* ssl, char* buf, int sz, void* vio) +{ + return (int)vio_write((Vio *)vio, (unsigned char*)buf, sz); +} +#endif /* HAVE_WOLFSSL */ + /************************ VioSSLFd **********************************/ static struct st_VioSSLFd * new_VioSSLFd(const char *key_file, const char *cert_file, @@ -232,7 +249,7 @@ new_VioSSLFd(const char *key_file, const char *cert_file, sslGetErrString(*error))); goto err2; } - +#ifndef HAVE_WOLFSSL /* otherwise go use the defaults */ if (SSL_CTX_set_default_verify_paths(ssl_fd->ssl_context) == 0) { @@ -240,13 +257,15 @@ new_VioSSLFd(const char *key_file, const char *cert_file, DBUG_PRINT("error", ("%s", sslGetErrString(*error))); goto err2; } +#endif } if (crl_file || crl_path) { -#ifdef HAVE_YASSL - DBUG_PRINT("warning", ("yaSSL doesn't support CRL")); +#ifdef HAVE_WOLFSSL + /* CRL does not work with WolfSSL. */ DBUG_ASSERT(0); + goto err2; #else X509_STORE *store= SSL_CTX_get_cert_store(ssl_fd->ssl_context); /* Load crls from the trusted ca */ @@ -282,6 +301,12 @@ new_VioSSLFd(const char *key_file, const char *cert_file, DH_free(dh); } +#ifdef HAVE_WOLFSSL + /* set IO functions used by wolfSSL */ + wolfSSL_SetIORecv(ssl_fd->ssl_context, wolfssl_recv); + wolfSSL_SetIOSend(ssl_fd->ssl_context, wolfssl_send); +#endif + DBUG_PRINT("exit", ("OK 1")); DBUG_RETURN(ssl_fd); From 592fe954ef82be1bc08b29a8e54f7729eb1e1343 Mon Sep 17 00:00:00 2001 From: Vladislav Vaintroub Date: Wed, 13 Feb 2019 10:57:54 +0100 Subject: [PATCH 2/6] MDEV-18531 : remove yassl --- extra/yassl/AUTHORS | 0 extra/yassl/CMakeLists.txt | 29 - extra/yassl/COPYING | 340 -- extra/yassl/ChangeLog | 0 extra/yassl/FLOSS-EXCEPTIONS | 121 - extra/yassl/INSTALL | 234 - extra/yassl/NEWS | 0 extra/yassl/README | 786 ---- extra/yassl/certs/ca-cert.pem | 87 - extra/yassl/certs/ca-key.pem | 27 - extra/yassl/certs/client-cert.der | Bin 1198 -> 0 bytes extra/yassl/certs/client-cert.pem | 87 - extra/yassl/certs/client-key.der | Bin 1192 -> 0 bytes extra/yassl/certs/client-key.pem | 27 - extra/yassl/certs/client-keyEnc.pem | 12 - extra/yassl/certs/client-keyEnc3.pem | 12 - extra/yassl/certs/dh1024.dat | 1 - extra/yassl/certs/dsa-cert.pem | 22 - extra/yassl/certs/dsa1024.der | Bin 448 -> 0 bytes extra/yassl/certs/dsa1024.pem | 12 - extra/yassl/certs/server-cert.pem | 173 - extra/yassl/certs/server-key.pem | 27 - extra/yassl/certs/server-keyEnc.pem | 30 - extra/yassl/certs/taoCert.txt | 62 - extra/yassl/examples/client/client.cpp | 179 - extra/yassl/examples/client/client.dsp | 102 - .../yassl/examples/echoclient/echoclient.cpp | 120 - .../yassl/examples/echoclient/echoclient.dsp | 102 - extra/yassl/examples/echoclient/input | 93 - extra/yassl/examples/echoclient/quit | 2 - .../yassl/examples/echoserver/echoserver.cpp | 167 - .../yassl/examples/echoserver/echoserver.dsp | 102 - extra/yassl/examples/server/server.cpp | 155 - extra/yassl/examples/server/server.dsp | 109 - extra/yassl/include/buffer.hpp | 211 - extra/yassl/include/cert_wrapper.hpp | 137 - extra/yassl/include/crypto_wrapper.hpp | 429 -- extra/yassl/include/factory.hpp | 102 - extra/yassl/include/handshake.hpp | 70 - extra/yassl/include/lock.hpp | 96 - extra/yassl/include/log.hpp | 56 - extra/yassl/include/openssl/crypto.h | 37 - extra/yassl/include/openssl/des.h | 20 - extra/yassl/include/openssl/des_old.h | 20 - extra/yassl/include/openssl/engine.h | 24 - extra/yassl/include/openssl/err.h | 27 - extra/yassl/include/openssl/evp.h | 29 - .../include/openssl/generate_prefix_files.pl | 62 - extra/yassl/include/openssl/hmac.h | 20 - extra/yassl/include/openssl/lhash.h | 21 - extra/yassl/include/openssl/md4.h | 20 - extra/yassl/include/openssl/md5.h | 23 - extra/yassl/include/openssl/objects.h | 20 - extra/yassl/include/openssl/opensslv.h | 31 - extra/yassl/include/openssl/pem.h | 20 - extra/yassl/include/openssl/pkcs12.h | 24 - extra/yassl/include/openssl/prefix_crypto.h | 20 - extra/yassl/include/openssl/prefix_ssl.h | 188 - extra/yassl/include/openssl/rand.h | 21 - extra/yassl/include/openssl/rsa.h | 29 - extra/yassl/include/openssl/sha.h | 20 - extra/yassl/include/openssl/ssl.h | 566 --- extra/yassl/include/openssl/transport_types.h | 26 - extra/yassl/include/openssl/x509.h | 20 - extra/yassl/include/openssl/x509v3.h | 20 - extra/yassl/include/socket_wrapper.hpp | 105 - extra/yassl/include/timer.hpp | 41 - extra/yassl/include/yassl.hpp | 86 - extra/yassl/include/yassl_error.hpp | 88 - extra/yassl/include/yassl_imp.hpp | 748 ---- extra/yassl/include/yassl_int.hpp | 724 --- extra/yassl/include/yassl_types.hpp | 540 --- extra/yassl/lib/dummy | 1 - extra/yassl/src/buffer.cpp | 331 -- extra/yassl/src/cert_wrapper.cpp | 408 -- extra/yassl/src/crypto_wrapper.cpp | 998 ----- extra/yassl/src/dummy.cpp | 4 - extra/yassl/src/handshake.cpp | 1203 ----- extra/yassl/src/lock.cpp | 87 - extra/yassl/src/log.cpp | 146 - extra/yassl/src/make.bat | 42 - extra/yassl/src/socket_wrapper.cpp | 261 -- extra/yassl/src/ssl.cpp | 1782 -------- extra/yassl/src/timer.cpp | 82 - extra/yassl/src/yassl.cpp | 229 - extra/yassl/src/yassl_error.cpp | 288 -- extra/yassl/src/yassl_imp.cpp | 2636 ----------- extra/yassl/src/yassl_int.cpp | 2705 ------------ extra/yassl/taocrypt/CMakeLists.txt | 34 - extra/yassl/taocrypt/COPYING | 340 -- extra/yassl/taocrypt/INSTALL | 229 - extra/yassl/taocrypt/README | 48 - extra/yassl/taocrypt/benchmark/benchmark.cpp | 462 -- extra/yassl/taocrypt/benchmark/benchmark.dsp | 101 - extra/yassl/taocrypt/benchmark/dh1024.der | Bin 138 -> 0 bytes extra/yassl/taocrypt/benchmark/dsa1024.der | Bin 445 -> 0 bytes extra/yassl/taocrypt/benchmark/make.bat | 24 - extra/yassl/taocrypt/benchmark/rsa1024.der | Bin 606 -> 0 bytes extra/yassl/taocrypt/certs/client-cert.der | Bin 782 -> 0 bytes extra/yassl/taocrypt/certs/client-key.der | Bin 319 -> 0 bytes extra/yassl/taocrypt/certs/dh1024.dat | 1 - extra/yassl/taocrypt/certs/dsa512.der | Bin 249 -> 0 bytes extra/yassl/taocrypt/include/aes.hpp | 155 - extra/yassl/taocrypt/include/algebra.hpp | 227 - extra/yassl/taocrypt/include/arc4.hpp | 59 - extra/yassl/taocrypt/include/asn.hpp | 392 -- extra/yassl/taocrypt/include/block.hpp | 203 - extra/yassl/taocrypt/include/blowfish.hpp | 88 - extra/yassl/taocrypt/include/coding.hpp | 92 - extra/yassl/taocrypt/include/des.hpp | 130 - extra/yassl/taocrypt/include/dh.hpp | 87 - extra/yassl/taocrypt/include/dsa.hpp | 127 - extra/yassl/taocrypt/include/error.hpp | 89 - extra/yassl/taocrypt/include/file.hpp | 130 - extra/yassl/taocrypt/include/hash.hpp | 110 - extra/yassl/taocrypt/include/hc128.hpp | 63 - extra/yassl/taocrypt/include/hmac.hpp | 139 - extra/yassl/taocrypt/include/integer.hpp | 332 -- extra/yassl/taocrypt/include/kernelc.hpp | 34 - extra/yassl/taocrypt/include/md2.hpp | 65 - extra/yassl/taocrypt/include/md4.hpp | 63 - extra/yassl/taocrypt/include/md5.hpp | 71 - extra/yassl/taocrypt/include/misc.hpp | 889 ---- extra/yassl/taocrypt/include/modarith.hpp | 166 - extra/yassl/taocrypt/include/modes.hpp | 155 - extra/yassl/taocrypt/include/pwdbased.hpp | 91 - extra/yassl/taocrypt/include/rabbit.hpp | 65 - extra/yassl/taocrypt/include/random.hpp | 85 - extra/yassl/taocrypt/include/ripemd.hpp | 70 - extra/yassl/taocrypt/include/rsa.hpp | 250 -- extra/yassl/taocrypt/include/runtime.hpp | 68 - extra/yassl/taocrypt/include/sha.hpp | 174 - extra/yassl/taocrypt/include/twofish.hpp | 95 - extra/yassl/taocrypt/include/type_traits.hpp | 78 - extra/yassl/taocrypt/include/types.hpp | 99 - extra/yassl/taocrypt/mySTL/algorithm.hpp | 109 - extra/yassl/taocrypt/mySTL/helpers.hpp | 154 - extra/yassl/taocrypt/mySTL/list.hpp | 368 -- extra/yassl/taocrypt/mySTL/memory.hpp | 137 - extra/yassl/taocrypt/mySTL/memory_array.hpp | 136 - extra/yassl/taocrypt/mySTL/pair.hpp | 59 - extra/yassl/taocrypt/mySTL/stdexcept.hpp | 76 - extra/yassl/taocrypt/mySTL/vector.hpp | 153 - extra/yassl/taocrypt/src/aes.cpp | 1885 -------- extra/yassl/taocrypt/src/aestables.cpp | 36 - extra/yassl/taocrypt/src/algebra.cpp | 327 -- extra/yassl/taocrypt/src/arc4.cpp | 243 - extra/yassl/taocrypt/src/asn.cpp | 1344 ------ extra/yassl/taocrypt/src/bftables.cpp | 304 -- extra/yassl/taocrypt/src/blowfish.cpp | 364 -- extra/yassl/taocrypt/src/coding.cpp | 266 -- extra/yassl/taocrypt/src/des.cpp | 778 ---- extra/yassl/taocrypt/src/dh.cpp | 104 - extra/yassl/taocrypt/src/dsa.cpp | 274 -- extra/yassl/taocrypt/src/file.cpp | 116 - extra/yassl/taocrypt/src/hash.cpp | 191 - extra/yassl/taocrypt/src/hc128.cpp | 317 -- extra/yassl/taocrypt/src/integer.cpp | 3892 ----------------- extra/yassl/taocrypt/src/make.bat | 53 - extra/yassl/taocrypt/src/md2.cpp | 126 - extra/yassl/taocrypt/src/md4.cpp | 157 - extra/yassl/taocrypt/src/md5.cpp | 506 --- extra/yassl/taocrypt/src/misc.cpp | 296 -- extra/yassl/taocrypt/src/rabbit.cpp | 255 -- extra/yassl/taocrypt/src/random.cpp | 138 - extra/yassl/taocrypt/src/ripemd.cpp | 844 ---- extra/yassl/taocrypt/src/rsa.cpp | 215 - extra/yassl/taocrypt/src/sha.cpp | 1033 ----- extra/yassl/taocrypt/src/tftables.cpp | 350 -- extra/yassl/taocrypt/src/twofish.cpp | 582 --- extra/yassl/taocrypt/taocrypt.dsp | 321 -- extra/yassl/taocrypt/taocrypt.dsw | 59 - extra/yassl/taocrypt/test.dsw | 29 - extra/yassl/taocrypt/test/make.bat | 24 - extra/yassl/taocrypt/test/memory.cpp | 359 -- extra/yassl/taocrypt/test/test.cpp | 1358 ------ extra/yassl/taocrypt/test/test.dsp | 102 - extra/yassl/testsuite/cipher-test.sh | 131 - extra/yassl/testsuite/input | 107 - extra/yassl/testsuite/make.bat | 29 - extra/yassl/testsuite/quit | 2 - extra/yassl/testsuite/test.hpp | 553 --- extra/yassl/testsuite/testsuite.cpp | 174 - extra/yassl/testsuite/testsuite.dsp | 127 - extra/yassl/yassl.dsp | 192 - extra/yassl/yassl.dsw | 149 - mysys_ssl/yassl.cc | 191 - 187 files changed, 45439 deletions(-) delete mode 100644 extra/yassl/AUTHORS delete mode 100644 extra/yassl/CMakeLists.txt delete mode 100644 extra/yassl/COPYING delete mode 100644 extra/yassl/ChangeLog delete mode 100644 extra/yassl/FLOSS-EXCEPTIONS delete mode 100644 extra/yassl/INSTALL delete mode 100644 extra/yassl/NEWS delete mode 100644 extra/yassl/README delete mode 100644 extra/yassl/certs/ca-cert.pem delete mode 100644 extra/yassl/certs/ca-key.pem delete mode 100644 extra/yassl/certs/client-cert.der delete mode 100644 extra/yassl/certs/client-cert.pem delete mode 100644 extra/yassl/certs/client-key.der delete mode 100644 extra/yassl/certs/client-key.pem delete mode 100644 extra/yassl/certs/client-keyEnc.pem delete mode 100644 extra/yassl/certs/client-keyEnc3.pem delete mode 100644 extra/yassl/certs/dh1024.dat delete mode 100644 extra/yassl/certs/dsa-cert.pem delete mode 100644 extra/yassl/certs/dsa1024.der delete mode 100644 extra/yassl/certs/dsa1024.pem delete mode 100644 extra/yassl/certs/server-cert.pem delete mode 100644 extra/yassl/certs/server-key.pem delete mode 100644 extra/yassl/certs/server-keyEnc.pem delete mode 100644 extra/yassl/certs/taoCert.txt delete mode 100644 extra/yassl/examples/client/client.cpp delete mode 100644 extra/yassl/examples/client/client.dsp delete mode 100644 extra/yassl/examples/echoclient/echoclient.cpp delete mode 100644 extra/yassl/examples/echoclient/echoclient.dsp delete mode 100644 extra/yassl/examples/echoclient/input delete mode 100644 extra/yassl/examples/echoclient/quit delete mode 100644 extra/yassl/examples/echoserver/echoserver.cpp delete mode 100644 extra/yassl/examples/echoserver/echoserver.dsp delete mode 100644 extra/yassl/examples/server/server.cpp delete mode 100644 extra/yassl/examples/server/server.dsp delete mode 100644 extra/yassl/include/buffer.hpp delete mode 100644 extra/yassl/include/cert_wrapper.hpp delete mode 100644 extra/yassl/include/crypto_wrapper.hpp delete mode 100644 extra/yassl/include/factory.hpp delete mode 100644 extra/yassl/include/handshake.hpp delete mode 100644 extra/yassl/include/lock.hpp delete mode 100644 extra/yassl/include/log.hpp delete mode 100644 extra/yassl/include/openssl/crypto.h delete mode 100644 extra/yassl/include/openssl/des.h delete mode 100644 extra/yassl/include/openssl/des_old.h delete mode 100644 extra/yassl/include/openssl/engine.h delete mode 100644 extra/yassl/include/openssl/err.h delete mode 100644 extra/yassl/include/openssl/evp.h delete mode 100755 extra/yassl/include/openssl/generate_prefix_files.pl delete mode 100644 extra/yassl/include/openssl/hmac.h delete mode 100644 extra/yassl/include/openssl/lhash.h delete mode 100644 extra/yassl/include/openssl/md4.h delete mode 100644 extra/yassl/include/openssl/md5.h delete mode 100644 extra/yassl/include/openssl/objects.h delete mode 100644 extra/yassl/include/openssl/opensslv.h delete mode 100644 extra/yassl/include/openssl/pem.h delete mode 100644 extra/yassl/include/openssl/pkcs12.h delete mode 100644 extra/yassl/include/openssl/prefix_crypto.h delete mode 100644 extra/yassl/include/openssl/prefix_ssl.h delete mode 100644 extra/yassl/include/openssl/rand.h delete mode 100644 extra/yassl/include/openssl/rsa.h delete mode 100644 extra/yassl/include/openssl/sha.h delete mode 100644 extra/yassl/include/openssl/ssl.h delete mode 100644 extra/yassl/include/openssl/transport_types.h delete mode 100644 extra/yassl/include/openssl/x509.h delete mode 100644 extra/yassl/include/openssl/x509v3.h delete mode 100644 extra/yassl/include/socket_wrapper.hpp delete mode 100644 extra/yassl/include/timer.hpp delete mode 100644 extra/yassl/include/yassl.hpp delete mode 100644 extra/yassl/include/yassl_error.hpp delete mode 100644 extra/yassl/include/yassl_imp.hpp delete mode 100644 extra/yassl/include/yassl_int.hpp delete mode 100644 extra/yassl/include/yassl_types.hpp delete mode 100644 extra/yassl/lib/dummy delete mode 100644 extra/yassl/src/buffer.cpp delete mode 100644 extra/yassl/src/cert_wrapper.cpp delete mode 100644 extra/yassl/src/crypto_wrapper.cpp delete mode 100644 extra/yassl/src/dummy.cpp delete mode 100644 extra/yassl/src/handshake.cpp delete mode 100644 extra/yassl/src/lock.cpp delete mode 100644 extra/yassl/src/log.cpp delete mode 100755 extra/yassl/src/make.bat delete mode 100644 extra/yassl/src/socket_wrapper.cpp delete mode 100644 extra/yassl/src/ssl.cpp delete mode 100644 extra/yassl/src/timer.cpp delete mode 100644 extra/yassl/src/yassl.cpp delete mode 100644 extra/yassl/src/yassl_error.cpp delete mode 100644 extra/yassl/src/yassl_imp.cpp delete mode 100644 extra/yassl/src/yassl_int.cpp delete mode 100644 extra/yassl/taocrypt/CMakeLists.txt delete mode 100644 extra/yassl/taocrypt/COPYING delete mode 100644 extra/yassl/taocrypt/INSTALL delete mode 100644 extra/yassl/taocrypt/README delete mode 100644 extra/yassl/taocrypt/benchmark/benchmark.cpp delete mode 100644 extra/yassl/taocrypt/benchmark/benchmark.dsp delete mode 100644 extra/yassl/taocrypt/benchmark/dh1024.der delete mode 100644 extra/yassl/taocrypt/benchmark/dsa1024.der delete mode 100755 extra/yassl/taocrypt/benchmark/make.bat delete mode 100644 extra/yassl/taocrypt/benchmark/rsa1024.der delete mode 100644 extra/yassl/taocrypt/certs/client-cert.der delete mode 100644 extra/yassl/taocrypt/certs/client-key.der delete mode 100644 extra/yassl/taocrypt/certs/dh1024.dat delete mode 100644 extra/yassl/taocrypt/certs/dsa512.der delete mode 100644 extra/yassl/taocrypt/include/aes.hpp delete mode 100644 extra/yassl/taocrypt/include/algebra.hpp delete mode 100644 extra/yassl/taocrypt/include/arc4.hpp delete mode 100644 extra/yassl/taocrypt/include/asn.hpp delete mode 100644 extra/yassl/taocrypt/include/block.hpp delete mode 100644 extra/yassl/taocrypt/include/blowfish.hpp delete mode 100644 extra/yassl/taocrypt/include/coding.hpp delete mode 100644 extra/yassl/taocrypt/include/des.hpp delete mode 100644 extra/yassl/taocrypt/include/dh.hpp delete mode 100644 extra/yassl/taocrypt/include/dsa.hpp delete mode 100644 extra/yassl/taocrypt/include/error.hpp delete mode 100644 extra/yassl/taocrypt/include/file.hpp delete mode 100644 extra/yassl/taocrypt/include/hash.hpp delete mode 100644 extra/yassl/taocrypt/include/hc128.hpp delete mode 100644 extra/yassl/taocrypt/include/hmac.hpp delete mode 100644 extra/yassl/taocrypt/include/integer.hpp delete mode 100644 extra/yassl/taocrypt/include/kernelc.hpp delete mode 100644 extra/yassl/taocrypt/include/md2.hpp delete mode 100644 extra/yassl/taocrypt/include/md4.hpp delete mode 100644 extra/yassl/taocrypt/include/md5.hpp delete mode 100644 extra/yassl/taocrypt/include/misc.hpp delete mode 100644 extra/yassl/taocrypt/include/modarith.hpp delete mode 100644 extra/yassl/taocrypt/include/modes.hpp delete mode 100644 extra/yassl/taocrypt/include/pwdbased.hpp delete mode 100644 extra/yassl/taocrypt/include/rabbit.hpp delete mode 100644 extra/yassl/taocrypt/include/random.hpp delete mode 100644 extra/yassl/taocrypt/include/ripemd.hpp delete mode 100644 extra/yassl/taocrypt/include/rsa.hpp delete mode 100644 extra/yassl/taocrypt/include/runtime.hpp delete mode 100644 extra/yassl/taocrypt/include/sha.hpp delete mode 100644 extra/yassl/taocrypt/include/twofish.hpp delete mode 100644 extra/yassl/taocrypt/include/type_traits.hpp delete mode 100644 extra/yassl/taocrypt/include/types.hpp delete mode 100644 extra/yassl/taocrypt/mySTL/algorithm.hpp delete mode 100644 extra/yassl/taocrypt/mySTL/helpers.hpp delete mode 100644 extra/yassl/taocrypt/mySTL/list.hpp delete mode 100644 extra/yassl/taocrypt/mySTL/memory.hpp delete mode 100644 extra/yassl/taocrypt/mySTL/memory_array.hpp delete mode 100644 extra/yassl/taocrypt/mySTL/pair.hpp delete mode 100644 extra/yassl/taocrypt/mySTL/stdexcept.hpp delete mode 100644 extra/yassl/taocrypt/mySTL/vector.hpp delete mode 100644 extra/yassl/taocrypt/src/aes.cpp delete mode 100644 extra/yassl/taocrypt/src/aestables.cpp delete mode 100644 extra/yassl/taocrypt/src/algebra.cpp delete mode 100644 extra/yassl/taocrypt/src/arc4.cpp delete mode 100644 extra/yassl/taocrypt/src/asn.cpp delete mode 100644 extra/yassl/taocrypt/src/bftables.cpp delete mode 100644 extra/yassl/taocrypt/src/blowfish.cpp delete mode 100644 extra/yassl/taocrypt/src/coding.cpp delete mode 100644 extra/yassl/taocrypt/src/des.cpp delete mode 100644 extra/yassl/taocrypt/src/dh.cpp delete mode 100644 extra/yassl/taocrypt/src/dsa.cpp delete mode 100644 extra/yassl/taocrypt/src/file.cpp delete mode 100644 extra/yassl/taocrypt/src/hash.cpp delete mode 100644 extra/yassl/taocrypt/src/hc128.cpp delete mode 100644 extra/yassl/taocrypt/src/integer.cpp delete mode 100755 extra/yassl/taocrypt/src/make.bat delete mode 100644 extra/yassl/taocrypt/src/md2.cpp delete mode 100644 extra/yassl/taocrypt/src/md4.cpp delete mode 100644 extra/yassl/taocrypt/src/md5.cpp delete mode 100644 extra/yassl/taocrypt/src/misc.cpp delete mode 100644 extra/yassl/taocrypt/src/rabbit.cpp delete mode 100644 extra/yassl/taocrypt/src/random.cpp delete mode 100644 extra/yassl/taocrypt/src/ripemd.cpp delete mode 100644 extra/yassl/taocrypt/src/rsa.cpp delete mode 100644 extra/yassl/taocrypt/src/sha.cpp delete mode 100644 extra/yassl/taocrypt/src/tftables.cpp delete mode 100644 extra/yassl/taocrypt/src/twofish.cpp delete mode 100644 extra/yassl/taocrypt/taocrypt.dsp delete mode 100644 extra/yassl/taocrypt/taocrypt.dsw delete mode 100644 extra/yassl/taocrypt/test.dsw delete mode 100755 extra/yassl/taocrypt/test/make.bat delete mode 100644 extra/yassl/taocrypt/test/memory.cpp delete mode 100644 extra/yassl/taocrypt/test/test.cpp delete mode 100644 extra/yassl/taocrypt/test/test.dsp delete mode 100644 extra/yassl/testsuite/cipher-test.sh delete mode 100644 extra/yassl/testsuite/input delete mode 100755 extra/yassl/testsuite/make.bat delete mode 100644 extra/yassl/testsuite/quit delete mode 100644 extra/yassl/testsuite/test.hpp delete mode 100644 extra/yassl/testsuite/testsuite.cpp delete mode 100644 extra/yassl/testsuite/testsuite.dsp delete mode 100644 extra/yassl/yassl.dsp delete mode 100644 extra/yassl/yassl.dsw delete mode 100644 mysys_ssl/yassl.cc diff --git a/extra/yassl/AUTHORS b/extra/yassl/AUTHORS deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/extra/yassl/CMakeLists.txt b/extra/yassl/CMakeLists.txt deleted file mode 100644 index 49826d54144..00000000000 --- a/extra/yassl/CMakeLists.txt +++ /dev/null @@ -1,29 +0,0 @@ -# Copyright (c) 2006, 2014, Oracle and/or its affiliates. All rights reserved. -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1335 USA - -INCLUDE_DIRECTORIES( - ${CMAKE_SOURCE_DIR}/include - ${CMAKE_SOURCE_DIR}/extra/yassl/include - ${CMAKE_SOURCE_DIR}/extra/yassl/taocrypt/include - ${CMAKE_SOURCE_DIR}/extra/yassl/taocrypt/mySTL) - -ADD_DEFINITIONS(${SSL_DEFINES}) -SET(YASSL_SOURCES src/buffer.cpp src/cert_wrapper.cpp src/crypto_wrapper.cpp src/handshake.cpp src/lock.cpp - src/log.cpp src/socket_wrapper.cpp src/ssl.cpp src/timer.cpp src/yassl_error.cpp - src/yassl_imp.cpp src/yassl_int.cpp) - -ADD_CONVENIENCE_LIBRARY(yassl ${YASSL_SOURCES}) -RESTRICT_SYMBOL_EXPORTS(yassl) - diff --git a/extra/yassl/COPYING b/extra/yassl/COPYING deleted file mode 100644 index 98861a5402d..00000000000 --- a/extra/yassl/COPYING +++ /dev/null @@ -1,340 +0,0 @@ - GNU GENERAL PUBLIC LICENSE - Version 2, June 1991 - - Copyright (C) 1989, 1991 Free Software Foundation, Inc. - 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335 USA - Everyone is permitted to copy and distribute verbatim copies - of this license document, but changing it is not allowed. - - Preamble - - The licenses for most software are designed to take away your -freedom to share and change it. By contrast, the GNU General Public -License is intended to guarantee your freedom to share and change free -software--to make sure the software is free for all its users. This -General Public License applies to most of the Free Software -Foundation's software and to any other program whose authors commit to -using it. (Some other Free Software Foundation software is covered by -the GNU Library General Public License instead.) You can apply it to -your programs, too. - - When we speak of free software, we are referring to freedom, not -price. Our General Public Licenses are designed to make sure that you -have the freedom to distribute copies of free software (and charge for -this service if you wish), that you receive source code or can get it -if you want it, that you can change the software or use pieces of it -in new free programs; and that you know you can do these things. - - To protect your rights, we need to make restrictions that forbid -anyone to deny you these rights or to ask you to surrender the rights. -These restrictions translate to certain responsibilities for you if you -distribute copies of the software, or if you modify it. - - For example, if you distribute copies of such a program, whether -gratis or for a fee, you must give the recipients all the rights that -you have. You must make sure that they, too, receive or can get the -source code. And you must show them these terms so they know their -rights. - - We protect your rights with two steps: (1) copyright the software, and -(2) offer you this license which gives you legal permission to copy, -distribute and/or modify the software. - - Also, for each author's protection and ours, we want to make certain -that everyone understands that there is no warranty for this free -software. If the software is modified by someone else and passed on, we -want its recipients to know that what they have is not the original, so -that any problems introduced by others will not reflect on the original -authors' reputations. - - Finally, any free program is threatened constantly by software -patents. We wish to avoid the danger that redistributors of a free -program will individually obtain patent licenses, in effect making the -program proprietary. To prevent this, we have made it clear that any -patent must be licensed for everyone's free use or not licensed at all. - - The precise terms and conditions for copying, distribution and -modification follow. - - GNU GENERAL PUBLIC LICENSE - TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION - - 0. This License applies to any program or other work which contains -a notice placed by the copyright holder saying it may be distributed -under the terms of this General Public License. The "Program", below, -refers to any such program or work, and a "work based on the Program" -means either the Program or any derivative work under copyright law: -that is to say, a work containing the Program or a portion of it, -either verbatim or with modifications and/or translated into another -language. (Hereinafter, translation is included without limitation in -the term "modification".) Each licensee is addressed as "you". - -Activities other than copying, distribution and modification are not -covered by this License; they are outside its scope. The act of -running the Program is not restricted, and the output from the Program -is covered only if its contents constitute a work based on the -Program (independent of having been made by running the Program). -Whether that is true depends on what the Program does. - - 1. You may copy and distribute verbatim copies of the Program's -source code as you receive it, in any medium, provided that you -conspicuously and appropriately publish on each copy an appropriate -copyright notice and disclaimer of warranty; keep intact all the -notices that refer to this License and to the absence of any warranty; -and give any other recipients of the Program a copy of this License -along with the Program. - -You may charge a fee for the physical act of transferring a copy, and -you may at your option offer warranty protection in exchange for a fee. - - 2. You may modify your copy or copies of the Program or any portion -of it, thus forming a work based on the Program, and copy and -distribute such modifications or work under the terms of Section 1 -above, provided that you also meet all of these conditions: - - a) You must cause the modified files to carry prominent notices - stating that you changed the files and the date of any change. - - b) You must cause any work that you distribute or publish, that in - whole or in part contains or is derived from the Program or any - part thereof, to be licensed as a whole at no charge to all third - parties under the terms of this License. - - c) If the modified program normally reads commands interactively - when run, you must cause it, when started running for such - interactive use in the most ordinary way, to print or display an - announcement including an appropriate copyright notice and a - notice that there is no warranty (or else, saying that you provide - a warranty) and that users may redistribute the program under - these conditions, and telling the user how to view a copy of this - License. (Exception: if the Program itself is interactive but - does not normally print such an announcement, your work based on - the Program is not required to print an announcement.) - -These requirements apply to the modified work as a whole. If -identifiable sections of that work are not derived from the Program, -and can be reasonably considered independent and separate works in -themselves, then this License, and its terms, do not apply to those -sections when you distribute them as separate works. But when you -distribute the same sections as part of a whole which is a work based -on the Program, the distribution of the whole must be on the terms of -this License, whose permissions for other licensees extend to the -entire whole, and thus to each and every part regardless of who wrote it. - -Thus, it is not the intent of this section to claim rights or contest -your rights to work written entirely by you; rather, the intent is to -exercise the right to control the distribution of derivative or -collective works based on the Program. - -In addition, mere aggregation of another work not based on the Program -with the Program (or with a work based on the Program) on a volume of -a storage or distribution medium does not bring the other work under -the scope of this License. - - 3. You may copy and distribute the Program (or a work based on it, -under Section 2) in object code or executable form under the terms of -Sections 1 and 2 above provided that you also do one of the following: - - a) Accompany it with the complete corresponding machine-readable - source code, which must be distributed under the terms of Sections - 1 and 2 above on a medium customarily used for software interchange; or, - - b) Accompany it with a written offer, valid for at least three - years, to give any third party, for a charge no more than your - cost of physically performing source distribution, a complete - machine-readable copy of the corresponding source code, to be - distributed under the terms of Sections 1 and 2 above on a medium - customarily used for software interchange; or, - - c) Accompany it with the information you received as to the offer - to distribute corresponding source code. (This alternative is - allowed only for noncommercial distribution and only if you - received the program in object code or executable form with such - an offer, in accord with Subsection b above.) - -The source code for a work means the preferred form of the work for -making modifications to it. For an executable work, complete source -code means all the source code for all modules it contains, plus any -associated interface definition files, plus the scripts used to -control compilation and installation of the executable. However, as a -special exception, the source code distributed need not include -anything that is normally distributed (in either source or binary -form) with the major components (compiler, kernel, and so on) of the -operating system on which the executable runs, unless that component -itself accompanies the executable. - -If distribution of executable or object code is made by offering -access to copy from a designated place, then offering equivalent -access to copy the source code from the same place counts as -distribution of the source code, even though third parties are not -compelled to copy the source along with the object code. - - 4. You may not copy, modify, sublicense, or distribute the Program -except as expressly provided under this License. Any attempt -otherwise to copy, modify, sublicense or distribute the Program is -void, and will automatically terminate your rights under this License. -However, parties who have received copies, or rights, from you under -this License will not have their licenses terminated so long as such -parties remain in full compliance. - - 5. You are not required to accept this License, since you have not -signed it. However, nothing else grants you permission to modify or -distribute the Program or its derivative works. These actions are -prohibited by law if you do not accept this License. Therefore, by -modifying or distributing the Program (or any work based on the -Program), you indicate your acceptance of this License to do so, and -all its terms and conditions for copying, distributing or modifying -the Program or works based on it. - - 6. Each time you redistribute the Program (or any work based on the -Program), the recipient automatically receives a license from the -original licensor to copy, distribute or modify the Program subject to -these terms and conditions. You may not impose any further -restrictions on the recipients' exercise of the rights granted herein. -You are not responsible for enforcing compliance by third parties to -this License. - - 7. If, as a consequence of a court judgment or allegation of patent -infringement or for any other reason (not limited to patent issues), -conditions are imposed on you (whether by court order, agreement or -otherwise) that contradict the conditions of this License, they do not -excuse you from the conditions of this License. If you cannot -distribute so as to satisfy simultaneously your obligations under this -License and any other pertinent obligations, then as a consequence you -may not distribute the Program at all. For example, if a patent -license would not permit royalty-free redistribution of the Program by -all those who receive copies directly or indirectly through you, then -the only way you could satisfy both it and this License would be to -refrain entirely from distribution of the Program. - -If any portion of this section is held invalid or unenforceable under -any particular circumstance, the balance of the section is intended to -apply and the section as a whole is intended to apply in other -circumstances. - -It is not the purpose of this section to induce you to infringe any -patents or other property right claims or to contest validity of any -such claims; this section has the sole purpose of protecting the -integrity of the free software distribution system, which is -implemented by public license practices. Many people have made -generous contributions to the wide range of software distributed -through that system in reliance on consistent application of that -system; it is up to the author/donor to decide if he or she is willing -to distribute software through any other system and a licensee cannot -impose that choice. - -This section is intended to make thoroughly clear what is believed to -be a consequence of the rest of this License. - - 8. If the distribution and/or use of the Program is restricted in -certain countries either by patents or by copyrighted interfaces, the -original copyright holder who places the Program under this License -may add an explicit geographical distribution limitation excluding -those countries, so that distribution is permitted only in or among -countries not thus excluded. In such case, this License incorporates -the limitation as if written in the body of this License. - - 9. The Free Software Foundation may publish revised and/or new versions -of the General Public License from time to time. Such new versions will -be similar in spirit to the present version, but may differ in detail to -address new problems or concerns. - -Each version is given a distinguishing version number. If the Program -specifies a version number of this License which applies to it and "any -later version", you have the option of following the terms and conditions -either of that version or of any later version published by the Free -Software Foundation. If the Program does not specify a version number of -this License, you may choose any version ever published by the Free Software -Foundation. - - 10. If you wish to incorporate parts of the Program into other free -programs whose distribution conditions are different, write to the author -to ask for permission. For software which is copyrighted by the Free -Software Foundation, write to the Free Software Foundation; we sometimes -make exceptions for this. Our decision will be guided by the two goals -of preserving the free status of all derivatives of our free software and -of promoting the sharing and reuse of software generally. - - NO WARRANTY - - 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY -FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN -OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES -PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED -OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS -TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE -PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, -REPAIR OR CORRECTION. - - 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING -WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR -REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, -INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING -OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED -TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY -YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER -PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE -POSSIBILITY OF SUCH DAMAGES. - - END OF TERMS AND CONDITIONS - - How to Apply These Terms to Your New Programs - - If you develop a new program, and you want it to be of the greatest -possible use to the public, the best way to achieve this is to make it -free software which everyone can redistribute and change under these terms. - - To do so, attach the following notices to the program. It is safest -to attach them to the start of each source file to most effectively -convey the exclusion of warranty; and each file should have at least -the "copyright" line and a pointer to where the full notice is found. - - - Copyright (C) - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335 USA - - -Also add information on how to contact you by electronic and paper mail. - -If the program is interactive, make it output a short notice like this -when it starts in an interactive mode: - - Gnomovision version 69, Copyright (C) year name of author - Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. - This is free software, and you are welcome to redistribute it - under certain conditions; type `show c' for details. - -The hypothetical commands `show w' and `show c' should show the appropriate -parts of the General Public License. Of course, the commands you use may -be called something other than `show w' and `show c'; they could even be -mouse-clicks or menu items--whatever suits your program. - -You should also get your employer (if you work as a programmer) or your -school, if any, to sign a "copyright disclaimer" for the program, if -necessary. Here is a sample; alter the names: - - Yoyodyne, Inc., hereby disclaims all copyright interest in the program - `Gnomovision' (which makes passes at compilers) written by James Hacker. - - , 1 April 1989 - Ty Coon, President of Vice - -This General Public License does not permit incorporating your program into -proprietary programs. If your program is a subroutine library, you may -consider it more useful to permit linking proprietary applications with the -library. If this is what you want to do, use the GNU Library General -Public License instead of this License. diff --git a/extra/yassl/ChangeLog b/extra/yassl/ChangeLog deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/extra/yassl/FLOSS-EXCEPTIONS b/extra/yassl/FLOSS-EXCEPTIONS deleted file mode 100644 index 47f86ff65f2..00000000000 --- a/extra/yassl/FLOSS-EXCEPTIONS +++ /dev/null @@ -1,121 +0,0 @@ -yaSSL FLOSS License Exception -**************************************** - -Version 0.2, 31 August 2006 - -The Sawtooth Consulting Ltd. Exception for Free/Libre and Open Source -Software-only Applications Using yaSSL Libraries (the "FLOSS Exception"). - -*Exception Intent* - -We want specified Free/Libre and Open Source Software ("FLOSS") -applications to be able to use specified GPL-licensed yaSSL -libraries (the "Program") despite the fact that not all FLOSS -licenses are compatible with version 2 of the GNU General Public -License (the "GPL"). - -*Legal Terms and Conditions* - -As a special exception to the terms and conditions of version 2.0 of -the GPL: - - 1. You are free to distribute a Derivative Work that is formed - entirely from the Program and one or more works (each, a "FLOSS - Work") licensed under one or more of the licenses listed below - in section 1, as long as: - - 1. You obey the GPL in all respects for the Program and the - Derivative Work, except for identifiable sections of the - Derivative Work which are not derived from the Program, - and which can reasonably be considered independent and - separate works in themselves, - - 2. all identifiable sections of the Derivative Work which - are not derived from the Program, and which can reasonably be - considered independent and separate works in themselves, - - * i - - are distributed subject to one of the FLOSS licenses - listed below, and - - * ii - - the object code or executable form of those sections are - accompanied by the complete corresponding machine-readable - source code for those sections on the same medium and under - the same FLOSS license as the corresponding object code or - executable forms of those sections, and - - - 3. any works which are aggregated with the Program or with - a Derivative Work on a volume of a storage or distribution - medium in accordance with the GPL, can reasonably be considered - independent and separate works in themselves which are not - derivatives of either the Program, a Derivative Work or a FLOSS - Work. - - - If the above conditions are not met, then the Program may only be - copied, modified, distributed or used under the terms and - conditions of the GPL or another valid licensing option from - Sawtooth Consulting Ltd. - - 2. FLOSS License List - - *License name* *Version(s)/Copyright Date* - Academic Free License 2.0 - Apache Software License 1.0/1.1/2.0 - Apple Public Source License 2.0 - Artistic license From Perl 5.8.0 - BSD license "July 22 1999" - Common Development and Distribution License (CDDL) 1.0 - Common Public License 1.0 - GNU Library or "Lesser" General Public 2.0/2.1 - License (LGPL) - Jabber Open Source License 1.0 - MIT license - - Mozilla Public License (MPL) 1.0/1.1 - Open Software License 2.0 - PHP License 3.0 - Python license (CNRI Python License) - - Python Software Foundation License 2.1.1 - Sleepycat License "1999" - University of Illinois/NCSA Open Source License - - W3C License "2001" - X11 License "2001" - Zlib/libpng License - - Zope Public License 2.0 - - Due to the many variants of some of the above licenses, we require - that any version follow the 2003 version of the Free Software - Foundation's Free Software Definition - (http://www.gnu.org/philosophy/free-sw.html - (http://www.gnu.org/philosophy/free-sw.html)) or version 1.9 of - the Open Source Definition by the Open Source Initiative - (http://www.opensource.org/docs/definition.php - (http://www.opensource.org/docs/definition.php)). - - 3. Definitions - - 1. Terms used, but not defined, herein shall have the - meaning provided in the GPL. - - 2. Derivative Work means a derivative work under copyright - law. - - - 4. Applicability This FLOSS Exception applies to all Programs that - contain a notice placed by Sawtooth Consulting Ltd. saying that the - Program may be distributed under the terms of this FLOSS Exception. - If you create or distribute a work which is a Derivative Work of - both the Program and any other work licensed under the GPL, then - this FLOSS Exception is not available for that work; thus, you - must remove the FLOSS Exception notice from that work and - comply with the GPL in all respects, including by retaining all - GPL notices. You may choose to redistribute a copy of the - Program exclusively under the terms of the GPL by removing the - FLOSS Exception notice from that copy of the Program, provided - that the copy has never been modified by you or any third party. - - diff --git a/extra/yassl/INSTALL b/extra/yassl/INSTALL deleted file mode 100644 index 5458714e1e2..00000000000 --- a/extra/yassl/INSTALL +++ /dev/null @@ -1,234 +0,0 @@ -Installation Instructions -************************* - -Copyright (C) 1994, 1995, 1996, 1999, 2000, 2001, 2002, 2004, 2005, -2006 Free Software Foundation, Inc. - -This file is free documentation; the Free Software Foundation gives -unlimited permission to copy, distribute and modify it. - -Basic Installation -================== - -Briefly, the shell commands `./configure; make; make install' should -configure, build, and install this package. The following -more-detailed instructions are generic; see the `README' file for -instructions specific to this package. - - The `configure' shell script attempts to guess correct values for -various system-dependent variables used during compilation. It uses -those values to create a `Makefile' in each directory of the package. -It may also create one or more `.h' files containing system-dependent -definitions. Finally, it creates a shell script `config.status' that -you can run in the future to recreate the current configuration, and a -file `config.log' containing compiler output (useful mainly for -debugging `configure'). - - It can also use an optional file (typically called `config.cache' -and enabled with `--cache-file=config.cache' or simply `-C') that saves -the results of its tests to speed up reconfiguring. Caching is -disabled by default to prevent problems with accidental use of stale -cache files. - - If you need to do unusual things to compile the package, please try -to figure out how `configure' could check whether to do them, and mail -diffs or instructions to the address given in the `README' so they can -be considered for the next release. If you are using the cache, and at -some point `config.cache' contains results you don't want to keep, you -may remove or edit it. - - The file `configure.ac' (or `configure.in') is used to create -`configure' by a program called `autoconf'. You need `configure.ac' if -you want to change it or regenerate `configure' using a newer version -of `autoconf'. - -The simplest way to compile this package is: - - 1. `cd' to the directory containing the package's source code and type - `./configure' to configure the package for your system. - - Running `configure' might take a while. While running, it prints - some messages telling which features it is checking for. - - 2. Type `make' to compile the package. - - 3. Optionally, type `make check' to run any self-tests that come with - the package. - - 4. Type `make install' to install the programs and any data files and - documentation. - - 5. You can remove the program binaries and object files from the - source code directory by typing `make clean'. To also remove the - files that `configure' created (so you can compile the package for - a different kind of computer), type `make distclean'. There is - also a `make maintainer-clean' target, but that is intended mainly - for the package's developers. If you use it, you may have to get - all sorts of other programs in order to regenerate files that came - with the distribution. - -Compilers and Options -===================== - -Some systems require unusual options for compilation or linking that the -`configure' script does not know about. Run `./configure --help' for -details on some of the pertinent environment variables. - - You can give `configure' initial values for configuration parameters -by setting variables in the command line or in the environment. Here -is an example: - - ./configure CC=c99 CFLAGS=-g LIBS=-lposix - - *Note Defining Variables::, for more details. - -Compiling For Multiple Architectures -==================================== - -You can compile the package for more than one kind of computer at the -same time, by placing the object files for each architecture in their -own directory. To do this, you can use GNU `make'. `cd' to the -directory where you want the object files and executables to go and run -the `configure' script. `configure' automatically checks for the -source code in the directory that `configure' is in and in `..'. - - With a non-GNU `make', it is safer to compile the package for one -architecture at a time in the source code directory. After you have -installed the package for one architecture, use `make distclean' before -reconfiguring for another architecture. - -Installation Names -================== - -By default, `make install' installs the package's commands under -`/usr/local/bin', include files under `/usr/local/include', etc. You -can specify an installation prefix other than `/usr/local' by giving -`configure' the option `--prefix=PREFIX'. - - You can specify separate installation prefixes for -architecture-specific files and architecture-independent files. If you -pass the option `--exec-prefix=PREFIX' to `configure', the package uses -PREFIX as the prefix for installing programs and libraries. -Documentation and other data files still use the regular prefix. - - In addition, if you use an unusual directory layout you can give -options like `--bindir=DIR' to specify different values for particular -kinds of files. Run `configure --help' for a list of the directories -you can set and what kinds of files go in them. - - If the package supports it, you can cause programs to be installed -with an extra prefix or suffix on their names by giving `configure' the -option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'. - -Optional Features -================= - -Some packages pay attention to `--enable-FEATURE' options to -`configure', where FEATURE indicates an optional part of the package. -They may also pay attention to `--with-PACKAGE' options, where PACKAGE -is something like `gnu-as' or `x' (for the X Window System). The -`README' should mention any `--enable-' and `--with-' options that the -package recognizes. - - For packages that use the X Window System, `configure' can usually -find the X include and library files automatically, but if it doesn't, -you can use the `configure' options `--x-includes=DIR' and -`--x-libraries=DIR' to specify their locations. - -Specifying the System Type -========================== - -There may be some features `configure' cannot figure out automatically, -but needs to determine by the type of machine the package will run on. -Usually, assuming the package is built to be run on the _same_ -architectures, `configure' can figure that out, but if it prints a -message saying it cannot guess the machine type, give it the -`--build=TYPE' option. TYPE can either be a short name for the system -type, such as `sun4', or a canonical name which has the form: - - CPU-COMPANY-SYSTEM - -where SYSTEM can have one of these forms: - - OS KERNEL-OS - - See the file `config.sub' for the possible values of each field. If -`config.sub' isn't included in this package, then this package doesn't -need to know the machine type. - - If you are _building_ compiler tools for cross-compiling, you should -use the option `--target=TYPE' to select the type of system they will -produce code for. - - If you want to _use_ a cross compiler, that generates code for a -platform different from the build platform, you should specify the -"host" platform (i.e., that on which the generated programs will -eventually be run) with `--host=TYPE'. - -Sharing Defaults -================ - -If you want to set default values for `configure' scripts to share, you -can create a site shell script called `config.site' that gives default -values for variables like `CC', `cache_file', and `prefix'. -`configure' looks for `PREFIX/share/config.site' if it exists, then -`PREFIX/etc/config.site' if it exists. Or, you can set the -`CONFIG_SITE' environment variable to the location of the site script. -A warning: not all `configure' scripts look for a site script. - -Defining Variables -================== - -Variables not defined in a site shell script can be set in the -environment passed to `configure'. However, some packages may run -configure again during the build, and the customized values of these -variables may be lost. In order to avoid this problem, you should set -them in the `configure' command line, using `VAR=value'. For example: - - ./configure CC=/usr/local2/bin/gcc - -causes the specified `gcc' to be used as the C compiler (unless it is -overridden in the site shell script). - -Unfortunately, this technique does not work for `CONFIG_SHELL' due to -an Autoconf bug. Until the bug is fixed you can use this workaround: - - CONFIG_SHELL=/bin/bash /bin/bash ./configure CONFIG_SHELL=/bin/bash - -`configure' Invocation -====================== - -`configure' recognizes the following options to control how it operates. - -`--help' -`-h' - Print a summary of the options to `configure', and exit. - -`--version' -`-V' - Print the version of Autoconf used to generate the `configure' - script, and exit. - -`--cache-file=FILE' - Enable the cache: use and save the results of the tests in FILE, - traditionally `config.cache'. FILE defaults to `/dev/null' to - disable caching. - -`--config-cache' -`-C' - Alias for `--cache-file=config.cache'. - -`--quiet' -`--silent' -`-q' - Do not print messages saying which checks are being made. To - suppress all normal output, redirect it to `/dev/null' (any error - messages will still be shown). - -`--srcdir=DIR' - Look for the package's source code in directory DIR. Usually - `configure' can determine that directory automatically. - -`configure' also accepts some other, not widely useful, options. Run -`configure --help' for more details. - diff --git a/extra/yassl/NEWS b/extra/yassl/NEWS deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/extra/yassl/README b/extra/yassl/README deleted file mode 100644 index de1bf5132aa..00000000000 --- a/extra/yassl/README +++ /dev/null @@ -1,786 +0,0 @@ -*** Note, Please read *** - -yaSSL takes a different approach to certificate verification than OpenSSL does. -The default policy for the client is to verify the server, this means that if -you don't load CAs to verify the server you'll get a connect error, unable to -verify. It you want to mimic OpenSSL behavior of not verifying the server and -reducing security you can do this by calling: - -SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0); - -before calling SSL_new(); - -*** end Note *** - -yaSSL Release notes, version 2.4.4 (8/8/2017) - This release of yaSSL fixes an interop issue. A fix for detecting cipher - suites with non leading zeros is included as yaSSL only supports cipher - suites with leading zeros. Thanks for the report from Security Innovation - and Oracle. - - Users interoping with other SSL stacks should update. - -yaSSL Release notes, version 2.4.2 (9/22/2016) - This release of yaSSL fixes a medium security vulnerability. A fix for - potential AES side channel leaks is included that a local user monitoring - the same CPU core cache could exploit. VM users, hyper-threading users, - and users where potential attackers have access to the CPU cache will need - to update if they utilize AES. - - DSA padding fixes for unusual sizes is included as well. Users with DSA - certficiates should update. - -yaSSL Release notes, version 2.4.0 (5/20/2016) - This release of yaSSL fixes the OpenSSL compatibility function - SSL_CTX_load_verify_locations() when using the path directory to allow - unlimited path sizes. Minor Windows build fixes are included. - No high level security fixes in this version but we always recommend - updating. - - -yaSSL Release notes, version 2.3.9b (2/03/2016) - This release of yaSSL fixes the OpenSSL compatibility function - X509_NAME_get_index_by_NID() to use the actual index of the common name - instead of searching on the format prefix. Thanks for the report from - yashwant.sahu@oracle.com . Anyone using this function should update. - -yaSSL Release notes, version 2.3.9 (12/01/2015) - This release of yaSSL fixes two client side Diffie-Hellman problems. - yaSSL was only handling the cases of zero or one leading zeros for the key - agreement instead of potentially any number. This caused about 1 in 50,000 - connections to fail when using DHE cipher suites. The second problem was - the case where a server would send a public value shorter than the prime - value, causing about 1 in 128 client connections to fail, and also - caused the yaSSL client to read off the end of memory. All client side - DHE cipher suite users should update. - Thanks to Adam Langely (agl@imperialviolet.org) for the detailed report! - -yaSSL Release notes, version 2.3.8 (9/17/2015) - This release of yaSSL fixes a high security vulnerability. All users - SHOULD update. If using yaSSL for TLS on the server side with private - RSA keys allowing ephemeral key exchange you MUST update and regenerate - the RSA private keys. This report is detailed in: - https://people.redhat.com/~fweimer/rsa-crt-leaks.pdf - yaSSL now detects RSA signature faults and returns an error. - -yaSSL Patch notes, version 2.3.7e (6/26/2015) - This release of yaSSL includes a fix for Date less than comparison. - Previously yaSSL would return true on less than comparisons if the Dates - were equal. Reported by Oracle. No security problem, but if a cert was - generated right now, a server started using it in the same second, and a - client tried to verify it in the same second it would report not yet valid. - -yaSSL Patch notes, version 2.3.7d (6/22/2015) - This release of yaSSL includes a fix for input_buffer set_current with - index 0. SSL_peek() at front of waiting data could trigger. Robert - Golebiowski of Oracle identified and suggested a fix, thanks! - -yaSSL Patch notes, version 2.3.7c (6/12/2015) - This release of yaSSL does certificate DATE comparisons to the second - instead of to the minute, helpful when using freshly generated certs. - Though keep in mind that time sync differences could still show up. - -yaSSL Patch notes, version 2.3.7b (3/18/2015) - This release of yaSSL fixes a potential crash with corrupted private keys. - Also detects bad keys earlier for user. - -yaSSL Release notes, version 2.3.7 (12/10/2014) - This release of yaSSL fixes the potential to process duplicate handshake - messages by explicitly marking/checking received handshake messages. - -yaSSL Release notes, version 2.3.6 (11/25/2014) - - This release of yaSSL fixes some valgrind warnings/errors including - uninitialized reads and off by one index errors induced from fuzzing - the handshake. These were reported by Oracle. - -yaSSL Release notes, version 2.3.5 (9/29/2014) - - This release of yaSSL fixes an RSA Padding check vulnerability reported by - Intel Security Advanced Threat Research team - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -yaSSL Release notes, version 2.3.4 (8/15/2014) - - This release of yaSSL adds checking to the input_buffer class itself. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -yaSSL Release notes, version 2.3.2 (7/25/2014) - - This release of yaSSL updates test certs. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -*****************yaSSL Release notes, version 2.3.0 (12/5/2013) - - This release of yaSSL updates asm for newer GCC versions. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -*****************yaSSL Release notes, version 2.2.3 (4/23/2013) - - This release of yaSSL updates the test certificates as they were expired - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -*****************yaSSL Release notes, version 2.2.2d (2/5/2013) - - This release of yaSSL contains countermeasuers for the Lucky 13 TLS 1.1 - CBC timing padding attack identified by Nadhem AlFardan and Kenneth Paterson - see: http://www.isg.rhul.ac.uk/tls/ - - It also adds SHA2 certificate verification and better checks for malicious - input. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -*****************yaSSL Release notes, version 2.2.2 (7/5/2012) - - This release of yaSSL contains bug fixes and more security checks around - malicious certificates. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -*****************yaSSL Release notes, version 2.1.2 (9/2/2011) - - This release of yaSSL contains bug fixes, better non-blocking support with - SSL_write, and OpenSSL RSA public key format support. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -*****************yaSSL Release notes, version 2.0.0 (7/6/2010) - - This release of yaSSL contains bug fixes, new testing certs, - and a security patch for a potential heap overflow on forged application - data processing. Vulnerability discovered by Matthieu Bonetti from VUPEN - Security http://www.vupen.com. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -*****************yaSSL Release notes, version 1.9.9 (1/26/2010) - - This release of yaSSL contains bug fixes, the removal of assert() s and - a security patch for a buffer overflow possibility in certificate name - processing. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -*****************yaSSL Release notes, version 1.9.8 (10/14/09) - - This release of yaSSL contains bug fixes and adds new stream ciphers - Rabbit and HC-128 - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -*****************yaSSL Release notes, version 1.9.6 (11/13/08) - - This release of yaSSL contains bug fixes, adds autconf shared library - support and has better server suite detection based on certficate and - private key. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -*****************yaSSL Release notes, version 1.9.2 (9/24/08) - - This release of yaSSL contains bug fixes and improved certificate verify - callback support. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -*****************yaSSL Release notes, version 1.8.8 (5/7/08) - - This release of yaSSL contains bug fixes, and better socket handling. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -*****************yaSSL Release notes, version 1.8.6 (1/31/08) - - This release of yaSSL contains bug fixes, and fixes security problems - associated with using SSL 2.0 client hellos and improper input handling. - Please upgrade to this version if you are using a previous one. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -*****************yaSSL Release notes, version 1.7.5 (10/15/07) - - This release of yaSSL contains bug fixes, adds MSVC 2005 project support, - GCC 4.2 support, IPV6 support and test, and new test certificates. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -*****************yaSSL Release notes, version 1.7.2 (8/20/07) - - This release of yaSSL contains bug fixes and adds initial OpenVPN support. - Just configure at this point and beginning of build. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -*****************yaSSL Release notes, version 1.6.8 (4/16/07) - - This release of yaSSL contains bug fixes and adds SHA-256, SHA-512, SHA-224, - and SHA-384. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - - -*****************yaSSL Release notes, version 1.6.0 (2/22/07) - - This release of yaSSL contains bug fixes, portability enhancements, and - better X509 support. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0 and note in 1.5.8. - -*****************yaSSL Release notes, version 1.5.8 (1/10/07) - - This release of yaSSL contains bug fixes, portability enhancements, and - support for GCC 4.1.1 and vs2005 sp1. - - - - Since yaSSL now supports zlib, as does libcurl, the libcurl build test can - fail if yaSSL is built with zlib support since the zlib library isn't - passed. You can do two things to fix this: - - 1) build yaSSL w/o zlib --without-zlib - 2) or add flags to curl configure LDFLAGS="-lm -lz" - - - -*****************yaSSL Release notes, version 1.5.0 (11/09/06) - - This release of yaSSL contains bug fixes, portability enhancements, - and full TLS 1.1 support. Use the functions: - - SSL_METHOD *TLSv1_1_server_method(void); - SSL_METHOD *TLSv1_1_client_method(void); - - or the SSLv23 versions (even though yaSSL doesn't support SSL 2.0 the v23 - means to pick the highest of SSL 3.0, TLS 1.0, or TLS 1.1). - - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0. - - - -****************yaSSL Release notes, version 1.4.5 (10/15/06) - - - This release of yaSSL contains bug fixes, portability enhancements, - zlib compression support, removal of assembly instructions at runtime if - not supported, and initial TLS 1.1 support. - - - Compression Notes: yaSSL uses zlib for compression and the compression - should only be used if yaSSL is at both ends because the implementation - details aren't yet standard. If you'd like to turn compression on use - the SSL_set_compression() function on the client before calling - SSL_connect(). If both the client and server were built with zlib support - then the connection will use compression. If the client isn't built with - support then SSL_set_compression() will return an error (-1). - - To build yaSSL with zlib support on Unix simply have zlib support on your - system and configure will find it if it's in the standard locations. If - it's somewhere else use the option ./configure --with-zlib=DIR. If you'd - like to disable compression support in yaSSL use ./configure --without-zlib. - - To build yaSSL with zlib support on Windows: - - 1) download zlib from http://www.zlib.net/ - 2) follow the instructions in zlib from projects/visualc6/README.txt - for how to add the zlib project into the yaSSL workspace noting that - you'll need to add configuration support for "Win32 Debug" and - "Win32 Release" in note 3 under "To use:". - 3) define HAVE_LIBZ when building yaSSL - - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0. - - -********************yaSSL Release notes, version 1.4.0 (08/13/06) - - - This release of yaSSL contains bug fixes, portability enhancements, - nonblocking connect and accept, better OpenSSL error mapping, and - certificate caching for session resumption. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0. - - -********************yaSSL Release notes, version 1.3.7 (06/26/06) - - - This release of yaSSL contains bug fixes, portability enhancements, - and libcurl 7.15.4 support (any newer versions may not build). - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0. - - -********************yaSSL Release notes, version 1.3.5 (06/01/06) - - - This release of yaSSL contains bug fixes, portability enhancements, - better libcurl support, and improved non-blocking I/O. - -See normal build instructions below under 1.0.6. -See libcurl build instructions below under 1.3.0. - - -********************yaSSL Release notes, version 1.3.0 (04/26/06) - - - This release of yaSSL contains minor bug fixes, portability enhancements, - and libcurl support. - -See normal build instructions below under 1.0.6. - - ---To build for libcurl on Linux, Solaris, *BSD, Mac OS X, or Cygwin: - - To build for libcurl the library needs to be built without C++ globals since - the linker will be called in a C context, also libcurl configure will expect - OpenSSL library names so some symbolic links are created. - - ./configure --enable-pure-c - make - make openssl-links - - (then go to your libcurl home and tell libcurl about yaSSL build dir) - ./configure --with-ssl=/yaSSL-BuildDir LDFLAGS=-lm - make - - ---To build for libcurl on Win32: - - Simply add the yaSSL project as a dependency to libcurl, add - yaSSL-Home\include and yaSSL-Home\include\openssl to the include list, and - define USE_SSLEAY and USE_OPENSSL - - please email todd@yassl.com if you have any questions. - - -*******************yaSSL Release notes, version 1.2.2 (03/27/06) - - - This release of yaSSL contains minor bug fixes and portability enhancements. - -See build instructions below under 1.0.6: - - - -*******************yaSSL Release notes, version 1.2.0 - - - This release of yaSSL contains minor bug fixes, portability enhancements, - Diffie-Hellman compatibility fixes for other servers and client, - optimization improvements, and x86 ASM changes. - -See build instructions below under 1.0.6: - - - -*****************yaSSL Release notes, version 1.1.5 - - This release of yaSSL contains minor bug fixes, portability enhancements, - and user requested changes including the ability to add all certificates in - a directory, more robust socket handling, no new overloading unless - requested, and an SSL_VERIFY_NONE option. - - -See build instructions below under 1.0.6: - - - -******************yaSSL Release notes, version 1.0.6 - -This release of yaSSL contains minor bug fixes, portability enhancements, -x86 assembly for ARC4, SHA, MD5, and RIPEMD, --enable-ia32-asm configure -option, and a security patch for certificate chain processing. - ---To build on Linux, Solaris, *BSD, Mac OS X, or Cygwin: - - ./configure - make - - run testsuite from yaSSL-Home/testsuite to test the build - -to make a release build: - - ./configure --disable-debug - make - - run testsuite from yaSSL-Home/testsuite to test the build - - ---To build on Win32 - -Choose (Re)Build All from the project workspace - -run Debug\testsuite.exe from yaSSL-Home\testsuite to test the build - - - -***************** yaSSL Release notes, version 1.0.5 - -This release of yaSSL contains minor bug fixes, portability enhancements, -x86 assembly for AES, 3DES, BLOWFISH, and TWOFISH, --without-debug configure -option, and --enable-kernel-mode configure option for using TaoCrypt with -kernel modules. - ---To build on Linux, Solaris, *BSD, Mac OS X, or Cygwin: - - ./configure - make - - run testsuite from yaSSL-Home/testsuite to test the build - -to make a release build: - - ./configure --without-debug - make - - run testsuite from yaSSL-Home/testsuite to test the build - - ---To build on Win32 - -Choose (Re)Build All from the project workspace - -run Debug\testsuite.exe from yaSSL-Home\testsuite to test the build - - -******************yaSSL Release notes, version 1.0.1 - -This release of yaSSL contains minor bug fixes, portability enhancements, -GCC 3.4.4 support, MSVC 2003 support, and more documentation. - -Please see build instructions in the release notes for 0.9.6 below. - - -******************yaSSL Release notes, version 1.0 - -This release of yaSSL contains minor bug fixes, portability enhancements, -GCC 4.0 support, testsuite, improvements, and API additions. - -Please see build instructions in the release notes for 0.9.6 below. - - -******************yaSSL Release notes, version 0.9.9 - -This release of yaSSL contains minor bug fixes, portability enchancements, -MSVC 7 support, memory improvements, and API additions. - -Please see build instructions in the release notes for 0.9.6 below. - - -******************yaSSL Release notes, version 0.9.8 - -This release of yaSSL contains minor bug fixes and portability enchancements. - -Please see build instructions in the release notes for 0.9.6 below. - - -******************yaSSL Release notes, version 0.9.6 - -This release of yaSSL contains minor bug fixes, removal of STL support, and -removal of exceptions and rtti so that the library can be linked without the -std c++ library. - ---To build on Linux, Solaris, FreeBSD, Mac OS X, or Cygwin - -./configure -make - -run testsuite from yaSSL-Home/testsuite to test the build - - ---To build on Win32 - -Choose (Re)Build All from the project workspace - -run Debug\testsuite.exe from yaSSL-Home\testsuite to test the build - - - -******************yaSSL Release notes, version 0.9.2 - -This release of yaSSL contains minor bug fixes, expanded certificate -verification and chaining, and improved documentation. - -Please see build instructions in release notes 0.3.0. - - - -******************yaSSL Release notes, version 0.9.0 - -This release of yaSSL contains minor bug fixes, client verification handling, -hex and base64 encoing/decoding, and an improved test suite. - -Please see build instructions in release notes 0.3.0. - - -******************yaSSL Release notes, version 0.8.0 - -This release of yaSSL contains minor bug fixes, and initial porting effort to -64bit, BigEndian, and more UNIX systems. - -Please see build instructions in release notes 0.3.0. - - -******************yaSSL Release notes, version 0.6.0 - -This release of yaSSL contains minor bug fixes, source cleanup, and binary beta -(1) of the yaSSL libraries. - -Please see build instructions in release notes 0.3.0. - - - -******************yaSSL Release notes, version 0.5.0 - -This release of yaSSL contains minor bug fixes, full session resumption -support, and initial testing suite support. - - - -Please see build instructions in release notes 0.3.0. - - - -******************yaSSL Release notes, version 0.4.0 - -This release of yaSSL contains minor bug fixes, an optional memory tracker, -an echo client and server with input/output redirection for load testing, -and initial session caching support. - - -Please see build instructions in release notes 0.3.0. - - -******************yaSSL Release notes, version 0.3.5 - -This release of yaSSL contains minor bug fixes and extensions to the crypto -library including a full test suite. - - -*******************yaSSL Release notes, version 0.3.0 - -This release of yaSSL contains minor bug fixes and extensions to the crypto -library including AES and an improved random number generator. GNU autoconf -and automake are now used to simplify the build process on Linux. - -*** Linux Build process - -./configure -make - -*** Windows Build process - -open the yassl workspace and build the project - - -*******************yaSSL Release notes, version 0.2.9 - -This release of yaSSL contains minor bug fixes and extensions to the crypto -library. - -See the notes at the bottom of this page for build instructions. - - -*******************yaSSL Release notes, version 0.2.5 - -This release of yaSSL contains minor bug fixes and a beta binary of the yaSSL -libraries for win32 and linux. - -See the notes at the bottom of this page for build instructions. - - - -*******************yaSSL Release notes, version 0.2.0 - -This release of yaSSL contains minor bug fixes and initial alternate crypto -functionality. - -*** Complete Build *** - -See the notes in Readme.txt for build instructions. - -*** Update Build *** - -If you have already done a complete build of yaSSL as described in the release -0.0.1 - 0.1.0 notes and downloaded the update to 0.2.0, place the update file -yassl-update-0.2.0.tar.gz in the yaSSL home directory and issue the command: - -gzip -cd yassl-update-0.2.0.tar.gz | tar xvf - - -to update the previous release. - -Then issue the make command on linux or rebuild the yaSSL project on Windows. - -*******************yaSSL Release notes, version 0.1.0 - -This release of yaSSL contains minor bug fixes, full client and server TLSv1 -support including full ephemeral Diffie-Hellman support, SSL type RSA and DSS -signing and verification, and initial stunnel 4.05 build support. - - - -*********************yaSSL Release notes, version 0.0.3 - -The third release of yaSSL contains minor bug fixes, client certificate -enhancements, and initial ephemeral Diffie-Hellman integration: - - - -********************* - -yaSSL Release notes, version 0.0.2 - -The second release of yaSSL contains minor bug fixes, client certificate -enhancements, session resumption, and improved TLS support including: - -- HMAC for MD5 and SHA-1 -- PRF (pseudo random function) -- Master Secret and Key derivation routines -- Record Authentication codes -- Finish verify data check - -Once ephemeral RSA and DH are added yaSSL will be fully complaint with TLS. - - - -********************** - -yassl Release notes, version 0.0.1 - -The first release of yassl supports normal RSA mode SSLv3 connections with -support for SHA-1 and MD5 digests. Ciphers include DES, 3DES, and RC4. - -yassl uses the CryptoPP library for cryptography, the source is available at -www.cryptopp.com . - -yassl uses CML (the Certificate Management Library) for x509 support. More -features will be in future versions. The CML source is available for download -from www.digitalnet.com/knowledge/cml_home.htm . - -The next release of yassl will support the 3 lesser-used SSL connection modes; -HandShake resumption, Ephemeral RSA (or DH), and Client Authentication as well -as full support for TLS. Backwards support for SSLv2 is not planned at this -time. - - -********************** - -Building yassl on linux: - -use the ./buildall script to build everything. - -buildall will configure and build CML, CryptoPP, and yassl. Testing was -preformed with gcc version 3.3.2 on kernel 2.4.22. - - -********************** - -Building yassl on Windows: - -Testing was preformed on Windows 2000 with Visual C++ 6 sp5. - -1) decompress esnacc_r16.tgz in place, see buildall for syntax if unsure - -2) decompress smp_r23.tgz in place - -3) unzip cryptopp51/crypto51.zip in place - -4) Build SNACC (part of CML) using snacc_builds.dsw in the SNACC directory - -5) Build SMP (part of CMP) using smp.dsw in the smp directory - -6) Build yassl using yassl.dsw - - -********************** - -examples, server and client: - -Please see the server and client examples in both versions to see how to link -to yassl and the support libraries. On linux do 'make server' and 'make -client' to build them. On Windows you will find the example projects in the -main workspace, yassl.dsw. - -The example server and client are compatible with openssl. - - -********************** - -Building yassl into mysql on linux: - -Testing was done using mysql version 4.0.17. - -alter openssl_libs in the configure file, line 21056. Change '-lssl -lcrypto' -to '-lyassl -lcryptopp -lcmapi -lcmlasn -lctil -lc++asn1'. - -see build/config_command for the configure command used to configure mysql -please change /home/touska/ to the relevant directory of course. - -add yassl/lib to the LD_LIBRARY_PATH because libmysql/conf_to_src does not -use the ssl lib directory though it does use the ssl libraries. - -make - -make install - - -********************* - -License: yassl is currently under the GPL, please see license information -in the source and include files. - - -********************* - -Contact: please send comments or questions to Todd A Ouska at todd@yassl.com -and/or Larry Stefonic at larry@yassl.com. - - - diff --git a/extra/yassl/certs/ca-cert.pem b/extra/yassl/certs/ca-cert.pem deleted file mode 100644 index 7e64eb47961..00000000000 --- a/extra/yassl/certs/ca-cert.pem +++ /dev/null @@ -1,87 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEqjCCA5KgAwIBAgIJAJpBR82hFGKMMA0GCSqGSIb3DQEBBQUAMIGUMQswCQYD -VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G -A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 -dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe -Fw0xNDA3MTEwMzIwMDhaFw0xNzA0MDYwMzIwMDhaMIGUMQswCQYDVQQGEwJVUzEQ -MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3 -dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns -LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAL8Myi0Ush6EQlvNOB9K8k11EPG2NZ/fyn0D -mNOs3gNm7irx2LB9bgdUCxCYIU2AyxIg58xP3kV9yXJ3MurKkLtpUhADL6jzlcXx -i2JWG+9nb6QQQZWtCpvjpcCw0nB2UDBbqOgILHztp6J6jTgpHKzH7fJ8lbCVgn1J -XDjNdyXvvYB1U5Q8PcpjW58VtdMdEy8Z0TzbdjrMuH3J5cLX2kBv2CHccxtCLVOc -/hr8fat6Nj+Y3oR8BWfOahQ4h6nxjLVoy2h/cSAr9aBj9VYvoybSt2+xWhfXOJkI -/pNYb/7DE0kIFgunTWcAUjFnI06Y7VFFHbkE2Qvs2CizS73tNnkCAwEAAaOB/DCB -+TAdBgNVHQ4EFgQUJ45nEXTDJh0/7TNjs6TYHTDl6NUwgckGA1UdIwSBwTCBvoAU -J45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYD -VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290 -aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t -MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAmkFHzaEUYowwDAYD -VR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAeXgMbXmIkfw6FZz5J2IW8CEf -+n0/oqgyHvfyEal0FnRe3BjK8AAq1QMGJjDxR4P9Mm787apPfQxjYDEvfAy/mWaH -7ScIhi3EM+iYIxz+o9uaSU78WkLvccM/rdxKqNKjHQmsMwR7hvNtAFmjyNvRPHP2 -DpDWXkngvzZjCHulsI81O1aMETVJBBzQ57pWxQ0KkY3Wt2IZNBJSTNJtfMU9DxiB -VMv2POWE0tZxFewaNAvwoCF0Q8ijsN/ZZ9rirZNI+KCHvXkU4GIK3/cxLjF70TIq -Cv5dFO/ZZFDkg5G8cA3XiI3ZvIQOxRqzv2QCTlGRpKKFFYOv8FubKElfsrMD2A== ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 9a:41:47:cd:a1:14:62:8c - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com - Validity - Not Before: Jul 11 03:20:08 2014 GMT - Not After : Apr 6 03:20:08 2017 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:bf:0c:ca:2d:14:b2:1e:84:42:5b:cd:38:1f:4a: - f2:4d:75:10:f1:b6:35:9f:df:ca:7d:03:98:d3:ac: - de:03:66:ee:2a:f1:d8:b0:7d:6e:07:54:0b:10:98: - 21:4d:80:cb:12:20:e7:cc:4f:de:45:7d:c9:72:77: - 32:ea:ca:90:bb:69:52:10:03:2f:a8:f3:95:c5:f1: - 8b:62:56:1b:ef:67:6f:a4:10:41:95:ad:0a:9b:e3: - a5:c0:b0:d2:70:76:50:30:5b:a8:e8:08:2c:7c:ed: - a7:a2:7a:8d:38:29:1c:ac:c7:ed:f2:7c:95:b0:95: - 82:7d:49:5c:38:cd:77:25:ef:bd:80:75:53:94:3c: - 3d:ca:63:5b:9f:15:b5:d3:1d:13:2f:19:d1:3c:db: - 76:3a:cc:b8:7d:c9:e5:c2:d7:da:40:6f:d8:21:dc: - 73:1b:42:2d:53:9c:fe:1a:fc:7d:ab:7a:36:3f:98: - de:84:7c:05:67:ce:6a:14:38:87:a9:f1:8c:b5:68: - cb:68:7f:71:20:2b:f5:a0:63:f5:56:2f:a3:26:d2: - b7:6f:b1:5a:17:d7:38:99:08:fe:93:58:6f:fe:c3: - 13:49:08:16:0b:a7:4d:67:00:52:31:67:23:4e:98: - ed:51:45:1d:b9:04:d9:0b:ec:d8:28:b3:4b:bd:ed: - 36:79 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - 27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 - X509v3 Authority Key Identifier: - keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 - DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:9A:41:47:CD:A1:14:62:8C - - X509v3 Basic Constraints: - CA:TRUE - Signature Algorithm: sha1WithRSAEncryption - 79:78:0c:6d:79:88:91:fc:3a:15:9c:f9:27:62:16:f0:21:1f: - fa:7d:3f:a2:a8:32:1e:f7:f2:11:a9:74:16:74:5e:dc:18:ca: - f0:00:2a:d5:03:06:26:30:f1:47:83:fd:32:6e:fc:ed:aa:4f: - 7d:0c:63:60:31:2f:7c:0c:bf:99:66:87:ed:27:08:86:2d:c4: - 33:e8:98:23:1c:fe:a3:db:9a:49:4e:fc:5a:42:ef:71:c3:3f: - ad:dc:4a:a8:d2:a3:1d:09:ac:33:04:7b:86:f3:6d:00:59:a3: - c8:db:d1:3c:73:f6:0e:90:d6:5e:49:e0:bf:36:63:08:7b:a5: - b0:8f:35:3b:56:8c:11:35:49:04:1c:d0:e7:ba:56:c5:0d:0a: - 91:8d:d6:b7:62:19:34:12:52:4c:d2:6d:7c:c5:3d:0f:18:81: - 54:cb:f6:3c:e5:84:d2:d6:71:15:ec:1a:34:0b:f0:a0:21:74: - 43:c8:a3:b0:df:d9:67:da:e2:ad:93:48:f8:a0:87:bd:79:14: - e0:62:0a:df:f7:31:2e:31:7b:d1:32:2a:0a:fe:5d:14:ef:d9: - 64:50:e4:83:91:bc:70:0d:d7:88:8d:d9:bc:84:0e:c5:1a:b3: - bf:64:02:4e:51:91:a4:a2:85:15:83:af:f0:5b:9b:28:49:5f: - b2:b3:03:d8 diff --git a/extra/yassl/certs/ca-key.pem b/extra/yassl/certs/ca-key.pem deleted file mode 100644 index 774feba0548..00000000000 --- a/extra/yassl/certs/ca-key.pem +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEAvwzKLRSyHoRCW804H0ryTXUQ8bY1n9/KfQOY06zeA2buKvHY -sH1uB1QLEJghTYDLEiDnzE/eRX3Jcncy6sqQu2lSEAMvqPOVxfGLYlYb72dvpBBB -la0Km+OlwLDScHZQMFuo6AgsfO2nonqNOCkcrMft8nyVsJWCfUlcOM13Je+9gHVT -lDw9ymNbnxW10x0TLxnRPNt2Osy4fcnlwtfaQG/YIdxzG0ItU5z+Gvx9q3o2P5je -hHwFZ85qFDiHqfGMtWjLaH9xICv1oGP1Vi+jJtK3b7FaF9c4mQj+k1hv/sMTSQgW -C6dNZwBSMWcjTpjtUUUduQTZC+zYKLNLve02eQIDAQABAoIBAD1uTmAahH+dhXzh -Swd84NaZKt6d+TY0DncOPgjqT+UGJtT2OPffDQ8cLgai9CponGNy4zXmBJGRtcGx -pFSs18b7QaDWdW+9C06/sVLoX0kmmFZHx97p6jxgAb8o3DG/SV+TSYd6gVuWS03K -XDhPt+Gy08ch2jwShwfkG9xD7OjsVGHn9u2mCy7134J/xh9hGZykgznfIYWJb3ev -hhUyCKJaCyZh+3AMypw4fbwi7uujqBYA+YqAHgCEqEpB+IQDZy8jWy+baybDBzSU -owM7ctWfcuCtzDSrvcfV9SYwhQ8wIzlS/zzLmSFNiKWr7mK5x+C7R4fBac9z8zC+ -zjkEnOUCgYEA4XZFgFm200nfCu8S1g/wt8sqN7+n+LVN9TE1reSjlKHb8ZattQVk -hYP8G1spqr74Jj92fq0c8MvXJrQbBY5Whn4IYiHBhtZHeT63XaTGOtexdCD2UJdB -BFPtPybWb5H6aCbsKtya8efc+3PweUMbIaNZBGNSB8nX5tEbXV6W+lMCgYEA2O1O -ZGFrkQxhAbUPu0RnUx7cB8Qkfp5shCORDOQSBBZNeJjMlj0gTg9Fmrb4s5MNsqIb -KfImecjF0nh+XnPy13Bhu0DOYQX+aR6CKeYUuKHnltAjPwWTAPLhTX7tt5Zs9/Dk -0c8BmE/cdFSqbV5aQTH+/5q2oAXdqRBU+GvQqoMCgYAh0wSKROtQt3xmv4cr5ihO -6oPi6TXh8hFH/6H1/J8t5TqB/AEDb1OtVCe2Uu7lVtETq+GzD3WQCoS0ocCMDNae -RrorPrUx7WO7pNUNj3LN0R4mNeu+G3L9mzm0h7cT9eqDRZOYuo/kSsy0TKh/CLpB -SahJKD1ePcHONwDL+SzdUQKBgQChV58+udavg22DP4/70NyozgMJI7GhG2PKxElW -NSvRLmVglQVVmRE1/dXfRMeliHJfsoJRqHFFkzbPXB9hUQwFgOivxXu6XiLjPHXD -hAVVbdY6LYSJkzPLONqqMQXNzmwt3VXTVwvwpTVqsK4xukOWygDHS+MZEkPTQvpv -6oDA0QKBgQC524kgNCdwYjTqXyViEvOdgb9I7poOwY0Q/2WanS0aipRayMClpYRh -ntQkue+pncl3C8dwZj26yFTf0jPh9X/5J2G+V0Xdt0UXJPUj5DgOkSfu4yDYFMiU -R3dAd0UYng3OeT9XMVYJSWe+lFhP9sSr4onj44rABVUsJMBKlwQnmg== ------END RSA PRIVATE KEY----- diff --git a/extra/yassl/certs/client-cert.der b/extra/yassl/certs/client-cert.der deleted file mode 100644 index 293985adb974f6aefe00cbcd63701ea735fbcfa6..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 1198 zcmXqLVp(O-#5`#MGZP~d6DPyA^$sF`Bka8iFq&)E*|#s{G7DlU>`#f10j$u zZXWJ{qWtut#N6D>ymUhe12K>&GY@}xdAS})ZEsVVgi|YY55LF z3Jm1Lc@0er%nc0<&5bQhOrn5Xa|06tGbnekI=hKc2|0inSs9p{82K3tni#p5niv@w z4l`fW{%5(w$kjUdM2ogoP06gitF(gH-LEY(+r)0vcVSm%^|8Y)^R6^{{MF4^)SbS2 zVd)7o9j{B$-@A96=l%Kq&BsQ$>e?%w%s=ml;&Az{q^HwFViOv&rQ28UANzF`UQa(D>w`q*DG*4 ziySRU-(u91-`jSm!(pab^Da4uA|>(bL8&Um8_vC#JiG3HMNahrA?7Q7MZ5vI){Ctd z&y1UU;wDe)=9^tNL)32P{#vv9zpBrXisv_(vq>;@v%b*8{f~ z<~i1N>qN~uUGAOrmF+*%dbwxG{(D?*+K0{Koa6j6RME(-iL-5Gb&1TpD6Rd>l@m{Y z(yTuz+SIu-_-q~fgq5*n4<+MxBX&ey<-M=GIy<>ca^9T#8^S$vF0@TQoMZFrLD(Vb z#|xdLB9dC?mPj^ptdE@VW9HuU%U-YePM%8a;_Y%eGvTG)p^)PGxb?k{j83~MT$A*T ME;l^GuX~^l0F5cF6aWAK diff --git a/extra/yassl/certs/client-cert.pem b/extra/yassl/certs/client-cert.pem deleted file mode 100644 index 38330d5380e..00000000000 --- a/extra/yassl/certs/client-cert.pem +++ /dev/null @@ -1,87 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - b6:63:af:8f:5d:62:57:a0 - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=wolfSSL, OU=Programming, CN=www.wolfssl.com/emailAddress=info@wolfssl.com - Validity - Not Before: Jul 11 17:39:44 2014 GMT - Not After : Apr 6 17:39:44 2017 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL, OU=Programming, CN=www.wolfssl.com/emailAddress=info@wolfssl.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:c3:03:d1:2b:fe:39:a4:32:45:3b:53:c8:84:2b: - 2a:7c:74:9a:bd:aa:2a:52:07:47:d6:a6:36:b2:07: - 32:8e:d0:ba:69:7b:c6:c3:44:9e:d4:81:48:fd:2d: - 68:a2:8b:67:bb:a1:75:c8:36:2c:4a:d2:1b:f7:8b: - ba:cf:0d:f9:ef:ec:f1:81:1e:7b:9b:03:47:9a:bf: - 65:cc:7f:65:24:69:a6:e8:14:89:5b:e4:34:f7:c5: - b0:14:93:f5:67:7b:3a:7a:78:e1:01:56:56:91:a6: - 13:42:8d:d2:3c:40:9c:4c:ef:d1:86:df:37:51:1b: - 0c:a1:3b:f5:f1:a3:4a:35:e4:e1:ce:96:df:1b:7e: - bf:4e:97:d0:10:e8:a8:08:30:81:af:20:0b:43:14: - c5:74:67:b4:32:82:6f:8d:86:c2:88:40:99:36:83: - ba:1e:40:72:22:17:d7:52:65:24:73:b0:ce:ef:19: - cd:ae:ff:78:6c:7b:c0:12:03:d4:4e:72:0d:50:6d: - 3b:a3:3b:a3:99:5e:9d:c8:d9:0c:85:b3:d9:8a:d9: - 54:26:db:6d:fa:ac:bb:ff:25:4c:c4:d1:79:f4:71: - d3:86:40:18:13:b0:63:b5:72:4e:30:c4:97:84:86: - 2d:56:2f:d7:15:f7:7f:c0:ae:f5:fc:5b:e5:fb:a1: - ba:d3 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - 33:D8:45:66:D7:68:87:18:7E:54:0D:70:27:91:C7:26:D7:85:65:C0 - X509v3 Authority Key Identifier: - keyid:33:D8:45:66:D7:68:87:18:7E:54:0D:70:27:91:C7:26:D7:85:65:C0 - DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL/OU=Programming/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:B6:63:AF:8F:5D:62:57:A0 - - X509v3 Basic Constraints: - CA:TRUE - Signature Algorithm: sha1WithRSAEncryption - 85:10:90:c5:5d:de:25:8c:f2:57:7b:2d:14:1c:05:f9:71:63: - 40:b0:e3:c1:c1:2e:13:2a:7a:b7:d6:24:58:87:eb:03:fb:0d: - af:e0:f4:d0:c8:bc:51:36:10:4f:79:cc:4f:66:7d:af:99:cb: - 7b:ce:68:94:c6:36:aa:42:6e:8c:78:5b:b2:85:ca:d1:e1:a8: - 31:d1:81:d9:f9:c1:a3:9e:34:43:ef:0a:79:7d:3e:83:61:fc: - 14:5c:d1:dd:bc:0e:d7:51:b7:71:6e:41:7e:8b:2c:5a:9a:cb: - 77:4b:6a:f5:06:ff:02:af:1e:e6:63:4f:bc:44:d9:3f:56:9e: - 09:9c:43:f9:55:21:32:46:82:09:86:a9:7b:74:1c:9e:5a:2a: - bf:03:79:91:cb:f2:29:7f:c9:15:82:89:b9:53:cd:7e:07:90: - a9:5d:76:e1:19:5e:0d:58:b8:59:d5:0d:df:23:ab:6b:63:76: - 19:9e:9c:df:b0:57:49:6c:d0:86:97:c3:6c:3c:fa:e0:56:c2: - 1b:e3:a1:42:1a:58:62:85:9d:74:19:83:08:af:59:90:f8:99: - bd:67:d3:4a:ea:0e:c9:ca:61:8a:0d:8a:42:cc:90:e9:2e:c2: - 54:73:7f:5e:af:8d:e2:32:cb:45:20:d6:19:4d:5b:77:31:cc: - 0f:2d:c0:7e ------BEGIN CERTIFICATE----- -MIIEqjCCA5KgAwIBAgIJALZjr49dYlegMA0GCSqGSIb3DQEBBQUAMIGUMQswCQYD -VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEQMA4G -A1UECgwHd29sZlNTTDEUMBIGA1UECwwLUHJvZ3JhbW1pbmcxGDAWBgNVBAMMD3d3 -dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe -Fw0xNDA3MTExNzM5NDRaFw0xNzA0MDYxNzM5NDRaMIGUMQswCQYDVQQGEwJVUzEQ -MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEQMA4GA1UECgwHd29s -ZlNTTDEUMBIGA1UECwwLUHJvZ3JhbW1pbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns -LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAMMD0Sv+OaQyRTtTyIQrKnx0mr2qKlIHR9am -NrIHMo7Quml7xsNEntSBSP0taKKLZ7uhdcg2LErSG/eLus8N+e/s8YEee5sDR5q/ -Zcx/ZSRppugUiVvkNPfFsBST9Wd7Onp44QFWVpGmE0KN0jxAnEzv0YbfN1EbDKE7 -9fGjSjXk4c6W3xt+v06X0BDoqAgwga8gC0MUxXRntDKCb42GwohAmTaDuh5AciIX -11JlJHOwzu8Zza7/eGx7wBID1E5yDVBtO6M7o5lencjZDIWz2YrZVCbbbfqsu/8l -TMTRefRx04ZAGBOwY7VyTjDEl4SGLVYv1xX3f8Cu9fxb5fuhutMCAwEAAaOB/DCB -+TAdBgNVHQ4EFgQUM9hFZtdohxh+VA1wJ5HHJteFZcAwgckGA1UdIwSBwTCBvoAU -M9hFZtdohxh+VA1wJ5HHJteFZcChgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYD -VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRAwDgYDVQQKDAd3b2xmU1NM -MRQwEgYDVQQLDAtQcm9ncmFtbWluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t -MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAtmOvj11iV6AwDAYD -VR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAhRCQxV3eJYzyV3stFBwF+XFj -QLDjwcEuEyp6t9YkWIfrA/sNr+D00Mi8UTYQT3nMT2Z9r5nLe85olMY2qkJujHhb -soXK0eGoMdGB2fnBo540Q+8KeX0+g2H8FFzR3bwO11G3cW5BfossWprLd0tq9Qb/ -Aq8e5mNPvETZP1aeCZxD+VUhMkaCCYape3QcnloqvwN5kcvyKX/JFYKJuVPNfgeQ -qV124RleDVi4WdUN3yOra2N2GZ6c37BXSWzQhpfDbDz64FbCG+OhQhpYYoWddBmD -CK9ZkPiZvWfTSuoOycphig2KQsyQ6S7CVHN/Xq+N4jLLRSDWGU1bdzHMDy3Afg== ------END CERTIFICATE----- diff --git a/extra/yassl/certs/client-key.der b/extra/yassl/certs/client-key.der deleted file mode 100644 index 94dc253a2bd214f1c2c9a99c5d7c649e5da5ded9..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 1192 zcmV;Z1Xueof&`=j0RRGm0RaHR1JNt~Iixa0J5$JnD=K_+n!TzjQU^!YrZ%z%GLF!? zX?w=QM4r@vNc}BnqKjv{p>@bMEK1TF_lvsE4f*fv@qr$Dn*&Fhzh%sSWh7~)=oE=t zIH zQ{ItG9c}7ad-8Xx*~Zz5tJvWdb z-nWk2K-Hq|;2xp$zL(pEW0n-nmX;qbG(B&l8|4j%w5{vn!ETW!-TtCWIhLpIp) zLTDrqMbuE_7dc4KHH(yO5#Eo=SptE90O};C`DruhaokdUh#@F1N#4407U|4KdWa2_ zSA;rXjg**Jr2>J0 z0M$4f!;i(23`YxZHIl`!jYi0l7?1UU3it1!{(!l)D!R%TuwA7G(36eWoCF-yVveRJ zfdT){iYj9?H9)FufZmBCYFAC3Zmp9}R*(yAopXx}t|vX-PVlP5Yqng$pj6Bem*@U z62lmK^C|OR4t8u=b>u;WX`M3j%_6I?HM&Z&JmuL~wqj3R-sPSO%2To|_nxzB3R`() z>~4`xk|6f{{1)xgb`0X|f3j&4Yj_S?Mr5>Jwmw{U*2|#F+}3bH2kF z0)c@5x|*!YeY|8%B0LWA)=~9`*qOi)AYBhB{afO$*&Nv+R&D%* z&|mEk6&x5L=fpir*U+A7mCqu{1ACt1U;+Fu0)c=L&`Zx7XStscbw`F}t}(*KFsxYy zP}vW)a0d7A)5v0csM>D!AwSc9U+RjhKiMi?^HI{mFgN2Zqje1)O(8VZS8!a3zjEwK zZfMob7<4mEj5o5SXRr@qZvBtulsF+XnE*SX?v@4<0Rk++>!J@o*BtQ?o(fM z^&H?$(gUZTqLI4$DTwEm()-+06*0KeWdf~)icg<&BVoaQ;yQL)Y{dc<0FlYZoyAtLdNszDe;4%2sD#VVHko%=nBb z=m-xeOgaTC7yGkjbAhAEz6n|osFp56%i{oxj=z@1_GNau!OUvOKk4^$l{l=OMHnd!x+LNF=OrMa2;?2P2=w$W@ z3xNg|Ai!RhCx~cUSc=t5A)e}4nGN~z<3*QCNhIEH!yTZs+(}CUEStqqvC66xeYE#x q{Yk<5Rx;?S9DZ&9I9*=l)dCbW)m7R?zX(0)x8_oyg;J-h`36J1(Aqx$ diff --git a/extra/yassl/certs/dsa1024.pem b/extra/yassl/certs/dsa1024.pem deleted file mode 100644 index 5478ebfc2b2..00000000000 --- a/extra/yassl/certs/dsa1024.pem +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN DSA PRIVATE KEY----- -MIIBvAIBAAKBgQC9Ue5KMuCKx+rG4epwxFFDzyoH4ccSwlglXsRdvqswDRK/oQvT -NNNoWiVxTn3kvQ8qDlhWy9KjGTrqr/ttgmh56FFpe6tz4yTgCNyR9D+eGclD7lNf -dPUc4E3SA6efopG6+ymI55bS+9xUFTG402UCrYSKT59zI2HBfuI6dltsxQIVAJHJ -7WDQ+jBn/nmMyCQzdi+0qJx1AoGBAJJacRK36s5yGY1b6qhxWqvpoAC+SfEKylZn -YWGYf2PM+Iwo6AgPKEw6BSsX+7Nmc4Gjyr4JWhComKi6onPamO/A2CbMM0DCxb47 -BeLBWfqWAgXVj0CODT4MQos5yugnviR/YpEgbzLxvrXr469lKWsAyB19/gFmGmQW -cCgAwGm6AoGBAJ3LY89yHyvQ/TsQ6zlYbovjbk/ogndsMqPdNUvL4RuPTgJP/caa -DDa0XJ7ak6A7TJ+QheLNwOXoZPYJC4EGFSDAXpYniGhbWIrVTCGe6lmZDfnx40WX -S0kk3m/DHaC03ElLAiybxVGxyqoUfbT3Zv1JwftWMuiqHH5uADhdXuXVAhQ01VXa -Rr8IPem35lKghVKnq/kGQw== ------END DSA PRIVATE KEY----- diff --git a/extra/yassl/certs/server-cert.pem b/extra/yassl/certs/server-cert.pem deleted file mode 100644 index f56cba9de70..00000000000 --- a/extra/yassl/certs/server-cert.pem +++ /dev/null @@ -1,173 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: 1 (0x1) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com - Validity - Not Before: Jul 11 17:20:14 2014 GMT - Not After : Apr 6 17:20:14 2017 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL, OU=Support, CN=www.wolfssl.com/emailAddress=info@wolfssl.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27: - 01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6: - f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75: - f7:8a:ca:07:e7:35:2f:8f:e1:bd:7b:c0:2f:7c:ab: - 64:a8:17:fc:ca:5d:7b:ba:e0:21:e5:72:2e:6f:2e: - 86:d8:95:73:da:ac:1b:53:b9:5f:3f:d7:19:0d:25: - 4f:e1:63:63:51:8b:0b:64:3f:ad:43:b8:a5:1c:5c: - 34:b3:ae:00:a0:63:c5:f6:7f:0b:59:68:78:73:a6: - 8c:18:a9:02:6d:af:c3:19:01:2e:b8:10:e3:c6:cc: - 40:b4:69:a3:46:33:69:87:6e:c4:bb:17:a6:f3:e8: - dd:ad:73:bc:7b:2f:21:b5:fd:66:51:0c:bd:54:b3: - e1:6d:5f:1c:bc:23:73:d1:09:03:89:14:d2:10:b9: - 64:c3:2a:d0:a1:96:4a:bc:e1:d4:1a:5b:c7:a0:c0: - c1:63:78:0f:44:37:30:32:96:80:32:23:95:a1:77: - ba:13:d2:97:73:e2:5d:25:c9:6a:0d:c3:39:60:a4: - b4:b0:69:42:42:09:e9:d8:08:bc:33:20:b3:58:22: - a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f: - ad:d7 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C - X509v3 Authority Key Identifier: - keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 - DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:9A:41:47:CD:A1:14:62:8C - - X509v3 Basic Constraints: - CA:TRUE - Signature Algorithm: sha1WithRSAEncryption - 3d:8c:70:05:5b:62:4b:bf:6c:b6:48:61:01:10:1d:5e:05:ba: - 55:94:2c:ae:59:6f:97:80:5d:6c:86:ec:9a:eb:15:45:44:e4: - 56:f8:75:ca:8a:45:32:f4:c7:e1:fa:f2:98:1c:91:d3:3f:e8: - 0e:c9:1b:fa:e1:79:99:67:0e:0d:6b:8a:ec:1a:2c:59:c4:34: - 04:8d:39:77:cd:b5:e9:60:5b:82:bf:34:ce:ed:c6:4f:3f:b4: - 5c:4d:8a:b4:f4:0a:04:12:a0:56:c1:e1:33:37:a1:54:87:48: - e9:81:c2:0f:8f:6f:d3:52:4c:4c:32:4c:6b:9f:3a:04:8f:77: - 5d:ad:dc:3d:2b:f2:c9:df:3c:60:5d:d8:fc:86:72:7c:3d:d0: - 84:4b:8c:df:26:43:fe:c0:cc:5b:e1:36:b3:3d:32:28:a3:ef: - 0c:20:d6:b1:50:39:d6:67:a9:8b:84:bc:92:34:eb:19:23:e8: - 10:8f:ea:bd:18:8c:93:27:3c:74:75:8e:58:04:fa:2a:74:44: - 7d:fc:4d:39:df:54:17:ba:78:e1:5d:6a:70:d3:7c:a2:80:81: - e6:19:51:91:c3:44:51:ec:bb:88:a9:53:e1:d7:a9:8c:28:f4: - 21:1c:42:51:09:b4:12:6d:a0:d6:25:09:85:c6:2a:0c:af:a7: - 58:e6:52:8b ------BEGIN CERTIFICATE----- -MIIEnjCCA4agAwIBAgIBATANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx -EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh -d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz -bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTQwNzEx -MTcyMDE0WhcNMTcwNDA2MTcyMDE0WjCBkDELMAkGA1UEBhMCVVMxEDAOBgNVBAgM -B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xEDAOBgNVBAoMB3dvbGZTU0wxEDAO -BgNVBAsMB1N1cHBvcnQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG -SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP -ADCCAQoCggEBAMCVCOFXQfJxbbfSRUEnAWXGRa7yvCQwuJXOL07W9hyIvHyf+6hn -f/5cnFF194rKB+c1L4/hvXvAL3yrZKgX/Mpde7rgIeVyLm8uhtiVc9qsG1O5Xz/X -GQ0lT+FjY1GLC2Q/rUO4pRxcNLOuAKBjxfZ/C1loeHOmjBipAm2vwxkBLrgQ48bM -QLRpo0YzaYduxLsXpvPo3a1zvHsvIbX9ZlEMvVSz4W1fHLwjc9EJA4kU0hC5ZMMq -0KGWSrzh1Bpbx6DAwWN4D0Q3MDKWgDIjlaF3uhPSl3PiXSXJag3DOWCktLBpQkIJ -6dgIvDMgs1gip6rrxOHmYYPF0pbf2dBPrdcCAwEAAaOB/DCB+TAdBgNVHQ4EFgQU -sxEyyZKYhOLJ+NA7bgNCyh8OjjwwgckGA1UdIwSBwTCBvoAUJ45nEXTDJh0/7TNj -s6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5h -MRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwK -Q29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcN -AQkBFhBpbmZvQHdvbGZzc2wuY29tggkAmkFHzaEUYowwDAYDVR0TBAUwAwEB/zAN -BgkqhkiG9w0BAQUFAAOCAQEAPYxwBVtiS79stkhhARAdXgW6VZQsrllvl4BdbIbs -musVRUTkVvh1yopFMvTH4frymByR0z/oDskb+uF5mWcODWuK7BosWcQ0BI05d821 -6WBbgr80zu3GTz+0XE2KtPQKBBKgVsHhMzehVIdI6YHCD49v01JMTDJMa586BI93 -Xa3cPSvyyd88YF3Y/IZyfD3QhEuM3yZD/sDMW+E2sz0yKKPvDCDWsVA51mepi4S8 -kjTrGSPoEI/qvRiMkyc8dHWOWAT6KnREffxNOd9UF7p44V1qcNN8ooCB5hlRkcNE -Uey7iKlT4depjCj0IRxCUQm0Em2g1iUJhcYqDK+nWOZSiw== ------END CERTIFICATE----- -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 9a:41:47:cd:a1:14:62:8c - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com - Validity - Not Before: Jul 11 03:20:08 2014 GMT - Not After : Apr 6 03:20:08 2017 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:bf:0c:ca:2d:14:b2:1e:84:42:5b:cd:38:1f:4a: - f2:4d:75:10:f1:b6:35:9f:df:ca:7d:03:98:d3:ac: - de:03:66:ee:2a:f1:d8:b0:7d:6e:07:54:0b:10:98: - 21:4d:80:cb:12:20:e7:cc:4f:de:45:7d:c9:72:77: - 32:ea:ca:90:bb:69:52:10:03:2f:a8:f3:95:c5:f1: - 8b:62:56:1b:ef:67:6f:a4:10:41:95:ad:0a:9b:e3: - a5:c0:b0:d2:70:76:50:30:5b:a8:e8:08:2c:7c:ed: - a7:a2:7a:8d:38:29:1c:ac:c7:ed:f2:7c:95:b0:95: - 82:7d:49:5c:38:cd:77:25:ef:bd:80:75:53:94:3c: - 3d:ca:63:5b:9f:15:b5:d3:1d:13:2f:19:d1:3c:db: - 76:3a:cc:b8:7d:c9:e5:c2:d7:da:40:6f:d8:21:dc: - 73:1b:42:2d:53:9c:fe:1a:fc:7d:ab:7a:36:3f:98: - de:84:7c:05:67:ce:6a:14:38:87:a9:f1:8c:b5:68: - cb:68:7f:71:20:2b:f5:a0:63:f5:56:2f:a3:26:d2: - b7:6f:b1:5a:17:d7:38:99:08:fe:93:58:6f:fe:c3: - 13:49:08:16:0b:a7:4d:67:00:52:31:67:23:4e:98: - ed:51:45:1d:b9:04:d9:0b:ec:d8:28:b3:4b:bd:ed: - 36:79 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Subject Key Identifier: - 27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 - X509v3 Authority Key Identifier: - keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 - DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com - serial:9A:41:47:CD:A1:14:62:8C - - X509v3 Basic Constraints: - CA:TRUE - Signature Algorithm: sha1WithRSAEncryption - 79:78:0c:6d:79:88:91:fc:3a:15:9c:f9:27:62:16:f0:21:1f: - fa:7d:3f:a2:a8:32:1e:f7:f2:11:a9:74:16:74:5e:dc:18:ca: - f0:00:2a:d5:03:06:26:30:f1:47:83:fd:32:6e:fc:ed:aa:4f: - 7d:0c:63:60:31:2f:7c:0c:bf:99:66:87:ed:27:08:86:2d:c4: - 33:e8:98:23:1c:fe:a3:db:9a:49:4e:fc:5a:42:ef:71:c3:3f: - ad:dc:4a:a8:d2:a3:1d:09:ac:33:04:7b:86:f3:6d:00:59:a3: - c8:db:d1:3c:73:f6:0e:90:d6:5e:49:e0:bf:36:63:08:7b:a5: - b0:8f:35:3b:56:8c:11:35:49:04:1c:d0:e7:ba:56:c5:0d:0a: - 91:8d:d6:b7:62:19:34:12:52:4c:d2:6d:7c:c5:3d:0f:18:81: - 54:cb:f6:3c:e5:84:d2:d6:71:15:ec:1a:34:0b:f0:a0:21:74: - 43:c8:a3:b0:df:d9:67:da:e2:ad:93:48:f8:a0:87:bd:79:14: - e0:62:0a:df:f7:31:2e:31:7b:d1:32:2a:0a:fe:5d:14:ef:d9: - 64:50:e4:83:91:bc:70:0d:d7:88:8d:d9:bc:84:0e:c5:1a:b3: - bf:64:02:4e:51:91:a4:a2:85:15:83:af:f0:5b:9b:28:49:5f: - b2:b3:03:d8 ------BEGIN CERTIFICATE----- -MIIEqjCCA5KgAwIBAgIJAJpBR82hFGKMMA0GCSqGSIb3DQEBBQUAMIGUMQswCQYD -VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G -A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 -dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe -Fw0xNDA3MTEwMzIwMDhaFw0xNzA0MDYwMzIwMDhaMIGUMQswCQYDVQQGEwJVUzEQ -MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3 -dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns -LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAL8Myi0Ush6EQlvNOB9K8k11EPG2NZ/fyn0D -mNOs3gNm7irx2LB9bgdUCxCYIU2AyxIg58xP3kV9yXJ3MurKkLtpUhADL6jzlcXx -i2JWG+9nb6QQQZWtCpvjpcCw0nB2UDBbqOgILHztp6J6jTgpHKzH7fJ8lbCVgn1J -XDjNdyXvvYB1U5Q8PcpjW58VtdMdEy8Z0TzbdjrMuH3J5cLX2kBv2CHccxtCLVOc -/hr8fat6Nj+Y3oR8BWfOahQ4h6nxjLVoy2h/cSAr9aBj9VYvoybSt2+xWhfXOJkI -/pNYb/7DE0kIFgunTWcAUjFnI06Y7VFFHbkE2Qvs2CizS73tNnkCAwEAAaOB/DCB -+TAdBgNVHQ4EFgQUJ45nEXTDJh0/7TNjs6TYHTDl6NUwgckGA1UdIwSBwTCBvoAU -J45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYD -VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290 -aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t -MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAmkFHzaEUYowwDAYD -VR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAeXgMbXmIkfw6FZz5J2IW8CEf -+n0/oqgyHvfyEal0FnRe3BjK8AAq1QMGJjDxR4P9Mm787apPfQxjYDEvfAy/mWaH -7ScIhi3EM+iYIxz+o9uaSU78WkLvccM/rdxKqNKjHQmsMwR7hvNtAFmjyNvRPHP2 -DpDWXkngvzZjCHulsI81O1aMETVJBBzQ57pWxQ0KkY3Wt2IZNBJSTNJtfMU9DxiB -VMv2POWE0tZxFewaNAvwoCF0Q8ijsN/ZZ9rirZNI+KCHvXkU4GIK3/cxLjF70TIq -Cv5dFO/ZZFDkg5G8cA3XiI3ZvIQOxRqzv2QCTlGRpKKFFYOv8FubKElfsrMD2A== ------END CERTIFICATE----- diff --git a/extra/yassl/certs/server-key.pem b/extra/yassl/certs/server-key.pem deleted file mode 100644 index d1627f4d4a7..00000000000 --- a/extra/yassl/certs/server-key.pem +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpQIBAAKCAQEAwJUI4VdB8nFtt9JFQScBZcZFrvK8JDC4lc4vTtb2HIi8fJ/7 -qGd//lycUXX3isoH5zUvj+G9e8AvfKtkqBf8yl17uuAh5XIuby6G2JVz2qwbU7lf -P9cZDSVP4WNjUYsLZD+tQ7ilHFw0s64AoGPF9n8LWWh4c6aMGKkCba/DGQEuuBDj -xsxAtGmjRjNph27Euxem8+jdrXO8ey8htf1mUQy9VLPhbV8cvCNz0QkDiRTSELlk -wyrQoZZKvOHUGlvHoMDBY3gPRDcwMpaAMiOVoXe6E9KXc+JdJclqDcM5YKS0sGlC -Qgnp2Ai8MyCzWCKnquvE4eZhg8XSlt/Z0E+t1wIDAQABAoIBAQCa0DQPUmIFUAHv -n+1kbsLE2hryhNeSEEiSxOlq64t1bMZ5OPLJckqGZFSVd8vDmp231B2kAMieTuTd -x7pnFsF0vKnWlI8rMBr77d8hBSPZSjm9mGtlmrjcxH3upkMVLj2+HSJgKnMw1T7Y -oqyGQy7E9WReP4l1DxHYUSVOn9iqo85gs+KK2X4b8GTKmlsFC1uqy+XjP24yIgXz -0PrvdFKB4l90073/MYNFdfpjepcu1rYZxpIm5CgGUFAOeC6peA0Ul7QS2DFAq6EB -QcIw+AdfFuRhd9Jg8p+N6PS662PeKpeB70xs5lU0USsoNPRTHMRYCj+7r7X3SoVD -LTzxWFiBAoGBAPIsVHY5I2PJEDK3k62vvhl1loFk5rW4iUJB0W3QHBv4G6xpyzY8 -ZH3c9Bm4w2CxV0hfUk9ZOlV/MsAZQ1A/rs5vF/MOn0DKTq0VO8l56cBZOHNwnAp8 -yTpIMqfYSXUKhcLC/RVz2pkJKmmanwpxv7AEpox6Wm9IWlQ7xrFTF9/nAoGBAMuT -3ncVXbdcXHzYkKmYLdZpDmOzo9ymzItqpKISjI57SCyySzfcBhh96v52odSh6T8N -zRtfr1+elltbD6F8r7ObkNtXczrtsCNErkFPHwdCEyNMy/r0FKTV9542fFufqDzB -hV900jkt/9CE3/uzIHoumxeu5roLrl9TpFLtG8SRAoGBAOyY2rvV/vlSSn0CVUlv -VW5SL4SjK7OGYrNU0mNS2uOIdqDvixWl0xgUcndex6MEH54ZYrUbG57D8rUy+UzB -qusMJn3UX0pRXKRFBnBEp1bA1CIUdp7YY1CJkNPiv4GVkjFBhzkaQwsYpVMfORpf -H0O8h2rfbtMiAP4imHBOGhkpAoGBAIpBVihRnl/Ungs7mKNU8mxW1KrpaTOFJAza -1AwtxL9PAmk4fNTm3Ezt1xYRwz4A58MmwFEC3rt1nG9WnHrzju/PisUr0toGakTJ -c/5umYf4W77xfOZltU9s8MnF/xbKixsX4lg9ojerAby/QM5TjI7t7+5ZneBj5nxe -9Y5L8TvBAoGATUX5QIzFW/QqGoq08hysa+kMVja3TnKW1eWK0uL/8fEYEz2GCbjY -dqfJHHFSlDBD4PF4dP1hG0wJzOZoKnGtHN9DvFbbpaS+NXCkXs9P/ABVmTo9I89n -WvUi+LUp0EQR6zUuRr79jhiyX6i/GTKh9dwD5nyaHwx8qbAOITc78bA= ------END RSA PRIVATE KEY----- diff --git a/extra/yassl/certs/server-keyEnc.pem b/extra/yassl/certs/server-keyEnc.pem deleted file mode 100644 index e5ab57d4c9e..00000000000 --- a/extra/yassl/certs/server-keyEnc.pem +++ /dev/null @@ -1,30 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -Proc-Type: 4,ENCRYPTED -DEK-Info: DES-CBC,136C7D8A69656668 - -jvNTyPaztxPIoAzbdmZnD0Zw2+60tMxNc0GMHNmeOyG25aHP/dT+TWiKFpFVkkkY -uoCIhYUyw7gmpw+CnRJwWd+ans4nrvAjwy5oWJvarvsyUpjqvnPoIlAqd+d4TDKN -eESzcI76+gHdisAtCrQD+fGqgTZhli5TgDbnpasL/QnY2qDlutvakkVw7gPXe156 -2Phy8WN+efr65J6wt3K/dj7Datl9u4JeHQK81gYyWBVX+EagEjPGDzkFQCj9Z0q7 -8K3iB5GW1JAqJS0IfZPB40AnSTF/n1TL1SN3qfU3l7hTGNrx9o7580bgDEoAR7pI -F8eZlS15KHtZmh11AnU1KTKZ6kmgnNqeMTGMN6N0ct2wMKW1dV87eTDlF0oiR2ol -XwtFgKmrIjfpmzkdWjbJmWnGMjD56KdiFZga/ZyKMsPrVoYLgfJEpn36iQspfygx -HCGNTf0PjIsjEWU0WyQiF86t+c45W3wNFsv/AxVyfMl+su02yrd6u2ecuQDir3Cs -b2k8IKtQgVe/NIpEWLKuiHG5oedIPPQyDYK5uq+gHxCGeOoKnWlsWFEHZRiza4X5 -tbgTrJB8Sw0ENWrvVGGmQZN4pSImlsMwzQ2qik5CQ00N1b3+56/obn0z75I3bUSb -tC5g8DRjl6oclAenNgh/MYMT287y5W2dD4npxHcekX4O3J2CDXNfg4vV2j5GRxtg -LVJdYE2p7bpYePCDHrYng8b9ubBprx0CrEnkIvvtUjzNPf6VDL0+MBKl+XgR2/nz -iRqTuZnlGGOyM+KYDwXpgwfs/HfvFGksxTAlO/40GkGh+WGPaIoNyCK0SgQKhyb4 -JIkR0vd2/yLg3lWMJrGwh7A0Gm07Z/781oURP3uWd+PaCOgGcd5ipcAjcEyuxNly -AthipWqmQWUcbf6Z2N9j3OA22Hv2Uzk8HSfi9VOZtL9svdEEZ0NnOekJgnc6stQp -bXiknlK/T5WdrWxSyCfgUq68Vf6DFfIRAVuFdJ3WHT2wVXHrDfft6D+Ne/XCxPoE -8zGmkyusaph33UHQ1oNyUbLbwcDCDSmOo8gYoedD3IwxtMA3wJRugomqosItwV8X -vkgmcy8eSE/+gZUxJEN2gnLcfKFhCkC80J6oFhmoDD6vuUnPHcFdKZgVPw2rzPk5 -Vb1kX+gpORplYmKpq1vz/ujscL4T0TmYLz02hkIS4edpW55ncTTv7JWefpRiTB1J -RB3td3me4htqR+YIDWJ+emrOmqsCG2WvpAS+MTw2mj1jYk9LL/ZYobTjSCEWmuwT -yVK6m303irR7HQDauxhslRFgoK21w63viOyj5NKIU1gQtaAANGDxcgORC1XLjjgt -oNutSQA+7P42vfHSHK4cnTBXl6V32H/GyVpdHQOZqSrqIjgLmUZodSmRPROxosZF -a46B1O7m/rJFxkiKW4vod+/WqjoE0Hhfrb8rRrkRjzGeCqqSSnQ3vrunVkvF8hlA -b6FOv4ZBJL4piC1GKH+rscqke9NEiDqXN8C3iYz86jbck/Ha21yUS8T3X7N52sg+ -B3AmOGnLK6BebYeto9vZxQjacChJZSixSxLV+l9/nVQ0+mW42azHdzk0ru59TGAj ------END RSA PRIVATE KEY----- diff --git a/extra/yassl/certs/taoCert.txt b/extra/yassl/certs/taoCert.txt deleted file mode 100644 index f1132c0b5b8..00000000000 --- a/extra/yassl/certs/taoCert.txt +++ /dev/null @@ -1,62 +0,0 @@ - -***** Create a self signed cert ************ - -1) openssl genrsa 512 > client-key.pem - -2) openssl req -new -x509 -nodes -md5 -days 1000 -key client-key.pem > client-cert.pem - --- adding metadata to beginning - -3) openssl x509 -in client-cert.pem -text > tmp.pem - -4) mv tmp.pem client-cert.pem - - -***** Create a CA, signing authority ********** - -same as self signed, use ca prefix instead of client - - -***** Create a cert signed by CA ************** - -1) openssl req -newkey rsa:512 -md5 -days 1000 -nodes -keyout server-key.pem > server-req.pem - -2) copy ca-key.pem ca-cert.srl (why ????) - -3) openssl x509 -req -in server-req.pem -days 1000 -md5 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > server-cert.pem - - - -***** To create a dsa cert ******************** - -1) openssl dsaparam 512 > dsa512.param # creates group params - -2) openssl gendsa dsa512.param > dsa512.pem # creates private key - -3) openssl req -new -x509 -nodes -days 1000 -key dsa512.pem > dsa-cert.pem - - - - -***** To convert from PEM to DER ************** - -a) openssl x509 -in cert.pem -inform PEM -out cert.der -outform DER - -to convert rsa private PEM to DER : - -b) openssl rsa -in key.pem -outform DER -out key.der - - -**** To encrypt rsa key already in pem ********** - -a) openssl rsa server-keyEnc.pem - -note location of des, pass = yassl123 - - -*** To make a public key from a private key ****** - - -openssl rsa -in 1024rsa.priv -pubout -out 1024rsa.pub - - diff --git a/extra/yassl/examples/client/client.cpp b/extra/yassl/examples/client/client.cpp deleted file mode 100644 index d2c07897f3c..00000000000 --- a/extra/yassl/examples/client/client.cpp +++ /dev/null @@ -1,179 +0,0 @@ -/* - Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* client.cpp */ - -// takes an optional command line argument of cipher list to make scripting -// easier - - -#include "../../testsuite/test.hpp" - -//#define TEST_RESUME - - -void ClientError(SSL_CTX* ctx, SSL* ssl, SOCKET_T& sockfd, const char* msg) -{ - SSL_CTX_free(ctx); - SSL_free(ssl); - tcp_close(sockfd); - err_sys(msg); -} - - -#ifdef NON_BLOCKING - void NonBlockingSSL_Connect(SSL* ssl, SSL_CTX* ctx, SOCKET_T& sockfd) - { - int ret = SSL_connect(ssl); - int err = SSL_get_error(ssl, 0); - while (ret != SSL_SUCCESS && (err == SSL_ERROR_WANT_READ || - err == SSL_ERROR_WANT_WRITE)) { - if (err == SSL_ERROR_WANT_READ) - printf("... client would read block\n"); - else - printf("... client would write block\n"); - #ifdef _WIN32 - Sleep(1000); - #else - sleep(1); - #endif - ret = SSL_connect(ssl); - err = SSL_get_error(ssl, 0); - } - if (ret != SSL_SUCCESS) - ClientError(ctx, ssl, sockfd, "SSL_connect failed"); - } -#endif - - -void client_test(void* args) -{ -#ifdef _WIN32 - WSADATA wsd; - WSAStartup(0x0002, &wsd); -#endif - - SOCKET_T sockfd = 0; - int argc = 0; - char** argv = 0; - - set_args(argc, argv, *static_cast(args)); - tcp_connect(sockfd); -#ifdef NON_BLOCKING - tcp_set_nonblocking(sockfd); -#endif - SSL_METHOD* method = TLSv1_client_method(); - SSL_CTX* ctx = SSL_CTX_new(method); - - set_certs(ctx); - if (argc >= 2) { - printf("setting cipher list to %s\n", argv[1]); - if (SSL_CTX_set_cipher_list(ctx, argv[1]) != SSL_SUCCESS) { - ClientError(ctx, NULL, sockfd, "set_cipher_list error\n"); - } - } - SSL* ssl = SSL_new(ctx); - - SSL_set_fd(ssl, sockfd); - - -#ifdef NON_BLOCKING - NonBlockingSSL_Connect(ssl, ctx, sockfd); -#else - // if you get an error here see note at top of README - if (SSL_connect(ssl) != SSL_SUCCESS) - ClientError(ctx, ssl, sockfd, "SSL_connect failed"); -#endif - showPeer(ssl); - - const char* cipher = 0; - int index = 0; - char list[1024]; - strncpy(list, "cipherlist", 11); - while ( (cipher = SSL_get_cipher_list(ssl, index++)) ) { - strncat(list, ":", 2); - strncat(list, cipher, strlen(cipher) + 1); - } - printf("%s\n", list); - printf("Using Cipher Suite: %s\n", SSL_get_cipher(ssl)); - - char msg[] = "hello yassl!"; - if (SSL_write(ssl, msg, sizeof(msg)) != sizeof(msg)) - ClientError(ctx, ssl, sockfd, "SSL_write failed"); - - char reply[1024]; - int input = SSL_read(ssl, reply, sizeof(reply)); - if (input > 0) { - reply[input] = 0; - printf("Server response: %s\n", reply); - } - -#ifdef TEST_RESUME - SSL_SESSION* session = SSL_get_session(ssl); - SSL* sslResume = SSL_new(ctx); -#endif - - SSL_shutdown(ssl); - SSL_free(ssl); - tcp_close(sockfd); - -#ifdef TEST_RESUME - tcp_connect(sockfd); - SSL_set_fd(sslResume, sockfd); - SSL_set_session(sslResume, session); - - if (SSL_connect(sslResume) != SSL_SUCCESS) - ClientError(ctx, sslResume, sockfd, "SSL_resume failed"); - showPeer(sslResume); - - if (SSL_write(sslResume, msg, sizeof(msg)) != sizeof(msg)) - ClientError(ctx, sslResume, sockfd, "SSL_write failed"); - - input = SSL_read(sslResume, reply, sizeof(reply)); - if (input > 0) { - reply[input] = 0; - printf("Server response: %s\n", reply); - } - - SSL_shutdown(sslResume); - SSL_free(sslResume); - tcp_close(sockfd); -#endif // TEST_RESUME - - SSL_CTX_free(ctx); - ((func_args*)args)->return_code = 0; -} - - -#ifndef NO_MAIN_DRIVER - - int main(int argc, char** argv) - { - func_args args; - - args.argc = argc; - args.argv = argv; - - client_test(&args); - yaSSL_CleanUp(); - - return args.return_code; - } - -#endif // NO_MAIN_DRIVER - diff --git a/extra/yassl/examples/client/client.dsp b/extra/yassl/examples/client/client.dsp deleted file mode 100644 index 1caa585dadb..00000000000 --- a/extra/yassl/examples/client/client.dsp +++ /dev/null @@ -1,102 +0,0 @@ -# Microsoft Developer Studio Project File - Name="client" - Package Owner=<4> -# Microsoft Developer Studio Generated Build File, Format Version 6.00 -# ** DO NOT EDIT ** - -# TARGTYPE "Win32 (x86) Console Application" 0x0103 - -CFG=client - Win32 Debug -!MESSAGE This is not a valid makefile. To build this project using NMAKE, -!MESSAGE use the Export Makefile command and run -!MESSAGE -!MESSAGE NMAKE /f "client.mak". -!MESSAGE -!MESSAGE You can specify a configuration when running NMAKE -!MESSAGE by defining the macro CFG on the command line. For example: -!MESSAGE -!MESSAGE NMAKE /f "client.mak" CFG="client - Win32 Debug" -!MESSAGE -!MESSAGE Possible choices for configuration are: -!MESSAGE -!MESSAGE "client - Win32 Release" (based on "Win32 (x86) Console Application") -!MESSAGE "client - Win32 Debug" (based on "Win32 (x86) Console Application") -!MESSAGE - -# Begin Project -# PROP AllowPerConfigDependencies 0 -# PROP Scc_ProjName "" -# PROP Scc_LocalPath "" -CPP=cl.exe -RSC=rc.exe - -!IF "$(CFG)" == "client - Win32 Release" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 0 -# PROP BASE Output_Dir "Release" -# PROP BASE Intermediate_Dir "Release" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 0 -# PROP Output_Dir "Release" -# PROP Intermediate_Dir "Release" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c -# ADD CPP /nologo /MT /W3 /O2 /I "..\..\taocrypt\include" /I "..\..\include" /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c -# ADD BASE RSC /l 0x409 /d "NDEBUG" -# ADD RSC /l 0x409 /d "NDEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386 -# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /machine:I386 - -!ELSEIF "$(CFG)" == "client - Win32 Debug" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 1 -# PROP BASE Output_Dir "Debug" -# PROP BASE Intermediate_Dir "Debug" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 1 -# PROP Output_Dir "Debug" -# PROP Intermediate_Dir "Debug" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c -# ADD CPP /nologo /MTd /W3 /Gm /ZI /Od /I "..\..\include" /I "..\..\taocrypt\include" /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /FR /YX /FD /GZ /c -# ADD BASE RSC /l 0x409 /d "_DEBUG" -# ADD RSC /l 0x409 /d "_DEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept -# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept - -!ENDIF - -# Begin Target - -# Name "client - Win32 Release" -# Name "client - Win32 Debug" -# Begin Group "Source Files" - -# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat" -# Begin Source File - -SOURCE=.\client.cpp -# End Source File -# End Group -# Begin Group "Header Files" - -# PROP Default_Filter "h;hpp;hxx;hm;inl" -# End Group -# Begin Group "Resource Files" - -# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe" -# End Group -# End Target -# End Project diff --git a/extra/yassl/examples/echoclient/echoclient.cpp b/extra/yassl/examples/echoclient/echoclient.cpp deleted file mode 100644 index 99a8b4d9c88..00000000000 --- a/extra/yassl/examples/echoclient/echoclient.cpp +++ /dev/null @@ -1,120 +0,0 @@ -/* - Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* echoclient.cpp */ - -#include "../../testsuite/test.hpp" - - -void EchoClientError(SSL_CTX* ctx, SSL* ssl, SOCKET_T& sockfd, const char* msg) -{ - SSL_CTX_free(ctx); - SSL_free(ssl); - tcp_close(sockfd); - err_sys(msg); -} - - -void echoclient_test(void* args) -{ -#ifdef _WIN32 - WSADATA wsd; - WSAStartup(0x0002, &wsd); -#endif - - SOCKET_T sockfd = 0; - int argc = 0; - char** argv = 0; - - FILE* fin = stdin; - FILE* fout = stdout; - - bool inCreated = false; - bool outCreated = false; - - set_args(argc, argv, *static_cast(args)); - if (argc >= 2) { - fin = fopen(argv[1], "r"); - inCreated = true; - } - if (argc >= 3) { - fout = fopen(argv[2], "w"); - outCreated = true; - } - - if (!fin) err_sys("can't open input file"); - if (!fout) err_sys("can't open output file"); - - tcp_connect(sockfd); - - SSL_METHOD* method = SSLv23_client_method(); - SSL_CTX* ctx = SSL_CTX_new(method); - set_certs(ctx); - SSL* ssl = SSL_new(ctx); - - SSL_set_fd(ssl, sockfd); - - if (SSL_connect(ssl) != SSL_SUCCESS) - EchoClientError(ctx, ssl, sockfd, "SSL_connect failed"); - - char send[1024]; - char reply[1024]; - - while (fgets(send, sizeof(send), fin)) { - - int sendSz = (int)strlen(send) + 1; - if (SSL_write(ssl, send, sendSz) != sendSz) - EchoClientError(ctx, ssl, sockfd, "SSL_write failed"); - - if (strncmp(send, "quit", 4) == 0) { - fputs("sending server shutdown command: quit!\n", fout); - break; - } - - if (SSL_read(ssl, reply, sizeof(reply)) > 0) - fputs(reply, fout); - } - - SSL_CTX_free(ctx); - SSL_free(ssl); - tcp_close(sockfd); - - fflush(fout); - if (inCreated) fclose(fin); - if (outCreated) fclose(fout); - - ((func_args*)args)->return_code = 0; -} - - -#ifndef NO_MAIN_DRIVER - - int main(int argc, char** argv) - { - func_args args; - - args.argc = argc; - args.argv = argv; - - echoclient_test(&args); - yaSSL_CleanUp(); - - return args.return_code; - } - -#endif // NO_MAIN_DRIVER diff --git a/extra/yassl/examples/echoclient/echoclient.dsp b/extra/yassl/examples/echoclient/echoclient.dsp deleted file mode 100644 index 52052c6dc44..00000000000 --- a/extra/yassl/examples/echoclient/echoclient.dsp +++ /dev/null @@ -1,102 +0,0 @@ -# Microsoft Developer Studio Project File - Name="echoclient" - Package Owner=<4> -# Microsoft Developer Studio Generated Build File, Format Version 6.00 -# ** DO NOT EDIT ** - -# TARGTYPE "Win32 (x86) Console Application" 0x0103 - -CFG=echoclient - Win32 Debug -!MESSAGE This is not a valid makefile. To build this project using NMAKE, -!MESSAGE use the Export Makefile command and run -!MESSAGE -!MESSAGE NMAKE /f "echoclient.mak". -!MESSAGE -!MESSAGE You can specify a configuration when running NMAKE -!MESSAGE by defining the macro CFG on the command line. For example: -!MESSAGE -!MESSAGE NMAKE /f "echoclient.mak" CFG="echoclient - Win32 Debug" -!MESSAGE -!MESSAGE Possible choices for configuration are: -!MESSAGE -!MESSAGE "echoclient - Win32 Release" (based on "Win32 (x86) Console Application") -!MESSAGE "echoclient - Win32 Debug" (based on "Win32 (x86) Console Application") -!MESSAGE - -# Begin Project -# PROP AllowPerConfigDependencies 0 -# PROP Scc_ProjName "" -# PROP Scc_LocalPath "" -CPP=cl.exe -RSC=rc.exe - -!IF "$(CFG)" == "echoclient - Win32 Release" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 0 -# PROP BASE Output_Dir "Release" -# PROP BASE Intermediate_Dir "Release" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 0 -# PROP Output_Dir "Release" -# PROP Intermediate_Dir "Release" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c -# ADD CPP /nologo /MT /W3 /O2 /I "..\..\include" /I "..\..\taocrypt\include" /D "NDEBUG" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /YX /FD /c -# ADD BASE RSC /l 0x409 /d "NDEBUG" -# ADD RSC /l 0x409 /d "NDEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386 -# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /machine:I386 - -!ELSEIF "$(CFG)" == "echoclient - Win32 Debug" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 1 -# PROP BASE Output_Dir "Debug" -# PROP BASE Intermediate_Dir "Debug" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 1 -# PROP Output_Dir "Debug" -# PROP Intermediate_Dir "Debug" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c -# ADD CPP /nologo /MTd /W3 /Gm /ZI /Od /I "..\..\include" /I "..\..\taocrypt\include" /D "_DEBUG" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /FR /YX /FD /GZ /c -# ADD BASE RSC /l 0x409 /d "_DEBUG" -# ADD RSC /l 0x409 /d "_DEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept -# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept - -!ENDIF - -# Begin Target - -# Name "echoclient - Win32 Release" -# Name "echoclient - Win32 Debug" -# Begin Group "Source Files" - -# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat" -# Begin Source File - -SOURCE=.\echoclient.cpp -# End Source File -# End Group -# Begin Group "Header Files" - -# PROP Default_Filter "h;hpp;hxx;hm;inl" -# End Group -# Begin Group "Resource Files" - -# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe" -# End Group -# End Target -# End Project diff --git a/extra/yassl/examples/echoclient/input b/extra/yassl/examples/echoclient/input deleted file mode 100644 index 438a592852c..00000000000 --- a/extra/yassl/examples/echoclient/input +++ /dev/null @@ -1,93 +0,0 @@ -/* echoclient.cpp */ - -#include "openssl/ssl.h" /* openssl compatibility test */ -#include -#include - - -#ifdef WIN32 - #include -#else - #include - #include - #include - #include - #include - #include - #include - #include -#endif /* WIN32 */ - - -void err_sys(const char* msg) -{ - fputs("yassl client error: ", stderr); - fputs(msg, stderr); - exit(EXIT_FAILURE); -} - -const char* loopback = "127.0.0.1"; -const short yasslPort = 11111; - -using namespace yaSSL; - - -int main(int argc, char** argv) -{ -#ifdef WIN32 - WSADATA wsd; - WSAStartup(0x0002, &wsd); - int sockfd; -#else - unsigned int sockfd; -#endif /* WIN32 */ - - FILE* fin = stdin; - FILE* fout = stdout; - - if (argc >= 2) fin = fopen(argv[1], "r"); - if (argc >= 3) fout = fopen(argv[2], "w"); - - if (!fin) err_sys("can't open input file"); - if (!fout) err_sys("can't open output file"); - - sockfd = socket(AF_INET, SOCK_STREAM, 0); - sockaddr_in servaddr; - memset(&servaddr, 0, sizeof(servaddr)); - servaddr.sin_family = AF_INET; - - servaddr.sin_port = htons(yasslPort); - servaddr.sin_addr.s_addr = inet_addr(loopback); - if (connect(sockfd, (const sockaddr*)&servaddr, sizeof(servaddr)) != 0) - err_sys("tcp connect failed"); - - SSL_METHOD* method = TLSv1_client_method(); - SSL_CTX* ctx = SSL_CTX_new(method); - SSL* ssl = SSL_new(ctx); - - SSL_set_fd(ssl, sockfd); - if (SSL_connect(ssl) != SSL_SUCCESS) err_sys("SSL_connect failed"); - - char send[1024]; - char reply[1024]; - - while (fgets(send, sizeof(send), fin)) { - - int sendSz = strlen(send) + 1; - if (SSL_write(ssl, send, sendSz) != sendSz) - err_sys("SSL_write failed"); - - if (strncmp(send, "quit", 4) == 0) { - fputs("sending server shutdown command: quit!", fout); - break; - } - - if (SSL_read(ssl, reply, sizeof(reply)) > 0) - fputs(reply, fout); - } - - SSL_CTX_free(ctx); - SSL_free(ssl); - - return 0; -} diff --git a/extra/yassl/examples/echoclient/quit b/extra/yassl/examples/echoclient/quit deleted file mode 100644 index 3db49b3ad12..00000000000 --- a/extra/yassl/examples/echoclient/quit +++ /dev/null @@ -1,2 +0,0 @@ -quit - diff --git a/extra/yassl/examples/echoserver/echoserver.cpp b/extra/yassl/examples/echoserver/echoserver.cpp deleted file mode 100644 index 3f639469895..00000000000 --- a/extra/yassl/examples/echoserver/echoserver.cpp +++ /dev/null @@ -1,167 +0,0 @@ -/* - Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; version 2 of the License. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; see the file COPYING. If not, write to the - Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, - MA 02110-1335 USA. -*/ - -/* echoserver.cpp */ - -#include "../../testsuite/test.hpp" - - -#ifndef NO_MAIN_DRIVER - #define ECHO_OUT - - THREAD_RETURN YASSL_API echoserver_test(void*); - int main(int argc, char** argv) - { - func_args args; - - args.argc = argc; - args.argv = argv; - - echoserver_test(&args); - yaSSL_CleanUp(); - - return args.return_code; - } - -#endif // NO_MAIN_DRIVER - - - -void EchoError(SSL_CTX* ctx, SSL* ssl, SOCKET_T& s1, SOCKET_T& s2, - const char* msg) -{ - SSL_CTX_free(ctx); - SSL_free(ssl); - tcp_close(s1); - tcp_close(s2); - err_sys(msg); -} - - -THREAD_RETURN YASSL_API echoserver_test(void* args) -{ -#ifdef _WIN32 - WSADATA wsd; - WSAStartup(0x0002, &wsd); -#endif - - SOCKET_T sockfd = 0; - int argc = 0; - char** argv = 0; - - set_args(argc, argv, *static_cast(args)); - -#ifdef ECHO_OUT - FILE* fout = stdout; - if (argc >= 2) fout = fopen(argv[1], "w"); - if (!fout) err_sys("can't open output file"); -#endif - - tcp_listen(sockfd); - - SSL_METHOD* method = SSLv23_server_method(); - SSL_CTX* ctx = SSL_CTX_new(method); - - set_serverCerts(ctx); - DH* dh = set_tmpDH(ctx); - - bool shutdown(false); - -#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) - // signal ready to tcp_accept - func_args& server_args = *((func_args*)args); - tcp_ready& ready = *server_args.signal_; - pthread_mutex_lock(&ready.mutex_); - ready.ready_ = true; - pthread_cond_signal(&ready.cond_); - pthread_mutex_unlock(&ready.mutex_); -#endif - - while (!shutdown) { - SOCKADDR_IN_T client; - socklen_t client_len = sizeof(client); - SOCKET_T clientfd = accept(sockfd, (sockaddr*)&client, - (ACCEPT_THIRD_T)&client_len); - if (clientfd == (SOCKET_T) -1) { - SSL_CTX_free(ctx); - tcp_close(sockfd); - err_sys("tcp accept failed"); - } - - SSL* ssl = SSL_new(ctx); - SSL_set_fd(ssl, clientfd); - if (SSL_accept(ssl) != SSL_SUCCESS) { - printf("SSL_accept failed\n"); - SSL_free(ssl); - tcp_close(clientfd); - continue; - } - - char command[1024]; - int echoSz(0); - while ( (echoSz = SSL_read(ssl, command, sizeof(command))) > 0) { - - if ( strncmp(command, "quit", 4) == 0) { - printf("client sent quit command: shutting down!\n"); - shutdown = true; - break; - } - else if ( strncmp(command, "GET", 3) == 0) { - char type[] = "HTTP/1.0 200 ok\r\nContent-type:" - " text/html\r\n\r\n"; - char header[] = "\n
\n";
-                char body[]   = "greetings from yaSSL\n";
-                char footer[] = "\r\n\r\n";
-
-                strncpy(command, type, sizeof(type));
-                echoSz = sizeof(type) - 1;
-
-                strncpy(&command[echoSz], header, sizeof(header));
-                echoSz += sizeof(header) - 1;
-                strncpy(&command[echoSz], body, sizeof(body));
-                echoSz += sizeof(body) - 1;
-                strncpy(&command[echoSz], footer, sizeof(footer));
-                echoSz += sizeof(footer);
-
-                if (SSL_write(ssl, command, echoSz) != echoSz)
-                    EchoError(ctx, ssl, sockfd, clientfd, "SSL_write failed");
-               
-                break;
-            }
-            command[echoSz] = 0;
-
-        #ifdef ECHO_OUT
-            fputs(command, fout);
-        #endif
-
-            if (SSL_write(ssl, command, echoSz) != echoSz)
-                EchoError(ctx, ssl, sockfd, clientfd, "SSL_write failed");
-        }
-        SSL_shutdown(ssl);
-        SSL_free(ssl);
-        tcp_close(clientfd);
-    }
-
-    tcp_close(sockfd);
-
-    DH_free(dh);
-    SSL_CTX_free(ctx);
-
-    ((func_args*)args)->return_code = 0;
-    return 0;
-}
diff --git a/extra/yassl/examples/echoserver/echoserver.dsp b/extra/yassl/examples/echoserver/echoserver.dsp
deleted file mode 100644
index 21a965b013c..00000000000
--- a/extra/yassl/examples/echoserver/echoserver.dsp
+++ /dev/null
@@ -1,102 +0,0 @@
-# Microsoft Developer Studio Project File - Name="echoserver" - Package Owner=<4>
-# Microsoft Developer Studio Generated Build File, Format Version 6.00
-# ** DO NOT EDIT **
-
-# TARGTYPE "Win32 (x86) Console Application" 0x0103
-
-CFG=echoserver - Win32 Debug
-!MESSAGE This is not a valid makefile. To build this project using NMAKE,
-!MESSAGE use the Export Makefile command and run
-!MESSAGE 
-!MESSAGE NMAKE /f "echoserver.mak".
-!MESSAGE 
-!MESSAGE You can specify a configuration when running NMAKE
-!MESSAGE by defining the macro CFG on the command line. For example:
-!MESSAGE 
-!MESSAGE NMAKE /f "echoserver.mak" CFG="echoserver - Win32 Debug"
-!MESSAGE 
-!MESSAGE Possible choices for configuration are:
-!MESSAGE 
-!MESSAGE "echoserver - Win32 Release" (based on "Win32 (x86) Console Application")
-!MESSAGE "echoserver - Win32 Debug" (based on "Win32 (x86) Console Application")
-!MESSAGE 
-
-# Begin Project
-# PROP AllowPerConfigDependencies 0
-# PROP Scc_ProjName ""
-# PROP Scc_LocalPath ""
-CPP=cl.exe
-RSC=rc.exe
-
-!IF  "$(CFG)" == "echoserver - Win32 Release"
-
-# PROP BASE Use_MFC 0
-# PROP BASE Use_Debug_Libraries 0
-# PROP BASE Output_Dir "Release"
-# PROP BASE Intermediate_Dir "Release"
-# PROP BASE Target_Dir ""
-# PROP Use_MFC 0
-# PROP Use_Debug_Libraries 0
-# PROP Output_Dir "Release"
-# PROP Intermediate_Dir "Release"
-# PROP Ignore_Export_Lib 0
-# PROP Target_Dir ""
-# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
-# ADD CPP /nologo /G6 /MT /W3 /O2 /I "..\..\include" /I "..\..\taocrypt\include" /D "NDEBUG" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
-# ADD BASE RSC /l 0x409 /d "NDEBUG"
-# ADD RSC /l 0x409 /d "NDEBUG"
-BSC32=bscmake.exe
-# ADD BASE BSC32 /nologo
-# ADD BSC32 /nologo
-LINK32=link.exe
-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
-# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /machine:I386
-
-!ELSEIF  "$(CFG)" == "echoserver - Win32 Debug"
-
-# PROP BASE Use_MFC 0
-# PROP BASE Use_Debug_Libraries 1
-# PROP BASE Output_Dir "Debug"
-# PROP BASE Intermediate_Dir "Debug"
-# PROP BASE Target_Dir ""
-# PROP Use_MFC 0
-# PROP Use_Debug_Libraries 1
-# PROP Output_Dir "Debug"
-# PROP Intermediate_Dir "Debug"
-# PROP Ignore_Export_Lib 0
-# PROP Target_Dir ""
-# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c
-# ADD CPP /nologo /MTd /W3 /Gm /ZI /Od /I "..\..\include" /I "..\..\taocrypt\include" /D "_DEBUG" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /FR /YX /FD /GZ /c
-# ADD BASE RSC /l 0x409 /d "_DEBUG"
-# ADD RSC /l 0x409 /d "_DEBUG"
-BSC32=bscmake.exe
-# ADD BASE BSC32 /nologo
-# ADD BSC32 /nologo
-LINK32=link.exe
-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
-# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
-
-!ENDIF 
-
-# Begin Target
-
-# Name "echoserver - Win32 Release"
-# Name "echoserver - Win32 Debug"
-# Begin Group "Source Files"
-
-# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"
-# Begin Source File
-
-SOURCE=.\echoserver.cpp
-# End Source File
-# End Group
-# Begin Group "Header Files"
-
-# PROP Default_Filter "h;hpp;hxx;hm;inl"
-# End Group
-# Begin Group "Resource Files"
-
-# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe"
-# End Group
-# End Target
-# End Project
diff --git a/extra/yassl/examples/server/server.cpp b/extra/yassl/examples/server/server.cpp
deleted file mode 100644
index 8a3a0a7db0e..00000000000
--- a/extra/yassl/examples/server/server.cpp
+++ /dev/null
@@ -1,155 +0,0 @@
-/*
-   Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* server.cpp */
-
-// takes 2 optional command line argument to make scripting
-// if the first  command line argument is 'n' client auth is disabled
-// if the second command line argument is 'd' DSA certs are used instead of RSA
-
-#include "../../testsuite/test.hpp"
-
-
-void ServerError(SSL_CTX* ctx, SSL* ssl, SOCKET_T& sockfd, const char* msg)
-{
-    SSL_CTX_free(ctx);
-    SSL_free(ssl);
-    tcp_close(sockfd);
-    err_sys(msg);
-}
-
-
-#ifdef NON_BLOCKING
-    void NonBlockingSSL_Accept(SSL* ssl, SSL_CTX* ctx, SOCKET_T& clientfd)
-    {
-        int ret = SSL_accept(ssl);
-        int err = SSL_get_error(ssl, 0);
-        while (ret != SSL_SUCCESS && (err == SSL_ERROR_WANT_READ ||
-                                      err == SSL_ERROR_WANT_WRITE)) {
-            if (err == SSL_ERROR_WANT_READ)
-                printf("... server would read block\n");
-            else
-                printf("... server would write block\n");
-            #ifdef _WIN32
-                Sleep(1000);
-            #else
-                sleep(1);
-            #endif
-            ret = SSL_accept(ssl);
-            err = SSL_get_error(ssl, 0);
-        }
-        if (ret != SSL_SUCCESS)
-            ServerError(ctx, ssl, clientfd, "SSL_accept failed");
-    }
-#endif
-
-
-THREAD_RETURN YASSL_API server_test(void* args)
-{
-#ifdef _WIN32
-    WSADATA wsd;
-    WSAStartup(0x0002, &wsd);
-#endif
-
-    SOCKET_T sockfd   = 0;
-    SOCKET_T clientfd = 0;
-    int      argc     = 0;
-    char**   argv     = 0;
-
-    set_args(argc, argv, *static_cast(args));
-#ifdef SERVER_READY_FILE
-    set_file_ready("server_ready", *static_cast(args));
-#endif
-    tcp_accept(sockfd, clientfd, *static_cast(args));
-
-    tcp_close(sockfd);
-
-    SSL_METHOD* method = TLSv1_server_method();
-    SSL_CTX*    ctx = SSL_CTX_new(method);
-
-    //SSL_CTX_set_cipher_list(ctx, "RC4-SHA:RC4-MD5");
-    
-    // should we disable client auth
-    if (argc >= 2 && argv[1][0] == 'n')
-        printf("disabling client auth\n");
-    else
-        SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, 0);
-
-    // are we using DSA certs
-    if (argc >= 3 && argv[2][0] == 'd') {
-        printf("using DSA certs\n");
-        set_dsaServerCerts(ctx);
-    }
-    else {
-        set_serverCerts(ctx);
-    }
-    DH* dh = set_tmpDH(ctx);
-
-    SSL* ssl = SSL_new(ctx);
-    SSL_set_fd(ssl, clientfd);
-
-#ifdef NON_BLOCKING
-    NonBlockingSSL_Accept(ssl, ctx, clientfd);
-#else
-    if (SSL_accept(ssl) != SSL_SUCCESS)
-        ServerError(ctx, ssl, clientfd, "SSL_accept failed");
-#endif
-     
-    showPeer(ssl);
-    printf("Using Cipher Suite: %s\n", SSL_get_cipher(ssl));
-
-    char command[1024];
-    int input = SSL_read(ssl, command, sizeof(command));
-    if (input > 0) {
-        command[input] = 0;
-        printf("First client command: %s\n", command);
-    }
-
-    char msg[] = "I hear you, fa shizzle!";
-    if (SSL_write(ssl, msg, sizeof(msg)) != sizeof(msg))
-        ServerError(ctx, ssl, clientfd, "SSL_write failed");
-
-    DH_free(dh);
-    SSL_CTX_free(ctx);
-    SSL_shutdown(ssl);
-    SSL_free(ssl);
-
-    tcp_close(clientfd);
-
-    ((func_args*)args)->return_code = 0;
-    return 0;
-}
-
-
-#ifndef NO_MAIN_DRIVER
-
-    int main(int argc, char** argv)
-    {
-        func_args args;
-
-        args.argc = argc;
-        args.argv = argv;
-
-        server_test(&args);
-        yaSSL_CleanUp();
-
-        return args.return_code;
-    }
-
-#endif // NO_MAIN_DRIVER
-
diff --git a/extra/yassl/examples/server/server.dsp b/extra/yassl/examples/server/server.dsp
deleted file mode 100644
index 9c797c54dfe..00000000000
--- a/extra/yassl/examples/server/server.dsp
+++ /dev/null
@@ -1,109 +0,0 @@
-# Microsoft Developer Studio Project File - Name="server" - Package Owner=<4>
-# Microsoft Developer Studio Generated Build File, Format Version 6.00
-# ** DO NOT EDIT **
-
-# TARGTYPE "Win32 (x86) Application" 0x0101
-
-CFG=server - Win32 Debug
-!MESSAGE This is not a valid makefile. To build this project using NMAKE,
-!MESSAGE use the Export Makefile command and run
-!MESSAGE 
-!MESSAGE NMAKE /f "server.mak".
-!MESSAGE 
-!MESSAGE You can specify a configuration when running NMAKE
-!MESSAGE by defining the macro CFG on the command line. For example:
-!MESSAGE 
-!MESSAGE NMAKE /f "server.mak" CFG="server - Win32 Debug"
-!MESSAGE 
-!MESSAGE Possible choices for configuration are:
-!MESSAGE 
-!MESSAGE "server - Win32 Release" (based on "Win32 (x86) Application")
-!MESSAGE "server - Win32 Debug" (based on "Win32 (x86) Application")
-!MESSAGE 
-
-# Begin Project
-# PROP AllowPerConfigDependencies 0
-# PROP Scc_ProjName ""
-# PROP Scc_LocalPath ""
-CPP=cl.exe
-MTL=midl.exe
-RSC=rc.exe
-
-!IF  "$(CFG)" == "server - Win32 Release"
-
-# PROP BASE Use_MFC 0
-# PROP BASE Use_Debug_Libraries 0
-# PROP BASE Output_Dir "Release"
-# PROP BASE Intermediate_Dir "Release"
-# PROP BASE Target_Dir ""
-# PROP Use_MFC 0
-# PROP Use_Debug_Libraries 0
-# PROP Output_Dir "Release"
-# PROP Intermediate_Dir "Release"
-# PROP Ignore_Export_Lib 0
-# PROP Target_Dir ""
-# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /D "_MBCS" /YX /FD /c
-# ADD CPP /nologo /MT /W3 /O2 /I "..\..\include" /I "..\..\taocrypt\include" /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /D "_MBCS" /YX /FD /c
-# ADD BASE MTL /nologo /D "NDEBUG" /mktyplib203 /win32
-# ADD MTL /nologo /D "NDEBUG" /mktyplib203 /win32
-# ADD BASE RSC /l 0x409 /d "NDEBUG"
-# ADD RSC /l 0x409 /d "NDEBUG"
-BSC32=bscmake.exe
-# ADD BASE BSC32 /nologo
-# ADD BSC32 /nologo
-LINK32=link.exe
-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /machine:I386
-# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /machine:I386
-# SUBTRACT LINK32 /pdb:none
-
-!ELSEIF  "$(CFG)" == "server - Win32 Debug"
-
-# PROP BASE Use_MFC 0
-# PROP BASE Use_Debug_Libraries 1
-# PROP BASE Output_Dir "Debug"
-# PROP BASE Intermediate_Dir "Debug"
-# PROP BASE Target_Dir ""
-# PROP Use_MFC 0
-# PROP Use_Debug_Libraries 1
-# PROP Output_Dir "Debug"
-# PROP Intermediate_Dir "Debug"
-# PROP Ignore_Export_Lib 0
-# PROP Target_Dir ""
-# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /D "_MBCS" /YX /FD /GZ /c
-# ADD CPP /nologo /MTd /W3 /Gm /ZI /Od /I "..\..\include" /I "..\..\taocrypt\include" /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /D "_MBCS" /FR /YX /FD /GZ /c
-# ADD BASE MTL /nologo /D "_DEBUG" /mktyplib203 /win32
-# ADD MTL /nologo /D "_DEBUG" /mktyplib203 /win32
-# ADD BASE RSC /l 0x409 /d "_DEBUG"
-# ADD RSC /l 0x409 /d "_DEBUG"
-BSC32=bscmake.exe
-# ADD BASE BSC32 /nologo
-# ADD BSC32 /nologo
-LINK32=link.exe
-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /debug /machine:I386 /pdbtype:sept
-# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
-# SUBTRACT LINK32 /pdb:none /nodefaultlib
-
-!ENDIF 
-
-# Begin Target
-
-# Name "server - Win32 Release"
-# Name "server - Win32 Debug"
-# Begin Group "Source Files"
-
-# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"
-# Begin Source File
-
-SOURCE=.\server.cpp
-# End Source File
-# End Group
-# Begin Group "Header Files"
-
-# PROP Default_Filter "h;hpp;hxx;hm;inl"
-# End Group
-# Begin Group "Resource Files"
-
-# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe"
-# End Group
-# End Target
-# End Project
diff --git a/extra/yassl/include/buffer.hpp b/extra/yassl/include/buffer.hpp
deleted file mode 100644
index 71bea3c109a..00000000000
--- a/extra/yassl/include/buffer.hpp
+++ /dev/null
@@ -1,211 +0,0 @@
-/*
-   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-
-/* yaSSL buffer header defines input and output buffers to simulate streaming
- * with SSL types and sockets
- */
-
-#ifndef yaSSL_BUFFER_HPP
-#define yaSSL_BUFFER_HPP
-
-#include              // assert
-#include "yassl_types.hpp"      // ysDelete
-#include "memory.hpp"           // mySTL::auto_ptr
-#include STL_ALGORITHM_FILE
-
-
-namespace STL = STL_NAMESPACE;
-
-
-#ifdef _MSC_VER
-    // disable truncated debug symbols
-    #pragma warning(disable:4786)
-#endif
-
-
-namespace yaSSL {
-
-typedef unsigned char byte;
-typedef unsigned int  uint;
-const uint AUTO = 0xFEEDBEEF;
-
-
-
-struct NoCheck {
-    int check(uint, uint);
-};
-
-struct Check {
-    int check(uint, uint);
-};
-
-/* input_buffer operates like a smart c style array with a checking option, 
- * meant to be read from through [] with AUTO index or read().
- * Should only write to at/near construction with assign() or raw (e.g., recv)
- * followed by add_size with the number of elements added by raw write.
- *
- * Not using vector because need checked []access, offset, and the ability to
- * write to the buffer bulk wise and have the correct size
- */
-
-class input_buffer : public Check {
-    uint   size_;                // number of elements in buffer
-    uint   current_;             // current offset position in buffer
-    byte*  buffer_;              // storage for buffer
-    byte*  end_;                 // end of storage marker
-    int    error_;               // error number
-    byte   zero_;                // for returning const reference to zero byte
-public:
-    input_buffer();
-
-    explicit input_buffer(uint s);
-                          
-    // with assign
-    input_buffer(uint s, const byte* t, uint len);
-    
-    ~input_buffer();
-
-    // users can pass defualt zero length buffer and then allocate
-    void allocate(uint s);
-
-    // for passing to raw writing functions at beginning, then use add_size
-    byte* get_buffer() const;
-
-    // after a raw write user can set new size
-    // if you know the size before the write use assign()
-    void add_size(uint i);
-
-    uint get_capacity()  const;
-
-    uint get_current()   const;
-
-    uint get_size()      const;
-
-    uint get_remaining() const;
-
-    int  get_error()     const;
-
-    void set_error();
-
-    void set_current(uint i);
-
-    // read only access through [], advance current
-    // user passes in AUTO index for ease of use
-    const byte& operator[](uint i);
-    
-    // end of input test
-    bool eof();
-
-    // peek ahead
-    byte peek();
-
-    // write function, should use at/near construction
-    void assign(const byte* t, uint s);
-    
-    // use read to query input, adjusts current
-    void read(byte* dst, uint length);
-
-private:
-    input_buffer(const input_buffer&);              // hide copy
-    input_buffer& operator=(const input_buffer&);   // and assign
-};
-
-
-/* output_buffer operates like a smart c style array with a checking option.
- * Meant to be written to through [] with AUTO index or write().
- * Size (current) counter increases when written to. Can be constructed with 
- * zero length buffer but be sure to allocate before first use. 
- * Don't use add write for a couple bytes, use [] instead, way less overhead.
- * 
- * Not using vector because need checked []access and the ability to
- * write to the buffer bulk wise and retain correct size
- */
-class output_buffer : public NoCheck {
-    uint    current_;                // current offset and elements in buffer
-    byte*   buffer_;                 // storage for buffer
-    byte*   end_;                    // end of storage marker
-public:
-    // default
-    output_buffer();
-
-    // with allocate
-    explicit output_buffer(uint s);
-
-    // with assign
-    output_buffer(uint s, const byte* t, uint len);
-
-    ~output_buffer();
-
-    uint get_size() const;
-
-    uint get_capacity() const;
-
-    void set_current(uint c);
-
-    // users can pass defualt zero length buffer and then allocate
-    void allocate(uint s);
-
-    // for passing to reading functions when finished
-    const byte* get_buffer() const;
-
-    // allow write access through [], update current
-    // user passes in AUTO as index for ease of use
-    byte& operator[](uint i);
-    
-    // end of output test
-    bool eof();
-
-    void write(const byte* t, uint s);
-
-private:
-    output_buffer(const output_buffer&);              // hide copy
-    output_buffer& operator=(const output_buffer&);   // and assign
-};
-
-
-
-
-// turn delete an incomplete type into comipler error instead of warning
-template 
-inline void checked_delete(T* p)
-{
-    typedef char complete_type[sizeof(T) ? 1 : -1];
-    (void)sizeof(complete_type);
-    ysDelete(p);
-}
-
-
-// checked delete functor increases effeciency, no indirection on function call
-// sets pointer to zero so safe for std conatiners
-struct del_ptr_zero
-{
-    template 
-    void operator()(T*& p) const
-    {
-        T* tmp = 0;
-        STL::swap(tmp, p);
-        checked_delete(tmp); 
-    }
-};
-
-
-
-} // naemspace
-
-#endif // yaSSL_BUUFER_HPP
diff --git a/extra/yassl/include/cert_wrapper.hpp b/extra/yassl/include/cert_wrapper.hpp
deleted file mode 100644
index d32870fcfc1..00000000000
--- a/extra/yassl/include/cert_wrapper.hpp
+++ /dev/null
@@ -1,137 +0,0 @@
-/*
-   Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-
-/*  The certificate wrapper header defines certificate management functions
- *
- */
-
-
-#ifndef yaSSL_CERT_WRAPPER_HPP
-#define yaSSL_CERT_WRAPPER_HPP
-
-#ifdef _MSC_VER
-    // disable truncated debug symbols
-    #pragma warning(disable:4786)
-#endif
-
-
-#include "yassl_types.hpp"  // SignatureAlgorithm
-#include "buffer.hpp"       // input_buffer
-#include "asn.hpp"          // SignerList
-#include "openssl/ssl.h"    // internal and external use
-#include STL_LIST_FILE
-#include STL_ALGORITHM_FILE
-
-
-namespace STL = STL_NAMESPACE;
-
-
-namespace yaSSL {
-   
-typedef unsigned char opaque;
-class X509;                     // forward openSSL type
-
-using TaoCrypt::SignerList;
-
-// an x509 version 3 certificate
-class x509 {
-    uint    length_;
-    opaque* buffer_;
-public:
-    explicit x509(uint sz);
-    ~x509();
-
-    uint          get_length() const;
-    const opaque* get_buffer() const;
-    opaque*       use_buffer();
-
-    x509(const x509&);
-    x509& operator=(const x509&);
-private:
-    void Swap(x509&);
-};
-
-
-// Certificate Manager keeps a list of the cert chain and public key
-class CertManager {
-    typedef STL::list CertList;
-
-    CertList     list_;                 // self      
-    input_buffer privateKey_;
-
-    CertList     peerList_;             // peer
-    input_buffer peerPublicKey_;
-    X509*        peerX509_;             // peer's openSSL X509
-    X509*        selfX509_;             // our own openSSL X509
-
-    SignatureAlgorithm keyType_;        // self   key type
-    SignatureAlgorithm peerKeyType_;    // peer's key type
-
-    SignerList   signers_;              // decoded CA keys and names
-                                        //    plus verified chained certs
-    bool verifyPeer_;
-    bool verifyNone_;                   // no error if verify fails
-    bool failNoCert_;
-    bool sendVerify_;
-    bool sendBlankCert_;
-    VerifyCallback verifyCallback_;     // user verify callback
-public:
-    CertManager();
-    ~CertManager();
-
-    void AddPeerCert(x509* x);      // take ownership
-    void CopySelfCert(const x509* x);
-    int  CopyCaCert(const x509* x);
-    int  Validate();
-
-    int SetPrivateKey(const x509&);
-
-    const x509*        get_cert()        const;
-    const opaque*      get_peerKey()     const;
-    const opaque*      get_privateKey()  const;
-          X509*        get_peerX509()    const;
-          X509*        get_selfX509()    const;
-    SignatureAlgorithm get_keyType()     const;
-    SignatureAlgorithm get_peerKeyType() const;
-
-    uint get_peerKeyLength()       const;
-    uint get_privateKeyLength()    const;
-
-    bool verifyPeer() const;
-    bool verifyNone() const;
-    bool failNoCert() const;
-    bool sendVerify() const;
-    bool sendBlankCert() const;
-
-    void setVerifyPeer();
-    void setVerifyNone();
-    void setFailNoCert();
-    void setSendVerify();
-    void setSendBlankCert();
-    void setPeerX509(X509*);
-    void setVerifyCallback(VerifyCallback);
-private:
-    CertManager(const CertManager&);            // hide copy
-    CertManager& operator=(const CertManager&); // and assigin
-};
-
-
-} // naemspace
-
-#endif // yaSSL_CERT_WRAPPER_HPP
diff --git a/extra/yassl/include/crypto_wrapper.hpp b/extra/yassl/include/crypto_wrapper.hpp
deleted file mode 100644
index 97cd989b78d..00000000000
--- a/extra/yassl/include/crypto_wrapper.hpp
+++ /dev/null
@@ -1,429 +0,0 @@
-/*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-
-/*  The crypto wrapper header is used to define policies for the cipher 
- *  components used by SSL.  There are 3 policies to consider:
- *
- *  1) MAC, the Message Authentication Code used for each Message
- *  2) Bulk Cipher, the Cipher used to encrypt/decrypt each Message
- *  3) Atuhentication, the Digitial Signing/Verifiaction scheme used
- *
- *  This header doesn't rely on a specific crypto libraries internals,
- *  only the implementation should.
- */
-
-
-#ifndef yaSSL_CRYPTO_WRAPPER_HPP
-#define yaSSL_CRYPTO_WRAPPER_HPP
-
-#include "yassl_types.hpp"
-#include    // FILE
-
-
-namespace yaSSL {
-
-
-// Digest policy should implement a get_digest, update, and get sizes for pad
-// and  digest
-struct Digest : public virtual_base {
-    virtual void   get_digest(byte*) = 0;
-    virtual void   get_digest(byte*, const byte*, unsigned int) = 0;
-    virtual void   update(const byte*, unsigned int) = 0;
-    virtual uint   get_digestSize() const = 0;
-    virtual uint   get_padSize() const = 0;
-    virtual ~Digest() {}
-};
-
-
-// For use with NULL Digests
-struct NO_MAC : public Digest {
-    void   get_digest(byte*);
-    void   get_digest(byte*, const byte*, unsigned int);
-    void   update(const byte*, unsigned int);
-    uint   get_digestSize() const;
-    uint   get_padSize()    const;
-};
-
-
-// MD5 Digest
-class MD5 : public Digest {
-public:
-    void   get_digest(byte*);
-    void   get_digest(byte*, const byte*, unsigned int);
-    void   update(const byte*, unsigned int);
-    uint   get_digestSize() const;
-    uint   get_padSize()    const;
-    MD5();
-    ~MD5();
-    MD5(const MD5&);
-    MD5& operator=(const MD5&);
-private:
-    struct MD5Impl;
-    MD5Impl* pimpl_;
-};
-
-
-// SHA-1 Digest
-class SHA : public Digest {
-public:
-    void   get_digest(byte*);
-    void   get_digest(byte*, const byte*, unsigned int);
-    void   update(const byte*, unsigned int);
-    uint   get_digestSize() const;
-    uint   get_padSize()    const;
-    SHA();
-    ~SHA();
-    SHA(const SHA&);
-    SHA& operator=(const SHA&);
-private:
-    struct SHAImpl;
-    SHAImpl* pimpl_;
-
-};
-
-
-// RIPEMD-160 Digest
-class RMD : public Digest {
-public:
-    void   get_digest(byte*);
-    void   get_digest(byte*, const byte*, unsigned int);
-    void   update(const byte*, unsigned int);
-    uint   get_digestSize() const;
-    uint   get_padSize()    const;
-    RMD();
-    ~RMD();
-    RMD(const RMD&);
-    RMD& operator=(const RMD&);
-private:
-    struct RMDImpl;
-    RMDImpl* pimpl_;
-
-};
-
-
-// HMAC_MD5
-class HMAC_MD5 : public Digest {
-public:
-    void   get_digest(byte*);
-    void   get_digest(byte*, const byte*, unsigned int);
-    void   update(const byte*, unsigned int);
-    uint   get_digestSize() const;
-    uint   get_padSize()    const;
-    HMAC_MD5(const byte*, unsigned int);
-    ~HMAC_MD5();
-private:
-    struct HMAC_MD5Impl;
-    HMAC_MD5Impl* pimpl_;
-
-    HMAC_MD5(const HMAC_MD5&);
-    HMAC_MD5& operator=(const HMAC_MD5&);
-};
-
-
-// HMAC_SHA-1
-class HMAC_SHA : public Digest {
-public:
-    void   get_digest(byte*);
-    void   get_digest(byte*, const byte*, unsigned int);
-    void   update(const byte*, unsigned int);
-    uint   get_digestSize() const;
-    uint   get_padSize()    const;
-    HMAC_SHA(const byte*, unsigned int);
-    ~HMAC_SHA();
-private:
-    struct HMAC_SHAImpl;
-    HMAC_SHAImpl* pimpl_;
-
-    HMAC_SHA(const HMAC_SHA&);
-    HMAC_SHA& operator=(const HMAC_SHA&);
-};
-
-
-// HMAC_RMD
-class HMAC_RMD : public Digest {
-public:
-    void   get_digest(byte*);
-    void   get_digest(byte*, const byte*, unsigned int);
-    void   update(const byte*, unsigned int);
-    uint   get_digestSize() const;
-    uint   get_padSize()    const;
-    HMAC_RMD(const byte*, unsigned int);
-    ~HMAC_RMD();
-private:
-    struct HMAC_RMDImpl;
-    HMAC_RMDImpl* pimpl_;
-
-    HMAC_RMD(const HMAC_RMD&);
-    HMAC_RMD& operator=(const HMAC_RMD&);
-};
-
-
-// BulkCipher policy should implement encrypt, decrypt, get block size, 
-// and set keys for encrypt and decrypt
-struct BulkCipher : public virtual_base {
-    virtual void   encrypt(byte*, const byte*, unsigned int) = 0;
-    virtual void   decrypt(byte*, const byte*, unsigned int) = 0;
-    virtual void   set_encryptKey(const byte*, const byte* = 0) = 0;
-    virtual void   set_decryptKey(const byte*, const byte* = 0) = 0;
-    virtual uint   get_blockSize() const = 0;
-    virtual int    get_keySize()   const = 0;
-    virtual int    get_ivSize()    const = 0;
-    virtual ~BulkCipher() {}
-};
-
-
-// For use with NULL Ciphers
-struct NO_Cipher : public BulkCipher {
-    void   encrypt(byte*, const byte*, unsigned int) {}
-    void   decrypt(byte*, const byte*, unsigned int) {}
-    void   set_encryptKey(const byte*, const byte*)  {}
-    void   set_decryptKey(const byte*, const byte*)  {}
-    uint   get_blockSize() const { return 0; }
-    int    get_keySize()   const { return 0; }
-    int    get_ivSize()    const { return 0; }
-};
-
-
-// SSLv3 and TLSv1 always use DES in CBC mode so IV is required
-class DES : public BulkCipher {
-public:
-    void   encrypt(byte*, const byte*, unsigned int);
-    void   decrypt(byte*, const byte*, unsigned int);
-    void   set_encryptKey(const byte*, const byte*);
-    void   set_decryptKey(const byte*, const byte*);
-    uint   get_blockSize() const { return DES_BLOCK; }
-    int    get_keySize()   const { return DES_KEY_SZ; }
-    int    get_ivSize()    const { return DES_IV_SZ; }
-    DES();
-    ~DES();
-private:
-    struct DESImpl;
-    DESImpl* pimpl_;
-
-    DES(const DES&);                // hide copy
-    DES& operator=(const DES&);     // & assign
-};
-
-
-// 3DES Encrypt-Decrypt-Encrypt in CBC mode
-class DES_EDE : public BulkCipher {
-public:
-    void   encrypt(byte*, const byte*, unsigned int);
-    void   decrypt(byte*, const byte*, unsigned int);
-    void   set_encryptKey(const byte*, const byte*);
-    void   set_decryptKey(const byte*, const byte*);
-    uint   get_blockSize() const { return DES_BLOCK; }
-    int    get_keySize()   const { return DES_EDE_KEY_SZ; }
-    int    get_ivSize()    const { return DES_IV_SZ; }
-    DES_EDE();
-    ~DES_EDE();
-private:
-    struct DES_EDEImpl;
-    DES_EDEImpl* pimpl_;
-
-    DES_EDE(const DES_EDE&);            // hide copy
-    DES_EDE& operator=(const DES_EDE&); // & assign
-};
-
-
-// Alledged RC4
-class RC4 : public BulkCipher {
-public:
-    void encrypt(byte*, const byte*, unsigned int);
-    void decrypt(byte*, const byte*, unsigned int);
-    void set_encryptKey(const byte*, const byte*);
-    void set_decryptKey(const byte*, const byte*);
-    uint get_blockSize() const { return 0; }
-    int  get_keySize()   const { return RC4_KEY_SZ; }
-    int  get_ivSize()    const { return 0; }
-    RC4();
-    ~RC4();
-private:
-    struct RC4Impl;
-    RC4Impl* pimpl_;
-
-    RC4(const RC4&);             // hide copy
-    RC4& operator=(const RC4&);  // & assign
-};
-
-
-// AES
-class AES : public BulkCipher {
-public:
-    void encrypt(byte*, const byte*, unsigned int);
-    void decrypt(byte*, const byte*, unsigned int);
-    void set_encryptKey(const byte*, const byte*);
-    void set_decryptKey(const byte*, const byte*);
-    uint get_blockSize() const { return AES_BLOCK_SZ; }
-    int  get_keySize()   const;
-    int  get_ivSize()    const { return AES_IV_SZ; }
-    explicit AES(unsigned int = AES_128_KEY_SZ);
-    ~AES();
-private:
-    struct AESImpl;
-    AESImpl* pimpl_;
-
-    AES(const AES&);             // hide copy
-    AES& operator=(const AES&);  // & assign
-};
-
-
-// Random number generator
-class RandomPool {
-public:
-    void Fill(opaque* dst, uint sz) const;
-    RandomPool();
-    ~RandomPool();
-
-    int GetError() const;
-
-    friend class RSA;
-    friend class DSS;
-    friend class DiffieHellman;
-private:
-    struct RandomImpl;
-    RandomImpl* pimpl_;
-
-    RandomPool(const RandomPool&);              // hide copy
-    RandomPool& operator=(const RandomPool&);   // & assign
-};
-
-
-// Authentication policy should implement sign, and verify
-struct Auth : public virtual_base {
-    virtual void sign(byte*, const byte*, unsigned int, const RandomPool&) = 0;
-    virtual bool verify(const byte*, unsigned int, const byte*,
-                        unsigned int) = 0;
-    virtual uint get_signatureLength() const = 0;
-    virtual ~Auth() {}
-};
-
-
-// For use with NULL Authentication schemes
-struct NO_Auth : public Auth {
-    void   sign(byte*, const byte*, unsigned int, const RandomPool&) {}
-    bool   verify(const byte*, unsigned int, const byte*, unsigned int) 
-                    { return true; }
-};
-
-
-// Digitial Signature Standard scheme
-class DSS : public Auth {
-public:
-    void sign(byte*, const byte*, unsigned int, const RandomPool&);
-    bool verify(const byte*, unsigned int, const byte*, unsigned int);
-    uint get_signatureLength() const;
-    DSS(const byte*, unsigned int, bool publicKey = true);
-    ~DSS();
-private:
-    struct DSSImpl;
-    DSSImpl* pimpl_;
-
-    DSS(const DSS&);
-    DSS& operator=(const DSS&);
-};
-
-
-// RSA Authentication and exchange
-class RSA : public Auth {
-public:
-    void   sign(byte*, const byte*, unsigned int, const RandomPool&);
-    bool   verify(const byte*, unsigned int, const byte*, unsigned int);
-    void   encrypt(byte*, const byte*, unsigned int, const RandomPool&);
-    void   decrypt(byte*, const byte*, unsigned int, const RandomPool&);
-    uint   get_signatureLength() const;
-    uint   get_cipherLength() const;
-    RSA(const byte*, unsigned int, bool publicKey = true);
-    ~RSA();
-private:
-    struct RSAImpl;
-    RSAImpl* pimpl_;
-
-    RSA(const RSA&);            // hide copy
-    RSA& operator=(const RSA&); // & assing
-};
-
-
-class Integer;
-
-// Diffie-Hellman agreement
-// hide for now TODO: figure out a way to give access to C clients p and g args
-class DiffieHellman  {
-public:
-    DiffieHellman(const byte*, unsigned int, const byte*, unsigned int,
-                  const byte*, unsigned int, const RandomPool& random);
-    //DiffieHellman(const char*, const RandomPool&);
-    DiffieHellman(const Integer&, const Integer&, const RandomPool&);
-    ~DiffieHellman();
-
-    DiffieHellman(const DiffieHellman&);  
-    DiffieHellman& operator=(const DiffieHellman&);
-
-    uint        get_agreedKeyLength() const;
-    const byte* get_agreedKey()       const;
-    uint        get_publicKeyLength() const;
-    const byte* get_publicKey()       const;
-    void        makeAgreement(const byte*, unsigned int);
-
-    void        set_sizes(int&, int&, int&) const;
-    void        get_parms(byte*, byte*, byte*) const;
-private:
-    struct DHImpl;
-    DHImpl* pimpl_;
-};
-
-
-// Lagrge Integer
-class Integer {
-public:
-    Integer();
-    ~Integer();
-
-    Integer(const Integer&);
-    Integer& operator=(const Integer&);
-
-    void assign(const byte*, unsigned int);
-
-    friend class DiffieHellman;
-private:
-    struct IntegerImpl;
-    IntegerImpl* pimpl_;
-};
-
-
-class x509;
-
-
-struct EncryptedInfo {
-    enum { IV_SZ = 32, NAME_SZ = 80 };
-    char  name[NAME_SZ]; // max one line
-    byte  iv[IV_SZ];     // in base16 rep
-    uint  ivSz;
-    bool  set;
-
-    EncryptedInfo() : ivSz(0), set(false) {}
-};
-
-x509* PemToDer(FILE*, CertType, EncryptedInfo* info = 0);
-
-
-} // naemspace
-
-#endif  // yaSSL_CRYPTO_WRAPPER_HPP
diff --git a/extra/yassl/include/factory.hpp b/extra/yassl/include/factory.hpp
deleted file mode 100644
index e0f420844fb..00000000000
--- a/extra/yassl/include/factory.hpp
+++ /dev/null
@@ -1,102 +0,0 @@
-/*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/*  The factory header defines an Object Factory, used by SSL message and
- *  handshake types.
- *
- *  See Desgin Pattern in GoF and Alexandrescu's chapter in Modern C++ Design,
- *  page 208
- */
-
-
-
-#ifndef yaSSL_FACTORY_HPP
-#define yaSSL_FACTORY_HPP
-
-#include STL_VECTOR_FILE
-#include STL_PAIR_FILE
-
-
-namespace STL = STL_NAMESPACE;
-
-
-
-
-
-namespace yaSSL {
-
-
-// Factory uses its callback map to create objects by id,
-// returning an abstract base pointer
-template
-class Factory {                                             
-    typedef STL::pair CallBack;
-    typedef STL::vector CallBackVector;
-
-    CallBackVector callbacks_;
-public:
-    // pass function pointer to register all callbacks upon creation
-    explicit Factory(void (*init)(Factory&))
-    { 
-        init(*this); 
-    }
-
-    // reserve place in vector before registering, used by init funcion
-    void Reserve(size_t sz)
-    {
-        callbacks_.reserve(sz);
-    }
-
-    // register callback
-    void Register(const IdentifierType& id, ProductCreator pc)
-    {
-        callbacks_.push_back(STL::make_pair(id, pc));
-    }
-
-    // THE Creator, returns a new object of the proper type or 0
-    AbstractProduct* CreateObject(const IdentifierType& id) const
-    {
-        typedef typename STL::vector::const_iterator cIter;
-        
-        cIter first = callbacks_.begin();
-        cIter last  = callbacks_.end();
-
-        while (first != last) {
-            if (first->first == id)
-                break;
-            ++first;
-        }
-
-        if (first == callbacks_.end())
-            return 0;
-        return (first->second)();
-    }
-private:
-    Factory(const Factory&);            // hide copy
-    Factory& operator=(const Factory&); // and assign
-};
-
-
-} // naemspace
-
-#endif // yaSSL_FACTORY_HPP
diff --git a/extra/yassl/include/handshake.hpp b/extra/yassl/include/handshake.hpp
deleted file mode 100644
index dc472690c73..00000000000
--- a/extra/yassl/include/handshake.hpp
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* The handshake header declares function prototypes for creating and reading
- * the various handshake messages.
- */
-
-
-
-#ifndef yaSSL_HANDSHAKE_HPP
-#define yaSSL_HANDSHAKE_HPP
-
-#include "yassl_types.hpp"
-
-
-namespace yaSSL {
-
-// forward decls
-class  SSL;
-class  Finished;
-class  Data;
-class  Alert;
-struct Hashes;
-
-enum BufferOutput { buffered, unbuffered };
-
-void sendClientHello(SSL&);
-void sendServerHello(SSL&, BufferOutput = buffered);
-void sendServerHelloDone(SSL&, BufferOutput = buffered);
-void sendClientKeyExchange(SSL&, BufferOutput = buffered);
-void sendServerKeyExchange(SSL&, BufferOutput = buffered);
-void sendChangeCipher(SSL&, BufferOutput = buffered);
-void sendFinished(SSL&, ConnectionEnd, BufferOutput = buffered);
-void sendCertificate(SSL&, BufferOutput = buffered);
-void sendCertificateRequest(SSL&, BufferOutput = buffered);
-void sendCertificateVerify(SSL&, BufferOutput = buffered);
-int  sendData(SSL&, const void*, int);
-int  sendAlert(SSL& ssl, const Alert& alert);
-
-int  receiveData(SSL&, Data&, bool peek = false); 
-void processReply(SSL&);
-
-void buildFinished(SSL&, Finished&, const opaque*);
-void build_certHashes(SSL&, Hashes&);
-
-void hmac(SSL&, byte*, const byte*, uint, ContentType, bool verify = false);
-void TLS_hmac(SSL&, byte*, const byte*, uint, ContentType,
-              bool verify = false);
-void PRF(byte* digest, uint digLen, const byte* secret, uint secLen,
-         const byte* label, uint labLen, const byte* seed, uint seedLen);
-
-} // naemspace
-
-#endif // yaSSL_HANDSHAKE_HPP
diff --git a/extra/yassl/include/lock.hpp b/extra/yassl/include/lock.hpp
deleted file mode 100644
index 3f66ea145bf..00000000000
--- a/extra/yassl/include/lock.hpp
+++ /dev/null
@@ -1,96 +0,0 @@
-/*
-   Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* lock.hpp provides an os specific Lock, locks mutex on entry and unlocks
- * automatically upon exit, no-ops provided for Single Threaded
-*/
-
-#ifndef yaSSL_LOCK_HPP
-#define yaSSL_LOCK_HPP
-
-/*
-  Visual Studio Source Annotations header (sourceannotations.h) fails
-  to compile if outside of the global namespace.
-*/
-#ifdef MULTI_THREADED
-#ifdef _WIN32
-#include 
-#endif
-#endif
-
-namespace yaSSL {
-
-
-#ifdef MULTI_THREADED
-    #ifdef _WIN32
-        #include 
-
-        class Mutex {
-            CRITICAL_SECTION cs_;
-        public:
-            Mutex();
-            ~Mutex();
-
-            class Lock;
-            friend class Lock;
-    
-            class Lock {
-                Mutex& mutex_;
-            public:
-                explicit Lock(Mutex& lm);
-                ~Lock();
-            };
-        };
-    #else  // _WIN32
-        #include 
-
-        class Mutex {
-            pthread_mutex_t mutex_;
-        public:
-
-            Mutex();
-            ~Mutex();
-
-            class Lock;
-            friend class Lock;
-
-            class Lock {
-                Mutex& mutex_;
-            public:
-                explicit Lock(Mutex& lm);
-                ~Lock();
-            };
-        };
-
-    #endif // _WIN32
-#else  // MULTI_THREADED (WE'RE SINGLE)
-
-    class Mutex {
-    public:
-        class Lock {
-        public:
-            explicit Lock(Mutex&) {}
-        };
-    };
-
-#endif // MULTI_THREADED
-
-
-
-} // namespace
-#endif // yaSSL_LOCK_HPP
diff --git a/extra/yassl/include/log.hpp b/extra/yassl/include/log.hpp
deleted file mode 100644
index 8dc33684a43..00000000000
--- a/extra/yassl/include/log.hpp
+++ /dev/null
@@ -1,56 +0,0 @@
-/*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-
-/* yaSSL log interface
- *
- */
-
-#ifndef yaSSL_LOG_HPP
-#define yaSSL_LOG_HPP
-
-#include "socket_wrapper.hpp"
-
-#ifdef YASSL_LOG
-#include 
-#endif
-
-namespace yaSSL {
-
-typedef unsigned int uint;
-
-
-// Debug logger
-class Log {
-#ifdef YASSL_LOG
-    FILE* log_;
-#endif
-public:
-    explicit Log(const char* str = "yaSSL.log");
-    ~Log();
-
-    void Trace(const char*);
-    void ShowTCP(socket_t, bool ended = false);
-    void ShowData(uint, bool sent = false);
-};
-
-
-} // naemspace
-
-#endif // yaSSL_LOG_HPP
diff --git a/extra/yassl/include/openssl/crypto.h b/extra/yassl/include/openssl/crypto.h
deleted file mode 100644
index f229f8b612c..00000000000
--- a/extra/yassl/include/openssl/crypto.h
+++ /dev/null
@@ -1,37 +0,0 @@
-/*
-   Copyright (C) 2005, 2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* crypto.h for openSSL */
-
-#ifndef yaSSL_crypto_h__
-#define yaSSL_crypto_h__
-
-#ifdef YASSL_PREFIX
-#include "prefix_crypto.h"
-#endif
-
-const char* SSLeay_version(int type);
-
-#define SSLEAY_NUMBER_DEFINED
-#define SSLEAY_VERSION 0x0900L
-#define SSLEAY_VERSION_NUMBER SSLEAY_VERSION
-
-
-#endif /* yaSSL_crypto_h__ */
-
diff --git a/extra/yassl/include/openssl/des.h b/extra/yassl/include/openssl/des.h
deleted file mode 100644
index 71cd7e9b1a9..00000000000
--- a/extra/yassl/include/openssl/des.h
+++ /dev/null
@@ -1,20 +0,0 @@
-/*
-   Copyright (C) 2005 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* des.h  for openssl */
diff --git a/extra/yassl/include/openssl/des_old.h b/extra/yassl/include/openssl/des_old.h
deleted file mode 100644
index b2467185445..00000000000
--- a/extra/yassl/include/openssl/des_old.h
+++ /dev/null
@@ -1,20 +0,0 @@
-/*
-   Copyright (C) 2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* des_old.h  for openvn */
diff --git a/extra/yassl/include/openssl/engine.h b/extra/yassl/include/openssl/engine.h
deleted file mode 100644
index 52c43f08010..00000000000
--- a/extra/yassl/include/openssl/engine.h
+++ /dev/null
@@ -1,24 +0,0 @@
-/*
-   Copyright (C) 2006 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* engine.h for libcurl */
-
-#undef HAVE_OPENSSL_ENGINE_H
-
-
diff --git a/extra/yassl/include/openssl/err.h b/extra/yassl/include/openssl/err.h
deleted file mode 100644
index fc96330e90e..00000000000
--- a/extra/yassl/include/openssl/err.h
+++ /dev/null
@@ -1,27 +0,0 @@
-/*
-   Copyright (C) 2005, 2006 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* err.h for openssl */
-
-#ifndef yaSSL_err_h__
-#define yaSSL_err_h__
-
-
-
-#endif /* yaSSL_err_h__ */
diff --git a/extra/yassl/include/openssl/evp.h b/extra/yassl/include/openssl/evp.h
deleted file mode 100644
index a57c4a9088b..00000000000
--- a/extra/yassl/include/openssl/evp.h
+++ /dev/null
@@ -1,29 +0,0 @@
-/*
-   Copyright (C) 2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* evp.h for openSSL */
-
-#ifndef SSLEAY_NUMBER_DEFINED
-#define SSLEAY_NUMBER_DEFINED
-
-/* for OpenVPN */
-#define SSLEAY_VERSION_NUMBER 0x0090700f
-
-
-#endif /* SSLEAY_NUMBER_DEFINED */
diff --git a/extra/yassl/include/openssl/generate_prefix_files.pl b/extra/yassl/include/openssl/generate_prefix_files.pl
deleted file mode 100755
index d7609aebaf3..00000000000
--- a/extra/yassl/include/openssl/generate_prefix_files.pl
+++ /dev/null
@@ -1,62 +0,0 @@
-#!/usr/bin/perl
-
-# Copyright (C) 2006 MySQL AB
-# Use is subject to license terms
-# 
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; version 2 of the License.
-# 
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-# 
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1335  USA
-
-#
-# This script generates defines for all functions
-# in yassl/include/openssl/ so they are renamed to
-# ya. Hopefully that is unique enough.
-#
-# The script is to be run manually when we import
-# a new version of yaSSL
-#
-
-
-
-# Find all functions in "input" and add macros
-# to prefix/rename them into "output
-sub generate_prefix($$)
-{
-  my $input= shift;
-  my $output= shift;
-  open(IN, $input)
-      or die("Can't open input file $input: $!");
-  open(OUT, ">", $output)
-    or mtr_error("Can't open output file $output: $!");
-
-  while ()
-  {
-    chomp;
-
-    if ( /typedef/ )
-    {
-      next;
-    }
-
-    if ( /^\s*[a-zA-Z0-9*_ ]+\s+\*?([_a-zA-Z0-9]+)\s*\(/ )
-    {
-      print OUT "#define $1 ya$1\n";
-    }
-  }
-
-  close OUT;
-  close IN;
-}
-
-generate_prefix("ssl.h", "prefix_ssl.h");
-generate_prefix("crypto.h", "prefix_crypto.h");
-
diff --git a/extra/yassl/include/openssl/hmac.h b/extra/yassl/include/openssl/hmac.h
deleted file mode 100644
index 0a3861c0937..00000000000
--- a/extra/yassl/include/openssl/hmac.h
+++ /dev/null
@@ -1,20 +0,0 @@
-/*
-   Copyright (C) 2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* hmac.h  for openvpn */
diff --git a/extra/yassl/include/openssl/lhash.h b/extra/yassl/include/openssl/lhash.h
deleted file mode 100644
index bde2d3742b3..00000000000
--- a/extra/yassl/include/openssl/lhash.h
+++ /dev/null
@@ -1,21 +0,0 @@
-/*
-   Copyright (C) 2005 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* lhash.h for openSSL */
-
diff --git a/extra/yassl/include/openssl/md4.h b/extra/yassl/include/openssl/md4.h
deleted file mode 100644
index 360499018cb..00000000000
--- a/extra/yassl/include/openssl/md4.h
+++ /dev/null
@@ -1,20 +0,0 @@
-/*
-   Copyright (C) 2006 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* md4.h for libcurl */
diff --git a/extra/yassl/include/openssl/md5.h b/extra/yassl/include/openssl/md5.h
deleted file mode 100644
index abe6200a4cc..00000000000
--- a/extra/yassl/include/openssl/md5.h
+++ /dev/null
@@ -1,23 +0,0 @@
-/*
-   Copyright (C) 2005, 2006 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* md5.h for openssl */
-
-#include "ssl.h"   /* in there for now */
-
diff --git a/extra/yassl/include/openssl/objects.h b/extra/yassl/include/openssl/objects.h
deleted file mode 100644
index fb9a265a19c..00000000000
--- a/extra/yassl/include/openssl/objects.h
+++ /dev/null
@@ -1,20 +0,0 @@
-/*
-   Copyright (C) 2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* objects.h  for openvpn */
diff --git a/extra/yassl/include/openssl/opensslv.h b/extra/yassl/include/openssl/opensslv.h
deleted file mode 100644
index 477d2656650..00000000000
--- a/extra/yassl/include/openssl/opensslv.h
+++ /dev/null
@@ -1,31 +0,0 @@
-/*
-   Copyright (C) 2005 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* opensslv.h compatibility */
-
-#ifndef yaSSL_opensslv_h__
-#define yaSSL_opensslv_h__
-
-
-/* api version compatibility */
-#define OPENSSL_VERSION_NUMBER 0x0090700f
-
-
-#endif /* yaSSLopensslv_h__ */
-
diff --git a/extra/yassl/include/openssl/pem.h b/extra/yassl/include/openssl/pem.h
deleted file mode 100644
index 4b308a58ad8..00000000000
--- a/extra/yassl/include/openssl/pem.h
+++ /dev/null
@@ -1,20 +0,0 @@
-/*
-   Copyright (C) 2006 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* pem.h  for libcurl */
diff --git a/extra/yassl/include/openssl/pkcs12.h b/extra/yassl/include/openssl/pkcs12.h
deleted file mode 100644
index 4f848209cdb..00000000000
--- a/extra/yassl/include/openssl/pkcs12.h
+++ /dev/null
@@ -1,24 +0,0 @@
-/*
-   Copyright (C) 2006 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* pkcs12.h for libcurl */
-
-
-#undef HAVE_OPENSSL_PKCS12_H
-
diff --git a/extra/yassl/include/openssl/prefix_crypto.h b/extra/yassl/include/openssl/prefix_crypto.h
deleted file mode 100644
index acf3e7bd7d3..00000000000
--- a/extra/yassl/include/openssl/prefix_crypto.h
+++ /dev/null
@@ -1,20 +0,0 @@
-/*
-   Copyright (C) 2006 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-#define SSLeay_version yaSSLeay_version
diff --git a/extra/yassl/include/openssl/prefix_ssl.h b/extra/yassl/include/openssl/prefix_ssl.h
deleted file mode 100644
index 7698dcf73b5..00000000000
--- a/extra/yassl/include/openssl/prefix_ssl.h
+++ /dev/null
@@ -1,188 +0,0 @@
-/*
-   Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-#define Copyright yaCopyright
-#define yaSSL_CleanUp yayaSSL_CleanUp
-#define BN_bin2bn yaBN_bin2bn
-#define DH_new yaDH_new
-#define DH_free yaDH_free
-#define RSA_free yaRSA_free
-#define RSA_generate_key yaRSA_generate_key
-#define X509_free yaX509_free
-#define X509_STORE_CTX_get_current_cert yaX509_STORE_CTX_get_current_cert
-#define X509_STORE_CTX_get_error yaX509_STORE_CTX_get_error
-#define X509_STORE_CTX_get_error_depth yaX509_STORE_CTX_get_error_depth
-#define X509_NAME_oneline yaX509_NAME_oneline
-#define X509_get_issuer_name yaX509_get_issuer_name
-#define X509_get_subject_name yaX509_get_subject_name
-#define X509_verify_cert_error_string yaX509_verify_cert_error_string
-#define X509_LOOKUP_add_dir yaX509_LOOKUP_add_dir
-#define X509_LOOKUP_load_file yaX509_LOOKUP_load_file
-#define X509_LOOKUP_hash_dir yaX509_LOOKUP_hash_dir
-#define X509_LOOKUP_file yaX509_LOOKUP_file
-#define X509_STORE_add_lookup yaX509_STORE_add_lookup
-#define X509_STORE_new yaX509_STORE_new
-#define X509_STORE_get_by_subject yaX509_STORE_get_by_subject
-#define ERR_get_error_line_data yaERR_get_error_line_data
-#define ERR_print_errors_fp yaERR_print_errors_fp
-#define ERR_error_string yaERR_error_string
-#define ERR_remove_state yaERR_remove_state
-#define ERR_get_error yaERR_get_error
-#define ERR_peek_error yaERR_peek_error
-#define ERR_GET_REASON yaERR_GET_REASON
-#define SSL_CTX_new yaSSL_CTX_new
-#define SSL_new yaSSL_new
-#define SSL_set_fd yaSSL_set_fd
-#define SSL_get_fd yaSSL_get_fd
-#define SSL_connect yaSSL_connect
-#define SSL_write yaSSL_write
-#define SSL_read yaSSL_read
-#define SSL_accept yaSSL_accept
-#define SSL_CTX_free yaSSL_CTX_free
-#define SSL_free yaSSL_free
-#define SSL_clear yaSSL_clear
-#define SSL_shutdown yaSSL_shutdown
-#define SSL_set_connect_state yaSSL_set_connect_state
-#define SSL_set_accept_state yaSSL_set_accept_state
-#define SSL_do_handshake yaSSL_do_handshake
-#define SSL_get_cipher yaSSL_get_cipher
-#define SSL_get_cipher_name yaSSL_get_cipher_name
-#define SSL_get_shared_ciphers yaSSL_get_shared_ciphers
-#define SSL_get_cipher_list yaSSL_get_cipher_list
-#define SSL_get_version yaSSL_get_version
-#define SSLeay_version yaSSLeay_version
-#define SSL_get_error yaSSL_get_error
-#define SSL_load_error_strings yaSSL_load_error_strings
-#define SSL_set_session yaSSL_set_session
-#define SSL_get_session yaSSL_get_session
-#define SSL_flush_sessions yaSSL_flush_sessions
-#define SSL_SESSION_set_timeout yaSSL_SESSION_set_timeout
-#define SSL_CTX_set_session_cache_mode yaSSL_CTX_set_session_cache_mode
-#define SSL_get_peer_certificate yaSSL_get_peer_certificate
-#define SSL_get_verify_result yaSSL_get_verify_result
-#define SSL_CTX_set_verify yaSSL_CTX_set_verify
-#define SSL_CTX_load_verify_locations yaSSL_CTX_load_verify_locations
-#define SSL_CTX_set_default_verify_paths yaSSL_CTX_set_default_verify_paths
-#define SSL_CTX_check_private_key yaSSL_CTX_check_private_key
-#define SSL_CTX_set_session_id_context yaSSL_CTX_set_session_id_context
-#define SSL_CTX_set_tmp_rsa_callback yaSSL_CTX_set_tmp_rsa_callback
-#define SSL_CTX_set_options yaSSL_CTX_set_options
-#define SSL_CTX_set_session_cache_mode yaSSL_CTX_set_session_cache_mode
-#define SSL_CTX_set_timeout yaSSL_CTX_set_timeout
-#define SSL_CTX_use_certificate_chain_file yaSSL_CTX_use_certificate_chain_file
-#define SSL_CTX_set_default_passwd_cb yaSSL_CTX_set_default_passwd_cb
-#define SSL_CTX_use_RSAPrivateKey_file yaSSL_CTX_use_RSAPrivateKey_file
-#define SSL_CTX_set_info_callback yaSSL_CTX_set_info_callback
-#define SSL_CTX_sess_accept yaSSL_CTX_sess_accept
-#define SSL_CTX_sess_connect yaSSL_CTX_sess_connect
-#define SSL_CTX_sess_accept_good yaSSL_CTX_sess_accept_good
-#define SSL_CTX_sess_connect_good yaSSL_CTX_sess_connect_good
-#define SSL_CTX_sess_accept_renegotiate yaSSL_CTX_sess_accept_renegotiate
-#define SSL_CTX_sess_connect_renegotiate yaSSL_CTX_sess_connect_renegotiate
-#define SSL_CTX_sess_hits yaSSL_CTX_sess_hits
-#define SSL_CTX_sess_cb_hits yaSSL_CTX_sess_cb_hits
-#define SSL_CTX_sess_cache_full yaSSL_CTX_sess_cache_full
-#define SSL_CTX_sess_misses yaSSL_CTX_sess_misses
-#define SSL_CTX_sess_timeouts yaSSL_CTX_sess_timeouts
-#define SSL_CTX_sess_number yaSSL_CTX_sess_number
-#define SSL_CTX_sess_get_cache_size yaSSL_CTX_sess_get_cache_size
-#define SSL_CTX_get_verify_mode yaSSL_CTX_get_verify_mode
-#define SSL_get_verify_mode yaSSL_get_verify_mode
-#define SSL_CTX_get_verify_depth yaSSL_CTX_get_verify_depth
-#define SSL_get_verify_depth yaSSL_get_verify_depth
-#define SSL_get_default_timeout yaSSL_get_default_timeout
-#define SSL_CTX_get_session_cache_mode yaSSL_CTX_get_session_cache_mode
-#define SSL_session_reused yaSSL_session_reused
-#define SSL_set_rfd yaSSL_set_rfd
-#define SSL_set_wfd yaSSL_set_wfd
-#define SSL_set_shutdown yaSSL_set_shutdown
-#define SSL_set_quiet_shutdown yaSSL_set_quiet_shutdown
-#define SSL_get_quiet_shutdown yaSSL_get_quiet_shutdown
-#define SSL_want_read yaSSL_want_read
-#define SSL_want_write yaSSL_want_write
-#define SSL_pending yaSSL_pending
-#define SSLv3_method yaSSLv3_method
-#define SSLv3_server_method yaSSLv3_server_method
-#define SSLv3_client_method yaSSLv3_client_method
-#define TLSv1_server_method yaTLSv1_server_method
-#define TLSv1_client_method yaTLSv1_client_method
-#define TLSv1_1_server_method yaTLSv1_1_server_method
-#define TLSv1_1_client_method yaTLSv1_1_client_method
-#define SSLv23_server_method yaSSLv23_server_method
-#define SSL_CTX_use_certificate_file yaSSL_CTX_use_certificate_file
-#define SSL_CTX_use_PrivateKey_file yaSSL_CTX_use_PrivateKey_file
-#define SSL_CTX_set_cipher_list yaSSL_CTX_set_cipher_list
-#define SSL_CTX_sess_set_cache_size yaSSL_CTX_sess_set_cache_size
-#define SSL_CTX_set_tmp_dh yaSSL_CTX_set_tmp_dh
-#define OpenSSL_add_all_algorithms yaOpenSSL_add_all_algorithms
-#define SSL_library_init yaSSL_library_init
-#define SSLeay_add_ssl_algorithms yaSSLeay_add_ssl_algorithms
-#define SSL_get_current_cipher yaSSL_get_current_cipher
-#define SSL_CIPHER_description yaSSL_CIPHER_description
-#define SSL_alert_type_string_long yaSSL_alert_type_string_long
-#define SSL_alert_desc_string_long yaSSL_alert_desc_string_long
-#define SSL_state_string_long yaSSL_state_string_long
-#define EVP_md5 yaEVP_md5
-#define EVP_des_ede3_cbc yaEVP_des_ede3_cbc
-#define EVP_BytesToKey yaEVP_BytesToKey
-#define DES_set_key_unchecked yaDES_set_key_unchecked
-#define DES_ede3_cbc_encrypt yaDES_ede3_cbc_encrypt
-#define RAND_screen yaRAND_screen
-#define RAND_file_name yaRAND_file_name
-#define RAND_write_file yaRAND_write_file
-#define RAND_load_file yaRAND_load_file
-#define RAND_status yaRAND_status
-#define RAND_bytes yaRAND_bytes
-#define DES_set_key yaDES_set_key
-#define DES_set_odd_parity yaDES_set_odd_parity
-#define DES_ecb_encrypt yaDES_ecb_encrypt
-#define SSL_CTX_set_default_passwd_cb_userdata yaSSL_CTX_set_default_passwd_cb_userdata
-#define SSL_SESSION_free yaSSL_SESSION_free
-#define SSL_peek yaSSL_peek
-#define SSL_get_certificate yaSSL_get_certificate
-#define SSL_get_privatekey yaSSL_get_privatekey
-#define X509_get_pubkey yaX509_get_pubkey
-#define EVP_PKEY_copy_parameters yaEVP_PKEY_copy_parameters
-#define EVP_PKEY_free yaEVP_PKEY_free
-#define ERR_error_string_n yaERR_error_string_n
-#define ERR_free_strings yaERR_free_strings
-#define EVP_cleanup yaEVP_cleanup
-#define X509_get_ext_d2i yaX509_get_ext_d2i
-#define GENERAL_NAMES_free yaGENERAL_NAMES_free
-#define sk_GENERAL_NAME_num yask_GENERAL_NAME_num
-#define sk_GENERAL_NAME_value yask_GENERAL_NAME_value
-#define ASN1_STRING_data yaASN1_STRING_data
-#define ASN1_STRING_length yaASN1_STRING_length
-#define ASN1_STRING_type yaASN1_STRING_type
-#define X509_NAME_get_index_by_NID yaX509_NAME_get_index_by_NID
-#define X509_NAME_ENTRY_get_data yaX509_NAME_ENTRY_get_data
-#define X509_NAME_get_entry yaX509_NAME_get_entry
-#define ASN1_STRING_to_UTF8 yaASN1_STRING_to_UTF8
-#define SSLv23_client_method yaSSLv23_client_method
-#define SSLv2_client_method yaSSLv2_client_method
-#define SSL_get1_session yaSSL_get1_session
-#define X509_get_notBefore yaX509_get_notBefore
-#define X509_get_notAfter yaX509_get_notAfter
-#define yaSSL_ASN1_TIME_to_string ya_SSL_ASN1_TIME_to_string
-#define MD4_Init yaMD4_Init
-#define MD4_Update yaMD4_Update
-#define MD4_Final yaMD4_Final
-#define MD5_Init yaMD5_Init
-#define MD5_Update yaMD5_Update
-#define MD5_Final yaMD5_Final
-#define SSL_set_compression yaSSL_set_compression
diff --git a/extra/yassl/include/openssl/rand.h b/extra/yassl/include/openssl/rand.h
deleted file mode 100644
index 7f605915efd..00000000000
--- a/extra/yassl/include/openssl/rand.h
+++ /dev/null
@@ -1,21 +0,0 @@
-/*
-   Copyright (C) 2005 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* rand.h for openSSL */
-
diff --git a/extra/yassl/include/openssl/rsa.h b/extra/yassl/include/openssl/rsa.h
deleted file mode 100644
index 453161a7c21..00000000000
--- a/extra/yassl/include/openssl/rsa.h
+++ /dev/null
@@ -1,29 +0,0 @@
-/*
-   Copyright (C) 2005, 2006 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* rsa.h for openSSL */
-
-
-#ifndef yaSSL_rsa_h__
-#define yaSSL_rsa_h__
-
-enum { RSA_F4 = 1 };
-
-
-#endif /* yaSSL_rsa_h__ */
diff --git a/extra/yassl/include/openssl/sha.h b/extra/yassl/include/openssl/sha.h
deleted file mode 100644
index af097309846..00000000000
--- a/extra/yassl/include/openssl/sha.h
+++ /dev/null
@@ -1,20 +0,0 @@
-/*
-   Copyright (C) 2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* sha.h  for openvpn */
diff --git a/extra/yassl/include/openssl/ssl.h b/extra/yassl/include/openssl/ssl.h
deleted file mode 100644
index fe9beb1356d..00000000000
--- a/extra/yassl/include/openssl/ssl.h
+++ /dev/null
@@ -1,566 +0,0 @@
-/*
-   Copyright (c) 2005, 2017, Oracle and/or its affiliates. All rights reserved.
-   Use is subject to license terms.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/*  ssl.h defines openssl compatibility layer 
- *
- */
-
-
-
-#ifndef yaSSL_openssl_h__
-#define yaSSL_openssl_h__
-
-#ifdef YASSL_PREFIX
-#include "prefix_ssl.h"
-#endif
-
-#include     /* ERR_print fp */
-#include "opensslv.h" /* for version number */
-#include "rsa.h"
-
-
-#define YASSL_VERSION "2.4.4"
-
-
-#if defined(__cplusplus)
-extern "C" {
-#endif
-
- void yaSSL_CleanUp();   /* call once at end of application use to
-                            free static singleton memory holders,
-                            not a leak per se, but helpful when
-                            looking for them                      */
-
-#if defined(__cplusplus)
-} // extern
-#endif
-
-#if defined(__cplusplus) && !defined(YASSL_MYSQL_COMPATIBLE)
-namespace yaSSL {
-extern "C" {
-#endif
-
-#undef X509_NAME   /* wincrypt.h clash */
-
-#if defined(__cplusplus) && !defined(YASSL_MYSQL_COMPATIBLE)
-    class SSL;
-    class SSL_SESSION;
-    class SSL_METHOD;
-    class SSL_CTX;
-    class SSL_CIPHER;
-
-    class RSA;
-
-    class X509;
-    class X509_NAME;
-#else
-    typedef struct SSL          SSL;          
-    typedef struct SSL_SESSION  SSL_SESSION;
-    typedef struct SSL_METHOD   SSL_METHOD;
-    typedef struct SSL_CTX      SSL_CTX;
-    typedef struct SSL_CIPHER   SSL_CIPHER;
-
-    typedef struct RSA RSA;
-
-    typedef struct X509       X509;
-    typedef struct X509_NAME  X509_NAME;
-#endif
-
-
-/* Big Number stuff, different file? */
-typedef struct BIGNUM BIGNUM;
-
-BIGNUM *BN_bin2bn(const unsigned char*, int, BIGNUM*);
-
-
-/* Diffie-Hellman stuff, different file? */
-/* mySQL deferences to set group parameters */
-typedef struct DH {
-    BIGNUM* p;
-    BIGNUM* g;
-} DH;
-
-DH*  DH_new(void);
-void DH_free(DH*);
-
-/* RSA stuff */
-
-void RSA_free(RSA*);
-RSA* RSA_generate_key(int, unsigned long, void(*)(int, int, void*), void*);
-
-
-/* X509 stuff, different file? */
-
-/* because mySQL dereferences to use error and current_cert, even after calling
- * get functions for local references */
-typedef struct X509_STORE_CTX {
-    int   error;
-    int   error_depth;
-    X509* current_cert;
-} X509_STORE_CTX;
-
-
-typedef struct X509_STORE         X509_STORE;
-typedef struct X509_LOOKUP        X509_LOOKUP;
-typedef struct X509_OBJECT { char c; } X509_OBJECT;
-typedef struct X509_CRL           X509_CRL;
-typedef struct X509_REVOKED       X509_REVOKED;
-typedef struct X509_LOOKUP_METHOD X509_LOOKUP_METHOD;
-
-
-void X509_free(X509*);
-
-
-/* bio stuff */
-typedef struct BIO BIO;
-
-/* ASN stuff */
-
-
-
-X509* X509_STORE_CTX_get_current_cert(X509_STORE_CTX*);
-int   X509_STORE_CTX_get_error(X509_STORE_CTX*);
-int   X509_STORE_CTX_get_error_depth(X509_STORE_CTX*);
-
-char*       X509_NAME_oneline(X509_NAME*, char*, int);
-X509_NAME*  X509_get_issuer_name(X509*);
-X509_NAME*  X509_get_subject_name(X509*);
-const char* X509_verify_cert_error_string(long);
-
-int                 X509_LOOKUP_add_dir(X509_LOOKUP*, const char*, long);
-int                 X509_LOOKUP_load_file(X509_LOOKUP*, const char*, long);
-X509_LOOKUP_METHOD* X509_LOOKUP_hash_dir(void);
-X509_LOOKUP_METHOD* X509_LOOKUP_file(void);
-
-X509_LOOKUP* X509_STORE_add_lookup(X509_STORE*, X509_LOOKUP_METHOD*);
-X509_STORE*  X509_STORE_new(void);
-int          X509_STORE_get_by_subject(X509_STORE_CTX*, int, X509_NAME*,
-                                       X509_OBJECT*);
-
-
-
-
-enum { /* X509 Constants */
-    X509_V_OK                                 =  0,
-    X509_V_ERR_CERT_CHAIN_TOO_LONG            =  1,
-    X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT      =  2,
-    X509_V_ERR_CERT_NOT_YET_VALID             =  3,
-    X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD =  4,
-    X509_V_ERR_CERT_HAS_EXPIRED               =  5,
-    X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD  =  6,
-    X509_FILETYPE_PEM                         =  7,
-    X509_LU_X509                              =  8,
-    X509_LU_CRL                               =  9,
-    X509_V_ERR_CRL_SIGNATURE_FAILURE          = 10,
-    X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD = 11,
-    X509_V_ERR_CRL_HAS_EXPIRED                = 12,
-    X509_V_ERR_CERT_REVOKED                   = 13,
-    X509_V_FLAG_CRL_CHECK                     = 14,
-    X509_V_FLAG_CRL_CHECK_ALL                 = 15
-};
-
-
-/* Error stuff, could move to yassl_error */
-unsigned long ERR_get_error_line_data(const char**, int*, const char**, int *);
-void          ERR_print_errors_fp(FILE*);
-char*         ERR_error_string(unsigned long,char*);
-void          ERR_remove_state(unsigned long);
-unsigned long ERR_get_error(void);
-unsigned long ERR_peek_error(void);
-int           ERR_GET_REASON(int);
-
-
-enum {  /* ERR Constants */
-    ERR_TXT_STRING = 1,
-    EVP_R_BAD_DECRYPT = 2
-};
-
-/*
-  Allow type used by SSL_set_fd to be changed, default to int
-  in order to be compatible with OpenSSL
- */
-#ifndef YASSL_SOCKET_T_DEFINED
-typedef int YASSL_SOCKET_T;
-#endif
-
-SSL_CTX* SSL_CTX_new(SSL_METHOD*);
-SSL* SSL_new(SSL_CTX*);
-int  SSL_set_fd (SSL*, YASSL_SOCKET_T);
-YASSL_SOCKET_T SSL_get_fd(const SSL*);
-int  SSL_connect(SSL*);                    /* if you get an error from connect
-                                              see note at top of README       */
-int  SSL_write(SSL*, const void*, int);
-int  SSL_read(SSL*, void*, int);
-int  SSL_accept(SSL*);
-void SSL_CTX_free(SSL_CTX*);
-void SSL_free(SSL*);
-int  SSL_clear(SSL*);
-int  SSL_shutdown(SSL*);
-
-void SSL_set_connect_state(SSL*);
-void SSL_set_accept_state(SSL*);
-int  SSL_do_handshake(SSL*);
-
-const char* SSL_get_cipher(SSL*);
-const char* SSL_get_cipher_name(SSL*);	           /* uses SSL_get_cipher */
-char*       SSL_get_shared_ciphers(SSL*, char*, int);
-const char* SSL_get_cipher_list(SSL*, int);
-const char* SSL_get_version(SSL*);
-const char* SSLeay_version(int);
-
-int  SSL_get_error(SSL*, int);
-void SSL_load_error_strings(void);
-
-int          SSL_set_session(SSL *ssl, SSL_SESSION *session);
-SSL_SESSION* SSL_get_session(SSL* ssl);
-void         SSL_flush_sessions(SSL_CTX *ctx, long tm);
-long         SSL_SESSION_set_timeout(SSL_SESSION*, long);
-long         SSL_CTX_set_session_cache_mode(SSL_CTX* ctx, long mode);
-X509*        SSL_get_peer_certificate(SSL*);
-long         SSL_get_verify_result(SSL*);
-
-
-typedef int (*VerifyCallback)(int, X509_STORE_CTX*);
-typedef int (*pem_password_cb)(char*, int, int, void*);
-
-void SSL_CTX_set_verify(SSL_CTX*, int, VerifyCallback verify_callback);
-int  SSL_CTX_load_verify_locations(SSL_CTX*, const char*, const char*);
-int  SSL_CTX_set_default_verify_paths(SSL_CTX*);
-int  SSL_CTX_check_private_key(SSL_CTX*);
-int  SSL_CTX_set_session_id_context(SSL_CTX*, const unsigned char*,
-                                    unsigned int);
-
-void SSL_CTX_set_tmp_rsa_callback(SSL_CTX*, RSA*(*)(SSL*, int, int));
-long SSL_CTX_set_options(SSL_CTX*, long);
-long SSL_CTX_set_session_cache_mode(SSL_CTX*, long);
-long SSL_CTX_set_timeout(SSL_CTX*, long);
-int  SSL_CTX_use_certificate_chain_file(SSL_CTX*, const char*);
-void SSL_CTX_set_default_passwd_cb(SSL_CTX*, pem_password_cb);
-int  SSL_CTX_use_RSAPrivateKey_file(SSL_CTX*, const char*, int);
-void SSL_CTX_set_info_callback(SSL_CTX*, void (*)());
-
-long SSL_CTX_sess_accept(SSL_CTX*);
-long SSL_CTX_sess_connect(SSL_CTX*);
-long SSL_CTX_sess_accept_good(SSL_CTX*);
-long SSL_CTX_sess_connect_good(SSL_CTX*);
-long SSL_CTX_sess_accept_renegotiate(SSL_CTX*);
-long SSL_CTX_sess_connect_renegotiate(SSL_CTX*);
-long SSL_CTX_sess_hits(SSL_CTX*);
-long SSL_CTX_sess_cb_hits(SSL_CTX*);
-long SSL_CTX_sess_cache_full(SSL_CTX*);
-long SSL_CTX_sess_misses(SSL_CTX*);
-long SSL_CTX_sess_timeouts(SSL_CTX*);
-long SSL_CTX_sess_number(SSL_CTX*);
-long SSL_CTX_sess_get_cache_size(SSL_CTX*);
-
-int SSL_CTX_get_verify_mode(SSL_CTX*);
-int SSL_get_verify_mode(SSL*);
-int SSL_CTX_get_verify_depth(SSL_CTX*);
-int SSL_get_verify_depth(SSL*);
-
-long SSL_get_default_timeout(SSL*);
-long SSL_CTX_get_session_cache_mode(SSL_CTX*);
-int  SSL_session_reused(SSL*);
-
-int  SSL_set_rfd(SSL*, int);
-int  SSL_set_wfd(SSL*, int);
-void SSL_set_shutdown(SSL*, int);
-void SSL_set_quiet_shutdown(SSL *ssl,int mode);
-int SSL_get_quiet_shutdown(SSL *ssl);
-
-int SSL_want_read(SSL*);
-int SSL_want_write(SSL*);
-
-int SSL_pending(SSL*);
-
-
-enum { /* ssl Constants */
-    SSL_WOULD_BLOCK     = -8,
-    SSL_BAD_STAT        = -7,
-    SSL_BAD_PATH        = -6,
-    SSL_BAD_FILETYPE    = -5,
-    SSL_BAD_FILE        = -4,
-    SSL_NOT_IMPLEMENTED = -3,
-    SSL_UNKNOWN         = -2,
-    SSL_FATAL_ERROR     = -1,
-    SSL_NORMAL_SHUTDOWN =  0,
-    SSL_ERROR_NONE      =  0,   /* for most functions */
-    SSL_FAILURE         =  0,   /* for some functions */
-    SSL_SUCCESS	        =  1,
-
-    SSL_FILETYPE_ASN1    = 10,
-    SSL_FILETYPE_PEM     = 11,
-    SSL_FILETYPE_DEFAULT = 10, /* ASN1 */
-
-    SSL_VERIFY_NONE                 = 0,
-    SSL_VERIFY_PEER                 = 1,
-    SSL_VERIFY_FAIL_IF_NO_PEER_CERT = 2,
-    SSL_VERIFY_CLIENT_ONCE          = 4,
-
-    SSL_SESS_CACHE_OFF                = 30,
-    SSL_SESS_CACHE_CLIENT             = 31,
-    SSL_SESS_CACHE_SERVER             = 32,
-    SSL_SESS_CACHE_BOTH               = 33,
-    SSL_SESS_CACHE_NO_AUTO_CLEAR      = 34,
-    SSL_SESS_CACHE_NO_INTERNAL_LOOKUP = 35,
-
-    SSL_OP_MICROSOFT_SESS_ID_BUG            = 50,
-    SSL_OP_NETSCAPE_CHALLENGE_BUG           = 51,
-    SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG = 52,
-    SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG      = 53,
-    SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER       = 54,
-    SSL_OP_MSIE_SSLV2_RSA_PADDING           = 55,
-    SSL_OP_SSLEAY_080_CLIENT_DH_BUG         = 56,
-    SSL_OP_TLS_D5_BUG                       = 57,
-    SSL_OP_TLS_BLOCK_PADDING_BUG            = 58,
-    SSL_OP_TLS_ROLLBACK_BUG                 = 59,
-    SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS      = 60,
-    SSL_OP_ALL                              = 61,
-    SSL_OP_SINGLE_DH_USE                    = 62,
-    SSL_OP_EPHEMERAL_RSA                    = 63,
-    SSL_OP_NO_SSLv2                         = 64,
-    SSL_OP_NO_SSLv3                         = 65,
-    SSL_OP_NO_TLSv1                         = 66,
-    SSL_OP_PKCS1_CHECK_1                    = 67,
-    SSL_OP_PKCS1_CHECK_2                    = 68,
-    SSL_OP_NETSCAPE_CA_DN_BUG               = 69,
-    SSL_OP_NON_EXPORT_FIRST                 = 70,
-    SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG  = 71,
-
-    SSL_ERROR_WANT_READ        = 80,
-    SSL_ERROR_WANT_WRITE       = 81,
-    SSL_ERROR_SYSCALL          = 82,
-    SSL_ERROR_WANT_X509_LOOKUP = 83,
-    SSL_ERROR_ZERO_RETURN      = 84,
-    SSL_ERROR_SSL              = 85,
-
-    SSL_ST_CONNECT        = 90,
-    SSL_ST_ACCEPT         = 91,
-    SSL_CB_LOOP           = 92,
-    SSL_SENT_SHUTDOWN     = 93,
-    SSL_RECEIVED_SHUTDOWN = 94,
-    SSL_CB_ALERT          = 95,
-    SSL_CB_READ           = 96,
-    SSL_CB_HANDSHAKE_DONE = 97
-
-};
-
-
-SSL_METHOD *SSLv3_method(void);
-SSL_METHOD *SSLv3_server_method(void);
-SSL_METHOD *SSLv3_client_method(void);
-SSL_METHOD *TLSv1_server_method(void);
-SSL_METHOD *TLSv1_client_method(void);
-SSL_METHOD *TLSv1_1_server_method(void);
-SSL_METHOD *TLSv1_1_client_method(void);
-SSL_METHOD *SSLv23_server_method(void);
-
-int SSL_CTX_use_certificate_file(SSL_CTX*, const char*, int);
-int SSL_CTX_use_PrivateKey_file(SSL_CTX*, const char*, int);
-int SSL_CTX_set_cipher_list(SSL_CTX*, const char*);
-
-long SSL_CTX_sess_set_cache_size(SSL_CTX*, long);
-long SSL_CTX_set_tmp_dh(SSL_CTX*, DH*);
-
-void OpenSSL_add_all_algorithms(void);
-int  SSL_library_init();
-int  SSLeay_add_ssl_algorithms(void);
-
-
-SSL_CIPHER* SSL_get_current_cipher(SSL*);
-char*       SSL_CIPHER_description(SSL_CIPHER*, char*, int);
-
-
-char* SSL_alert_type_string_long(int);
-char* SSL_alert_desc_string_long(int);
-char* SSL_state_string_long(SSL*);
-
-
-/* EVP stuff, des and md5, different file? */
-typedef char EVP_MD;
-
-typedef char EVP_CIPHER;
-
-typedef struct EVP_PKEY EVP_PKEY;
-
-typedef unsigned char DES_cblock[8];
-typedef const  DES_cblock const_DES_cblock;
-typedef DES_cblock DES_key_schedule;
-                                                          
-enum {
-    DES_ENCRYPT = 1,
-    DES_DECRYPT = 0
-};
-                                                             
-const EVP_MD*     EVP_md5(void);
-const EVP_CIPHER* EVP_des_ede3_cbc(void);
-
-typedef unsigned char opaque;
-
-int EVP_BytesToKey(const EVP_CIPHER*, const EVP_MD*, const opaque*,
-                   const opaque*, int, int, opaque*, opaque*);
-
-void DES_set_key_unchecked(const_DES_cblock*, DES_key_schedule*);
-void DES_ede3_cbc_encrypt(const opaque*, opaque*, long, DES_key_schedule*,
-                        DES_key_schedule*, DES_key_schedule*, DES_cblock*, int);
-
-
-/* RAND stuff */
-void        RAND_screen(void);
-const char* RAND_file_name(char*, size_t);
-int         RAND_write_file(const char*);
-int         RAND_load_file(const char*, long);
-
-
-/* for libcurl */
-int  RAND_status(void);
-int  RAND_bytes(unsigned char* buf, int num);
-
-int  DES_set_key(const_DES_cblock*, DES_key_schedule*);
-void DES_set_odd_parity(DES_cblock*);
-void DES_ecb_encrypt(DES_cblock*, DES_cblock*, DES_key_schedule*, int);
-
-void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX*, void* userdata);
-void SSL_SESSION_free(SSL_SESSION* session);
-int  SSL_peek(SSL* ssl, void* buf, int num);
-
-X509*     SSL_get_certificate(SSL* ssl);
-EVP_PKEY* SSL_get_privatekey(SSL* ssl);
-EVP_PKEY* X509_get_pubkey(X509* x);
-
-int  EVP_PKEY_copy_parameters(EVP_PKEY* to, const EVP_PKEY* from);
-void EVP_PKEY_free(EVP_PKEY* pkey);
-void ERR_error_string_n(unsigned long e, char *buf, size_t len);
-void ERR_free_strings(void);
-void EVP_cleanup(void);
-
-void* X509_get_ext_d2i(X509* x, int nid, int* crit, int* idx);
-
-#define GEN_IPADD 7
-#define NID_subject_alt_name 85
-#define STACK_OF(x) x
-
-
-/* defined here because libcurl dereferences */
-typedef struct ASN1_STRING {
-    int type;
-    int length;
-    unsigned char* data;
-} ASN1_STRING;
-
-
-typedef struct GENERAL_NAME {
-    int type;
-    union {
-        ASN1_STRING* ia5;
-    } d;
-} GENERAL_NAME;
-
-void GENERAL_NAMES_free(STACK_OF(GENERAL_NAME) *x);
-
-int           sk_GENERAL_NAME_num(STACK_OF(GENERAL_NAME) *x);
-GENERAL_NAME* sk_GENERAL_NAME_value(STACK_OF(GENERAL_NAME) *x, int i);
-
-
-unsigned char* ASN1_STRING_data(ASN1_STRING* x);
-int            ASN1_STRING_length(ASN1_STRING* x);
-int            ASN1_STRING_type(ASN1_STRING *x);
-
-typedef ASN1_STRING X509_NAME_ENTRY;
-
-int X509_NAME_get_index_by_NID(X509_NAME* name,int nid, int lastpos);
-
-ASN1_STRING* X509_NAME_ENTRY_get_data(X509_NAME_ENTRY* ne);
-X509_NAME_ENTRY* X509_NAME_get_entry(X509_NAME* name, int loc);
-
-#define OPENSSL_malloc(x) malloc(x)
-#define OPENSSL_free(x)   free(x)
-
-int ASN1_STRING_to_UTF8(unsigned char** out, ASN1_STRING* in);
-
-SSL_METHOD* SSLv23_client_method(void);  /* doesn't actually roll back */
-SSL_METHOD* SSLv2_client_method(void);   /* will never work, no v 2    */
-
-
-SSL_SESSION* SSL_get1_session(SSL* ssl);  /* what's ref count */
-
-
-#define CRYPTO_free(x) free(x)
-#define ASN1_TIME ASN1_STRING
-
-ASN1_TIME* X509_get_notBefore(X509* x);
-ASN1_TIME* X509_get_notAfter(X509* x);
-
-
-#define ASN1_UTCTIME ASN1_STRING
-#define NID_commonName    13
-#define V_ASN1_UTF8STRING 12
-#define GEN_DNS            2
-
-#define CERTFICATE_ERROR 0x14090086  /* SSLv3 error */
-
-
-typedef struct MD4_CTX {
-    int buffer[32];      /* big enough to hold, check size in Init */
-} MD4_CTX;
-
-void MD4_Init(MD4_CTX*);
-void MD4_Update(MD4_CTX*, const void*, unsigned long);
-void MD4_Final(unsigned char*, MD4_CTX*);
-
-
-typedef struct MD5_CTX {
-    int buffer[32];       /* big enough to hold, check size in Init */
-} MD5_CTX;
-
-void MD5_Init(MD5_CTX*);
-void MD5_Update(MD5_CTX*, const void*, unsigned long);
-void MD5_Final(unsigned char*, MD5_CTX*);
-
-#define MD5_DIGEST_LENGTH 16
-
-
-#define SSL_DEFAULT_CIPHER_LIST ""   /* default all */
-
-
-/* yaSSL extensions */
-int SSL_set_compression(SSL*);   /* turn on yaSSL zlib compression */
-char *yaSSL_ASN1_TIME_to_string(const ASN1_TIME *time, char *buf, size_t len);
-
-#include "transport_types.h"
-
-/*
-  Set functions for yaSSL to use in order to send and receive data.
-
-  These hooks are offered in order to enable non-blocking I/O. If
-  not set, yaSSL defaults to using send() and recv().
-
-  @todo Remove hooks and accompanying code when yaSSL is fixed.
-*/
-void yaSSL_transport_set_ptr(SSL *, void *);
-void yaSSL_transport_set_recv_function(SSL *, yaSSL_recv_func_t);
-void yaSSL_transport_set_send_function(SSL *, yaSSL_send_func_t);
-
-#if defined(__cplusplus) && !defined(YASSL_MYSQL_COMPATIBLE)
-}      /* namespace  */
-}      /* extern "C" */
-#endif
-
-
-#endif /* yaSSL_openssl_h__ */
diff --git a/extra/yassl/include/openssl/transport_types.h b/extra/yassl/include/openssl/transport_types.h
deleted file mode 100644
index 3c31eb3d822..00000000000
--- a/extra/yassl/include/openssl/transport_types.h
+++ /dev/null
@@ -1,26 +0,0 @@
-/*
-   Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA 02110-1335  USA.
-*/
-
-#ifndef yaSSL_transport_types_h__
-#define yaSSL_transport_types_h__
-
-/* Type of transport functions used for sending and receiving data. */
-typedef long (*yaSSL_recv_func_t) (void *, void *, size_t, int);
-typedef long (*yaSSL_send_func_t) (void *, const void *, size_t, int);
-
-#endif
diff --git a/extra/yassl/include/openssl/x509.h b/extra/yassl/include/openssl/x509.h
deleted file mode 100644
index dd79e6833ec..00000000000
--- a/extra/yassl/include/openssl/x509.h
+++ /dev/null
@@ -1,20 +0,0 @@
-/*
-   Copyright (C) 2006 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* x509.h  for libcurl */
diff --git a/extra/yassl/include/openssl/x509v3.h b/extra/yassl/include/openssl/x509v3.h
deleted file mode 100644
index 4a7a2175ebe..00000000000
--- a/extra/yassl/include/openssl/x509v3.h
+++ /dev/null
@@ -1,20 +0,0 @@
-/*
-   Copyright (C) 2006 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* x509v3.h  for libcurl */
diff --git a/extra/yassl/include/socket_wrapper.hpp b/extra/yassl/include/socket_wrapper.hpp
deleted file mode 100644
index 3fc9c7ee95a..00000000000
--- a/extra/yassl/include/socket_wrapper.hpp
+++ /dev/null
@@ -1,105 +0,0 @@
-/*
-   Copyright (c) 2005, 2012, Oracle and/or its affiliates.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-
-/* The socket wrapper header defines a Socket class that hides the differences
- * between Berkely style sockets and Windows sockets, allowing transparent TCP
- * access.
- */
-
-
-#ifndef yaSSL_SOCKET_WRAPPER_HPP
-#define yaSSL_SOCKET_WRAPPER_HPP
-
-
-#ifdef _WIN32
-    #include 
-#else 
-    #include 
-    #include 
-    #include 
-    #include 
-    #include 
-    #include 
-#endif
-
-
-namespace yaSSL {
-
-typedef unsigned int uint;
-
-#ifdef _WIN32
-    typedef SOCKET socket_t;
-#else
-    typedef int socket_t;
-    const socket_t INVALID_SOCKET = -1;
-    const int SD_RECEIVE   = 0;
-    const int SD_SEND      = 1;
-    const int SD_BOTH      = 2;
-    const int SOCKET_ERROR = -1;
-#endif
-
-  extern "C" {
-    #include "openssl/transport_types.h"
-  }
-
-typedef unsigned char byte;
-
-
-// Wraps Windows Sockets and BSD Sockets
-class Socket {
-    socket_t socket_;                    // underlying socket descriptor
-    bool     wouldBlock_;                // if non-blocking data, for last read 
-    bool     nonBlocking_;               // is option set
-    void     *ptr_;                      // Argument to transport function
-    yaSSL_send_func_t send_func_;        // Function to send data
-    yaSSL_recv_func_t recv_func_;        // Function to receive data
-public:
-    explicit Socket(socket_t s = INVALID_SOCKET);
-    ~Socket();
-
-    void     set_fd(socket_t s);
-    uint     get_ready() const;
-    socket_t get_fd()    const;
-
-    void set_transport_ptr(void *ptr);
-    void set_transport_recv_function(yaSSL_recv_func_t recv_func);
-    void set_transport_send_function(yaSSL_send_func_t send_func);
-
-    uint send(const byte* buf, unsigned int len, unsigned int& sent,
-              int flags = 0);
-    uint receive(byte* buf, unsigned int len, int flags = 0);
-    bool wait();
-
-    bool WouldBlock() const;
-    bool IsNonBlocking() const;
-
-    void closeSocket();
-    void shutDown(int how = SD_SEND);
-
-    static int  get_lastError();
-    static void set_lastError(int error);
-private:
-    Socket(const Socket&);              // hide copy
-    Socket& operator= (const Socket&);  // and assign
-};
-
-
-} // naemspace
-
-#endif // yaSSL_SOCKET_WRAPPER_HPP
diff --git a/extra/yassl/include/timer.hpp b/extra/yassl/include/timer.hpp
deleted file mode 100644
index 57b4022484b..00000000000
--- a/extra/yassl/include/timer.hpp
+++ /dev/null
@@ -1,41 +0,0 @@
-/*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* timer.hpp provides a high res and low res timers
- *
-*/
-
-
-#ifndef yaSSL_TIMER_HPP
-#define yaSSL_TIMER_HPP
-
-namespace yaSSL {
-
-typedef double       timer_d;
-typedef unsigned int uint;
-
-
-
-timer_d timer();
-uint    lowResTimer();
-
-
-
-} // namespace
-#endif // yaSSL_TIMER_HPP
diff --git a/extra/yassl/include/yassl.hpp b/extra/yassl/include/yassl.hpp
deleted file mode 100644
index ff6869a3ec4..00000000000
--- a/extra/yassl/include/yassl.hpp
+++ /dev/null
@@ -1,86 +0,0 @@
-/*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-
-/* yaSSL externel header defines yaSSL API
- */
-
-
-#ifndef yaSSL_EXT_HPP
-#define yaSSL_EXT_HPP
-
-
-namespace yaSSL {
-
-
-#ifdef _WIN32
-    typedef unsigned int SOCKET_T;
-#else
-    typedef int          SOCKET_T;
-#endif
-
-
-class Client {
-public:
-    Client();
-    ~Client();
-
-    // basics
-    int Connect(SOCKET_T);
-    int Write(const void*, int);
-    int Read(void*, int);
-
-    // options
-    void SetCA(const char*);
-    void SetCert(const char*);
-    void SetKey(const char*);
-private:
-    struct ClientImpl;
-    ClientImpl* pimpl_;
-
-    Client(const Client&);              // hide copy
-    Client& operator=(const Client&);   // and assign  
-};
-
-
-class Server {
-public:
-    Server();
-    ~Server();
-
-    // basics
-    int Accept(SOCKET_T);
-    int Write(const void*, int);
-    int Read(void*, int);
-
-    // options
-    void SetCA(const char*);
-    void SetCert(const char*);
-    void SetKey(const char*);
-private:
-    struct ServerImpl;
-    ServerImpl* pimpl_;
-
-    Server(const Server&);              // hide copy
-    Server& operator=(const Server&);   // and assign
-};
-
-
-} // namespace yaSSL
-#endif // yaSSL_EXT_HPP
diff --git a/extra/yassl/include/yassl_error.hpp b/extra/yassl/include/yassl_error.hpp
deleted file mode 100644
index bc97058d881..00000000000
--- a/extra/yassl/include/yassl_error.hpp
+++ /dev/null
@@ -1,88 +0,0 @@
-/*
-   Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-
-/* yaSSL error header defines error codes and an exception class
- */
-
-#ifndef yaSSL_ERROR_HPP
-#define yaSSL_ERROR_HPP
-
-
-
-namespace yaSSL {
-
-
-enum YasslError {
-    no_error            = 0,
-
-    // 10 - 47 from AlertDescription, 0 also close_notify
-
-    range_error         = 101,
-    realloc_error       = 102,
-    factory_error       = 103,
-    unknown_cipher      = 104,
-    prefix_error        = 105,
-    record_layer        = 106,
-    handshake_layer     = 107,
-    out_of_order        = 108,
-    bad_input           = 109,
-    match_error         = 110,
-    no_key_file         = 111,
-    verify_error        = 112,
-    send_error          = 113,
-    receive_error       = 114,
-    certificate_error   = 115,
-    privateKey_error    = 116,
-    badVersion_error    = 117,
-    compress_error      = 118,
-    decompress_error    = 119,
-    pms_version_error   = 120,
-    sanityCipher_error  = 121,
-    rsaSignFault_error  = 122
-
-    // !!!! add error message to .cpp !!!!
-
-    // 1000+ from TaoCrypt error.hpp
-
-};
-
-
-enum Library { yaSSL_Lib = 0, CryptoLib, SocketLib };
-enum { MAX_ERROR_SZ = 80 };
-
-void SetErrorString(YasslError, char*);
-
-/* remove for now, if go back to exceptions use this wrapper
-// Base class for all yaSSL exceptions
-class Error : public mySTL::runtime_error {
-    YasslError  error_;
-    Library     lib_;
-public:
-    explicit Error(const char* s = "", YasslError e = no_error,
-                   Library l = yaSSL_Lib);
-
-    YasslError  get_number() const;
-    Library     get_lib()    const;
-};
-*/
-
-
-} // naemspace
-
-#endif // yaSSL_ERROR_HPP
diff --git a/extra/yassl/include/yassl_imp.hpp b/extra/yassl/include/yassl_imp.hpp
deleted file mode 100644
index fbd2ebb93a7..00000000000
--- a/extra/yassl/include/yassl_imp.hpp
+++ /dev/null
@@ -1,748 +0,0 @@
-/*
-   Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/*  yaSSL implementation header defines all strucutres from the SSL.v3 
- *  specification "draft-freier-ssl-version3-02.txt"
- *  all page citations refer to this document unless otherwise noted.
- */
-
-
-#ifndef yaSSL_IMP_HPP
-#define yaSSL_IMP_HPP
-
-#ifdef _MSC_VER
-    // disable truncated debug symbols
-    #pragma warning(disable:4786)
-#endif
-
-#include "yassl_types.hpp"
-#include "factory.hpp"
-#include STL_LIST_FILE
-
-
-namespace STL = STL_NAMESPACE;
-
-
-namespace yaSSL {
-
-
-class SSL;              // forward decls
-class input_buffer;
-class output_buffer;
-
-
-struct ProtocolVersion {
-    uint8 major_;
-    uint8 minor_;     // major and minor SSL/TLS version numbers
-
-    ProtocolVersion(uint8 maj = 3, uint8 min = 0);
-};
-
-
-// Record Layer Header for PlainText, Compressed, and CipherText
-struct RecordLayerHeader {
-    ContentType     type_;
-    ProtocolVersion version_;
-    uint16          length_;             // should not exceed 2^14
-};
-
-
-// base for all messages
-struct Message : public virtual_base {
-    virtual input_buffer& set(input_buffer&) =0;   
-    virtual output_buffer& get(output_buffer&) const =0;
-
-    virtual void Process(input_buffer&, SSL&) =0;
-    virtual ContentType get_type() const =0;
-    virtual uint16      get_length() const =0;
-
-    virtual ~Message() {}
-};
-
-
-class ChangeCipherSpec : public Message {
-    CipherChoice type_;
-public:
-    ChangeCipherSpec();
-
-    friend input_buffer& operator>>(input_buffer&, ChangeCipherSpec&);
-    friend output_buffer& operator<<(output_buffer&, const ChangeCipherSpec&);
-
-    input_buffer& set(input_buffer& in);
-    output_buffer& get(output_buffer& out) const;
-
-    ContentType get_type()   const;
-    uint16      get_length() const;
-    void Process(input_buffer&, SSL&);
-private:
-    ChangeCipherSpec(const ChangeCipherSpec&);            // hide copy
-    ChangeCipherSpec& operator=(const ChangeCipherSpec&); // and assign
-};
-
-
-
-class Alert : public Message {
-    AlertLevel       level_;
-    AlertDescription description_;
-public:
-    Alert() {}
-    Alert(AlertLevel al, AlertDescription ad);
-
-    ContentType get_type()   const;
-    uint16      get_length() const;
-    void Process(input_buffer&, SSL&);
-
-    friend input_buffer& operator>>(input_buffer&, Alert&);
-    friend output_buffer& operator<<(output_buffer&, const Alert&);
-   
-    input_buffer& set(input_buffer& in);
-    output_buffer& get(output_buffer& out) const;
-private:
-    Alert(const Alert&);            // hide copy
-    Alert& operator=(const Alert&); // and assign
-};
-
-
-class Data : public Message {
-    uint16        length_;
-    opaque*       buffer_;         // read  buffer used by fillData input
-    const opaque* write_buffer_;   // write buffer used by output operator
-public:
-    Data();
-    Data(uint16 len, opaque* b);
-
-    friend output_buffer& operator<<(output_buffer&, const Data&);
-
-    input_buffer& set(input_buffer& in);
-    output_buffer& get(output_buffer& out) const;
-
-    ContentType   get_type()     const;
-    uint16        get_length()   const;
-    void          set_length(uint16 l);
-    opaque*       set_buffer();
-    void          SetData(uint16, const opaque*);
-    void Process(input_buffer&, SSL&);
-private:
-    Data(const Data&);            // hide copy
-    Data& operator=(const Data&); // and assign
-};
-
-
-uint32 c24to32(const uint24);       // forward form internal header
-void   c32to24(uint32, uint24&);
-
-
-// HandShake header, same for each message type from page 20/21
-class HandShakeHeader : public Message {
-    HandShakeType      type_;
-    uint24             length_;      // length of message
-public:
-    HandShakeHeader() {}
-
-    ContentType   get_type()   const;
-    uint16        get_length() const;
-    HandShakeType get_handshakeType() const;
-    void Process(input_buffer&, SSL&);
-
-    void set_type(HandShakeType hst);
-    void set_length(uint32 u32);
-
-    friend input_buffer& operator>>(input_buffer&, HandShakeHeader&);
-    friend output_buffer& operator<<(output_buffer&, const HandShakeHeader&);
-
-    input_buffer& set(input_buffer& in);
-    output_buffer& get(output_buffer& out) const;
-private:
-    HandShakeHeader(const HandShakeHeader&);            // hide copy
-    HandShakeHeader& operator=(const HandShakeHeader&); // and assign
-};
-
-
-// Base Class for all handshake messages
-class HandShakeBase : public virtual_base {
-    int     length_;
-public:
-    int     get_length() const;
-    void    set_length(int);
-
-    // for building buffer's type field
-    virtual HandShakeType get_type() const =0;                
-
-    // handles dispactch of proper >>
-    virtual input_buffer&  set(input_buffer& in) =0;
-    virtual output_buffer& get(output_buffer& out) const =0;
-
-    virtual void Process(input_buffer&, SSL&) =0;
-
-    virtual ~HandShakeBase() {}
-};
-
-
-struct HelloRequest : public HandShakeBase {
-    input_buffer&  set(input_buffer& in);
-    output_buffer& get(output_buffer& out) const;
-
-    void Process(input_buffer&, SSL&);
-
-    HandShakeType get_type() const;
-};
-
-
-// The Client's Hello Message from page 23
-class ClientHello : public HandShakeBase {
-    ProtocolVersion     client_version_;
-    Random              random_;
-    uint8               id_len_;                         // session id length
-    opaque              session_id_[ID_LEN];
-    uint16              suite_len_;                      // cipher suite length
-    opaque              cipher_suites_[MAX_SUITE_SZ];
-    uint8               comp_len_;                       // compression length
-    CompressionMethod   compression_methods_;  
-public:
-    friend input_buffer&  operator>>(input_buffer&, ClientHello&);
-    friend output_buffer& operator<<(output_buffer&, const ClientHello&);
-  
-    input_buffer&  set(input_buffer& in);
-    output_buffer& get(output_buffer& out) const;
-
-    HandShakeType  get_type() const;
-    void Process(input_buffer&, SSL&);
-
-    const opaque* get_random() const;
-    friend void buildClientHello(SSL&, ClientHello&);
-    friend void ProcessOldClientHello(input_buffer& input, SSL& ssl);
-
-    ClientHello();
-    ClientHello(ProtocolVersion pv, bool useCompression);
-private:
-    ClientHello(const ClientHello&);            // hide copy
-    ClientHello& operator=(const ClientHello&); // and assign
-};
-
-
-
-// The Server's Hello Message from page 24
-class ServerHello : public HandShakeBase {
-    ProtocolVersion     server_version_;
-    Random              random_;
-    uint8               id_len_;                 // session id length
-    opaque              session_id_[ID_LEN];
-    opaque              cipher_suite_[SUITE_LEN];
-    CompressionMethod   compression_method_;
-public:
-    ServerHello(ProtocolVersion pv, bool useCompression);
-    ServerHello();
-          
-    friend input_buffer&  operator>>(input_buffer&, ServerHello&);
-    friend output_buffer& operator<<(output_buffer&, const ServerHello&);
-   
-    input_buffer&  set(input_buffer& in);
-    output_buffer& get(output_buffer& out) const;
-
-    HandShakeType  get_type() const;
-    void Process(input_buffer&, SSL&);
-
-    const opaque* get_random() const;
-    friend void buildServerHello(SSL&, ServerHello&);
-private:
-    ServerHello(const ServerHello&);            // hide copy
-    ServerHello& operator=(const ServerHello&); // and assign
-};
-
-
-class x509;  
-
-// Certificate could be a chain
-class Certificate : public HandShakeBase {
-    const x509* cert_;
-public:
-    Certificate();
-    explicit Certificate(const x509* cert); 
-    friend output_buffer& operator<<(output_buffer&, const Certificate&);
-
-    const opaque* get_buffer() const;
-  
-    // Process handles input, needs SSL
-    input_buffer&  set(input_buffer& in);
-    output_buffer& get(output_buffer& out) const;
-
-    HandShakeType get_type() const;
-    void Process(input_buffer&, SSL&);
-private:
-    Certificate(const Certificate&);            // hide copy
-    Certificate& operator=(const Certificate&); // and assign
-};
-
-
-
-// RSA Public Key
-struct ServerRSAParams {
-    opaque* rsa_modulus_;
-    opaque* rsa_exponent_;
-};
-
-
-// Ephemeral Diffie-Hellman Parameters
-class ServerDHParams {
-    int pSz_;
-    int gSz_;
-    int pubSz_;
-    opaque* p_;
-    opaque* g_;
-    opaque* Ys_;
-public:
-    ServerDHParams();
-    ~ServerDHParams();
-
-    int get_pSize()   const;
-    int get_gSize()   const;
-    int get_pubSize() const;
-
-    const opaque* get_p()   const;
-    const opaque* get_g()   const;
-    const opaque* get_pub() const;
-
-    opaque* alloc_p(int sz);
-    opaque* alloc_g(int sz);
-    opaque* alloc_pub(int sz);
-private:
-    ServerDHParams(const ServerDHParams&);            // hide copy
-    ServerDHParams& operator=(const ServerDHParams&); // and assign
-};
-
-
-struct ServerKeyBase : public virtual_base {
-    virtual ~ServerKeyBase() {}
-    virtual void build(SSL&) {}
-    virtual void read(SSL&, input_buffer&) {}
-    virtual int  get_length() const;     
-    virtual opaque* get_serverKey() const;
-};
-
-
-// Server random number for FORTEZZA KEA
-struct Fortezza_Server : public ServerKeyBase {
-    opaque r_s_[FORTEZZA_MAX];
-};
-
-
-struct SignatureBase : public virtual_base {
-    virtual ~SignatureBase() {}
-};
-
-struct anonymous_sa : public SignatureBase {};
-
-
-struct Hashes {
-    uint8 md5_[MD5_LEN];
-    uint8 sha_[SHA_LEN];
-};
-    
-
-struct rsa_sa : public SignatureBase {
-    Hashes hashes_;
-};
-
-
-struct dsa_sa : public SignatureBase {
-    uint8 sha_[SHA_LEN];
-};
-
-
-// Server's Diffie-Hellman exchange
-class DH_Server : public ServerKeyBase {
-    ServerDHParams  parms_;
-    opaque*         signature_;
-
-    int             length_;                // total length of message
-    opaque*         keyMessage_;            // total exchange message
-public:
-    DH_Server();
-    ~DH_Server();
-
-    void build(SSL&);
-    void read(SSL&, input_buffer&);
-    int  get_length() const;
-    opaque* get_serverKey() const;
-private:
-    DH_Server(const DH_Server&);            // hide copy
-    DH_Server& operator=(const DH_Server&); // and assign
-};
-
-
-// Server's RSA exchange
-struct RSA_Server : public ServerKeyBase {
-    ServerRSAParams params_;
-    opaque*         signature_;   // signed rsa_sa hashes
-};
-
-
-class ServerKeyExchange : public HandShakeBase {
-    ServerKeyBase* server_key_;
-public:
-    explicit ServerKeyExchange(SSL&);
-    ServerKeyExchange();
-    ~ServerKeyExchange();
-
-    void createKey(SSL&);
-    void build(SSL& ssl);
-   
-    const opaque* getKey()       const;
-    int           getKeyLength() const;
-
-    input_buffer&  set(input_buffer& in);
-    output_buffer& get(output_buffer& out) const;
-
-    friend output_buffer& operator<<(output_buffer&, const ServerKeyExchange&);
-
-    void Process(input_buffer&, SSL&);
-    HandShakeType get_type() const;
-private:
-    ServerKeyExchange(const ServerKeyExchange&);            // hide copy
-    ServerKeyExchange& operator=(const ServerKeyExchange&); // and assign
-};
-
-
-
-class CertificateRequest : public HandShakeBase  {
-    ClientCertificateType         certificate_types_[CERT_TYPES];
-    int                           typeTotal_;
-    STL::list  certificate_authorities_;
-public:
-    CertificateRequest();
-    ~CertificateRequest();
-
-    input_buffer&  set(input_buffer& in);
-    output_buffer& get(output_buffer& out) const;
-
-    friend input_buffer&  operator>>(input_buffer&, CertificateRequest&);
-    friend output_buffer& operator<<(output_buffer&,
-                                     const CertificateRequest&);
-
-    void Process(input_buffer&, SSL&);
-    HandShakeType get_type() const;
-
-    void Build();
-private:
-    CertificateRequest(const CertificateRequest&);              // hide copy
-    CertificateRequest& operator=(const CertificateRequest&);   // and assign
-};
-
-
-struct ServerHelloDone : public HandShakeBase {
-    ServerHelloDone();
-    input_buffer&  set(input_buffer& in);
-    output_buffer& get(output_buffer& out) const;
-
-    void Process(input_buffer& input, SSL& ssl);
-
-    HandShakeType get_type() const;
-};
-
-
-struct PreMasterSecret {
-    opaque  random_[SECRET_LEN];     // first two bytes Protocol Version
-};
-
-
-struct ClientKeyBase : public virtual_base {
-    virtual ~ClientKeyBase() {}
-    virtual void build(SSL&) {}
-    virtual void read(SSL&, input_buffer&) {}
-    virtual int  get_length() const;
-    virtual opaque* get_clientKey() const;
-};
-
-
-class EncryptedPreMasterSecret : public ClientKeyBase {
-    opaque* secret_;
-    int     length_;
-public:
-    EncryptedPreMasterSecret();
-    ~EncryptedPreMasterSecret();
-
-    void    build(SSL&);
-    void    read(SSL&, input_buffer&);
-    int     get_length()    const;
-    opaque* get_clientKey() const;
-    void    alloc(int sz);
-private:
-    // hide copy and assign
-    EncryptedPreMasterSecret(const EncryptedPreMasterSecret&);           
-    EncryptedPreMasterSecret& operator=(const EncryptedPreMasterSecret&);
-};
-
-
-// Fortezza Key Parameters from page 29
-// hard code lengths cause only used here
-struct FortezzaKeys : public ClientKeyBase {
-    opaque  y_c_                      [128];    // client's Yc, public value
-    opaque  r_c_                      [128];    // client's Rc
-    opaque  y_signature_              [40];     // DSS signed public key
-    opaque  wrapped_client_write_key_ [12];     // wrapped by the TEK
-    opaque  wrapped_server_write_key_ [12];     // wrapped by the TEK
-    opaque  client_write_iv_          [24];      
-    opaque  server_write_iv_          [24];
-    opaque  master_secret_iv_         [24];     // IV used to encrypt preMaster
-    opaque  encrypted_preMasterSecret_[48];     // random & crypted by the TEK
-};
-
-
-
-// Diffie-Hellman public key from page 40/41
-class  ClientDiffieHellmanPublic : public ClientKeyBase {
-    PublicValueEncoding public_value_encoding_;
-    int     length_;    // includes two byte length for message
-    opaque* Yc_;        // length + Yc_
-    // dh_Yc only if explicit, otherwise sent in certificate
-    enum { KEY_OFFSET = 2 };
-public:
-    ClientDiffieHellmanPublic();
-    ~ClientDiffieHellmanPublic();
-
-    void    build(SSL&);
-    void    read(SSL&, input_buffer&);
-    int     get_length()    const;
-    opaque* get_clientKey() const;
-    void    alloc(int sz, bool offset = false);
-private:
-    // hide copy and assign
-    ClientDiffieHellmanPublic(const ClientDiffieHellmanPublic&);
-    ClientDiffieHellmanPublic& operator=(const ClientDiffieHellmanPublic&);
-};
-
-
-class ClientKeyExchange : public HandShakeBase {
-    ClientKeyBase*  client_key_;
-public:
-    explicit ClientKeyExchange(SSL& ssl);
-    ClientKeyExchange();
-    ~ClientKeyExchange();
-
-    void createKey(SSL&);
-    void build(SSL& ssl);
-   
-    const opaque* getKey()       const;
-    int           getKeyLength() const;
-
-    friend output_buffer& operator<<(output_buffer&, const ClientKeyExchange&);
-   
-    input_buffer&  set(input_buffer& in);
-    output_buffer& get(output_buffer& out) const;
-
-    HandShakeType  get_type() const;
-    void Process(input_buffer&, SSL&);
-private:
-    ClientKeyExchange(const ClientKeyExchange&);            // hide copy
-    ClientKeyExchange& operator=(const ClientKeyExchange&); // and assign
-};
-
-
-class CertificateVerify : public HandShakeBase {
-    Hashes             hashes_;
-    byte*              signature_;  // owns
-public:
-    CertificateVerify();
-    ~CertificateVerify();
-
-    input_buffer&  set(input_buffer& in);
-    output_buffer& get(output_buffer& out) const;
-
-    friend input_buffer&  operator>>(input_buffer&, CertificateVerify&);
-    friend output_buffer& operator<<(output_buffer&, const CertificateVerify&);
-
-    void Process(input_buffer&, SSL&);
-    HandShakeType get_type() const;
-
-    void Build(SSL&);
-private:
-    CertificateVerify(const CertificateVerify&);              // hide copy
-    CertificateVerify& operator=(const CertificateVerify&);   // and assign
-};
-
-
-class Finished : public HandShakeBase {
-    Hashes hashes_;
-public:
-    Finished();
-
-    uint8* set_md5();
-    uint8* set_sha();
-
-    friend input_buffer& operator>>(input_buffer&, Finished&);
-    friend output_buffer& operator<<(output_buffer&, const Finished&);
-
-    input_buffer&  set(input_buffer& in);
-    output_buffer& get(output_buffer& out) const;
-
-    void Process(input_buffer&, SSL&);
-
-    HandShakeType get_type() const;
-private:
-    Finished(const Finished&);            // hide copy
-    Finished& operator=(const Finished&); // and assign
-};
-
-
-class RandomPool;  // forward for connection
-
-
-// SSL Connection defined on page 11
-struct Connection {
-    opaque          *pre_master_secret_;
-    opaque          master_secret_[SECRET_LEN];
-    opaque          client_random_[RAN_LEN];
-    opaque          server_random_[RAN_LEN];
-    opaque          sessionID_[ID_LEN];
-    opaque          client_write_MAC_secret_[SHA_LEN]; // sha  is max size
-    opaque          server_write_MAC_secret_[SHA_LEN];
-    opaque          client_write_key_[AES_256_KEY_SZ]; // aes 256bit is max sz
-    opaque          server_write_key_[AES_256_KEY_SZ];
-    opaque          client_write_IV_[AES_IV_SZ];       // aes is max size
-    opaque          server_write_IV_[AES_IV_SZ];
-    uint32          sequence_number_;
-    uint32          peer_sequence_number_;
-    uint32          pre_secret_len_;                   // pre master length
-    bool            send_server_key_;                  // server key exchange?
-    bool            master_clean_;                     // master secret clean?
-    bool            TLS_;                              // TLSv1 or greater
-    bool            TLSv1_1_;                          // TLSv1.1 or greater
-    bool            sessionID_Set_;                    // do we have a session
-    bool            compression_;                      // zlib compression?
-    ProtocolVersion version_;                          // negotiated version
-    ProtocolVersion chVersion_;                        // client hello version
-    RandomPool&     random_;
-
-    Connection(ProtocolVersion v, RandomPool& ran);
-    ~Connection();
-
-    void AllocPreSecret(uint sz);
-    void CleanPreMaster();
-    void CleanMaster();
-    void TurnOffTLS();
-    void TurnOffTLS1_1();
-private:
-    Connection(const Connection&);              // hide copy
-    Connection& operator=(const Connection&);   // and assign
-};
-
-
-struct Ciphers;   // forward
-
-
-// TLSv1 Security Spec, defined on page 56 of RFC 2246
-struct Parameters {
-    ConnectionEnd        entity_;
-    BulkCipherAlgorithm  bulk_cipher_algorithm_;
-    CipherType           cipher_type_;
-    uint8                key_size_;
-    uint8                iv_size_;
-    IsExportable         is_exportable_;
-    MACAlgorithm         mac_algorithm_;
-    uint8                hash_size_;
-    CompressionMethod    compression_algorithm_;
-    KeyExchangeAlgorithm kea_;                        // yassl additions
-    SignatureAlgorithm   sig_algo_;                   // signature auth type
-    SignatureAlgorithm   verify_algo_;                // cert verify auth type
-    bool                 pending_;                  
-    bool                 resumable_;                  // new conns by session
-    uint16               encrypt_size_;               // current msg encrypt sz
-    Cipher               suite_[SUITE_LEN];           // choosen suite
-    uint8                suites_size_;
-    Cipher               suites_[MAX_SUITE_SZ];
-    char                 cipher_name_[MAX_SUITE_NAME];
-    char                 cipher_list_[MAX_CIPHERS][MAX_SUITE_NAME];
-    bool                 removeDH_;                   // for server's later use
-
-    Parameters(ConnectionEnd, const Ciphers&, ProtocolVersion, bool haveDH);
-
-    void SetSuites(ProtocolVersion pv, bool removeDH = false,
-                   bool removeRSA = false, bool removeDSA = false);
-    void SetCipherNames();
-private:
-    Parameters(const Parameters&);              // hide copy
-    Parameters& operator=(const Parameters&);   // and assing
-};
-
-
-input_buffer&  operator>>(input_buffer&,  RecordLayerHeader&);
-output_buffer& operator<<(output_buffer&, const RecordLayerHeader&);
-
-input_buffer&  operator>>(input_buffer&,  Message&);
-output_buffer& operator<<(output_buffer&, const Message&);
-
-input_buffer&  operator>>(input_buffer&,  HandShakeBase&);
-output_buffer& operator<<(output_buffer&, const HandShakeBase&);
-
-
-// Message Factory definition
-// uses the ContentType enumeration for unique id
-typedef Factory MessageFactory;
-void    InitMessageFactory(MessageFactory&);     // registers derived classes
-
-// HandShake Factory definition
-// uses the HandShakeType enumeration for unique id
-typedef Factory HandShakeFactory;  
-void    InitHandShakeFactory(HandShakeFactory&); // registers derived classes
-
-// ServerKey Factory definition
-// uses KeyExchangeAlgorithm enumeration for unique  id
-typedef Factory ServerKeyFactory;
-void    InitServerKeyFactory(ServerKeyFactory&);
-
-// ClientKey Factory definition
-// uses KeyExchangeAlgorithm enumeration for unique  id
-typedef Factory ClientKeyFactory;
-void    InitClientKeyFactory(ClientKeyFactory&);
-
-
-// Message Creators
-Message* CreateHandShake();
-Message* CreateCipherSpec();
-Message* CreateAlert();
-Message* CreateData();
-
-
-// HandShake Creators
-HandShakeBase* CreateCertificate();
-HandShakeBase* CreateHelloRequest();
-HandShakeBase* CreateClientHello();
-HandShakeBase* CreateServerHello();
-HandShakeBase* CreateServerKeyExchange();
-HandShakeBase* CreateCertificateRequest();
-HandShakeBase* CreateServerHelloDone();
-HandShakeBase* CreateClientKeyExchange();
-HandShakeBase* CreateCertificateVerify();
-HandShakeBase* CreateFinished();
-
-
-// ServerKey Exchange Creators
-ServerKeyBase* CreateRSAServerKEA();
-ServerKeyBase* CreateDHServerKEA();
-ServerKeyBase* CreateFortezzaServerKEA();
-
-// ClientKey Exchange Creators
-ClientKeyBase* CreateRSAClient();
-ClientKeyBase* CreateDHClient();
-ClientKeyBase* CreateFortezzaClient();
-
-
-
-} // naemspace
-
-#endif // yaSSL_IMP_HPP
diff --git a/extra/yassl/include/yassl_int.hpp b/extra/yassl/include/yassl_int.hpp
deleted file mode 100644
index b029f6af5f9..00000000000
--- a/extra/yassl/include/yassl_int.hpp
+++ /dev/null
@@ -1,724 +0,0 @@
-/*
-   Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-
-/* yaSSL internal header defines SSL supporting types not specified in the
- * draft along with type conversion functions and openssl compatibility
- */
-
-
-#ifndef yaSSL_INT_HPP
-#define yaSSL_INT_HPP
-
-#include "yassl_imp.hpp"
-#include "yassl_error.hpp"
-#include "crypto_wrapper.hpp"
-#include "cert_wrapper.hpp"
-#include "log.hpp"
-#include "lock.hpp"
-#include "openssl/ssl.h"  // ASN1_STRING and DH
-
-// Check if _POSIX_THREADS should be forced
-#if !defined(_POSIX_THREADS) && defined(__hpux)
-// HPUX does not define _POSIX_THREADS as it's not _fully_ implemented
-#define _POSIX_THREADS
-#endif
-
-#ifdef _POSIX_THREADS
-    #include 
-#endif
-
-
-namespace STL = STL_NAMESPACE;
-
-
-namespace yaSSL {
-
-
-// State Machine for Record Layer Protocol
-enum RecordLayerState {
-    recordNotReady = 0,         // fatal error, no more processing
-    recordReady
-};
-
-
-// State Machine for HandShake Protocol
-enum HandShakeState {
-    handShakeNotReady = 0,      // fatal error, no more processing
-    preHandshake,               // initial state
-    inHandshake,                // handshake started
-    handShakeReady              // handshake done
-};
-
-
-// client input HandShake state, use if HandShakeState == inHandShake
-enum ClientState {
-    serverNull = 0,
-    serverHelloComplete,
-    serverCertComplete,
-    serverKeyExchangeComplete,
-    serverHelloDoneComplete,
-    serverFinishedComplete	
-};
-
-
-// server input HandShake state, use if HandShakeState == inHandShake
-enum ServerState {
-    clientNull = 0,
-    clientHelloComplete,
-    clientKeyExchangeComplete,
-    clientFinishedComplete        
-};
-
-
-// client connect state for nonblocking restart
-enum ConnectState {
-    CONNECT_BEGIN = 0,
-    CLIENT_HELLO_SENT,
-    FIRST_REPLY_DONE,
-    FINISHED_DONE,
-    SECOND_REPLY_DONE
-};
-
-
-// server accpet state for nonblocking restart
-enum AcceptState {
-    ACCEPT_BEGIN = 0,
-    ACCEPT_FIRST_REPLY_DONE,
-    SERVER_HELLO_DONE,
-    ACCEPT_SECOND_REPLY_DONE,
-    ACCEPT_FINISHED_DONE,
-    ACCEPT_THIRD_REPLY_DONE
-};
-
-
-// track received messages to explicitly disallow duplicate messages
-struct RecvdMessages {
-    uint8 gotClientHello_;
-    uint8 gotServerHello_;
-    uint8 gotCert_;
-    uint8 gotServerKeyExchange_;
-    uint8 gotCertRequest_;
-    uint8 gotServerHelloDone_;
-    uint8 gotCertVerify_;
-    uint8 gotClientKeyExchange_;
-    uint8 gotFinished_;
-    RecvdMessages() : gotClientHello_(0), gotServerHello_(0), gotCert_(0),
-                      gotServerKeyExchange_(0), gotCertRequest_(0),
-                      gotServerHelloDone_(0), gotCertVerify_(0),
-                      gotClientKeyExchange_(0), gotFinished_(0)
-                    {} 
-};
-
-
-// combines all states
-class States {
-    RecordLayerState recordLayer_;
-    HandShakeState   handshakeLayer_;
-    ClientState      clientState_;
-    ServerState      serverState_;
-    ConnectState     connectState_;
-    AcceptState      acceptState_;
-    RecvdMessages    recvdMessages_;
-    char             errorString_[MAX_ERROR_SZ];
-    YasslError       what_;
-public:
-    States();
-
-    const RecordLayerState& getRecord()    const;
-    const HandShakeState&   getHandShake() const;
-    const ClientState&      getClient()    const;
-    const ServerState&      getServer()    const;
-    const ConnectState&     GetConnect()   const;
-    const AcceptState&      GetAccept()    const;
-    const char*             getString()    const;
-          YasslError        What()         const;
-
-    RecordLayerState& useRecord();
-    HandShakeState&   useHandShake();
-    ClientState&      useClient();
-    ServerState&      useServer();
-    ConnectState&     UseConnect();
-    AcceptState&      UseAccept();
-    char*             useString();
-    void              SetError(YasslError);
-    int               SetMessageRecvd(HandShakeType);
-private:
-    States(const States&);              // hide copy
-    States& operator=(const States&);   // and assign
-};
-
-
-// holds all factories
-class sslFactory {
-    MessageFactory      messageFactory_;        // creates new messages by type
-    HandShakeFactory    handShakeFactory_;      // creates new handshake types
-    ServerKeyFactory    serverKeyFactory_;      // creates new server key types
-    ClientKeyFactory    clientKeyFactory_;      // creates new client key types
-
-    sslFactory();                               // only GetSSL_Factory creates
-public:
-    const MessageFactory&   getMessage()   const;
-    const HandShakeFactory& getHandShake() const;
-    const ServerKeyFactory& getServerKey() const;
-    const ClientKeyFactory& getClientKey() const;
-
-    friend sslFactory& GetSSL_Factory();        // singleton creator
-private:
-    sslFactory(const sslFactory&);              // hide copy
-    sslFactory& operator=(const sslFactory&);   // and assign   
-};
-
-
-#undef X509_NAME  // wincrypt.h clash
-
-// openSSL X509 names
-class X509_NAME {
-    char*       name_;
-    size_t      sz_;
-    int         cnPosition_;   // start of common name, -1 is none
-    int         cnLen_;        // length of above
-    ASN1_STRING entry_;
-public:
-    X509_NAME(const char*, size_t sz, int pos, int len);
-    ~X509_NAME();
-
-    const char*  GetName() const;
-    ASN1_STRING* GetEntry(int i);
-    size_t       GetLength() const;
-    int          GetCnPosition() const { return cnPosition_; }
-    int          GetCnLength()   const { return cnLen_; }
-private:
-    X509_NAME(const X509_NAME&);                // hide copy
-    X509_NAME& operator=(const X509_NAME&);     // and assign
-};
-
-
-class StringHolder {
-    ASN1_STRING  asnString_;
-public:
-    StringHolder(const char* str, int sz, byte type= 0);
-    ~StringHolder();
-
-    ASN1_STRING* GetString();
-private:
-    StringHolder(const StringHolder&);                // hide copy
-    StringHolder& operator=(const StringHolder&);     // and assign
-};
-
-
-// openSSL X509
-class X509 {
-    X509_NAME issuer_;
-    X509_NAME subject_;
-    StringHolder beforeDate_;   // not valid before
-    StringHolder afterDate_;    // not valid after
-public:
-    X509(const char* i, size_t, const char* s, size_t,
-         ASN1_STRING *b, ASN1_STRING *a, int, int, int, int);
-    ~X509() {}
-
-    X509_NAME* GetIssuer();
-    X509_NAME* GetSubject();
-
-    ASN1_STRING* GetBefore();
-    ASN1_STRING* GetAfter();
-
-private:
-    X509(const X509&);              // hide copy
-    X509& operator=(const X509&);   // and assign
-};
-
-
-// openSSL bignum
-struct BIGNUM {
-    /*
-      gcc 2.96 fix: because of two Integer classes (yaSSL::Integer and
-      TaoCrypt::Integer), we need to explicitly state the namespace
-      here to let gcc 2.96 deduce the correct type.
-    */
-    yaSSL::Integer int_;
-    void assign(const byte* b, uint s) { int_.assign(b,s); }
-};
-
-
-// openSSL session
-class SSL_SESSION {
-    opaque      sessionID_[ID_LEN];
-    opaque      master_secret_[SECRET_LEN];
-    Cipher      suite_[SUITE_LEN];
-    uint        bornOn_;                        // create time in seconds
-    uint        timeout_;                       // timeout in seconds
-    RandomPool& random_;                        // will clean master secret
-    X509*       peerX509_;
-public:
-    explicit SSL_SESSION(RandomPool&);
-    SSL_SESSION(const SSL&, RandomPool&);
-    ~SSL_SESSION();
-
-    const opaque* GetID()       const;
-    const opaque* GetSecret()   const;
-    const Cipher* GetSuite()    const;
-          uint    GetBornOn()   const;
-          uint    GetTimeOut()  const;
-          X509*   GetPeerX509() const;
-          void    SetTimeOut(uint);
-
-    SSL_SESSION& operator=(const SSL_SESSION&); // allow assign for resumption
-private:
-    SSL_SESSION(const SSL_SESSION&);            // hide copy
-
-    void CopyX509(X509*);
-};
-
-
-// holds all sessions
-class Sessions {
-    STL::list list_;
-    RandomPool random_;                 // for session cleaning
-    Mutex      mutex_;                  // no-op for single threaded
-    int        count_;                  // flush counter
-
-    Sessions() : count_(0) {}           // only GetSessions can create
-public: 
-    SSL_SESSION* lookup(const opaque*, SSL_SESSION* copy = 0);
-    void         add(const SSL&);
-    void         remove(const opaque*);
-    void         Flush();
-
-    ~Sessions();
-
-    friend Sessions& GetSessions(); // singleton creator
-private:
-    Sessions(const Sessions&);              // hide copy
-    Sessions& operator=(const Sessions&);   // and assign
-};
-
-
-#ifdef _POSIX_THREADS
-    typedef pthread_t THREAD_ID_T;
-#else
-    typedef DWORD     THREAD_ID_T;
-#endif
-
-// thread error data
-struct ThreadError {
-    THREAD_ID_T threadID_;
-    int         errorID_;
-};
-
-
-// holds all errors
-class Errors {
-    STL::list list_;
-    Mutex                  mutex_;
-
-    Errors() {}                         // only GetErrors can create
-public:
-    int  Lookup(bool peek);             // self lookup
-    void Add(int);              
-    void Remove();                      // remove self
-
-    ~Errors() {}
-
-    friend Errors& GetErrors(); // singleton creator
-private:
-    Errors(const Errors&);              // hide copy
-    Errors& operator=(const Errors);    // and assign
-};
-
-
-Sessions&   GetSessions();      // forward singletons
-sslFactory& GetSSL_Factory();
-Errors&     GetErrors();
-bool        HasErrors();
-
-
-// openSSL method and context types
-class SSL_METHOD {
-    ProtocolVersion version_;
-    ConnectionEnd   side_;
-    bool            verifyPeer_;    // request or send certificate
-    bool            verifyNone_;    // whether to verify certificate
-    bool            failNoCert_;
-    bool            multipleProtocol_;  // for SSLv23 compatibility
-public:
-    SSL_METHOD(ConnectionEnd ce, ProtocolVersion pv,
-               bool multipleProtocol = false);
-
-    ProtocolVersion getVersion() const;
-    ConnectionEnd   getSide()    const;
-
-    void setVerifyPeer();
-    void setVerifyNone();
-    void setFailNoCert();
-
-    bool verifyPeer() const;
-    bool verifyNone() const;
-    bool failNoCert() const;
-    bool multipleProtocol() const;
-private:
-    SSL_METHOD(const SSL_METHOD&);              // hide copy
-    SSL_METHOD& operator=(const SSL_METHOD&);   // and assign
-};
-
-
-struct Ciphers {
-    bool        setSuites_;             // user set suites from default
-    byte        suites_[MAX_SUITE_SZ];  // new suites
-    int         suiteSz_;               // suite length in bytes
-
-    Ciphers() : setSuites_(false), suiteSz_(0) {}
-};
-
-
-struct DH;  // forward
-
-
-// save for SSL construction
-struct DH_Parms {
-    Integer p_;
-    Integer g_;
-    bool set_;   // if set by user
-
-    DH_Parms() : set_(false) {}
-};
-
-
-enum StatsField { 
-    Accept, Connect, AcceptGood, ConnectGood, AcceptRenegotiate,
-    ConnectRenegotiate, Hits, CbHits, CacheFull, Misses, Timeouts, Number,
-    GetCacheSize, VerifyMode, VerifyDepth 
-};
-
-
-// SSL stats
-struct Stats {
-    long accept_;
-    long connect_;
-    long acceptGood_;
-    long connectGood_;
-    long acceptRenegotiate_;
-    long connectRenegotiate_;
-
-    long hits_;
-    long cbHits_;
-    long cacheFull_;
-    long misses_;
-    long timeouts_;
-    long number_;
-    long getCacheSize_;
-
-    int verifyMode_;
-    int verifyDepth_;
-public:
-    Stats() : accept_(0), connect_(0), acceptGood_(0), connectGood_(0),
-        acceptRenegotiate_(0), connectRenegotiate_(0), hits_(0), cbHits_(0),
-        cacheFull_(0), misses_(0), timeouts_(0), number_(0), getCacheSize_(0),
-        verifyMode_(0), verifyDepth_(0)
-    {}
-private:
-    Stats(const Stats&);            // hide copy
-    Stats& operator=(const Stats&); // and assign
-};
-
-
-// the SSL context
-class SSL_CTX {
-public:
-    typedef STL::list CertList;
-private:
-    SSL_METHOD*     method_;
-    x509*           certificate_;
-    x509*           privateKey_;
-    CertList        caList_;
-    Ciphers         ciphers_;
-    DH_Parms        dhParms_;
-    pem_password_cb passwordCb_;
-    void*           userData_;
-    bool            sessionCacheOff_;
-    bool            sessionCacheFlushOff_;
-    Stats           stats_;
-    Mutex           mutex_;         // for Stats
-    VerifyCallback  verifyCallback_;
-public:
-    explicit SSL_CTX(SSL_METHOD* meth);
-    ~SSL_CTX();
-
-    const x509*       getCert()       const;
-    const x509*       getKey()        const;
-    const SSL_METHOD* getMethod()     const;
-    const Ciphers&    GetCiphers()    const;
-    const DH_Parms&   GetDH_Parms()   const;
-    const Stats&      GetStats()      const;
-    VerifyCallback getVerifyCallback() const;
-    pem_password_cb   GetPasswordCb() const;
-          void*       GetUserData()   const;
-          bool        GetSessionCacheOff()      const;
-          bool        GetSessionCacheFlushOff() const;
-
-    void setVerifyPeer();
-    void setVerifyNone();
-    void setFailNoCert();
-    void setVerifyCallback(VerifyCallback);
-    bool SetCipherList(const char*);
-    bool SetDH(const DH&);
-    void SetPasswordCb(pem_password_cb cb);
-    void SetUserData(void*);
-    void SetSessionCacheOff();
-    void SetSessionCacheFlushOff();
-   
-    void            IncrementStats(StatsField);
-    void            AddCA(x509* ca);
-    const CertList& GetCA_List() const;
-
-    friend int read_file(SSL_CTX*, const char*, int, CertType);
-private:
-    SSL_CTX(const SSL_CTX&);            // hide copy
-    SSL_CTX& operator=(const SSL_CTX&); // and assign
-};
-
-
-// holds all cryptographic types
-class Crypto {
-    Digest*             digest_;                // agreed upon digest
-    BulkCipher*         cipher_;                // agreed upon cipher
-    DiffieHellman*      dh_;                    // dh parms
-    RandomPool          random_;                // random number generator
-    CertManager         cert_;                  // manages certificates
-public:
-    explicit Crypto();
-    ~Crypto();
-
-    const Digest&        get_digest()      const;
-    const BulkCipher&    get_cipher()      const;
-    const DiffieHellman& get_dh()          const;
-    const RandomPool&    get_random()      const;
-    const CertManager&   get_certManager() const;
-          
-    Digest&        use_digest();
-    BulkCipher&    use_cipher();
-    DiffieHellman& use_dh();
-    RandomPool&    use_random();
-    CertManager&   use_certManager();
-
-    void SetDH(DiffieHellman*);
-    void SetDH(const DH_Parms&);
-    void setDigest(Digest*);
-    void setCipher(BulkCipher*);
-
-    bool DhSet();
-private:
-    Crypto(const Crypto&);              // hide copy
-    Crypto& operator=(const Crypto&);   // and assign
-};
-
-
-// holds all handshake and verify hashes
-class sslHashes {
-    MD5       md5HandShake_;          // md5 handshake hash
-    SHA       shaHandShake_;          // sha handshake hash
-    Finished  verify_;                // peer's verify hash
-    Hashes    certVerify_;            // peer's cert verify hash
-public:
-    sslHashes() {}
-
-    const MD5&      get_MD5()        const;
-    const SHA&      get_SHA()        const;
-    const Finished& get_verify()     const;
-    const Hashes&   get_certVerify() const;
-
-    MD5&      use_MD5();
-    SHA&      use_SHA();
-    Finished& use_verify();
-    Hashes&   use_certVerify();
-private:
-    sslHashes(const sslHashes&);             // hide copy
-    sslHashes& operator=(const sslHashes&); // and assign
-};
-
-
-// holds input and output buffers
-class Buffers {
-public: 
-    typedef STL::list  inputList;
-    typedef STL::list outputList;
-    int prevSent;     // previous plain text bytes sent when got WANT_WRITE
-    int plainSz;      // plain text bytes in buffer to send when got WANT_WRITE 
-private:
-    inputList      dataList_;             // list of users app data / handshake
-    outputList     handShakeList_;        // buffered handshake msgs
-    input_buffer*  rawInput_;             // buffered raw input yet to process
-    output_buffer* output_;               // WANT_WRITE buffered output 
-public:
-    Buffers();
-    ~Buffers();
-
-    const inputList&  getData()      const;
-    const outputList& getHandShake() const;
-
-    inputList&  useData();
-    outputList& useHandShake();
-
-    void           SetRawInput(input_buffer*);  // takes ownership
-    input_buffer*  TakeRawInput();              // takes ownership 
-    void           SetOutput(output_buffer*);   // takes ownership
-    output_buffer* TakeOutput();                // takes ownership 
-private:
-    Buffers(const Buffers&);             // hide copy
-    Buffers& operator=(const Buffers&);  // and assign   
-};
-
-
-// wraps security parameters
-class Security {
-    Connection    conn_;                          // connection information
-    Parameters    parms_;                         // may be pending
-    SSL_SESSION   resumeSession_;                 // if resuming
-    SSL_CTX*      ctx_;                           // context used to init
-    bool          resuming_;                      // trying to resume
-public:
-    Security(ProtocolVersion, RandomPool&, ConnectionEnd, const Ciphers&,
-             SSL_CTX*, bool);
-
-    const SSL_CTX*     GetContext()     const;
-    const Connection&  get_connection() const;
-    const Parameters&  get_parms()      const;
-    const SSL_SESSION& get_resume()     const;
-          bool         get_resuming()   const;
-
-    Connection&  use_connection();
-    Parameters&  use_parms();
-    SSL_SESSION& use_resume();
-
-    void set_resuming(bool b);
-private:
-    Security(const Security&);              // hide copy
-    Security& operator=(const Security&);   // and assign
-};
-
-
-// THE SSL type
-class SSL {
-    Crypto              crypto_;                // agreed crypto agents
-    Security            secure_;                // Connection and Session parms
-    States              states_;                // Record and HandShake states
-    sslHashes           hashes_;                // handshake, finished hashes
-    Socket              socket_;                // socket wrapper
-    Buffers             buffers_;               // buffered handshakes and data
-    Log                 log_;                   // logger
-    bool                quietShutdown_;
-
-    // optimization variables
-    bool                has_data_;              // buffered data ready?
-public:
-    SSL(SSL_CTX* ctx);
-
-    // gets and uses
-    const Crypto&     getCrypto()   const;
-    const Security&   getSecurity() const;
-    const States&     getStates()   const;
-    const sslHashes&  getHashes()   const;
-    const sslFactory& getFactory()  const;
-    const Socket&     getSocket()   const;
-          YasslError  GetError()    const;
-          bool        GetMultiProtocol() const;
-          bool        CompressionOn()    const;
-
-    Crypto&    useCrypto();
-    Security&  useSecurity();
-    States&    useStates();
-    sslHashes& useHashes();
-    Socket&    useSocket();
-    Log&       useLog();
-    Buffers&   useBuffers();
-
-    bool       HasData() const;
-    bool       GetQuietShutdown() const;
-
-    // sets
-    void set_pending(Cipher suite);
-    void set_random(const opaque*, ConnectionEnd);
-    void set_sessionID(const opaque*);
-    void set_session(SSL_SESSION*);
-    void set_preMaster(const opaque*, uint);
-    void set_masterSecret(const opaque*);
-    void SetError(YasslError);
-    int  SetCompression();
-    void UnSetCompression();
-    void SetQuietShutdown(bool mode);
-
-    // helpers
-    bool isTLS() const;
-    bool isTLSv1_1() const;
-    void order_error();
-    void makeMasterSecret();
-    void makeTLSMasterSecret();
-    void addData(input_buffer* data);
-    void fillData(Data&);
-    void PeekData(Data&);
-    void addBuffer(output_buffer* b);
-    void flushBuffer();
-    void verifyState(const RecordLayerHeader&);
-    void verifyState(const HandShakeHeader&);
-    void verifyState(ClientState);
-    void verifyState(ServerState);
-    void verfiyHandShakeComplete();
-    void matchSuite(const opaque*, uint length);
-    void deriveKeys();
-    void deriveTLSKeys();
-    void Send(const byte*, uint);
-    void SendWriteBuffered();
-
-    uint bufferedData();
-    uint get_SEQIncrement(bool);
-
-    const  byte*  get_macSecret(bool);
-private:
-    void storeKeys(const opaque*);
-    void setKeys();
-    void verifyClientState(HandShakeType);
-    void verifyServerState(HandShakeType);
-
-    SSL(const SSL&);                    // hide copy
-    const SSL& operator=(const SSL&);   // and assign
-};
-
-
-// compression
-int Compress(const byte*, int, input_buffer&);
-int DeCompress(input_buffer&, int, input_buffer&);
-
-
-// conversion functions
-void c32to24(uint32, uint24&);
-void c24to32(const uint24, uint32&);
-
-uint32 c24to32(const uint24);
-
-void ato16(const opaque*, uint16&);
-void ato24(const opaque*, uint24&);
-
-void c16toa(uint16, opaque*);
-void c24toa(const uint24, opaque*);
-void c32toa(uint32 u32, opaque*);
-
-
-} // naemspace
-
-#endif // yaSSL_INT_HPP
diff --git a/extra/yassl/include/yassl_types.hpp b/extra/yassl/include/yassl_types.hpp
deleted file mode 100644
index 3132d75a6ff..00000000000
--- a/extra/yassl/include/yassl_types.hpp
+++ /dev/null
@@ -1,540 +0,0 @@
-/*
-   Copyright (c) 2005, 2013, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/*  yaSSL types  header defines all constants, enums, and typedefs
- *  from the SSL.v3 specification "draft-freier-ssl-version3-02.txt"
- */
-
-
-#ifndef yaSSL_TYPES_HPP
-#define yaSSL_TYPES_HPP
-
-#include 
-#include "type_traits.hpp"
-
-
-#ifdef _MSC_VER
-    // disable conversion warning
-    // 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy
-    #pragma warning(disable:4244 4996)
-#endif
-
-
-#ifdef _MSC_VER
-    // disable conversion warning
-    // 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy
-    #pragma warning(disable:4244 4996)
-#endif
-
-
-namespace yaSSL {
-
-#define YASSL_LIB
-
-
-#ifdef YASSL_PURE_C
-
-    // library allocation
-    struct new_t {};      // yaSSL New type
-    extern new_t ys;      // pass in parameter
-
-    } // namespace yaSSL
-
-    void* operator new  (size_t, yaSSL::new_t);
-    void* operator new[](size_t, yaSSL::new_t);
-
-    void operator delete  (void*, yaSSL::new_t);
-    void operator delete[](void*, yaSSL::new_t);
-
-
-    namespace yaSSL {
-
-
-    template
-    void ysDelete(T* ptr)
-    {
-        if (ptr) ptr->~T();
-        ::operator delete(ptr, yaSSL::ys);
-    }
-
-    template
-    void ysArrayDelete(T* ptr)
-    {
-        // can't do array placement destruction since not tracking size in
-        // allocation, only allow builtins to use array placement since they
-        // don't need destructors called
-        typedef char builtin[TaoCrypt::IsFundamentalType::Yes ? 1 : -1];
-        (void)sizeof(builtin);
-
-        ::operator delete[](ptr, yaSSL::ys);
-    }
-
-    #define NEW_YS new (yaSSL::ys)
-
-    // to resolve compiler generated operator delete on base classes with
-    // virtual destructors (when on stack)
-    class virtual_base {
-    public:
-        static void operator delete(void*) { }
-    };
-
-
-#else   // YASSL_PURE_C
-
-
-    template
-    void ysDelete(T* ptr)
-    {
-        delete ptr;
-    }
-
-    template
-    void ysArrayDelete(T* ptr)
-    {
-        delete[] ptr;
-    }
-
-    #define NEW_YS new
-
-    class virtual_base {};
-
-
-
-#endif // YASSL_PURE_C
-
-
-typedef unsigned char  uint8;
-typedef unsigned short uint16;
-typedef unsigned int   uint32;
-typedef uint8          uint24[3];
-typedef uint32         uint64[2];
-
-typedef uint8  opaque;
-typedef opaque byte;
-
-typedef unsigned int uint;
-
-
-#ifdef USE_SYS_STL
-    // use system STL
-    #define STL_VECTOR_FILE    
-    #define STL_LIST_FILE      
-    #define STL_ALGORITHM_FILE 
-    #define STL_MEMORY_FILE    
-    #define STL_PAIR_FILE      
-    
-    #define STL_NAMESPACE       std
-#else
-    // use mySTL
-    #define STL_VECTOR_FILE    "vector.hpp"
-    #define STL_LIST_FILE      "list.hpp"
-    #define STL_ALGORITHM_FILE "algorithm.hpp"
-    #define STL_MEMORY_FILE    "memory.hpp"
-    #define STL_PAIR_FILE      "pair.hpp"
-
-    #define STL_NAMESPACE       mySTL
-#endif
-
-
-#ifdef min
-    #undef min
-#endif 
-
-template 
-T min(T a, T b)
-{
-    return a < b ? a : b;
-}
-
-
- 
-// all length constants in bytes
-const int ID_LEN            =  32;  // session id length
-const int SUITE_LEN         =   2;  // cipher suite length
-const int SECRET_LEN        =  48;  // pre RSA and all master secret length
-const int MASTER_ROUNDS     =   3;  // master secret derivation rounds
-const int RAN_LEN           =  32;  // client and server random length
-const int MAC_BLOCK_SZ      =  64;  // MAC block size, & padding
-const int MD5_LEN           =  16;  // MD5 digest length
-const int SHA_LEN           =  20;  // SHA digest length
-const int RMD_LEN           =  20;  // RIPEMD-160 digest length
-const int PREFIX            =   3;  // up to 3 prefix letters for secret rounds
-const int KEY_PREFIX        =   7;  // up to 7 prefix letters for key rounds
-const int FORTEZZA_MAX      = 128;  // Maximum Fortezza Key length
-const int MAX_SUITE_SZ      = 128;  // 64 max suites * sizeof(suite)
-const int MAX_SUITE_NAME    =  48;  // max length of suite name
-const int MAX_CIPHERS       =  32;  // max supported ciphers for cipher list
-const int SIZEOF_ENUM       =   1;  // SSL considers an enum 1 byte, not 4
-const int SIZEOF_SENDER     =   4;  // Sender constant, for finished generation
-const int PAD_MD5           =  48;  // pad length 1 and 2 for md5 finished
-const int PAD_SHA           =  40;  // should be 44, specd wrong by netscape
-const int PAD_RMD           =  44;  // pad length for RIPEMD-160, some use 40??
-const int CERT_HEADER       =   3;  // always use 3 bytes for certificate
-const int CERT_TYPES        =   7;  // certificate request types
-const int REQUEST_HEADER    =   2;  // request uses 2 bytes
-const int VERIFY_HEADER     =   2;  // verify length field
-const int MIN_CERT_TYPES    =   1;  // minimum certificate request types
-const int MIN_DIS_NAMES     =   3;  // minimum distinguished names
-const int MIN_DIS_SIZE      =   1;  // minimum distinguished name size
-const int RECORD_HEADER     =   5;  // type + version + length(2)
-const int HANDSHAKE_HEADER  =   4;  // type + length(3)
-const int FINISHED_SZ       = MD5_LEN + SHA_LEN; // sizeof finished data
-const int TLS_FINISHED_SZ   =  12;  // TLS verify data size
-const int SEQ_SZ            =   8;  // 64 bit sequence number
-const int LENGTH_SZ         =   2;  // length field for HMAC, data only
-const int VERSION_SZ        = SIZEOF_ENUM * 2;  // SSL/TLS length of version
-const int DES_KEY_SZ        =   8;  // DES Key length
-const int DES_EDE_KEY_SZ    =  24;  // DES EDE Key length
-const int DES_BLOCK         =   8;  // DES is always fixed block size 8
-const int DES_IV_SZ         = DES_BLOCK;    // Init Vector length for DES
-const int RC4_KEY_SZ        =  16;  // RC4 Key length
-const int AES_128_KEY_SZ    =  16;  // AES 128bit Key length
-const int AES_192_KEY_SZ    =  24;  // AES 192bit Key length
-const int AES_256_KEY_SZ    =  32;  // AES 256bit Key length
-const int AES_BLOCK_SZ      =  16;  // AES 128bit block size, rfc 3268
-const int AES_IV_SZ         = AES_BLOCK_SZ; // AES Init Vector length
-const int DSS_SIG_SZ        =  40;  // two 20 byte high byte first Integers
-const int DSS_ENCODED_EXTRA =   6;  // seqID + len(1) + (intID + len(1)) * 2
-const int EVP_SALT_SZ       =   8;
-const int MASTER_LABEL_SZ   =  13;  // TLS master secret label size
-const int KEY_LABEL_SZ      =  13;  // TLS key block expansion size
-const int FINISHED_LABEL_SZ =  15;  // TLS finished lable length
-const int SEED_LEN          = RAN_LEN * 2; // TLS seed, client + server random
-const int DEFAULT_TIMEOUT   = 500;  // Default Session timeout in seconds
-const int MAX_RECORD_SIZE   = 16384; // 2^14, max size by standard
-const int COMPRESS_EXTRA    = 1024;  // extra compression possible addition
-const int SESSION_FLUSH_COUNT = 256;  // when to flush session cache
-const int MAX_PAD_SIZE        = 256;  // max TLS padding size
-const int COMPRESS_CONSTANT   =  13;  // compression calculation constant
-const int COMPRESS_UPPER      =  55;  // compression calculation numerator
-const int COMPRESS_LOWER      =  64;  // compression calculation denominator
-const int COMPRESS_DUMMY_SIZE =  64;  // compression dummy round size 
-
-typedef uint8 Cipher;             // first byte is always 0x00 for SSLv3 & TLS
-
-typedef opaque Random[RAN_LEN];
-
-typedef opaque* DistinguishedName;
-
-typedef bool IsExportable;
-
-
-enum CompressionMethod { no_compression = 0, zlib = 221 };
-
-enum CipherType { stream, block };
-
-enum CipherChoice { change_cipher_spec_choice = 1 };
-
-enum PublicValueEncoding { implicit_encoding, explicit_encoding };
-
-enum ConnectionEnd { server_end, client_end };
-
-enum AlertLevel { warning = 1, fatal = 2 };
-
-
-
-// Record Layer Header identifier from page 12
-enum ContentType {
-    no_type            = 0,
-    change_cipher_spec = 20, 
-    alert              = 21, 
-    handshake          = 22, 
-    application_data   = 23 
-};
-
-
-// HandShake Layer Header identifier from page 20
-enum HandShakeType {
-    no_shake            = -1,
-    hello_request       = 0, 
-    client_hello        = 1, 
-    server_hello        = 2,
-    certificate         = 11, 
-    server_key_exchange = 12,
-    certificate_request = 13, 
-    server_hello_done   = 14,
-    certificate_verify  = 15, 
-    client_key_exchange = 16,
-    finished            = 20
-};
-
-
-// Valid Alert types from page 16/17
-enum AlertDescription {
-    close_notify            = 0,
-    unexpected_message      = 10,
-    bad_record_mac          = 20,
-    decompression_failure   = 30,
-    handshake_failure       = 40,
-    no_certificate          = 41,
-    bad_certificate         = 42,
-    unsupported_certificate = 43,
-    certificate_revoked     = 44,
-    certificate_expired     = 45,
-    certificate_unknown     = 46,
-    illegal_parameter       = 47
-};
-
-
-// Supported Key Exchange Protocols
-enum KeyExchangeAlgorithm { 
-    no_kea = 0,
-    rsa_kea, 
-    diffie_hellman_kea, 
-    fortezza_kea 
-};
-
-
-// Supported Authentication Schemes
-enum SignatureAlgorithm { 
-    anonymous_sa_algo = 0, 
-    rsa_sa_algo, 
-    dsa_sa_algo 
-};
-
-
-// Valid client certificate request types from page 27
-enum ClientCertificateType {    
-    rsa_sign            = 1, 
-    dss_sign            = 2,
-    rsa_fixed_dh        = 3,
-    dss_fixed_dh        = 4,
-    rsa_ephemeral_dh    = 5,
-    dss_ephemeral_dh    = 6,
-    fortezza_kea_cert   = 20
-};
-
-
-// Supported Ciphers from page 43
-enum BulkCipherAlgorithm { 
-    cipher_null,
-    rc4,
-    rc2,
-    des,
-    triple_des,             // leading 3 (3des) not valid identifier
-    des40,
-    idea,
-    aes
-};
-
-
-// Supported Message Authentication Codes from page 43
-enum MACAlgorithm { 
-    no_mac,
-    md5,
-    sha,
-    rmd
-};
-
-
-// Certificate file Type
-enum CertType { Cert = 0, PrivateKey, CA };
-
-
-// all Cipher Suites from pages 41/42
-const Cipher SSL_NULL_WITH_NULL_NULL                =  0; // { 0x00, 0x00 }
-const Cipher SSL_RSA_WITH_NULL_MD5                  =  1; // { 0x00, 0x01 }
-const Cipher SSL_RSA_WITH_NULL_SHA                  =  2; // { 0x00, 0x02 }
-const Cipher SSL_RSA_EXPORT_WITH_RC4_40_MD5         =  3; // { 0x00, 0x03 }
-const Cipher SSL_RSA_WITH_RC4_128_MD5               =  4; // { 0x00, 0x04 }
-const Cipher SSL_RSA_WITH_RC4_128_SHA               =  5; // { 0x00, 0x05 }
-const Cipher SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5     =  6; // { 0x00, 0x06 }
-const Cipher SSL_RSA_WITH_IDEA_CBC_SHA              =  7; // { 0x00, 0x07 }
-const Cipher SSL_RSA_EXPORT_WITH_DES40_CBC_SHA      =  8; // { 0x00, 0x08 }
-const Cipher SSL_RSA_WITH_DES_CBC_SHA               =  9; // { 0x00, 0x09 }
-const Cipher SSL_RSA_WITH_3DES_EDE_CBC_SHA          = 10; // { 0x00, 0x0A }
-const Cipher SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA   = 11; // { 0x00, 0x0B }
-const Cipher SSL_DH_DSS_WITH_DES_CBC_SHA            = 12; // { 0x00, 0x0C }
-const Cipher SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA       = 13; // { 0x00, 0x0D }
-const Cipher SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA   = 14; // { 0x00, 0x0E }
-const Cipher SSL_DH_RSA_WITH_DES_CBC_SHA            = 15; // { 0x00, 0x0F }
-const Cipher SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA       = 16; // { 0x00, 0x10 }
-const Cipher SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA  = 17; // { 0x00, 0x11 }
-const Cipher SSL_DHE_DSS_WITH_DES_CBC_SHA           = 18; // { 0x00, 0x12 }
-const Cipher SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA      = 19; // { 0x00, 0x13 }
-const Cipher SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA  = 20; // { 0x00, 0x14 }
-const Cipher SSL_DHE_RSA_WITH_DES_CBC_SHA           = 21; // { 0x00, 0x15 }
-const Cipher SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA      = 22; // { 0x00, 0x16 }
-const Cipher SSL_DH_anon_EXPORT_WITH_RC4_40_MD5     = 23; // { 0x00, 0x17 }
-const Cipher SSL_DH_anon_WITH_RC4_128_MD5           = 24; // { 0x00, 0x18 }
-const Cipher SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA  = 25; // { 0x00, 0x19 }
-const Cipher SSL_DH_anon_WITH_DES_CBC_SHA           = 26; // { 0x00, 0x1A }
-const Cipher SSL_DH_anon_WITH_3DES_EDE_CBC_SHA      = 27; // { 0x00, 0x1B }
-const Cipher SSL_FORTEZZA_KEA_WITH_NULL_SHA         = 28; // { 0x00, 0x1C }
-const Cipher SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA = 29; // { 0x00, 0x1D }
-const Cipher SSL_FORTEZZA_KEA_WITH_RC4_128_SHA      = 30; // { 0x00, 0x1E }
-
-// .. to 0x2B uses Kerberos Authentication
-
-
-// TLS AES extensions
-const Cipher TLS_RSA_WITH_AES_128_CBC_SHA      = 47; // { 0x00, 0x2F }
-const Cipher TLS_DH_DSS_WITH_AES_128_CBC_SHA   = 48; // { 0x00, 0x30 }
-const Cipher TLS_DH_RSA_WITH_AES_128_CBC_SHA   = 49; // { 0x00, 0x31 }
-const Cipher TLS_DHE_DSS_WITH_AES_128_CBC_SHA  = 50; // { 0x00, 0x32 }
-const Cipher TLS_DHE_RSA_WITH_AES_128_CBC_SHA  = 51; // { 0x00, 0x33 }
-const Cipher TLS_DH_anon_WITH_AES_128_CBC_SHA  = 52; // { 0x00, 0x34 }
-
-const Cipher TLS_RSA_WITH_AES_256_CBC_SHA      = 53; // { 0x00, 0x35 }
-const Cipher TLS_DH_DSS_WITH_AES_256_CBC_SHA   = 54; // { 0x00, 0x36 }
-const Cipher TLS_DH_RSA_WITH_AES_256_CBC_SHA   = 55; // { 0x00, 0x37 }
-const Cipher TLS_DHE_DSS_WITH_AES_256_CBC_SHA  = 56; // { 0x00, 0x38 }
-const Cipher TLS_DHE_RSA_WITH_AES_256_CBC_SHA  = 57; // { 0x00, 0x39 }
-const Cipher TLS_DH_anon_WITH_AES_256_CBC_SHA  = 58; // { 0x00, 0x3A }
-
-
-// OpenPGP extensions
-
-const Cipher TLS_DHE_DSS_WITH_3DES_EDE_CBC_RMD160 = 114; // { 0x00, 0x72 };
-const Cipher TLS_DHE_DSS_WITH_AES_128_CBC_RMD160  = 115; // { 0x00, 0x73 };
-const Cipher TLS_DHE_DSS_WITH_AES_256_CBC_RMD160  = 116; // { 0x00, 0x74 };
-const Cipher TLS_DHE_RSA_WITH_3DES_EDE_CBC_RMD160 = 119; // { 0x00, 0x77 };
-const Cipher TLS_DHE_RSA_WITH_AES_128_CBC_RMD160  = 120; // { 0x00, 0x78 };
-const Cipher TLS_DHE_RSA_WITH_AES_256_CBC_RMD160  = 121; // { 0x00, 0x79 };
-const Cipher TLS_RSA_WITH_3DES_EDE_CBC_RMD160     = 124; // { 0x00, 0x7C };
-const Cipher TLS_RSA_WITH_AES_128_CBC_RMD160      = 125; // { 0x00, 0x7D };
-const Cipher TLS_RSA_WITH_AES_256_CBC_RMD160      = 126; // { 0x00, 0x7E };
-
-
-const char* const null_str = "";
-
-const char* const cipher_names[128] =
-{
-    null_str, // SSL_NULL_WITH_NULL_NULL                =  0
-    null_str, // SSL_RSA_WITH_NULL_MD5                  =  1
-    null_str, // SSL_RSA_WITH_NULL_SHA                  =  2
-    null_str, // SSL_RSA_EXPORT_WITH_RC4_40_MD5         =  3
-    "RC4-MD5",  // SSL_RSA_WITH_RC4_128_MD5               =  4
-    "RC4-SHA",  // SSL_RSA_WITH_RC4_128_SHA               =  5
-    null_str, // SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5     =  6
-    null_str, // SSL_RSA_WITH_IDEA_CBC_SHA              =  7
-    null_str, // SSL_RSA_EXPORT_WITH_DES40_CBC_SHA      =  8
-    "DES-CBC-SHA",  // SSL_RSA_WITH_DES_CBC_SHA               =  9
-    "DES-CBC3-SHA", // SSL_RSA_WITH_3DES_EDE_CBC_SHA          = 10
-
-    null_str, // SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA   = 11
-    null_str, // SSL_DH_DSS_WITH_DES_CBC_SHA            = 12
-    null_str, // SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA       = 13
-    null_str, // SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA   = 14
-    null_str, // SSL_DH_RSA_WITH_DES_CBC_SHA            = 15
-    null_str, // SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA       = 16
-    null_str, // SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA  = 17
-    "EDH-DSS-DES-CBC-SHA",  // SSL_DHE_DSS_WITH_DES_CBC_SHA           = 18
-    "EDH-DSS-DES-CBC3-SHA", // SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA      = 19
-    null_str, // SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA  = 20
-
-    "EDH-RSA-DES-CBC-SHA",  // SSL_DHE_RSA_WITH_DES_CBC_SHA           = 21
-    "EDH-RSA-DES-CBC3-SHA", // SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA      = 22
-    null_str, // SSL_DH_anon_EXPORT_WITH_RC4_40_MD5     = 23
-    null_str, // SSL_DH_anon_WITH_RC4_128_MD5           = 24
-    null_str, // SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA  = 25
-    null_str, // SSL_DH_anon_WITH_DES_CBC_SHA           = 26
-    null_str, // SSL_DH_anon_WITH_3DES_EDE_CBC_SHA      = 27
-    null_str, // SSL_FORTEZZA_KEA_WITH_NULL_SHA         = 28
-    null_str, // SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA = 29
-    null_str, // SSL_FORTEZZA_KEA_WITH_RC4_128_SHA      = 30
-
-    null_str, null_str, null_str, null_str, null_str, // 31 - 35
-    null_str, null_str, null_str, null_str, null_str, // 36 - 40
-    null_str, null_str, null_str, null_str, null_str, // 41 - 45
-    null_str, // 46
-
-    // TLS AES extensions
-    "AES128-SHA", // TLS_RSA_WITH_AES_128_CBC_SHA      = 47
-    null_str, // TLS_DH_DSS_WITH_AES_128_CBC_SHA   = 48
-    null_str, // TLS_DH_RSA_WITH_AES_128_CBC_SHA   = 49
-    "DHE-DSS-AES128-SHA", // TLS_DHE_DSS_WITH_AES_128_CBC_SHA  = 50
-    "DHE-RSA-AES128-SHA", // TLS_DHE_RSA_WITH_AES_128_CBC_SHA  = 51
-    null_str, // TLS_DH_anon_WITH_AES_128_CBC_SHA  = 52
-
-    "AES256-SHA", // TLS_RSA_WITH_AES_256_CBC_SHA      = 53
-    null_str, // TLS_DH_DSS_WITH_AES_256_CBC_SHA   = 54
-    null_str, // TLS_DH_RSA_WITH_AES_256_CBC_SHA   = 55
-    "DHE-DSS-AES256-SHA", // TLS_DHE_DSS_WITH_AES_256_CBC_SHA  = 56
-    "DHE-RSA-AES256-SHA", // TLS_DHE_RSA_WITH_AES_256_CBC_SHA  = 57
-    null_str, // TLS_DH_anon_WITH_AES_256_CBC_SHA  = 58
-    
-    null_str, // 59
-    null_str, // 60
-    null_str, null_str, null_str, null_str, null_str, // 61 - 65
-    null_str, null_str, null_str, null_str, null_str, // 66 - 70
-    null_str, null_str, null_str, null_str, null_str, // 71 - 75
-    null_str, null_str, null_str, null_str, null_str, // 76 - 80
-    null_str, null_str, null_str, null_str, null_str, // 81 - 85
-    null_str, null_str, null_str, null_str, null_str, // 86 - 90
-    null_str, null_str, null_str, null_str, null_str, // 91 - 95
-    null_str, null_str, null_str, null_str, null_str, // 96 - 100
-    null_str, null_str, null_str, null_str, null_str, // 101 - 105
-    null_str, null_str, null_str, null_str, null_str, // 106 - 110
-    null_str, null_str, null_str,                     // 111 - 113
-
-    "DHE-DSS-DES-CBC3-RMD", //  TLS_DHE_DSS_WITH_3DES_EDE_CBC_RMD160 = 114
-    "DHE-DSS-AES128-RMD",   //  TLS_DHE_DSS_WITH_AES_128_CBC_RMD160  = 115
-    "DHE-DSS-AES256-RMD",   //  TLS_DHE_DSS_WITH_AES_256_CBC_RMD160  = 116
-    null_str, // 117
-    null_str, // 118
-    "DHE-RSA-DES-CBC3-RMD", //  TLS_DHE_RSA_WITH_3DES_EDE_CBC_RMD160 = 119
-    "DHE-RSA-AES128-RMD",   //  TLS_DHE_RSA_WITH_AES_128_CBC_RMD160  = 120
-    "DHE-RSA-AES256-RMD",   //  TLS_DHE_RSA_WITH_AES_256_CBC_RMD160  = 121
-    null_str, // 122
-    null_str, // 123
-    "DES-CBC3-RMD", //  TLS_RSA_WITH_3DES_EDE_CBC_RMD160     = 124
-    "AES128-RMD",   //  TLS_RSA_WITH_AES_128_CBC_RMD160      = 125
-    "AES256-RMD",   //  TLS_RSA_WITH_AES_256_CBC_RMD160      = 126
-    null_str // 127
-};
-
-// fill with MD5 pad size since biggest required
-const opaque PAD1[PAD_MD5] =  { 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
-                                0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
-                                0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
-                                0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
-                                0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36,
-                                0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36
-                              };
-const opaque PAD2[PAD_MD5] =  { 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
-                                0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
-                                0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
-                                0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
-                                0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c,
-                                0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c, 0x5c
-                              };
-
-const opaque client[SIZEOF_SENDER] = { 0x43, 0x4C, 0x4E, 0x54 };
-const opaque server[SIZEOF_SENDER] = { 0x53, 0x52, 0x56, 0x52 };
-
-const opaque tls_client[FINISHED_LABEL_SZ + 1] = "client finished";
-const opaque tls_server[FINISHED_LABEL_SZ + 1] = "server finished";
-
-const opaque master_label[MASTER_LABEL_SZ + 1] = "master secret";
-const opaque key_label   [KEY_LABEL_SZ + 1]    = "key expansion";
-
-
-} // naemspace
-
-#if __GNUC__ == 2 && __GNUC_MINOR__ <= 96
-/*
-  gcc 2.96 bails out because of two declarations of byte: yaSSL::byte and
-  TaoCrypt::byte. TODO: define global types.hpp and move the declaration of
-  'byte' there.
-*/
-using yaSSL::byte;
-#endif
-
-
-#endif // yaSSL_TYPES_HPP
diff --git a/extra/yassl/lib/dummy b/extra/yassl/lib/dummy
deleted file mode 100644
index 85c1efd587f..00000000000
--- a/extra/yassl/lib/dummy
+++ /dev/null
@@ -1 +0,0 @@
-// this is a dummy file
diff --git a/extra/yassl/src/buffer.cpp b/extra/yassl/src/buffer.cpp
deleted file mode 100644
index 919aa9c7436..00000000000
--- a/extra/yassl/src/buffer.cpp
+++ /dev/null
@@ -1,331 +0,0 @@
-/*
-   Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-
-/* yaSSL buffer header implements input/output buffers to simulate streaming
- * with SSL types and sockets
- */
-
-#ifdef HAVE_CONFIG_H
-#include "config.h"
-#endif
-
-#include              // memcpy
-#include "runtime.hpp"
-#include "buffer.hpp"
-#include "yassl_types.hpp"
-
-namespace yaSSL {
-
-
-
-
-/* return 0 on check success, always true for NoCheck policy */
-int NoCheck::check(uint, uint) 
-{
-    return 0;
-}
-
-/* return 0 on check success */
-int Check::check(uint i, uint max) 
-{
-    if (i < max)
-        return 0;
-
-    return -1;
-}
-
-
-/* input_buffer operates like a smart c style array with a checking option, 
- * meant to be read from through [] with AUTO index or read().
- * Should only write to at/near construction with assign() or raw (e.g., recv)
- * followed by add_size with the number of elements added by raw write.
- *
- * Not using vector because need checked []access, offset, and the ability to
- * write to the buffer bulk wise and have the correct size
- */
-
-
-input_buffer::input_buffer() 
-    : size_(0), current_(0), buffer_(0), end_(0), error_(0), zero_(0)
-{}
-
-
-input_buffer::input_buffer(uint s) 
-    : size_(0), current_(0), buffer_(NEW_YS byte[s]), end_(buffer_ + s),
-      error_(0), zero_(0)
-{}
-
-
-// with assign
-input_buffer::input_buffer(uint s, const byte* t, uint len) 
-    : size_(0), current_(0), buffer_(NEW_YS byte[s]), end_(buffer_ + s),
-      error_(0), zero_(0)
-{ 
-    assign(t, len); 
-}
-
-
-input_buffer::~input_buffer() 
-{ 
-    ysArrayDelete(buffer_); 
-}
-
-
-// users can pass defualt zero length buffer and then allocate
-void input_buffer::allocate(uint s) 
-{ 
-    if (error_ == 0) {
-        buffer_ = NEW_YS byte[s];
-        end_ = buffer_ + s;
-    }
-}
-
-
-// for passing to raw writing functions at beginning, then use add_size
-byte* input_buffer::get_buffer() const 
-{ 
-    return buffer_; 
-}
-
-
-// after a raw write user can set NEW_YS size
-// if you know the size before the write use assign()
-void input_buffer::add_size(uint i) 
-{ 
-    if (error_ == 0 && check(size_ + i-1, get_capacity()) == 0)
-        size_ += i;
-    else
-        error_ = -1;
-}
-
-
-uint input_buffer::get_capacity()  const 
-{ 
-    if (error_ == 0)
-        return end_ - buffer_;
-
-    return 0;
-}
-
-
-uint input_buffer::get_current()   const 
-{ 
-    if (error_ == 0)
-        return current_;
-
-    return 0;
-}
-
-
-uint input_buffer::get_size()      const 
-{ 
-    if (error_ == 0)
-        return size_;
-
-    return 0;
-}
-
-
-uint input_buffer::get_remaining() const 
-{ 
-    if (error_ == 0)
-        return size_ - current_;
-
-    return 0;
-}
-
-
-int input_buffer::get_error() const 
-{ 
-    return error_;
-}
-
-
-void input_buffer::set_error()
-{ 
-    error_ = -1;
-}
-
-
-void input_buffer::set_current(uint i) 
-{
-    if (error_ == 0 && check(i ? i - 1 : 0, size_) == 0)
-        current_ = i;
-    else
-        error_ = -1;
-}
-
-
-// read only access through [], advance current
-// user passes in AUTO index for ease of use
-const byte& input_buffer::operator[](uint i) 
-{
-    if (error_ == 0 && check(current_, size_) == 0)
-        return buffer_[current_++];
-
-    error_ = -1;
-    return zero_;
-}
-
-
-// end of input test
-bool input_buffer::eof() 
-{ 
-    if (error_ != 0)
-        return true;
-
-    return current_ >= size_; 
-}
-
-
-// peek ahead
-byte input_buffer::peek()
-{
-    if (error_ == 0 && check(current_, size_) == 0)
-        return buffer_[current_];
-
-    error_ = -1;
-    return 0;
-}
-
-
-// write function, should use at/near construction
-void input_buffer::assign(const byte* t, uint s)
-{
-    if (t && error_ == 0 && check(current_, get_capacity()) == 0) {
-        add_size(s);
-        if (error_ == 0) {
-            memcpy(&buffer_[current_], t, s);
-            return;  // success
-        }
-    }
-
-    error_ = -1;
-}
-
-
-// use read to query input, adjusts current
-void input_buffer::read(byte* dst, uint length)
-{
-    if (dst && error_ == 0 && check(current_ + length - 1, size_) == 0) {
-        memcpy(dst, &buffer_[current_], length);
-        current_ += length;
-    } else {
-        error_ = -1;
-    }
-}
-
-
-
-/* output_buffer operates like a smart c style array with a checking option.
- * Meant to be written to through [] with AUTO index or write().
- * Size (current) counter increases when written to. Can be constructed with 
- * zero length buffer but be sure to allocate before first use. 
- * Don't use add write for a couple bytes, use [] instead, way less overhead.
- * 
- * Not using vector because need checked []access and the ability to
- * write to the buffer bulk wise and retain correct size
- */
-
-
-output_buffer::output_buffer() 
-    : current_(0), buffer_(0), end_(0) 
-{}
-
-
-// with allocate
-output_buffer::output_buffer(uint s) 
-    : current_(0), buffer_(NEW_YS byte[s]), end_(buffer_ + s) 
-{}
-
-
-// with assign
-output_buffer::output_buffer(uint s, const byte* t, uint len) 
-    : current_(0), buffer_(NEW_YS byte[s]), end_(buffer_+ s) 
-{ 
-    write(t, len); 
-}
-
-
-output_buffer::~output_buffer() 
-{ 
-    ysArrayDelete(buffer_); 
-}
-
-
-uint output_buffer::get_size() const 
-{ 
-    return current_; 
-}
-
-
-uint output_buffer::get_capacity() const 
-{ 
-    return (uint) (end_ - buffer_); 
-}
-
-
-void output_buffer::set_current(uint c) 
-{ 
-    check(c, get_capacity()); 
-    current_ = c; 
-}
-
-
-// users can pass defualt zero length buffer and then allocate
-void output_buffer::allocate(uint s) 
-{ 
-    buffer_ = NEW_YS byte[s]; end_ = buffer_ + s; 
-}
-
-
-// for passing to reading functions when finished
-const byte* output_buffer::get_buffer() const 
-{ 
-    return buffer_; 
-}
-
-
-// allow write access through [], update current
-// user passes in AUTO as index for ease of use
-byte& output_buffer::operator[](uint i) 
-{
-    check(current_, get_capacity());
-    return buffer_[current_++];
-}
-
-
-// end of output test
-bool output_buffer::eof() 
-{ 
-    return current_ >= get_capacity(); 
-}
-
-
-void output_buffer::write(const byte* t, uint s)
-{
-    check(current_ + s - 1, get_capacity()); 
-    memcpy(&buffer_[current_], t, s);
-    current_ += s;
-}
-
-
-
-} // naemspace
-
diff --git a/extra/yassl/src/cert_wrapper.cpp b/extra/yassl/src/cert_wrapper.cpp
deleted file mode 100644
index 7e2c179f964..00000000000
--- a/extra/yassl/src/cert_wrapper.cpp
+++ /dev/null
@@ -1,408 +0,0 @@
-/*
-   Copyright (c) 2005, 2014, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-
-/*  The certificate wrapper source implements certificate management functions
- *
- */
-
-#include "runtime.hpp"
-#include "cert_wrapper.hpp"
-#include "yassl_int.hpp"
-#include "error.hpp"
-
-#if defined(USE_CML_LIB)
-    #include "cmapi_cpp.h"
-#else
-    #include "asn.hpp"
-    #include "file.hpp"
-#endif // USE_CML_LIB
-
-
-namespace yaSSL {
-
-
-x509::x509(uint sz) : length_(sz), buffer_(NEW_YS opaque[sz]) 
-{
-}
-
-
-x509::~x509() 
-{ 
-    ysArrayDelete(buffer_); 
-}
-
-
-x509::x509(const x509& that) : length_(that.length_),
-                               buffer_(NEW_YS opaque[length_])
-{
-    memcpy(buffer_, that.buffer_, length_);
-}
-
-
-void x509::Swap(x509& that)
-{
-    STL::swap(length_, that.length_);
-    STL::swap(buffer_, that.buffer_);
-}
-
-
-x509& x509::operator=(const x509& that)
-{
-    x509 temp(that);
-    Swap(temp);
-    return *this;
-}
-
-
-uint x509::get_length() const
-{ 
-    return length_; 
-}
-
-
-const opaque* x509::get_buffer() const
-{ 
-    return buffer_; 
-}
-
-
-opaque* x509::use_buffer()
-{ 
-    return buffer_; 
-}
-
-
-//CertManager
-CertManager::CertManager()
-    : peerX509_(0), selfX509_(0), verifyPeer_(false), verifyNone_(false), failNoCert_(false),
-      sendVerify_(false), sendBlankCert_(false), verifyCallback_(0)
-{}
-
-
-CertManager::~CertManager()
-{
-    ysDelete(peerX509_);
-    ysDelete(selfX509_);
-
-    STL::for_each(signers_.begin(), signers_.end(), del_ptr_zero()) ;
-
-    STL::for_each(peerList_.begin(), peerList_.end(), del_ptr_zero()) ;
-
-    STL::for_each(list_.begin(), list_.end(), del_ptr_zero()) ;
-}
-
-
-bool CertManager::verifyPeer() const
-{
-    return verifyPeer_;
-}
-
-
-bool CertManager::verifyNone() const
-{
-    return verifyNone_;
-}
-
-
-bool CertManager::failNoCert() const
-{
-    return failNoCert_;
-}
-
-
-bool CertManager::sendVerify() const
-{
-    return sendVerify_;
-}
-
-
-void CertManager::setVerifyPeer()
-{
-    verifyPeer_ = true;
-}
-
-
-void CertManager::setVerifyNone()
-{
-    verifyNone_ = true;
-}
-
-bool CertManager::sendBlankCert() const
-{
-  return sendBlankCert_;
-}
-
-
-void CertManager::setFailNoCert()
-{
-    failNoCert_ = true;
-}
-
-
-void CertManager::setSendVerify()
-{
-    sendVerify_ = true;
-}
-
-void CertManager::setSendBlankCert()
-{
-  sendBlankCert_ = true;
-}
-
-
-void CertManager::setVerifyCallback(VerifyCallback vc)
-{
-    verifyCallback_ = vc;
-}
-
-
-void CertManager::AddPeerCert(x509* x)
-{ 
-    peerList_.push_back(x);  // take ownership
-}
-
-
-void CertManager::CopySelfCert(const x509* x)
-{
-    if (x)
-        list_.push_back(NEW_YS x509(*x));
-}
-
-
-// add to signers
-int CertManager::CopyCaCert(const x509* x)
-{
-    TaoCrypt::Source source(x->get_buffer(), x->get_length());
-    TaoCrypt::CertDecoder cert(source, true, &signers_, verifyNone_,
-                               TaoCrypt::CertDecoder::CA);
-
-    if (!cert.GetError().What()) {
-        const TaoCrypt::PublicKey& key = cert.GetPublicKey();
-        signers_.push_back(NEW_YS TaoCrypt::Signer(key.GetKey(), key.size(),
-                                        cert.GetCommonName(), cert.GetHash()));
-    }
-    // just don't add, not an error return cert.GetError().What();
-    return 0;
-}
-
-
-const x509* CertManager::get_cert() const
-{ 
-    return list_.front();
-}
-
-
-const opaque* CertManager::get_peerKey() const
-{ 
-    return peerPublicKey_.get_buffer();
-}
-
-
-X509* CertManager::get_peerX509() const
-{
-    return peerX509_;
-}
-
-
-X509* CertManager::get_selfX509() const
-{
-    return selfX509_;
-}
-
-
-SignatureAlgorithm CertManager::get_peerKeyType() const
-{
-    return peerKeyType_;
-}
-
-
-SignatureAlgorithm CertManager::get_keyType() const
-{
-    return keyType_;
-}
-
-
-uint CertManager::get_peerKeyLength() const
-{ 
-    return peerPublicKey_.get_size();
-}
-
-
-const opaque* CertManager::get_privateKey() const
-{ 
-    return privateKey_.get_buffer();
-}
-
-
-uint CertManager::get_privateKeyLength() const
-{ 
-    return privateKey_.get_size();
-}
-
-
-// Validate the peer's certificate list, from root to peer (last to first)
-int CertManager::Validate()
-{
-    CertList::reverse_iterator last = peerList_.rbegin();
-    size_t count = peerList_.size();
-
-    while ( count > 1 ) {
-        TaoCrypt::Source source((*last)->get_buffer(), (*last)->get_length());
-        TaoCrypt::CertDecoder cert(source, true, &signers_, verifyNone_);
-
-        if (int err = cert.GetError().What())
-            return err;
-
-        const TaoCrypt::PublicKey& key = cert.GetPublicKey();
-        signers_.push_back(NEW_YS TaoCrypt::Signer(key.GetKey(), key.size(),
-                                        cert.GetCommonName(), cert.GetHash()));
-        ++last;
-        --count;
-    }
-
-    if (count) {
-        // peer's is at the front
-        TaoCrypt::Source source((*last)->get_buffer(), (*last)->get_length());
-        TaoCrypt::CertDecoder cert(source, true, &signers_, verifyNone_);
-
-        int err = cert.GetError().What();
-        if ( err && err != TaoCrypt::SIG_OTHER_E)
-            return err;
-
-        uint sz = cert.GetPublicKey().size();
-        peerPublicKey_.allocate(sz);
-        peerPublicKey_.assign(cert.GetPublicKey().GetKey(), sz);
-
-        if (cert.GetKeyType() == TaoCrypt::RSAk)
-            peerKeyType_ = rsa_sa_algo;
-        else
-            peerKeyType_ = dsa_sa_algo;
-
-        size_t iSz = strlen(cert.GetIssuer()) + 1;
-        size_t sSz = strlen(cert.GetCommonName()) + 1;
-        ASN1_STRING beforeDate, afterDate;
-        beforeDate.data= (unsigned char *) cert.GetBeforeDate();
-        beforeDate.type= cert.GetBeforeDateType();
-        beforeDate.length= (int)strlen((char *) beforeDate.data) + 1;
-        afterDate.data= (unsigned char *) cert.GetAfterDate();
-        afterDate.type= cert.GetAfterDateType();
-        afterDate.length= (int)strlen((char *) afterDate.data) + 1;
-        peerX509_ = NEW_YS X509(cert.GetIssuer(), iSz, cert.GetCommonName(),
-                                sSz, &beforeDate, &afterDate,
-                                cert.GetIssuerCnStart(), cert.GetIssuerCnLength(),
-                                cert.GetSubjectCnStart(), cert.GetSubjectCnLength()
-                                );
-
-        if (err == TaoCrypt::SIG_OTHER_E && verifyCallback_) {
-            X509_STORE_CTX store;
-            store.error = err;
-            store.error_depth = static_cast(count) - 1;
-            store.current_cert = peerX509_;
-
-            int ok = verifyCallback_(0, &store);
-            if (ok) return 0;
-        }
-
-        if (err == TaoCrypt::SIG_OTHER_E) return err;
-    }
-    return 0;
-}
-
-
-// Set the private key
-int CertManager::SetPrivateKey(const x509& key)
-{
-    privateKey_.allocate(key.get_length());
-    privateKey_.assign(key.get_buffer(), key.get_length());
-
-    // set key type
-    if (x509* cert = list_.front()) {
-        TaoCrypt::Source source(cert->get_buffer(), cert->get_length());
-        TaoCrypt::CertDecoder cd(source, false);
-        cd.DecodeToKey();
-        if (int err = cd.GetError().What())
-            return err;
-        if (cd.GetKeyType() == TaoCrypt::RSAk)
-            keyType_ = rsa_sa_algo;
-        else
-            keyType_ = dsa_sa_algo;
-
-        size_t iSz = strlen(cd.GetIssuer()) + 1;
-        size_t sSz = strlen(cd.GetCommonName()) + 1;
-        ASN1_STRING beforeDate, afterDate;
-        beforeDate.data= (unsigned char *) cd.GetBeforeDate();
-        beforeDate.type= cd.GetBeforeDateType();
-        beforeDate.length= (int)strlen((char *) beforeDate.data) + 1;
-        afterDate.data= (unsigned char *) cd.GetAfterDate();
-        afterDate.type= cd.GetAfterDateType();
-        afterDate.length= (int)strlen((char *) afterDate.data) + 1;
-        selfX509_ = NEW_YS X509(cd.GetIssuer(), iSz, cd.GetCommonName(),
-                                sSz, &beforeDate, &afterDate,
-                                cd.GetIssuerCnStart(), cd.GetIssuerCnLength(),
-                                cd.GetSubjectCnStart(), cd.GetSubjectCnLength());
-    }
-    return 0;
-}
-
-
-// Store OpenSSL type peer's cert
-void CertManager::setPeerX509(X509* x)
-{
-    if (x == 0) return;
-
-    X509_NAME* issuer   = x->GetIssuer();
-    X509_NAME* subject  = x->GetSubject();
-    ASN1_STRING* before = x->GetBefore();
-    ASN1_STRING* after  = x->GetAfter();
-
-    peerX509_ = NEW_YS X509(issuer->GetName(), issuer->GetLength(),
-        subject->GetName(), subject->GetLength(), before, after,
-        issuer->GetCnPosition(), issuer->GetCnLength(),
-        subject->GetCnPosition(), subject->GetCnLength());
-}
-
-
-#if defined(USE_CML_LIB)
-
-// Get the peer's certificate, extract and save public key
-void CertManager::SetPeerKey()
-{
-    // first cert is the peer's
-    x509* main = peerList_.front();
-
-    Bytes_struct cert;
-    cert.num  = main->get_length();
-    cert.data = main->set_buffer();
-
-    CML::Certificate cm(cert);
-    const CML::ASN::Cert& raw = cm.base();
-    CTIL::CSM_Buffer key = raw.pubKeyInfo.key;
-
-    uint sz;
-    opaque* key_buffer = reinterpret_cast(key.Get(sz));
-    peerPublicKey_.allocate(sz);
-    peerPublicKey_.assign(key_buffer, sz);
-}
-
-
-#endif // USE_CML_LIB
-
-
-
-} // namespace
diff --git a/extra/yassl/src/crypto_wrapper.cpp b/extra/yassl/src/crypto_wrapper.cpp
deleted file mode 100644
index acafea5005e..00000000000
--- a/extra/yassl/src/crypto_wrapper.cpp
+++ /dev/null
@@ -1,998 +0,0 @@
-/*
-   Copyright (c) 2005, 2012, Oracle and/or its affiliates
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/*  The crypto wrapper source implements the policies for the cipher
- *  components used by SSL.
- *
- *  The implementation relies on a specfic library, taoCrypt.
- */
-
-#if !defined(USE_CRYPTOPP_LIB)
-
-#include "runtime.hpp"
-#include "crypto_wrapper.hpp"
-#include "cert_wrapper.hpp"
-
-#include "md5.hpp"
-#include "sha.hpp"
-#include "ripemd.hpp"
-#include "hmac.hpp"
-#include "modes.hpp"
-#include "des.hpp"
-#include "arc4.hpp"
-#include "aes.hpp"
-#include "rsa.hpp"
-#include "dsa.hpp"
-#include "dh.hpp"
-#include "random.hpp"
-#include "file.hpp"
-#include "coding.hpp"
-
-
-namespace yaSSL {
-
-
-// MD5 Implementation
-struct MD5::MD5Impl {
-    TaoCrypt::MD5 md5_;
-    MD5Impl() {}
-    explicit MD5Impl(const TaoCrypt::MD5& md5) : md5_(md5) {}
-};
-
-
-MD5::MD5() : pimpl_(NEW_YS MD5Impl) {}
-
-
-MD5::~MD5() { ysDelete(pimpl_); }
-
-
-MD5::MD5(const MD5& that) : Digest(), pimpl_(NEW_YS 
-                                             MD5Impl(that.pimpl_->md5_)) {}
-
-
-MD5& MD5::operator=(const MD5& that)
-{
-    pimpl_->md5_ = that.pimpl_->md5_;
-    return *this;
-}
-
-
-uint MD5::get_digestSize() const
-{
-    return MD5_LEN;
-}
-
-
-uint MD5::get_padSize() const
-{
-    return PAD_MD5;
-}
-
-
-// Fill out with MD5 digest from in that is sz bytes, out must be >= digest sz
-void MD5::get_digest(byte* out, const byte* in, unsigned int sz)
-{
-    pimpl_->md5_.Update(in, sz);
-    pimpl_->md5_.Final(out);
-}
-
-// Fill out with MD5 digest from previous updates
-void MD5::get_digest(byte* out)
-{
-    pimpl_->md5_.Final(out);
-}
-
-
-// Update the current digest
-void MD5::update(const byte* in, unsigned int sz)
-{
-    pimpl_->md5_.Update(in, sz);
-}
-
-
-// SHA Implementation
-struct SHA::SHAImpl {
-    TaoCrypt::SHA sha_;
-    SHAImpl() {}
-    explicit SHAImpl(const TaoCrypt::SHA& sha) : sha_(sha) {}
-};
-
-
-SHA::SHA() : pimpl_(NEW_YS SHAImpl) {}
-
-
-SHA::~SHA() { ysDelete(pimpl_); }
-
-
-SHA::SHA(const SHA& that) : Digest(), pimpl_(NEW_YS SHAImpl(that.pimpl_->sha_)) {}
-
-SHA& SHA::operator=(const SHA& that)
-{
-    pimpl_->sha_ = that.pimpl_->sha_;
-    return *this;
-}
-
-
-uint SHA::get_digestSize() const
-{
-    return SHA_LEN;
-}
-
-
-uint SHA::get_padSize() const
-{
-    return PAD_SHA;
-}
-
-
-// Fill out with SHA digest from in that is sz bytes, out must be >= digest sz
-void SHA::get_digest(byte* out, const byte* in, unsigned int sz)
-{
-    pimpl_->sha_.Update(in, sz);
-    pimpl_->sha_.Final(out);
-}
-
-
-// Fill out with SHA digest from previous updates
-void SHA::get_digest(byte* out)
-{
-    pimpl_->sha_.Final(out);
-}
-
-
-// Update the current digest
-void SHA::update(const byte* in, unsigned int sz)
-{
-    pimpl_->sha_.Update(in, sz);
-}
-
-
-// RMD-160 Implementation
-struct RMD::RMDImpl {
-    TaoCrypt::RIPEMD160 rmd_;
-    RMDImpl() {}
-    explicit RMDImpl(const TaoCrypt::RIPEMD160& rmd) : rmd_(rmd) {}
-};
-
-
-RMD::RMD() : pimpl_(NEW_YS RMDImpl) {}
-
-
-RMD::~RMD() { ysDelete(pimpl_); }
-
-
-RMD::RMD(const RMD& that) : Digest(), pimpl_(NEW_YS RMDImpl(that.pimpl_->rmd_)) {}
-
-RMD& RMD::operator=(const RMD& that)
-{
-    pimpl_->rmd_ = that.pimpl_->rmd_;
-    return *this;
-}
-
-
-uint RMD::get_digestSize() const
-{
-    return RMD_LEN;
-}
-
-
-uint RMD::get_padSize() const
-{
-    return PAD_RMD;
-}
-
-
-// Fill out with RMD digest from in that is sz bytes, out must be >= digest sz
-void RMD::get_digest(byte* out, const byte* in, unsigned int sz)
-{
-    pimpl_->rmd_.Update(in, sz);
-    pimpl_->rmd_.Final(out);
-}
-
-
-// Fill out with RMD digest from previous updates
-void RMD::get_digest(byte* out)
-{
-    pimpl_->rmd_.Final(out);
-}
-
-
-// Update the current digest
-void RMD::update(const byte* in, unsigned int sz)
-{
-    pimpl_->rmd_.Update(in, sz);
-}
-
-
-// HMAC_MD5 Implementation
-struct HMAC_MD5::HMAC_MD5Impl {
-    TaoCrypt::HMAC mac_;
-    HMAC_MD5Impl() {}
-};
-
-
-HMAC_MD5::HMAC_MD5(const byte* secret, unsigned int len) 
-    : pimpl_(NEW_YS HMAC_MD5Impl) 
-{
-    pimpl_->mac_.SetKey(secret, len);
-}
-
-
-HMAC_MD5::~HMAC_MD5() { ysDelete(pimpl_); }
-
-
-uint HMAC_MD5::get_digestSize() const
-{
-    return MD5_LEN;
-}
-
-
-uint HMAC_MD5::get_padSize() const
-{
-    return PAD_MD5;
-}
-
-
-// Fill out with MD5 digest from in that is sz bytes, out must be >= digest sz
-void HMAC_MD5::get_digest(byte* out, const byte* in, unsigned int sz)
-{
-    pimpl_->mac_.Update(in, sz);
-    pimpl_->mac_.Final(out);
-}
-
-// Fill out with MD5 digest from previous updates
-void HMAC_MD5::get_digest(byte* out)
-{
-    pimpl_->mac_.Final(out);
-}
-
-
-// Update the current digest
-void HMAC_MD5::update(const byte* in, unsigned int sz)
-{
-    pimpl_->mac_.Update(in, sz);
-}
-
-
-// HMAC_SHA Implementation
-struct HMAC_SHA::HMAC_SHAImpl {
-    TaoCrypt::HMAC mac_;
-    HMAC_SHAImpl() {}
-};
-
-
-HMAC_SHA::HMAC_SHA(const byte* secret, unsigned int len) 
-    : pimpl_(NEW_YS HMAC_SHAImpl) 
-{
-    pimpl_->mac_.SetKey(secret, len);
-}
-
-
-HMAC_SHA::~HMAC_SHA() { ysDelete(pimpl_); }
-
-
-uint HMAC_SHA::get_digestSize() const
-{
-    return SHA_LEN;
-}
-
-
-uint HMAC_SHA::get_padSize() const
-{
-    return PAD_SHA;
-}
-
-
-// Fill out with SHA digest from in that is sz bytes, out must be >= digest sz
-void HMAC_SHA::get_digest(byte* out, const byte* in, unsigned int sz)
-{
-    pimpl_->mac_.Update(in, sz);
-    pimpl_->mac_.Final(out);
-}
-
-// Fill out with SHA digest from previous updates
-void HMAC_SHA::get_digest(byte* out)
-{
-    pimpl_->mac_.Final(out);
-}
-
-
-// Update the current digest
-void HMAC_SHA::update(const byte* in, unsigned int sz)
-{
-    pimpl_->mac_.Update(in, sz);
-}
-
-
-
-// HMAC_RMD Implementation
-struct HMAC_RMD::HMAC_RMDImpl {
-    TaoCrypt::HMAC mac_;
-    HMAC_RMDImpl() {}
-};
-
-
-HMAC_RMD::HMAC_RMD(const byte* secret, unsigned int len) 
-    : pimpl_(NEW_YS HMAC_RMDImpl) 
-{
-    pimpl_->mac_.SetKey(secret, len);
-}
-
-
-HMAC_RMD::~HMAC_RMD() { ysDelete(pimpl_); }
-
-
-uint HMAC_RMD::get_digestSize() const
-{
-    return RMD_LEN;
-}
-
-
-uint HMAC_RMD::get_padSize() const
-{
-    return PAD_RMD;
-}
-
-
-// Fill out with RMD digest from in that is sz bytes, out must be >= digest sz
-void HMAC_RMD::get_digest(byte* out, const byte* in, unsigned int sz)
-{
-    pimpl_->mac_.Update(in, sz);
-    pimpl_->mac_.Final(out);
-}
-
-// Fill out with RMD digest from previous updates
-void HMAC_RMD::get_digest(byte* out)
-{
-    pimpl_->mac_.Final(out);
-}
-
-
-// Update the current digest
-void HMAC_RMD::update(const byte* in, unsigned int sz)
-{
-    pimpl_->mac_.Update(in, sz);
-}
-
-
-struct DES::DESImpl {
-    TaoCrypt::DES_CBC_Encryption encryption;
-    TaoCrypt::DES_CBC_Decryption decryption;
-};
-
-
-DES::DES() : pimpl_(NEW_YS DESImpl) {}
-
-DES::~DES() { ysDelete(pimpl_); }
-
-
-void DES::set_encryptKey(const byte* k, const byte* iv)
-{
-    pimpl_->encryption.SetKey(k, DES_KEY_SZ, iv);
-}
-
-
-void DES::set_decryptKey(const byte* k, const byte* iv)
-{
-    pimpl_->decryption.SetKey(k, DES_KEY_SZ, iv);
-}
-
-// DES encrypt plain of length sz into cipher
-void DES::encrypt(byte* cipher, const byte* plain, unsigned int sz)
-{
-    pimpl_->encryption.Process(cipher, plain, sz);
-}
-
-
-// DES decrypt cipher of length sz into plain
-void DES::decrypt(byte* plain, const byte* cipher, unsigned int sz)
-{
-    pimpl_->decryption.Process(plain, cipher, sz);
-}
-
-
-struct DES_EDE::DES_EDEImpl {
-    TaoCrypt::DES_EDE3_CBC_Encryption encryption;
-    TaoCrypt::DES_EDE3_CBC_Decryption decryption;
-};
-
-
-DES_EDE::DES_EDE() : pimpl_(NEW_YS DES_EDEImpl) {}
-
-DES_EDE::~DES_EDE() { ysDelete(pimpl_); }
-
-
-void DES_EDE::set_encryptKey(const byte* k, const byte* iv)
-{
-    pimpl_->encryption.SetKey(k, DES_EDE_KEY_SZ, iv);
-}
-
-
-void DES_EDE::set_decryptKey(const byte* k, const byte* iv)
-{
-    pimpl_->decryption.SetKey(k, DES_EDE_KEY_SZ, iv);
-}
-
-
-// 3DES encrypt plain of length sz into cipher
-void DES_EDE::encrypt(byte* cipher, const byte* plain, unsigned int sz)
-{
-    pimpl_->encryption.Process(cipher, plain, sz);
-}
-
-
-// 3DES decrypt cipher of length sz into plain
-void DES_EDE::decrypt(byte* plain, const byte* cipher, unsigned int sz)
-{
-    pimpl_->decryption.Process(plain, cipher, sz);
-}
-
-
-// Implementation of alledged RC4
-struct RC4::RC4Impl {
-    TaoCrypt::ARC4::Encryption encryption;
-    TaoCrypt::ARC4::Decryption decryption;
-};
-
-
-RC4::RC4() : pimpl_(NEW_YS RC4Impl) {}
-
-RC4::~RC4() { ysDelete(pimpl_); }
-
-
-void RC4::set_encryptKey(const byte* k, const byte*)
-{
-    pimpl_->encryption.SetKey(k, RC4_KEY_SZ);
-}
-
-
-void RC4::set_decryptKey(const byte* k, const byte*)
-{
-    pimpl_->decryption.SetKey(k, RC4_KEY_SZ);
-}
-
-
-// RC4 encrypt plain of length sz into cipher
-void RC4::encrypt(byte* cipher, const byte* plain, unsigned int sz)
-{
-    pimpl_->encryption.Process(cipher, plain, sz);
-}
-
-
-// RC4 decrypt cipher of length sz into plain
-void RC4::decrypt(byte* plain, const byte* cipher, unsigned int sz)
-{
-    pimpl_->decryption.Process(plain, cipher, sz);
-}
-
-
-
-// Implementation of AES
-struct AES::AESImpl {
-    TaoCrypt::AES_CBC_Encryption encryption;
-    TaoCrypt::AES_CBC_Decryption decryption;
-    unsigned int keySz_;
-
-    AESImpl(unsigned int ks) : keySz_(ks) {}
-};
-
-
-AES::AES(unsigned int ks) : pimpl_(NEW_YS AESImpl(ks)) {}
-
-AES::~AES() { ysDelete(pimpl_); }
-
-
-int AES::get_keySize() const
-{
-    return pimpl_->keySz_;
-}
-
-
-void AES::set_encryptKey(const byte* k, const byte* iv)
-{
-    pimpl_->encryption.SetKey(k, pimpl_->keySz_, iv);
-}
-
-
-void AES::set_decryptKey(const byte* k, const byte* iv)
-{
-    pimpl_->decryption.SetKey(k, pimpl_->keySz_, iv);
-}
-
-
-// AES encrypt plain of length sz into cipher
-void AES::encrypt(byte* cipher, const byte* plain, unsigned int sz)
-{
-    pimpl_->encryption.Process(cipher, plain, sz);
-}
-
-
-// AES decrypt cipher of length sz into plain
-void AES::decrypt(byte* plain, const byte* cipher, unsigned int sz)
-{
-    pimpl_->decryption.Process(plain, cipher, sz);
-}
-
-
-struct RandomPool::RandomImpl {
-    TaoCrypt::RandomNumberGenerator RNG_;
-};
-
-RandomPool::RandomPool() : pimpl_(NEW_YS RandomImpl) {}
-
-RandomPool::~RandomPool() { ysDelete(pimpl_); }
-
-int RandomPool::GetError() const
-{
-    return pimpl_->RNG_.GetError(); 
-}
-
-void RandomPool::Fill(opaque* dst, uint sz) const
-{
-    pimpl_->RNG_.GenerateBlock(dst, sz);
-}
-
-
-// Implementation of DSS Authentication
-struct DSS::DSSImpl {
-    void SetPublic (const byte*, unsigned int);
-    void SetPrivate(const byte*, unsigned int);
-    TaoCrypt::DSA_PublicKey publicKey_;
-    TaoCrypt::DSA_PrivateKey privateKey_;
-};
-
-
-// Decode and store the public key
-void DSS::DSSImpl::SetPublic(const byte* key, unsigned int sz)
-{
-    TaoCrypt::Source source(key, sz);
-    publicKey_.Initialize(source);
-}
-
-
-// Decode and store the public key
-void DSS::DSSImpl::SetPrivate(const byte* key, unsigned int sz)
-{
-    TaoCrypt::Source source(key, sz);
-    privateKey_.Initialize(source);
-    publicKey_ = TaoCrypt::DSA_PublicKey(privateKey_);
-
-}
-
-
-// Set public or private key
-DSS::DSS(const byte* key, unsigned int sz, bool publicKey) 
-    : pimpl_(NEW_YS DSSImpl)
-{
-    if (publicKey) 
-        pimpl_->SetPublic(key, sz);
-    else
-        pimpl_->SetPrivate(key, sz);
-}
-
-
-DSS::~DSS()
-{
-    ysDelete(pimpl_);
-}
-
-
-uint DSS::get_signatureLength() const
-{
-    return pimpl_->publicKey_.SignatureLength();
-}
-
-
-// DSS Sign message of length sz into sig
-void DSS::sign(byte* sig,  const byte* sha_digest, unsigned int /* shaSz */,
-               const RandomPool& random)
-{
-    using namespace TaoCrypt;
-
-    DSA_Signer signer(pimpl_->privateKey_);
-    signer.Sign(sha_digest, sig, random.pimpl_->RNG_);
-}
-
-
-// DSS Verify message of length sz against sig, is it correct?
-bool DSS::verify(const byte* sha_digest, unsigned int /* shaSz */,
-                 const byte* sig, unsigned int /* sigSz */)
-{
-    using namespace TaoCrypt;
-
-    DSA_Verifier ver(pimpl_->publicKey_);
-    return ver.Verify(sha_digest, sig);
-}
-
-
-// Implementation of RSA key interface
-struct RSA::RSAImpl {
-    void SetPublic (const byte*, unsigned int);
-    void SetPrivate(const byte*, unsigned int);
-    TaoCrypt::RSA_PublicKey publicKey_;
-    TaoCrypt::RSA_PrivateKey privateKey_;
-};
-
-
-// Decode and store the public key
-void RSA::RSAImpl::SetPublic(const byte* key, unsigned int sz)
-{
-    TaoCrypt::Source source(key, sz);
-    publicKey_.Initialize(source);
-}
-
-
-// Decode and store the private key
-void RSA::RSAImpl::SetPrivate(const byte* key, unsigned int sz)
-{
-    TaoCrypt::Source source(key, sz);
-    privateKey_.Initialize(source);
-    publicKey_ = TaoCrypt::RSA_PublicKey(privateKey_);
-}
-
-
-// Set public or private key
-RSA::RSA(const byte* key, unsigned int sz, bool publicKey) 
-    : pimpl_(NEW_YS RSAImpl)
-{
-    if (publicKey) 
-        pimpl_->SetPublic(key, sz);
-    else
-        pimpl_->SetPrivate(key, sz);
-}
-
-RSA::~RSA()
-{
-    ysDelete(pimpl_);
-}
-
-
-// get cipher text length, varies on key size
-unsigned int RSA::get_cipherLength() const
-{
-    return pimpl_->publicKey_.FixedCiphertextLength();
-}
-
-
-// get signautre length, varies on key size
-unsigned int RSA::get_signatureLength() const
-{
-    return get_cipherLength();
-}
-
-
-// RSA Sign message of length sz into sig
-void RSA::sign(byte* sig,  const byte* message, unsigned int sz,
-               const RandomPool& random)
-{
-    TaoCrypt::RSAES_Decryptor dec(pimpl_->privateKey_);
-    dec.SSL_Sign(message, sz, sig, random.pimpl_->RNG_);
-}
-
-
-// RSA Verify message of length sz against sig
-bool RSA::verify(const byte* message, unsigned int sz, const byte* sig,
-                 unsigned int)
-{
-    TaoCrypt::RSAES_Encryptor enc(pimpl_->publicKey_);
-    return enc.SSL_Verify(message, sz, sig);
-}
-
-
-// RSA public encrypt plain of length sz into cipher
-void RSA::encrypt(byte* cipher, const byte* plain, unsigned int sz,
-                  const RandomPool& random)
-{
-  
-    TaoCrypt::RSAES_Encryptor enc(pimpl_->publicKey_);
-    enc.Encrypt(plain, sz, cipher, random.pimpl_->RNG_);
-}
-
-
-// RSA private decrypt cipher of length sz into plain
-void RSA::decrypt(byte* plain, const byte* cipher, unsigned int sz,
-                  const RandomPool& random)
-{
-    TaoCrypt::RSAES_Decryptor dec(pimpl_->privateKey_);
-    dec.Decrypt(cipher, sz, plain, random.pimpl_->RNG_);
-}
-
-
-struct Integer::IntegerImpl {
-    TaoCrypt::Integer int_;
-
-    IntegerImpl() {}
-    explicit IntegerImpl(const TaoCrypt::Integer& i) : int_(i) {}
-};
-
-Integer::Integer() : pimpl_(NEW_YS IntegerImpl) {}
-
-Integer::~Integer() { ysDelete(pimpl_); }
-
-
-
-Integer::Integer(const Integer& other) : pimpl_(NEW_YS 
-                                               IntegerImpl(other.pimpl_->int_))
-{}
-
-
-Integer& Integer::operator=(const Integer& that)
-{
-    pimpl_->int_ = that.pimpl_->int_;
-
-    return *this;
-}
-
-
-void Integer::assign(const byte* num, unsigned int sz)
-{
-    pimpl_->int_ = TaoCrypt::Integer(num, sz);
-}
-
-
-struct DiffieHellman::DHImpl {
-    TaoCrypt::DH                     dh_;
-    TaoCrypt::RandomNumberGenerator& ranPool_;
-    byte* publicKey_;
-    byte* privateKey_;
-    byte* agreedKey_;
-    uint  pubKeyLength_;
-
-    DHImpl(TaoCrypt::RandomNumberGenerator& r) : ranPool_(r), publicKey_(0),
-                              privateKey_(0), agreedKey_(0), pubKeyLength_(0) {}
-    ~DHImpl() 
-    {   
-        ysArrayDelete(agreedKey_); 
-        ysArrayDelete(privateKey_); 
-        ysArrayDelete(publicKey_);
-    }
-
-    DHImpl(const DHImpl& that) : dh_(that.dh_), ranPool_(that.ranPool_),
-                  publicKey_(0), privateKey_(0), agreedKey_(0), pubKeyLength_(0)
-    {
-        uint length = dh_.GetByteLength();
-        AllocKeys(length, length, length);
-    }
-
-    void AllocKeys(unsigned int pubSz, unsigned int privSz, unsigned int agrSz)
-    {
-        publicKey_  = NEW_YS byte[pubSz];
-        privateKey_ = NEW_YS byte[privSz];
-        agreedKey_  = NEW_YS byte[agrSz];
-    }
-};
-
-
-
-/*
-// server Side DH, server's view
-DiffieHellman::DiffieHellman(const char* file, const RandomPool& random)
-    : pimpl_(NEW_YS DHImpl(random.pimpl_->RNG_))
-{
-    using namespace TaoCrypt;
-    Source source;
-    FileSource(file, source);
-    if (source.size() == 0)
-        return; // TODO add error state, and force check
-    HexDecoder hd(source);
-
-    pimpl_->dh_.Initialize(source);
-
-    uint length = pimpl_->dh_.GetByteLength();
-
-    pimpl_->AllocKeys(length, length, length);
-    pimpl_->dh_.GenerateKeyPair(pimpl_->ranPool_, pimpl_->privateKey_,
-                                                  pimpl_->publicKey_);
-}
-*/
-
-
-// server Side DH, client's view
-DiffieHellman::DiffieHellman(const byte* p, unsigned int pSz, const byte* g,
-                             unsigned int gSz, const byte* pub,
-                             unsigned int pubSz, const RandomPool& random)
-    : pimpl_(NEW_YS DHImpl(random.pimpl_->RNG_))
-{
-    using TaoCrypt::Integer;
-
-    pimpl_->dh_.Initialize(Integer(p, pSz).Ref(), Integer(g, gSz).Ref());
-    pimpl_->publicKey_ = NEW_YS opaque[pimpl_->pubKeyLength_ = pubSz];
-    memcpy(pimpl_->publicKey_, pub, pubSz);
-}
-
-
-// Server Side DH, server's view
-DiffieHellman::DiffieHellman(const Integer& p, const Integer& g,
-                             const RandomPool& random)
-: pimpl_(NEW_YS DHImpl(random.pimpl_->RNG_))
-{
-    using TaoCrypt::Integer;
-
-    pimpl_->dh_.Initialize(p.pimpl_->int_, g.pimpl_->int_);
-
-    uint length = pimpl_->dh_.GetByteLength();
-
-    pimpl_->AllocKeys(length, length, length);
-    pimpl_->dh_.GenerateKeyPair(pimpl_->ranPool_, pimpl_->privateKey_,
-                                                  pimpl_->publicKey_);
-}
-
-DiffieHellman::~DiffieHellman() { ysDelete(pimpl_); }
-
-
-// Client side and view, use server that for p and g
-DiffieHellman::DiffieHellman(const DiffieHellman& that) 
-    : pimpl_(NEW_YS DHImpl(*that.pimpl_))
-{   
-    pimpl_->dh_.GenerateKeyPair(pimpl_->ranPool_, pimpl_->privateKey_,
-                                                  pimpl_->publicKey_);
-}
-
-
-DiffieHellman& DiffieHellman::operator=(const DiffieHellman& that)
-{
-    pimpl_->dh_ = that.pimpl_->dh_;
-    pimpl_->dh_.GenerateKeyPair(pimpl_->ranPool_, pimpl_->privateKey_,
-                                                  pimpl_->publicKey_);
-    return *this;
-}
-
-
-void DiffieHellman::makeAgreement(const byte* other, unsigned int otherSz)
-{
-    pimpl_->dh_.Agree(pimpl_->agreedKey_, pimpl_->privateKey_, other, otherSz); 
-}
-
-
-uint DiffieHellman::get_agreedKeyLength() const
-{
-    return pimpl_->dh_.GetByteLength();
-}
-
-
-const byte* DiffieHellman::get_agreedKey() const
-{
-    return pimpl_->agreedKey_;
-}
-
-uint DiffieHellman::get_publicKeyLength() const
-{
-    return pimpl_->pubKeyLength_;
-}
-
-const byte* DiffieHellman::get_publicKey() const
-{
-    return pimpl_->publicKey_;
-}
-
-
-void DiffieHellman::set_sizes(int& pSz, int& gSz, int& pubSz) const
-{
-    using TaoCrypt::Integer;
-    Integer p = pimpl_->dh_.GetP();
-    Integer g = pimpl_->dh_.GetG();
-
-    pSz   = p.ByteCount();
-    gSz   = g.ByteCount();
-    pubSz = pimpl_->dh_.GetByteLength();
-}
-
-
-void DiffieHellman::get_parms(byte* bp, byte* bg, byte* bpub) const
-{
-    using TaoCrypt::Integer;
-    Integer p = pimpl_->dh_.GetP();
-    Integer g = pimpl_->dh_.GetG();
-
-    p.Encode(bp, p.ByteCount());
-    g.Encode(bg, g.ByteCount());
-    memcpy(bpub, pimpl_->publicKey_, pimpl_->dh_.GetByteLength());
-}
-
-
-// convert PEM file to DER x509 type
-x509* PemToDer(FILE* file, CertType type, EncryptedInfo* info)
-{
-    using namespace TaoCrypt;
-
-    char header[80];
-    char footer[80];
-
-    if (type == Cert) {
-        strncpy(header, "-----BEGIN CERTIFICATE-----", sizeof(header));
-        strncpy(footer, "-----END CERTIFICATE-----", sizeof(footer));
-    } else {
-        strncpy(header, "-----BEGIN RSA PRIVATE KEY-----", sizeof(header));
-        strncpy(footer, "-----END RSA PRIVATE KEY-----", sizeof(header));
-    }
-
-    long begin = -1;
-    long end   = 0;
-    bool foundEnd = false;
-
-    char line[80];
-
-    while(fgets(line, sizeof(line), file))
-        if (strncmp(header, line, strlen(header)) == 0) {
-            begin = ftell(file);
-            break;
-        }
-
-    // remove encrypted header if there
-    if (fgets(line, sizeof(line), file)) {
-        char encHeader[] = "Proc-Type";
-        if (strncmp(encHeader, line, strlen(encHeader)) == 0 &&
-            fgets(line,sizeof(line), file)) {
-
-            char* start  = strstr(line, "DES");
-            char* finish = strstr(line, ",");
-            if (!start)
-                start    = strstr(line, "AES");
-
-            if (!info) return 0;
-
-            if ( start && finish && (start < finish)) {
-                memcpy(info->name, start, finish - start);
-                info->name[finish - start] = 0;
-                memcpy(info->iv, finish + 1, sizeof(info->iv));
-
-                char* newline = strstr(line, "\r");
-                if (!newline) newline = strstr(line, "\n");
-                if (newline && (newline > finish)) {
-                    info->ivSz = newline - (finish + 1);
-                    info->set = true;
-                }
-            }
-            begin = ftell(file);
-            if (fgets(line,sizeof(line), file)) // get blank line
-              begin = ftell(file);
-        }
-          
-    }
-
-    while(fgets(line, sizeof(line), file))
-        if (strncmp(footer, line, strlen(footer)) == 0) {
-            foundEnd = true;
-            break;
-        }
-        else
-            end = ftell(file);
-
-    if (begin == -1 || !foundEnd)
-        return 0;
-
-    input_buffer tmp(end - begin);
-    fseek(file, begin, SEEK_SET);
-    size_t bytes = fread(tmp.get_buffer(), end - begin, 1, file);
-    if (bytes != 1)
-        return 0;
-    
-    Source der(tmp.get_buffer(), end - begin);
-    Base64Decoder b64Dec(der);
-
-    uint sz = der.size();
-    mySTL::auto_ptr x(NEW_YS x509(sz));
-    memcpy(x->use_buffer(), der.get_buffer(), sz);
-
-    return x.release();
-}
-
-
-} // namespace
-
-#endif // !USE_CRYPTOPP_LIB
diff --git a/extra/yassl/src/dummy.cpp b/extra/yassl/src/dummy.cpp
deleted file mode 100644
index 19b7fe887cd..00000000000
--- a/extra/yassl/src/dummy.cpp
+++ /dev/null
@@ -1,4 +0,0 @@
-/*
-  To make libtool always use a C++ linker when compiling with yaSSL we need
-  to add a dummy C++ file to the source list.
-*/
diff --git a/extra/yassl/src/handshake.cpp b/extra/yassl/src/handshake.cpp
deleted file mode 100644
index 91d3d6b5914..00000000000
--- a/extra/yassl/src/handshake.cpp
+++ /dev/null
@@ -1,1203 +0,0 @@
-/*
-   Copyright (c) 2005, 2014, Oracle and/or its affiliates.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-
-/* The handshake source implements functions for creating and reading
- * the various handshake messages.
- */
-
-
-
-#include "runtime.hpp"
-#include "handshake.hpp"
-#include "yassl_int.hpp"
-
-
-namespace yaSSL {
-
-
-
-// Build a client hello message from cipher suites and compression method
-void buildClientHello(SSL& ssl, ClientHello& hello)
-{
-    // store for pre master secret
-    ssl.useSecurity().use_connection().chVersion_ = hello.client_version_;
-
-    ssl.getCrypto().get_random().Fill(hello.random_, RAN_LEN);
-    if (ssl.getSecurity().get_resuming()) {
-        hello.id_len_ = ID_LEN;
-        memcpy(hello.session_id_, ssl.getSecurity().get_resume().GetID(),
-               ID_LEN);
-    }
-    else 
-        hello.id_len_ = 0;
-    hello.suite_len_ = ssl.getSecurity().get_parms().suites_size_;
-    memcpy(hello.cipher_suites_, ssl.getSecurity().get_parms().suites_,
-           hello.suite_len_);
-    hello.comp_len_ = 1;
-
-    hello.set_length(sizeof(ProtocolVersion) +
-                     RAN_LEN +
-                     hello.id_len_    + sizeof(hello.id_len_) +
-                     hello.suite_len_ + sizeof(hello.suite_len_) +
-                     hello.comp_len_  + sizeof(hello.comp_len_));
-}
-
-
-// Build a server hello message
-void buildServerHello(SSL& ssl, ServerHello& hello)
-{
-    if (ssl.getSecurity().get_resuming()) {
-        memcpy(hello.random_,ssl.getSecurity().get_connection().server_random_,
-               RAN_LEN);
-        memcpy(hello.session_id_, ssl.getSecurity().get_resume().GetID(),
-               ID_LEN);
-    }
-    else {
-        ssl.getCrypto().get_random().Fill(hello.random_, RAN_LEN);
-        ssl.getCrypto().get_random().Fill(hello.session_id_, ID_LEN);
-    }
-    hello.id_len_ = ID_LEN;
-    ssl.set_sessionID(hello.session_id_);
-
-    hello.cipher_suite_[0] = ssl.getSecurity().get_parms().suite_[0];
-    hello.cipher_suite_[1] = ssl.getSecurity().get_parms().suite_[1];
-    hello.compression_method_ = hello.compression_method_;
-
-    hello.set_length(sizeof(ProtocolVersion) + RAN_LEN + ID_LEN +
-                     sizeof(hello.id_len_) + SUITE_LEN + SIZEOF_ENUM);
-}
-
-
-// add handshake from buffer into md5 and sha hashes, use handshake header
-void hashHandShake(SSL& ssl, const input_buffer& input, uint sz)
-{
-    const opaque* buffer = input.get_buffer() + input.get_current() - 
-                           HANDSHAKE_HEADER;
-    sz += HANDSHAKE_HEADER;
-    ssl.useHashes().use_MD5().update(buffer, sz);
-    ssl.useHashes().use_SHA().update(buffer, sz);
-}
-
-
-// locals
-namespace {
-
-// Write a plaintext record to buffer
-void buildOutput(output_buffer& buffer, const RecordLayerHeader& rlHdr, 
-                 const Message& msg)
-{
-    buffer.allocate(RECORD_HEADER + rlHdr.length_);
-    buffer << rlHdr << msg;
-}
-
-
-// Write a plaintext record to buffer
-void buildOutput(output_buffer& buffer, const RecordLayerHeader& rlHdr, 
-                 const HandShakeHeader& hsHdr, const HandShakeBase& shake)
-{
-    buffer.allocate(RECORD_HEADER + rlHdr.length_);
-    buffer << rlHdr << hsHdr << shake;
-}
-
-
-// Build Record Layer header for Message without handshake header
-void buildHeader(SSL& ssl, RecordLayerHeader& rlHeader, const Message& msg)
-{
-    ProtocolVersion pv = ssl.getSecurity().get_connection().version_;
-    rlHeader.type_ = msg.get_type();
-    rlHeader.version_.major_ = pv.major_;
-    rlHeader.version_.minor_ = pv.minor_;
-    rlHeader.length_ = msg.get_length();
-}
-
-
-// Build HandShake and RecordLayer Headers for handshake output
-void buildHeaders(SSL& ssl, HandShakeHeader& hsHeader,
-                  RecordLayerHeader& rlHeader, const HandShakeBase& shake)
-{
-    int sz = shake.get_length();
-
-    hsHeader.set_type(shake.get_type());
-    hsHeader.set_length(sz);
-
-    ProtocolVersion pv = ssl.getSecurity().get_connection().version_;
-    rlHeader.type_ = handshake;
-    rlHeader.version_.major_ = pv.major_;
-    rlHeader.version_.minor_ = pv.minor_;
-    rlHeader.length_ = sz + HANDSHAKE_HEADER;
-}
-
-
-// add handshake from buffer into md5 and sha hashes, exclude record header
-void hashHandShake(SSL& ssl, const output_buffer& output, bool removeIV = false)
-{
-    uint sz = output.get_size() - RECORD_HEADER;
-
-    const opaque* buffer = output.get_buffer() + RECORD_HEADER;
-
-    if (removeIV) {  // TLSv1_1 IV
-        uint blockSz = ssl.getCrypto().get_cipher().get_blockSize();
-        sz     -= blockSz;
-        buffer += blockSz;
-    }
-
-    ssl.useHashes().use_MD5().update(buffer, sz);
-    ssl.useHashes().use_SHA().update(buffer, sz);
-}
-
-
-// calculate MD5 hash for finished
-void buildMD5(SSL& ssl, Finished& fin, const opaque* sender)
-{
-
-    opaque md5_result[MD5_LEN];
-    opaque md5_inner[SIZEOF_SENDER + SECRET_LEN + PAD_MD5];
-    opaque md5_outer[SECRET_LEN + PAD_MD5 + MD5_LEN];
-
-    const opaque* master_secret = 
-        ssl.getSecurity().get_connection().master_secret_;
-
-    // make md5 inner
-    memcpy(md5_inner, sender, SIZEOF_SENDER);
-    memcpy(&md5_inner[SIZEOF_SENDER], master_secret, SECRET_LEN);
-    memcpy(&md5_inner[SIZEOF_SENDER + SECRET_LEN], PAD1, PAD_MD5);
-
-    ssl.useHashes().use_MD5().get_digest(md5_result, md5_inner,
-                                         sizeof(md5_inner));
-
-    // make md5 outer
-    memcpy(md5_outer, master_secret, SECRET_LEN);
-    memcpy(&md5_outer[SECRET_LEN], PAD2, PAD_MD5);
-    memcpy(&md5_outer[SECRET_LEN + PAD_MD5], md5_result, MD5_LEN);
-
-    ssl.useHashes().use_MD5().get_digest(fin.set_md5(), md5_outer,
-                                         sizeof(md5_outer));
-}
-
-
-// calculate SHA hash for finished
-void buildSHA(SSL& ssl, Finished& fin, const opaque* sender)
-{
-    
-    opaque sha_result[SHA_LEN];
-    opaque sha_inner[SIZEOF_SENDER + SECRET_LEN + PAD_SHA];
-    opaque sha_outer[SECRET_LEN + PAD_SHA + SHA_LEN];
-
-    const opaque* master_secret = 
-        ssl.getSecurity().get_connection().master_secret_;
-
-     // make sha inner
-    memcpy(sha_inner, sender, SIZEOF_SENDER);
-    memcpy(&sha_inner[SIZEOF_SENDER], master_secret, SECRET_LEN);
-    memcpy(&sha_inner[SIZEOF_SENDER + SECRET_LEN], PAD1, PAD_SHA);
-
-    ssl.useHashes().use_SHA().get_digest(sha_result, sha_inner,
-                                         sizeof(sha_inner));
-
-    // make sha outer
-    memcpy(sha_outer, master_secret, SECRET_LEN);
-    memcpy(&sha_outer[SECRET_LEN], PAD2, PAD_SHA);
-    memcpy(&sha_outer[SECRET_LEN + PAD_SHA], sha_result, SHA_LEN);
-
-    ssl.useHashes().use_SHA().get_digest(fin.set_sha(), sha_outer,
-                                         sizeof(sha_outer));
-}
-
-
-// sanity checks on encrypted message size
-static int sanity_check_message(SSL& ssl, uint msgSz)
-{
-    uint minSz = 0;
-
-    if (ssl.getSecurity().get_parms().cipher_type_ == block) {
-        uint blockSz = ssl.getCrypto().get_cipher().get_blockSize();
-        if (msgSz % blockSz)
-            return -1;
-
-        minSz = ssl.getSecurity().get_parms().hash_size_ + 1;  // pad byte too
-        if (blockSz > minSz)
-            minSz = blockSz;
-
-        if (ssl.isTLSv1_1())
-            minSz += blockSz;   // explicit IV
-    }
-    else {      // stream
-        minSz = ssl.getSecurity().get_parms().hash_size_;
-    }
-
-    if (msgSz < minSz)
-        return -1;
-
-    return 0;
-}
-
-
-// decrypt input message in place, store size in case needed later
-void decrypt_message(SSL& ssl, input_buffer& input, uint sz)
-{
-    input_buffer plain(sz);
-    opaque*      cipher = input.get_buffer() + input.get_current();
-
-    if (sanity_check_message(ssl, sz) != 0) {
-        ssl.SetError(sanityCipher_error);
-        return;
-    }
-
-    ssl.useCrypto().use_cipher().decrypt(plain.get_buffer(), cipher, sz);
-    memcpy(cipher, plain.get_buffer(), sz);
-    ssl.useSecurity().use_parms().encrypt_size_ = sz;
-
-    if (ssl.isTLSv1_1())  // IV
-        input.set_current(input.get_current() +
-              ssl.getCrypto().get_cipher().get_blockSize());
-}
-
-
-// output operator for input_buffer
-output_buffer& operator<<(output_buffer& output, const input_buffer& input)
-{
-    output.write(input.get_buffer(), input.get_size());
-    return output;
-}
-
-
-// write headers, handshake hash, mac, pad, and encrypt
-void cipherFinished(SSL& ssl, Finished& fin, output_buffer& output)
-{
-    uint digestSz = ssl.getCrypto().get_digest().get_digestSize();
-    uint finishedSz = ssl.isTLS() ? TLS_FINISHED_SZ : FINISHED_SZ;
-    uint sz  = RECORD_HEADER + HANDSHAKE_HEADER + finishedSz + digestSz;
-    uint pad = 0;
-    uint blockSz = ssl.getCrypto().get_cipher().get_blockSize();
-
-    if (ssl.getSecurity().get_parms().cipher_type_ == block) {
-        if (ssl.isTLSv1_1())
-            sz += blockSz;            // IV
-        sz += 1;       // pad byte
-        pad = (sz - RECORD_HEADER) % blockSz;
-        pad = blockSz - pad;
-        sz += pad;
-    }
-
-    RecordLayerHeader rlHeader;
-    HandShakeHeader   hsHeader;
-    buildHeaders(ssl, hsHeader, rlHeader, fin);
-    rlHeader.length_ = sz - RECORD_HEADER;   // record header includes mac
-                                             // and pad, hanshake doesn't
-    input_buffer iv;
-    if (ssl.isTLSv1_1() && ssl.getSecurity().get_parms().cipher_type_== block){
-        iv.allocate(blockSz);
-        ssl.getCrypto().get_random().Fill(iv.get_buffer(), blockSz);
-        iv.add_size(blockSz);
-    }
-    uint ivSz = iv.get_size();
-    output.allocate(sz);
-    output << rlHeader << iv << hsHeader << fin;
-    
-    hashHandShake(ssl, output, ssl.isTLSv1_1() ? true : false);
-    opaque digest[SHA_LEN];                  // max size
-    if (ssl.isTLS())
-        TLS_hmac(ssl, digest, output.get_buffer() + RECORD_HEADER + ivSz,
-                 output.get_size() - RECORD_HEADER - ivSz, handshake);
-    else
-        hmac(ssl, digest, output.get_buffer() + RECORD_HEADER,
-             output.get_size() - RECORD_HEADER, handshake);
-    output.write(digest, digestSz);
-
-    if (ssl.getSecurity().get_parms().cipher_type_ == block)
-        for (uint i = 0; i <= pad; i++) output[AUTO] = pad;   // pad byte gets
-                                                              // pad value too
-    input_buffer cipher(rlHeader.length_);
-    ssl.useCrypto().use_cipher().encrypt(cipher.get_buffer(),
-       output.get_buffer() + RECORD_HEADER, output.get_size() - RECORD_HEADER);
-    output.set_current(RECORD_HEADER);
-    output.write(cipher.get_buffer(), cipher.get_capacity());
-}
-
-
-// build an encrypted data or alert message for output
-void buildMessage(SSL& ssl, output_buffer& output, const Message& msg)
-{
-    uint digestSz = ssl.getCrypto().get_digest().get_digestSize();
-    uint sz  = RECORD_HEADER + msg.get_length() + digestSz;                
-    uint pad = 0;
-    uint blockSz = ssl.getCrypto().get_cipher().get_blockSize();
-
-    if (ssl.getSecurity().get_parms().cipher_type_ == block) {
-        if (ssl.isTLSv1_1())  // IV
-            sz += blockSz;
-        sz += 1;       // pad byte
-        pad = (sz - RECORD_HEADER) % blockSz;
-        pad = blockSz - pad;
-        sz += pad;
-    }
-
-    RecordLayerHeader rlHeader;
-    buildHeader(ssl, rlHeader, msg);
-    rlHeader.length_ = sz - RECORD_HEADER;   // record header includes mac
-                                             // and pad, hanshake doesn't
-    input_buffer iv;
-    if (ssl.isTLSv1_1() && ssl.getSecurity().get_parms().cipher_type_== block){
-        iv.allocate(blockSz);
-        ssl.getCrypto().get_random().Fill(iv.get_buffer(), blockSz);
-        iv.add_size(blockSz);
-    }
-    
-    uint ivSz = iv.get_size();
-    output.allocate(sz);
-    output << rlHeader << iv << msg;
-    
-    opaque digest[SHA_LEN];                  // max size
-    if (ssl.isTLS())
-        TLS_hmac(ssl, digest, output.get_buffer() + RECORD_HEADER + ivSz,
-                 output.get_size() - RECORD_HEADER - ivSz, msg.get_type());
-    else
-        hmac(ssl, digest, output.get_buffer() + RECORD_HEADER,
-             output.get_size() - RECORD_HEADER, msg.get_type());
-    output.write(digest, digestSz);
-
-    if (ssl.getSecurity().get_parms().cipher_type_ == block)
-        for (uint i = 0; i <= pad; i++) output[AUTO] = pad; // pad byte gets
-                                                              // pad value too
-    input_buffer cipher(rlHeader.length_);
-    ssl.useCrypto().use_cipher().encrypt(cipher.get_buffer(),
-       output.get_buffer() + RECORD_HEADER, output.get_size() - RECORD_HEADER);
-    output.set_current(RECORD_HEADER);
-    output.write(cipher.get_buffer(), cipher.get_capacity());
-}
-
-
-// build alert message
-void buildAlert(SSL& ssl, output_buffer& output, const Alert& alert)
-{
-    if (ssl.getSecurity().get_parms().pending_ == false) // encrypted
-        buildMessage(ssl, output, alert);
-    else {
-        RecordLayerHeader rlHeader;
-        buildHeader(ssl, rlHeader, alert);
-        buildOutput(output, rlHeader, alert);
-    }
-}
-
-
-// build TLS finished message
-void buildFinishedTLS(SSL& ssl, Finished& fin, const opaque* sender) 
-{
-    opaque handshake_hash[FINISHED_SZ];
-
-    ssl.useHashes().use_MD5().get_digest(handshake_hash);
-    ssl.useHashes().use_SHA().get_digest(&handshake_hash[MD5_LEN]);
-
-    const opaque* side;
-    if ( strncmp((const char*)sender, (const char*)client, SIZEOF_SENDER) == 0)
-        side = tls_client;
-    else
-        side = tls_server;
-
-    PRF(fin.set_md5(), TLS_FINISHED_SZ, 
-        ssl.getSecurity().get_connection().master_secret_, SECRET_LEN, 
-        side, FINISHED_LABEL_SZ, 
-        handshake_hash, FINISHED_SZ);
-
-    fin.set_length(TLS_FINISHED_SZ);  // shorter length for TLS
-}
-
-
-// compute p_hash for MD5 or SHA-1 for TLSv1 PRF
-void p_hash(output_buffer& result, const output_buffer& secret,
-            const output_buffer& seed, MACAlgorithm hash)
-{
-    uint   len = hash == md5 ? MD5_LEN : SHA_LEN;
-    uint   times = result.get_capacity() / len;
-    uint   lastLen = result.get_capacity() % len;
-    opaque previous[SHA_LEN];  // max size
-    opaque current[SHA_LEN];   // max size
-    mySTL::auto_ptr hmac;
-
-    if (lastLen) times += 1;
-
-    if (hash == md5)
-        hmac.reset(NEW_YS HMAC_MD5(secret.get_buffer(), secret.get_size()));
-    else
-        hmac.reset(NEW_YS HMAC_SHA(secret.get_buffer(), secret.get_size()));
-                                                                   // A0 = seed
-    hmac->get_digest(previous, seed.get_buffer(), seed.get_size());// A1
-    uint lastTime = times - 1;
-
-    for (uint i = 0; i < times; i++) {
-        hmac->update(previous, len);  
-        hmac->get_digest(current, seed.get_buffer(), seed.get_size());
-
-        if (lastLen && (i == lastTime))
-            result.write(current, lastLen);
-        else {
-            result.write(current, len);
-            //memcpy(previous, current, len);
-            hmac->get_digest(previous, previous, len);
-        }
-    }
-}
-
-
-// calculate XOR for TLSv1 PRF
-void get_xor(byte *digest, uint digLen, output_buffer& md5,
-             output_buffer& sha)
-{
-    for (uint i = 0; i < digLen; i++) 
-        digest[i] = md5[AUTO] ^ sha[AUTO];
-}
-
-
-// build MD5 part of certificate verify
-void buildMD5_CertVerify(SSL& ssl, byte* digest)
-{
-    opaque md5_result[MD5_LEN];
-    opaque md5_inner[SECRET_LEN + PAD_MD5];
-    opaque md5_outer[SECRET_LEN + PAD_MD5 + MD5_LEN];
-
-    const opaque* master_secret = 
-        ssl.getSecurity().get_connection().master_secret_;
-
-    // make md5 inner
-    memcpy(md5_inner, master_secret, SECRET_LEN);
-    memcpy(&md5_inner[SECRET_LEN], PAD1, PAD_MD5);
-
-    ssl.useHashes().use_MD5().get_digest(md5_result, md5_inner,
-                                         sizeof(md5_inner));
-
-    // make md5 outer
-    memcpy(md5_outer, master_secret, SECRET_LEN);
-    memcpy(&md5_outer[SECRET_LEN], PAD2, PAD_MD5);
-    memcpy(&md5_outer[SECRET_LEN + PAD_MD5], md5_result, MD5_LEN);
-
-    ssl.useHashes().use_MD5().get_digest(digest, md5_outer, sizeof(md5_outer));
-}
-
-
-// build SHA part of certificate verify
-void buildSHA_CertVerify(SSL& ssl, byte* digest)
-{
-    opaque sha_result[SHA_LEN];
-    opaque sha_inner[SECRET_LEN + PAD_SHA];
-    opaque sha_outer[SECRET_LEN + PAD_SHA + SHA_LEN];
-
-    const opaque* master_secret = 
-        ssl.getSecurity().get_connection().master_secret_;
-
-     // make sha inner
-    memcpy(sha_inner, master_secret, SECRET_LEN);
-    memcpy(&sha_inner[SECRET_LEN], PAD1, PAD_SHA);
-
-    ssl.useHashes().use_SHA().get_digest(sha_result, sha_inner,
-                                         sizeof(sha_inner));
-
-    // make sha outer
-    memcpy(sha_outer, master_secret, SECRET_LEN);
-    memcpy(&sha_outer[SECRET_LEN], PAD2, PAD_SHA);
-    memcpy(&sha_outer[SECRET_LEN + PAD_SHA], sha_result, SHA_LEN);
-
-    ssl.useHashes().use_SHA().get_digest(digest, sha_outer, sizeof(sha_outer));
-}
-
-
-} // namespace for locals
-
-
-// some clients still send sslv2 client hello
-void ProcessOldClientHello(input_buffer& input, SSL& ssl)
-{
-    if (input.get_error() || input.get_remaining() < 2) {
-        ssl.SetError(bad_input);
-        return;
-    }
-    byte b0 = input[AUTO];
-    byte b1 = input[AUTO];
-
-    uint16 sz = ((b0 & 0x7f) << 8) | b1;
-
-    if (sz > input.get_remaining()) {
-        ssl.SetError(bad_input);
-        return;
-    }
-
-    // hashHandShake manually
-    const opaque* buffer = input.get_buffer() + input.get_current();
-    ssl.useHashes().use_MD5().update(buffer, sz);
-    ssl.useHashes().use_SHA().update(buffer, sz);
-
-    b1 = input[AUTO];  // does this value mean client_hello?
-
-    ClientHello ch;
-    ch.client_version_.major_ = input[AUTO];
-    ch.client_version_.minor_ = input[AUTO];
-
-    byte len[2];
-
-    len[0] = input[AUTO];
-    len[1] = input[AUTO];
-    ato16(len, ch.suite_len_);
-
-    len[0] = input[AUTO];
-    len[1] = input[AUTO];
-    uint16 sessionLen;
-    ato16(len, sessionLen);
-    ch.id_len_ = sessionLen;
-
-    len[0] = input[AUTO];
-    len[1] = input[AUTO];
-    uint16 randomLen;
-    ato16(len, randomLen);
-
-    if (input.get_error() || ch.suite_len_ > MAX_SUITE_SZ ||
-                             ch.suite_len_ > input.get_remaining() ||
-                             sessionLen > ID_LEN || randomLen > RAN_LEN) {
-        ssl.SetError(bad_input);
-        return;
-    }
-
-    int j = 0;
-    for (uint16 i = 0; i < ch.suite_len_; i += 3) {    
-        byte first = input[AUTO];
-        if (first)  // sslv2 type
-            input.read(len, SUITE_LEN); // skip
-        else {
-            input.read(&ch.cipher_suites_[j], SUITE_LEN);
-            j += SUITE_LEN;
-        }
-    }
-    ch.suite_len_ = j;
-
-    if (ch.id_len_)
-        input.read(ch.session_id_, ch.id_len_);   // id_len_ from sessionLen
-
-    if (randomLen < RAN_LEN)
-        memset(ch.random_, 0, RAN_LEN - randomLen);
-    input.read(&ch.random_[RAN_LEN - randomLen], randomLen);
- 
-    ch.Process(input, ssl);
-}
-
-
-// Build a finished message, see 7.6.9
-void buildFinished(SSL& ssl, Finished& fin, const opaque* sender) 
-{
-    // store current states, building requires get_digest which resets state
-    MD5 md5(ssl.getHashes().get_MD5());
-    SHA sha(ssl.getHashes().get_SHA());
-
-    if (ssl.isTLS())
-        buildFinishedTLS(ssl, fin, sender);
-    else {
-        buildMD5(ssl, fin, sender);
-        buildSHA(ssl, fin, sender);
-    }
-
-    // restore
-    ssl.useHashes().use_MD5() = md5;
-    ssl.useHashes().use_SHA() = sha;
-}
-
-
-/* compute SSLv3 HMAC into digest see
- * buffer is of sz size and includes HandShake Header but not a Record Header
- * verify means to check peers hmac
-*/
-void hmac(SSL& ssl, byte* digest, const byte* buffer, uint sz,
-          ContentType content, bool verify)
-{
-    Digest& mac = ssl.useCrypto().use_digest();
-    opaque inner[SHA_LEN + PAD_MD5 + SEQ_SZ + SIZEOF_ENUM + LENGTH_SZ];
-    opaque outer[SHA_LEN + PAD_MD5 + SHA_LEN]; 
-    opaque result[SHA_LEN];                              // max possible sizes
-    uint digestSz = mac.get_digestSize();              // actual sizes
-    uint padSz    = mac.get_padSize();
-    uint innerSz  = digestSz + padSz + SEQ_SZ + SIZEOF_ENUM + LENGTH_SZ;
-    uint outerSz  = digestSz + padSz + digestSz;
-
-    // data
-    const opaque* mac_secret = ssl.get_macSecret(verify);
-    opaque seq[SEQ_SZ] = { 0x00, 0x00, 0x00, 0x00 };
-    opaque length[LENGTH_SZ];
-    c16toa(sz, length);
-    c32toa(ssl.get_SEQIncrement(verify), &seq[sizeof(uint32)]);
-
-    // make inner
-    memcpy(inner, mac_secret, digestSz);
-    memcpy(&inner[digestSz], PAD1, padSz);
-    memcpy(&inner[digestSz + padSz], seq, SEQ_SZ);
-    inner[digestSz + padSz + SEQ_SZ] = content;
-    memcpy(&inner[digestSz + padSz + SEQ_SZ + SIZEOF_ENUM], length, LENGTH_SZ);
-
-    mac.update(inner, innerSz);
-    mac.get_digest(result, buffer, sz);      // append content buffer
-
-    // make outer
-    memcpy(outer, mac_secret, digestSz);
-    memcpy(&outer[digestSz], PAD2, padSz);
-    memcpy(&outer[digestSz + padSz], result, digestSz);
-
-    mac.get_digest(digest, outer, outerSz);
-}
-
-
-// TLS type HAMC
-void TLS_hmac(SSL& ssl, byte* digest, const byte* buffer, uint sz,
-              ContentType content, bool verify)
-{
-    mySTL::auto_ptr hmac;
-    opaque seq[SEQ_SZ] = { 0x00, 0x00, 0x00, 0x00 };
-    opaque length[LENGTH_SZ];
-    opaque inner[SIZEOF_ENUM + VERSION_SZ + LENGTH_SZ]; // type + version + len
-
-    c16toa(sz, length);
-    c32toa(ssl.get_SEQIncrement(verify), &seq[sizeof(uint32)]);
-
-    MACAlgorithm algo = ssl.getSecurity().get_parms().mac_algorithm_;
-
-    if (algo == sha)
-        hmac.reset(NEW_YS HMAC_SHA(ssl.get_macSecret(verify), SHA_LEN));
-    else if (algo == rmd)
-        hmac.reset(NEW_YS HMAC_RMD(ssl.get_macSecret(verify), RMD_LEN));
-    else
-        hmac.reset(NEW_YS HMAC_MD5(ssl.get_macSecret(verify), MD5_LEN));
-    
-    hmac->update(seq, SEQ_SZ);                                       // seq_num
-    inner[0] = content;                                              // type
-    inner[SIZEOF_ENUM] = ssl.getSecurity().get_connection().version_.major_;  
-    inner[SIZEOF_ENUM + SIZEOF_ENUM] = 
-        ssl.getSecurity().get_connection().version_.minor_;          // version
-    memcpy(&inner[SIZEOF_ENUM + VERSION_SZ], length, LENGTH_SZ);     // length
-    hmac->update(inner, sizeof(inner));
-    hmac->get_digest(digest, buffer, sz);                            // content
-}
-
-
-// compute TLSv1 PRF (pseudo random function using HMAC)
-void PRF(byte* digest, uint digLen, const byte* secret, uint secLen,
-         const byte* label, uint labLen, const byte* seed, uint seedLen)
-{
-    uint half = (secLen + 1) / 2;
-
-    output_buffer md5_half(half);
-    output_buffer sha_half(half);
-    output_buffer labelSeed(labLen + seedLen);
-
-    md5_half.write(secret, half);
-    sha_half.write(secret + half - secLen % 2, half);
-    labelSeed.write(label, labLen);
-    labelSeed.write(seed, seedLen);
-
-    output_buffer md5_result(digLen);
-    output_buffer sha_result(digLen);
-
-    p_hash(md5_result, md5_half, labelSeed, md5);
-    p_hash(sha_result, sha_half, labelSeed, sha);
-
-    md5_result.set_current(0);
-    sha_result.set_current(0);
-    get_xor(digest, digLen, md5_result, sha_result);
-}
-
-
-// build certificate hashes
-void build_certHashes(SSL& ssl, Hashes& hashes)
-{
-    // store current states, building requires get_digest which resets state
-    MD5 md5(ssl.getHashes().get_MD5());
-    SHA sha(ssl.getHashes().get_SHA());
-
-    if (ssl.isTLS()) {
-        ssl.useHashes().use_MD5().get_digest(hashes.md5_);
-        ssl.useHashes().use_SHA().get_digest(hashes.sha_);
-    }
-    else {
-        buildMD5_CertVerify(ssl, hashes.md5_);
-        buildSHA_CertVerify(ssl, hashes.sha_);
-    }
-
-    // restore
-    ssl.useHashes().use_MD5() = md5;
-    ssl.useHashes().use_SHA() = sha;
-}
-
-
-
-// do process input requests, return 0 is done, 1 is call again to complete
-int DoProcessReply(SSL& ssl)
-{
-    // wait for input if blocking
-    if (!ssl.useSocket().wait()) {
-        ssl.SetError(receive_error);
-        return 0;
-    }
-    uint ready = ssl.getSocket().get_ready();
-    if (!ready)
-      ready= 64;
-
-    // add buffered data if its there
-    input_buffer* buffered = ssl.useBuffers().TakeRawInput();
-    uint buffSz = buffered ? buffered->get_size() : 0;
-    input_buffer buffer(buffSz + ready);
-    if (buffSz) {
-        buffer.assign(buffered->get_buffer(), buffSz);
-        ysDelete(buffered);
-        buffered = 0;
-    }
-
-    // add new data
-    uint read  = ssl.useSocket().receive(buffer.get_buffer() + buffSz, ready);
-    if (read == static_cast(-1)) {
-        ssl.SetError(receive_error);
-        return 0;
-    }
-    buffer.add_size(read);
-    uint offset = 0;
-    const MessageFactory& mf = ssl.getFactory().getMessage();
-
-    // old style sslv2 client hello?
-    if (ssl.getSecurity().get_parms().entity_ == server_end &&
-                  ssl.getStates().getServer() == clientNull) 
-        if (buffer.peek() != handshake) {
-            ProcessOldClientHello(buffer, ssl);
-            if (ssl.GetError())
-                return 0;
-        }
-
-    while(!buffer.eof()) {
-        // each record
-        RecordLayerHeader hdr;
-        bool              needHdr = false;
-
-        if (static_cast(RECORD_HEADER) > buffer.get_remaining())
-            needHdr = true;
-        else {
-            buffer >> hdr;
-            /*
-              According to RFC 4346 (see "7.4.1.3. Server Hello"), the Server Hello
-              packet needs to specify the highest supported TLS version, but not
-              higher than what client requests. YaSSL highest supported version is
-              TLSv1.1 (=3.2) - if the client requests a higher version, downgrade it
-              here to 3.2.
-              See also Appendix E of RFC 5246 (TLS 1.2)
-            */
-            if (hdr.version_.major_ == 3 && hdr.version_.minor_ > 2)
-              hdr.version_.minor_ = 2;
-            ssl.verifyState(hdr);
-        }
-
-        if (ssl.GetError())
-            return 0;
-
-        // make sure we have enough input in buffer to process this record
-        if (needHdr || hdr.length_ > buffer.get_remaining()) {
-            // put header in front for next time processing
-            uint extra = needHdr ? 0 : RECORD_HEADER;
-            uint sz = buffer.get_remaining() + extra;
-            ssl.useBuffers().SetRawInput(NEW_YS input_buffer(sz,
-                      buffer.get_buffer() + buffer.get_current() - extra, sz));
-            return 1;
-        }
-
-        while (buffer.get_current() < hdr.length_ + RECORD_HEADER + offset) {
-            // each message in record, can be more than 1 if not encrypted
-            if (ssl.GetError())
-                return 0;
-
-            if (ssl.getSecurity().get_parms().pending_ == false) { // cipher on
-                // sanity check for malicious/corrupted/illegal input
-                if (buffer.get_remaining() < hdr.length_) {
-                    ssl.SetError(bad_input);
-                    return 0;
-                }
-                decrypt_message(ssl, buffer, hdr.length_);
-                if (ssl.GetError())
-                    return 0;
-            }
-                
-            mySTL::auto_ptr msg(mf.CreateObject(hdr.type_));
-            if (!msg.get()) {
-                ssl.SetError(factory_error);
-                return 0;
-            }
-            buffer >> *msg;
-            msg->Process(buffer, ssl);
-            if (ssl.GetError())
-                return 0;
-        }
-        offset += hdr.length_ + RECORD_HEADER;
-    }
-    return 0;
-}
-
-
-// process input requests
-void processReply(SSL& ssl)
-{
-    if (ssl.GetError()) return;
-  
-    if (DoProcessReply(ssl)) {
-        // didn't complete process
-        if (!ssl.getSocket().IsNonBlocking()) {
-            // keep trying now, blocking ok
-            while (!ssl.GetError())
-                if (DoProcessReply(ssl) == 0) break;
-        }
-        else
-            // user will have try again later, non blocking
-            ssl.SetError(YasslError(SSL_ERROR_WANT_READ));
-    }
-}
-
-
-// send client_hello, no buffering
-void sendClientHello(SSL& ssl)
-{
-    ssl.verifyState(serverNull);
-    if (ssl.GetError()) return;
-
-    ClientHello       ch(ssl.getSecurity().get_connection().version_,
-                         ssl.getSecurity().get_connection().compression_);
-    RecordLayerHeader rlHeader;
-    HandShakeHeader   hsHeader;
-    output_buffer     out;
-
-    buildClientHello(ssl, ch);
-    ssl.set_random(ch.get_random(), client_end);
-    buildHeaders(ssl, hsHeader, rlHeader, ch);
-    buildOutput(out, rlHeader, hsHeader, ch);
-    hashHandShake(ssl, out);
-
-    ssl.Send(out.get_buffer(), out.get_size());
-}
-
-
-// send client key exchange
-void sendClientKeyExchange(SSL& ssl, BufferOutput buffer)
-{
-    ssl.verifyState(serverHelloDoneComplete);
-    if (ssl.GetError()) return;
-
-    ClientKeyExchange ck(ssl);
-    ck.build(ssl);
-    ssl.makeMasterSecret();
-
-    RecordLayerHeader rlHeader;
-    HandShakeHeader   hsHeader;
-    mySTL::auto_ptr out(NEW_YS output_buffer);
-    buildHeaders(ssl, hsHeader, rlHeader, ck);
-    buildOutput(*out.get(), rlHeader, hsHeader, ck);
-    hashHandShake(ssl, *out.get());
-
-    if (buffer == buffered)
-        ssl.addBuffer(out.release());
-    else
-        ssl.Send(out->get_buffer(), out->get_size());
-}
-
-
-// send server key exchange
-void sendServerKeyExchange(SSL& ssl, BufferOutput buffer)
-{
-    if (ssl.GetError()) return;
-    ServerKeyExchange sk(ssl);
-    sk.build(ssl);
-    if (ssl.GetError()) return;
-
-    RecordLayerHeader rlHeader;
-    HandShakeHeader   hsHeader;
-    mySTL::auto_ptr out(NEW_YS output_buffer);
-    buildHeaders(ssl, hsHeader, rlHeader, sk);
-    buildOutput(*out.get(), rlHeader, hsHeader, sk);
-    hashHandShake(ssl, *out.get());
-
-    if (buffer == buffered)
-        ssl.addBuffer(out.release());
-    else
-        ssl.Send(out->get_buffer(), out->get_size());
-}
-
-
-// send change cipher
-void sendChangeCipher(SSL& ssl, BufferOutput buffer)
-{
-    if (ssl.getSecurity().get_parms().entity_ == server_end) {
-        if (ssl.getSecurity().get_resuming())
-            ssl.verifyState(clientKeyExchangeComplete);
-        else
-            ssl.verifyState(clientFinishedComplete);
-    }
-    if (ssl.GetError()) return;
-
-    ChangeCipherSpec ccs;
-    RecordLayerHeader rlHeader;
-    buildHeader(ssl, rlHeader, ccs);
-    mySTL::auto_ptr out(NEW_YS output_buffer);
-    buildOutput(*out.get(), rlHeader, ccs);
-   
-    if (buffer == buffered)
-        ssl.addBuffer(out.release());
-    else
-        ssl.Send(out->get_buffer(), out->get_size());
-}
-
-
-// send finished
-void sendFinished(SSL& ssl, ConnectionEnd side, BufferOutput buffer)
-{
-    if (ssl.GetError()) return;
-
-    Finished fin;
-    buildFinished(ssl, fin, side == client_end ? client : server);
-    mySTL::auto_ptr out(NEW_YS output_buffer);
-    cipherFinished(ssl, fin, *out.get());                   // hashes handshake
-
-    if (ssl.getSecurity().get_resuming()) {
-        if (side == server_end)
-            buildFinished(ssl, ssl.useHashes().use_verify(), client); // client
-    }
-    else {
-        if (!ssl.getSecurity().GetContext()->GetSessionCacheOff())
-            GetSessions().add(ssl);  // store session
-        if (side == client_end)
-            buildFinished(ssl, ssl.useHashes().use_verify(), server); // server
-    }   
-    ssl.useSecurity().use_connection().CleanMaster();
-
-    if (buffer == buffered)
-        ssl.addBuffer(out.release());
-    else
-        ssl.Send(out->get_buffer(), out->get_size());
-}
-
-
-// send data
-int sendData(SSL& ssl, const void* buffer, int sz)
-{
-    int sent = 0;
-
-    if (ssl.GetError() == YasslError(SSL_ERROR_WANT_READ))
-        ssl.SetError(no_error);
-
-    if (ssl.GetError() == YasslError(SSL_ERROR_WANT_WRITE)) {
-        ssl.SetError(no_error);
-        ssl.SendWriteBuffered();
-        if (!ssl.GetError()) {
-            // advance sent to prvevious sent + plain size just sent
-            sent = ssl.useBuffers().prevSent + ssl.useBuffers().plainSz;
-        }
-    }
-
-    ssl.verfiyHandShakeComplete();
-    if (ssl.GetError()) return -1;
-
-    for (;;) {
-        int len = min(sz - sent, MAX_RECORD_SIZE);
-        output_buffer out;
-        input_buffer tmp;
-
-        Data data;
-
-        if (sent == sz) break;
-
-        if (ssl.CompressionOn()) {
-            if (Compress(static_cast(buffer) + sent, len,
-                         tmp) == -1) {
-                ssl.SetError(compress_error);
-                return -1;
-            }
-            data.SetData(tmp.get_size(), tmp.get_buffer());
-        }
-        else
-            data.SetData(len, static_cast(buffer) + sent);
-
-        buildMessage(ssl, out, data);
-        ssl.Send(out.get_buffer(), out.get_size());
-
-        if (ssl.GetError()) {
-            if (ssl.GetError() == YasslError(SSL_ERROR_WANT_WRITE)) {
-                ssl.useBuffers().plainSz  = len;
-                ssl.useBuffers().prevSent = sent;
-            }
-            return -1;
-        }
-        sent += len;
-    }
-    ssl.useLog().ShowData(sent, true);
-    return sent;
-}
-
-
-// send alert
-int sendAlert(SSL& ssl, const Alert& alert)
-{
-    output_buffer out;
-    buildAlert(ssl, out, alert);
-    ssl.Send(out.get_buffer(), out.get_size());
-
-    return alert.get_length();
-}
-
-
-// process input data
-int receiveData(SSL& ssl, Data& data, bool peek)
-{
-    if (ssl.GetError() == YasslError(SSL_ERROR_WANT_READ))
-        ssl.SetError(no_error);
-
-    ssl.verfiyHandShakeComplete();
-    if (ssl.GetError()) return -1;
-
-    if (!ssl.HasData())
-        processReply(ssl);
-
-    if (peek)
-        ssl.PeekData(data);
-    else
-        ssl.fillData(data);
-
-    ssl.useLog().ShowData(data.get_length());
-    if (ssl.GetError()) return -1;
-
-    if (data.get_length() == 0 && ssl.getSocket().WouldBlock()) {
-        ssl.SetError(YasslError(SSL_ERROR_WANT_READ));
-        return SSL_WOULD_BLOCK;
-    }
-    return data.get_length(); 
-}
-
-
-// send server hello
-void sendServerHello(SSL& ssl, BufferOutput buffer)
-{
-    if (ssl.getSecurity().get_resuming())
-        ssl.verifyState(clientKeyExchangeComplete);
-    else
-        ssl.verifyState(clientHelloComplete);
-    if (ssl.GetError()) return;
-
-    ServerHello       sh(ssl.getSecurity().get_connection().version_,
-                         ssl.getSecurity().get_connection().compression_);
-    RecordLayerHeader rlHeader;
-    HandShakeHeader   hsHeader;
-    mySTL::auto_ptr out(NEW_YS output_buffer);
-
-    buildServerHello(ssl, sh);
-    ssl.set_random(sh.get_random(), server_end);
-    buildHeaders(ssl, hsHeader, rlHeader, sh);
-    buildOutput(*out.get(), rlHeader, hsHeader, sh);
-    hashHandShake(ssl, *out.get());
-
-    if (buffer == buffered)
-        ssl.addBuffer(out.release());
-    else
-        ssl.Send(out->get_buffer(), out->get_size());
-}
-
-
-// send server hello done
-void sendServerHelloDone(SSL& ssl, BufferOutput buffer)
-{
-    if (ssl.GetError()) return;
-
-    ServerHelloDone   shd;
-    RecordLayerHeader rlHeader;
-    HandShakeHeader   hsHeader;
-    mySTL::auto_ptr out(NEW_YS output_buffer);
-
-    buildHeaders(ssl, hsHeader, rlHeader, shd);
-    buildOutput(*out.get(), rlHeader, hsHeader, shd);
-    hashHandShake(ssl, *out.get());
-
-    if (buffer == buffered)
-        ssl.addBuffer(out.release());
-    else
-        ssl.Send(out->get_buffer(), out->get_size());
-}
-
-
-// send certificate
-void sendCertificate(SSL& ssl, BufferOutput buffer)
-{
-    if (ssl.GetError()) return;
-
-    Certificate       cert(ssl.getCrypto().get_certManager().get_cert());
-    RecordLayerHeader rlHeader;
-    HandShakeHeader   hsHeader;
-    mySTL::auto_ptr out(NEW_YS output_buffer);
-
-    buildHeaders(ssl, hsHeader, rlHeader, cert);
-    buildOutput(*out.get(), rlHeader, hsHeader, cert);
-    hashHandShake(ssl, *out.get());
-
-    if (buffer == buffered)
-        ssl.addBuffer(out.release());
-    else
-        ssl.Send(out->get_buffer(), out->get_size());
-}
-
-
-// send certificate request
-void sendCertificateRequest(SSL& ssl, BufferOutput buffer)
-{
-    if (ssl.GetError()) return;
-
-    CertificateRequest request;
-    request.Build();
-    RecordLayerHeader  rlHeader;
-    HandShakeHeader    hsHeader;
-    mySTL::auto_ptr out(NEW_YS output_buffer);
-
-    buildHeaders(ssl, hsHeader, rlHeader, request);
-    buildOutput(*out.get(), rlHeader, hsHeader, request);
-    hashHandShake(ssl, *out.get());
-
-    if (buffer == buffered)
-        ssl.addBuffer(out.release());
-    else
-        ssl.Send(out->get_buffer(), out->get_size());
-}
-
-
-// send certificate verify
-void sendCertificateVerify(SSL& ssl, BufferOutput buffer)
-{
-    if (ssl.GetError()) return;
-
-    if(ssl.getCrypto().get_certManager().sendBlankCert()) return;
-
-    CertificateVerify  verify;
-    verify.Build(ssl);
-    if (ssl.GetError()) return;
-
-    RecordLayerHeader  rlHeader;
-    HandShakeHeader    hsHeader;
-    mySTL::auto_ptr out(NEW_YS output_buffer);
-
-    buildHeaders(ssl, hsHeader, rlHeader, verify);
-    buildOutput(*out.get(), rlHeader, hsHeader, verify);
-    hashHandShake(ssl, *out.get());
-
-    if (buffer == buffered)
-        ssl.addBuffer(out.release());
-    else
-        ssl.Send(out->get_buffer(), out->get_size());
-}
-
-
-} // namespace
diff --git a/extra/yassl/src/lock.cpp b/extra/yassl/src/lock.cpp
deleted file mode 100644
index 44cbcc1151f..00000000000
--- a/extra/yassl/src/lock.cpp
+++ /dev/null
@@ -1,87 +0,0 @@
-/*
-   Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/*  Locking functions
- */
-
-#include "runtime.hpp"
-#include "lock.hpp"
-
-
-namespace yaSSL {
-
-
-#ifdef MULTI_THREADED
-    #ifdef _WIN32
-        
-        Mutex::Mutex()
-        {
-            InitializeCriticalSection(&cs_);
-        }
-
-
-        Mutex::~Mutex()
-        {
-            DeleteCriticalSection(&cs_);
-        }
-
-            
-        Mutex::Lock::Lock(Mutex& lm) : mutex_(lm)
-        {
-            EnterCriticalSection(&mutex_.cs_); 
-        }
-
-
-        Mutex::Lock::~Lock()
-        {
-            LeaveCriticalSection(&mutex_.cs_); 
-        }
-            
-    #else  // _WIN32
-        
-        Mutex::Mutex()
-        {
-            pthread_mutex_init(&mutex_, 0);
-        }
-
-
-        Mutex::~Mutex()
-        {
-            pthread_mutex_destroy(&mutex_);
-        }
-
-
-        Mutex::Lock::Lock(Mutex& lm) : mutex_(lm)
-        {
-            pthread_mutex_lock(&mutex_.mutex_); 
-        }
-
-
-        Mutex::Lock::~Lock()
-        {
-            pthread_mutex_unlock(&mutex_.mutex_); 
-        }
-         
-
-    #endif // _WIN32
-#endif // MULTI_THREADED
-
-
-
-} // namespace yaSSL
-
diff --git a/extra/yassl/src/log.cpp b/extra/yassl/src/log.cpp
deleted file mode 100644
index 5adbe401d7a..00000000000
--- a/extra/yassl/src/log.cpp
+++ /dev/null
@@ -1,146 +0,0 @@
-/*
-   Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/*  Debug logging functions
- */
-
-
-#include "runtime.hpp"
-#include "log.hpp"
-
-#ifdef YASSL_LOG
-    #include 
-    #include 
-    #include 
-#endif
-
-
-
-namespace yaSSL {
-
-
-#ifdef YASSL_LOG
-
-    enum { MAX_MSG = 81 };
-
-    Log::Log(const char* str)
-    {
-        log_ = fopen(str, "w");
-        Trace("********** Logger Attached **********");
-    }
-
-
-    Log::~Log()
-    {
-        Trace("********** Logger Detached **********");
-        fclose(log_);
-    }
-
-
-    // Trace a message
-    void Log::Trace(const char* str)
-    {
-        if (!log_) return;
-
-        time_t clicks = time(0);
-        char   timeStr[32];
-
-        // get rid of newline
-        strncpy(timeStr, ctime(&clicks), sizeof(timeStr));
-        unsigned int len = strlen(timeStr);
-        timeStr[len - 1] = 0;
-
-        char msg[MAX_MSG];
-
-        strncpy(msg, timeStr, sizeof(timeStr));
-        strncat(msg, ":", 1);
-        strncat(msg, str, MAX_MSG - sizeof(timeStr) - 2);
-        strncat(msg, "\n", 1);
-        msg[MAX_MSG - 1] = 0;
-
-        fputs(msg, log_);
-    }
-
-
-    #if defined(_WIN32) || defined(__MACH__) || defined(__hpux__)
-        typedef int socklen_t;
-    #endif
-
-
-    // write tcp address
-    void Log::ShowTCP(socket_t fd, bool ended)
-    {
-        sockaddr_in peeraddr;
-        socklen_t   len = sizeof(peeraddr);
-        if (getpeername(fd, (sockaddr*)&peeraddr, &len) != 0)
-            return;
-
-        const char* p = reinterpret_cast(&peeraddr.sin_addr);
-        char msg[MAX_MSG];
-        char number[16];
-    
-        if (ended)
-            strncpy(msg, "yaSSL conn DONE  w/ peer ", 26);
-        else
-            strncpy(msg, "yaSSL conn BEGUN w/ peer ", 26);
-        for (int i = 0; i < 4; ++i) {
-            sprintf(number, "%u", static_cast(p[i]));
-            strncat(msg, number, 8);
-            if (i < 3)
-                strncat(msg, ".", 1);
-        }
-        strncat(msg, " port ", 8);
-        sprintf(number, "%d", htons(peeraddr.sin_port));
-        strncat(msg, number, 8);
-
-        msg[MAX_MSG - 1] = 0;
-        Trace(msg);
-    }
-
-
-    // log processed data
-    void Log::ShowData(uint bytes, bool sent)
-    {
-        char msg[MAX_MSG];
-        char number[16];
-
-        if (sent)
-            strncpy(msg, "Sent     ", 10); 
-        else
-            strncpy(msg, "Received ", 10);
-        sprintf(number, "%u", bytes);
-        strncat(msg, number, 8);
-        strncat(msg, " bytes of application data", 27);
-
-        msg[MAX_MSG - 1] = 0;
-        Trace(msg);
-    }
-
-
-#else // no YASSL_LOG
-
-
-    Log::Log(const char*) {}
-    Log::~Log() {}
-    void Log::Trace(const char*) {}
-    void Log::ShowTCP(socket_t, bool) {}
-    void Log::ShowData(uint, bool) {}
-
-
-#endif // YASSL_LOG
-} // namespace
diff --git a/extra/yassl/src/make.bat b/extra/yassl/src/make.bat
deleted file mode 100755
index da7cc315382..00000000000
--- a/extra/yassl/src/make.bat
+++ /dev/null
@@ -1,42 +0,0 @@
-REM Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved.
-REM 
-REM This program is free software; you can redistribute it and/or modify
-REM it under the terms of the GNU General Public License as published by
-REM the Free Software Foundation; version 2 of the License.
-REM 
-REM This program is distributed in the hope that it will be useful,
-REM but WITHOUT ANY WARRANTY; without even the implied warranty of
-REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-REM GNU General Public License for more details.
-REM 
-REM You should have received a copy of the GNU General Public License
-REM along with this program; if not, write to the Free Software
-REM Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1335  USA
-
-REM quick and dirty build file for testing different MSDEVs
-setlocal 
-
-set myFLAGS= /I../include /I../taocrypt/mySTL /I../taocrypt/include /W3 /c /ZI
-
-cl %myFLAGS% buffer.cpp
-cl %myFLAGS% cert_wrapper.cpp
-cl %myFLAGS% crypto_wrapper.cpp
-cl %myFLAGS% handshake.cpp
-
-cl %myFLAGS% lock.cpp
-cl %myFLAGS% log.cpp
-cl %myFLAGS% socket_wrapper.cpp
-cl %myFLAGS% ssl.cpp
-
-cl %myFLAGS% template_instnt.cpp
-cl %myFLAGS% timer.cpp
-cl %myFLAGS% yassl.cpp
-cl %myFLAGS% yassl_error.cpp
-
-cl %myFLAGS% yassl_imp.cpp
-cl %myFLAGS% yassl_int.cpp
-
-link.exe -lib /out:yassl.lib buffer.obj cert_wrapper.obj crypto_wrapper.obj handshake.obj lock.obj log.obj socket_wrapper.obj ssl.obj template_instnt.obj timer.obj yassl.obj yassl_error.obj yassl_imp.obj yassl_int.obj
-
-
-
diff --git a/extra/yassl/src/socket_wrapper.cpp b/extra/yassl/src/socket_wrapper.cpp
deleted file mode 100644
index a9db842d01b..00000000000
--- a/extra/yassl/src/socket_wrapper.cpp
+++ /dev/null
@@ -1,261 +0,0 @@
-/*
-   Copyright (c) 2005, 2012, Oracle and/or its affiliates.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-
-/* The socket wrapper source implements a Socket class that hides the 
- * differences between Berkely style sockets and Windows sockets, allowing 
- * transparent TCP access.
- */
-
-
-#include "runtime.hpp"
-#include "socket_wrapper.hpp"
-
-#ifndef _WIN32
-    #include 
-    #include 
-    #include 
-    #include 
-    #include 
-    #include 
-    #include 
-    #include 
-#endif // _WIN32
-
-#if defined(__sun) || defined(__SCO_VERSION__)
-    #include 
-#endif
-
-#ifdef _WIN32
-    const int SOCKET_EWOULDBLOCK = WSAEWOULDBLOCK;
-    const int SOCKET_EAGAIN = WSAEWOULDBLOCK;
-#else
-    const int SOCKET_EINVAL = EINVAL;
-    const int SOCKET_EWOULDBLOCK = EWOULDBLOCK;
-    const int SOCKET_EAGAIN = EAGAIN;
-#endif // _WIN32
-
-
-namespace {
-
-
-extern "C" long system_recv(void *ptr, void *buf, size_t count, int flags)
-{
-  yaSSL::socket_t *socket = (yaSSL::socket_t *) ptr;
-  return ::recv(*socket, reinterpret_cast(buf), (int)count, flags);
-}
-
-
-extern "C" long system_send(void *ptr, const void *buf, size_t count,
-                            int flags)
-{
-  yaSSL::socket_t *socket = (yaSSL::socket_t *) ptr;
-  return ::send(*socket, reinterpret_cast(buf), (int)count, flags);
-}
-
-
-}
-
-
-namespace yaSSL {
-
-
-Socket::Socket(socket_t s) 
-    : socket_(s), wouldBlock_(false), nonBlocking_(false),
-      ptr_(&socket_), send_func_(system_send), recv_func_(system_recv)
-{}
-
-
-void Socket::set_fd(socket_t s)
-{
-    socket_ = s;
-}
-
-
-socket_t Socket::get_fd() const
-{
-    return socket_;
-}
-
-
-Socket::~Socket()
-{
-    // don't close automatically now
-}
-
-
-void Socket::closeSocket()
-{
-    if (socket_ != INVALID_SOCKET) {
-#ifdef _WIN32
-        closesocket(socket_);
-#else
-        close(socket_);
-#endif
-        socket_ = INVALID_SOCKET;
-    }
-}
-
-
-uint Socket::get_ready() const
-{
-#ifdef _WIN32
-    unsigned long ready = 0;
-    ioctlsocket(socket_, FIONREAD, &ready);
-#else
-    /*
-       64-bit Solaris requires the variable passed to
-       FIONREAD be a 32-bit value.
-    */
-    unsigned int ready = 0;
-    ioctl(socket_, FIONREAD, &ready);
-#endif
-
-    return ready;
-}
-
-void Socket::set_transport_ptr(void *ptr)
-{
-  ptr_ = ptr;
-}
-
-
-void Socket::set_transport_recv_function(yaSSL_recv_func_t recv_func)
-{
-  recv_func_ = recv_func;
-}
-
-
-void Socket::set_transport_send_function(yaSSL_send_func_t send_func)
-{
-  send_func_ = send_func;
-}
-
-
-uint Socket::send(const byte* buf, unsigned int sz, unsigned int &written,
-                  int flags)
-{
-    const byte* pos = buf;
-    const byte* end = pos + sz;
-
-    wouldBlock_ = false;
-
-    while (pos != end)
-    {
-      int sent = send_func_(ptr_, pos, static_cast(end - pos), flags);
-      if (sent == -1)
-      {
-        if (get_lastError() == SOCKET_EWOULDBLOCK || 
-            get_lastError() == SOCKET_EAGAIN)
-        {
-          wouldBlock_  = true; // would have blocked this time only
-          nonBlocking_ = true; // nonblocking, win32 only way to tell 
-          return 0;
-        }
-        return static_cast(-1);
-      }
-      pos += sent;
-      written += sent;
-    }
-    return sz;
-}
-
-
-uint Socket::receive(byte* buf, unsigned int sz, int flags)
-{
-    wouldBlock_ = false;
-
-    int recvd = recv_func_(ptr_, buf, sz, flags);
-
-    // idea to seperate error from would block by arnetheduck@gmail.com
-    if (recvd == -1) {
-        if (get_lastError() == SOCKET_EWOULDBLOCK || 
-            get_lastError() == SOCKET_EAGAIN) {
-            wouldBlock_  = true; // would have blocked this time only
-            nonBlocking_ = true; // socket nonblocking, win32 only way to tell
-            return 0;
-        }
-    }
-    else if (recvd == 0)
-        return static_cast(-1);
-
-    return recvd;
-}
-
-
-// wait if blocking for input, return false for error
-bool Socket::wait()
-{
-    char b;
-    int recvd = ::recv(socket_, &b, 1, MSG_PEEK);
-
-    if (recvd == -1) {
-        if (get_lastError() == SOCKET_EWOULDBLOCK || 
-            get_lastError() == SOCKET_EAGAIN) {
-            wouldBlock_  = true; // would have blocked this time only
-            nonBlocking_ = true; // socket nonblocking, win32 only way to tell
-            return 1;
-        }
-    }
-    else if (recvd == 0)
-      return 0;                                 // Non blocking & no data
-
-    return 1;                                   // Data can be read
-
-}
-
-
-void Socket::shutDown(int how)
-{
-    shutdown(socket_, how);
-}
-
-
-int Socket::get_lastError()
-{
-#ifdef _WIN32
-    return WSAGetLastError();
-#else
-    return errno;
-#endif
-}
-
-
-bool Socket::WouldBlock() const
-{
-    return wouldBlock_;
-}
-
-
-bool Socket::IsNonBlocking() const
-{
-    return nonBlocking_;
-}
-
-
-void Socket::set_lastError(int errorCode)
-{
-#ifdef _WIN32
-    WSASetLastError(errorCode);
-#else
-    errno = errorCode;
-#endif
-}
-
-
-} // namespace
diff --git a/extra/yassl/src/ssl.cpp b/extra/yassl/src/ssl.cpp
deleted file mode 100644
index 03f52863153..00000000000
--- a/extra/yassl/src/ssl.cpp
+++ /dev/null
@@ -1,1782 +0,0 @@
-/*
-   Copyright (c) 2005, 2014, Oracle and/or its affiliates.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/*  SSL source implements all openssl compatibility API functions
- *
- *  TODO: notes are mostly api additions to allow compilation with mysql
- *  they don't affect normal modes but should be provided for completeness
-
- *  stunnel functions at end of file
- */
-
-
-
-/*  see man pages for function descriptions */
-
-#include "runtime.hpp"
-#include "openssl/ssl.h"
-#include "handshake.hpp"
-#include "yassl_int.hpp"
-#include "md5.hpp"              // for TaoCrypt MD5 size assert
-#include "md4.hpp"              // for TaoCrypt MD4 size assert
-#include "file.hpp"             // for TaoCrypt Source
-#include "coding.hpp"           // HexDecoder
-#include "helpers.hpp"          // for placement new hack
-#include "rsa.hpp"              // for TaoCrypt RSA key decode
-#include "dsa.hpp"              // for TaoCrypt DSA key decode
-#include 
-#include 
-
-#ifdef _WIN32
-    #include     // FindFirstFile etc..
-#else
-    #include   // file helper
-    #include    // stat
-    #include      // opendir
-#endif
-
-
-namespace yaSSL {
-
-
-
-int read_file(SSL_CTX* ctx, const char* file, int format, CertType type)
-{
-    int ret = SSL_SUCCESS;
-
-    if (format != SSL_FILETYPE_ASN1 && format != SSL_FILETYPE_PEM)
-        return SSL_BAD_FILETYPE;
-
-    if (file == NULL || !file[0])
-      return SSL_BAD_FILE;
-
-    FILE* input = fopen(file, "rb");
-    if (!input)
-        return SSL_BAD_FILE;
-
-    if (type == CA) {
-        // may have a bunch of CAs
-        x509* ptr;
-        while ( (ptr = PemToDer(input, Cert)) )
-            ctx->AddCA(ptr);
-
-        if (!feof(input)) {
-            fclose(input);
-            return SSL_BAD_FILE;
-        }
-    }
-    else {
-        x509*& x = (type == Cert) ? ctx->certificate_ : ctx->privateKey_;
-
-        if (format == SSL_FILETYPE_ASN1) {
-            fseek(input, 0, SEEK_END);
-            long sz = ftell(input);
-            rewind(input);
-            x = NEW_YS x509(sz); // takes ownership
-            size_t bytes = fread(x->use_buffer(), sz, 1, input);
-            if (bytes != 1) {
-                fclose(input);
-                return SSL_BAD_FILE;
-            }
-        }
-        else {
-            EncryptedInfo info;
-            x = PemToDer(input, type, &info);
-            if (!x) {
-                fclose(input);
-                return SSL_BAD_FILE;
-            }
-            if (info.set) {
-                // decrypt
-                char password[80];
-                pem_password_cb cb = ctx->GetPasswordCb();
-                if (!cb) {
-                    fclose(input);
-                    return SSL_BAD_FILE;
-                }
-                int passwordSz = cb(password, sizeof(password), 0,
-                                    ctx->GetUserData());
-                byte key[AES_256_KEY_SZ];  // max sizes
-                byte iv[AES_IV_SZ];
-                
-                // use file's salt for key derivation, but not real iv
-                TaoCrypt::Source source(info.iv, info.ivSz);
-                TaoCrypt::HexDecoder dec(source);
-                memcpy(info.iv, source.get_buffer(), min((uint)sizeof(info.iv),
-                                                         source.size()));
-                EVP_BytesToKey(info.name, "MD5", info.iv, (byte*)password,
-                               passwordSz, 1, key, iv);
-
-                mySTL::auto_ptr cipher;
-                if (strncmp(info.name, "DES-CBC", 7) == 0)
-                    cipher.reset(NEW_YS DES);
-                else if (strncmp(info.name, "DES-EDE3-CBC", 13) == 0)
-                    cipher.reset(NEW_YS DES_EDE);
-                else if (strncmp(info.name, "AES-128-CBC", 13) == 0)
-                    cipher.reset(NEW_YS AES(AES_128_KEY_SZ));
-                else if (strncmp(info.name, "AES-192-CBC", 13) == 0)
-                    cipher.reset(NEW_YS AES(AES_192_KEY_SZ));
-                else if (strncmp(info.name, "AES-256-CBC", 13) == 0)
-                    cipher.reset(NEW_YS AES(AES_256_KEY_SZ));
-                else {
-                    fclose(input);
-                    return SSL_BAD_FILE;
-                }
-                cipher->set_decryptKey(key, info.iv);
-                mySTL::auto_ptr newx(NEW_YS x509(x->get_length()));   
-                cipher->decrypt(newx->use_buffer(), x->get_buffer(),
-                                x->get_length());
-                ysDelete(x);
-                x = newx.release();
-            }
-        }
-    }
-
-    if (type == PrivateKey && ctx->privateKey_) {
-        // see if key is valid early
-        TaoCrypt::Source rsaSource(ctx->privateKey_->get_buffer(),
-                                   ctx->privateKey_->get_length());
-        TaoCrypt::RSA_PrivateKey rsaKey;
-        rsaKey.Initialize(rsaSource);
-
-        if (rsaSource.GetError().What()) {
-            // rsa failed see if DSA works
-
-            TaoCrypt::Source dsaSource(ctx->privateKey_->get_buffer(),
-                                       ctx->privateKey_->get_length());
-            TaoCrypt::DSA_PrivateKey dsaKey;
-            dsaKey.Initialize(dsaSource);
-
-            if (dsaSource.GetError().What()) {
-                // neither worked
-                ret = SSL_FAILURE;
-            }
-        }
-    }
-
-    fclose(input);
-    return ret;
-}
-
-
-extern "C" {
-
-
-SSL_METHOD* SSLv3_method()
-{
-    return SSLv3_client_method();
-}
-
-
-SSL_METHOD* SSLv3_server_method()
-{
-    return NEW_YS SSL_METHOD(server_end, ProtocolVersion(3,0));
-}
-
-
-SSL_METHOD* SSLv3_client_method()
-{
-    return NEW_YS SSL_METHOD(client_end, ProtocolVersion(3,0));
-}
-
-
-SSL_METHOD* TLSv1_server_method()
-{
-    return NEW_YS SSL_METHOD(server_end, ProtocolVersion(3,1));
-}
-
-
-SSL_METHOD* TLSv1_client_method()
-{
-    return NEW_YS SSL_METHOD(client_end, ProtocolVersion(3,1));
-}
-
-
-SSL_METHOD* TLSv1_1_server_method()
-{
-    return NEW_YS SSL_METHOD(server_end, ProtocolVersion(3,2));
-}
-
-
-SSL_METHOD* TLSv1_1_client_method()
-{
-    return NEW_YS SSL_METHOD(client_end, ProtocolVersion(3,2));
-}
-
-
-SSL_METHOD* SSLv23_server_method()
-{
-    // compatibility only, no version 2 support, but does SSL 3 and TLS 1
-    return NEW_YS SSL_METHOD(server_end, ProtocolVersion(3,2), true);
-}
-
-
-SSL_METHOD* SSLv23_client_method()
-{
-    // compatibility only, no version 2 support, but does SSL 3 and TLS 1
-    // though it sends TLS1 hello not SSLv2 so SSLv3 only servers will decline
-    // TODO: maybe add support to send SSLv2 hello ???
-    return NEW_YS SSL_METHOD(client_end, ProtocolVersion(3,2), true);
-}
-
-
-SSL_CTX* SSL_CTX_new(SSL_METHOD* method)
-{
-    return NEW_YS SSL_CTX(method);
-}
-
-
-void SSL_CTX_free(SSL_CTX* ctx)
-{
-    ysDelete(ctx);
-}
-
-
-SSL* SSL_new(SSL_CTX* ctx)
-{
-    return NEW_YS SSL(ctx);
-}
-
-
-void SSL_free(SSL* ssl)
-{
-    ysDelete(ssl);
-}
-
-
-int SSL_set_fd(SSL* ssl, YASSL_SOCKET_T fd)
-{
-    ssl->useSocket().set_fd(fd);
-    return SSL_SUCCESS;
-}
-
-
-YASSL_SOCKET_T SSL_get_fd(const SSL* ssl)
-{
-    return ssl->getSocket().get_fd();
-}
-
-
-// if you get an error from connect see note at top of README
-int SSL_connect(SSL* ssl)
-{
-    if (ssl->GetError() == YasslError(SSL_ERROR_WANT_READ))
-        ssl->SetError(no_error);
-
-    if (ssl->GetError() == YasslError(SSL_ERROR_WANT_WRITE)) {
-    
-        ssl->SetError(no_error);
-        ssl->SendWriteBuffered();
-        if (!ssl->GetError())
-            ssl->useStates().UseConnect() =
-                             ConnectState(ssl->getStates().GetConnect() + 1);
-    }
-
-    ClientState neededState;
-
-    switch (ssl->getStates().GetConnect()) {
-
-    case CONNECT_BEGIN :
-        sendClientHello(*ssl);
-        if (!ssl->GetError())
-            ssl->useStates().UseConnect() = CLIENT_HELLO_SENT;
-        /* fall through */
-
-    case CLIENT_HELLO_SENT :
-        neededState = ssl->getSecurity().get_resuming() ?
-                      serverFinishedComplete : serverHelloDoneComplete;
-        while (ssl->getStates().getClient() < neededState) {
-            if (ssl->GetError()) break;
-            processReply(*ssl);
-            // if resumption failed, reset needed state
-            if (neededState == serverFinishedComplete)
-                if (!ssl->getSecurity().get_resuming())
-                    neededState = serverHelloDoneComplete;
-        }
-        if (!ssl->GetError())
-            ssl->useStates().UseConnect() = FIRST_REPLY_DONE;
-        /* fall through */
-
-    case FIRST_REPLY_DONE :
-        if(ssl->getCrypto().get_certManager().sendVerify())
-            sendCertificate(*ssl);
-
-        if (!ssl->getSecurity().get_resuming())
-            sendClientKeyExchange(*ssl);
-
-        if(ssl->getCrypto().get_certManager().sendVerify())
-            sendCertificateVerify(*ssl);
-
-        sendChangeCipher(*ssl);
-        sendFinished(*ssl, client_end);
-        ssl->flushBuffer();
-
-        if (!ssl->GetError())
-            ssl->useStates().UseConnect() = FINISHED_DONE;
-        /* fall through */
-
-    case FINISHED_DONE :
-        if (!ssl->getSecurity().get_resuming())
-            while (ssl->getStates().getClient() < serverFinishedComplete) {
-                if (ssl->GetError()) break;
-                processReply(*ssl);
-            }
-        if (!ssl->GetError())
-            ssl->useStates().UseConnect() = SECOND_REPLY_DONE;
-        /* fall through */
-
-    case SECOND_REPLY_DONE :
-        ssl->verifyState(serverFinishedComplete);
-        ssl->useLog().ShowTCP(ssl->getSocket().get_fd());
-
-        if (ssl->GetError()) {
-            GetErrors().Add(ssl->GetError());
-            return SSL_FATAL_ERROR;
-        }
-        return SSL_SUCCESS;
-
-    default :
-        return SSL_FATAL_ERROR; // unkown state
-    }
-}
-
-
-int SSL_write(SSL* ssl, const void* buffer, int sz)
-{
-    return sendData(*ssl, buffer, sz);
-}
-
-
-int SSL_read(SSL* ssl, void* buffer, int sz)
-{
-    Data data(min(sz, MAX_RECORD_SIZE), static_cast(buffer));
-    return receiveData(*ssl, data);
-}
-
-
-int SSL_accept(SSL* ssl)
-{
-    if (ssl->GetError() == YasslError(SSL_ERROR_WANT_READ))
-        ssl->SetError(no_error);
-
-    if (ssl->GetError() == YasslError(SSL_ERROR_WANT_WRITE)) {
-        ssl->SetError(no_error);
-        ssl->SendWriteBuffered();
-        if (!ssl->GetError())
-            ssl->useStates().UseAccept() =
-                             AcceptState(ssl->getStates().GetAccept() + 1);
-    }
-
-    switch (ssl->getStates().GetAccept()) {
-
-    case ACCEPT_BEGIN :
-        processReply(*ssl);
-        if (!ssl->GetError())
-            ssl->useStates().UseAccept() = ACCEPT_FIRST_REPLY_DONE;
-        /* fall through */
-
-    case ACCEPT_FIRST_REPLY_DONE :
-        sendServerHello(*ssl);
-
-        if (!ssl->getSecurity().get_resuming()) {
-            sendCertificate(*ssl);
-
-            if (ssl->getSecurity().get_connection().send_server_key_)
-                sendServerKeyExchange(*ssl);
-
-            if(ssl->getCrypto().get_certManager().verifyPeer())
-                sendCertificateRequest(*ssl);
-
-            sendServerHelloDone(*ssl);
-            ssl->flushBuffer();
-        }
-
-        if (!ssl->GetError())
-            ssl->useStates().UseAccept() = SERVER_HELLO_DONE;
-        /* fall through */
-
-    case SERVER_HELLO_DONE :
-        if (!ssl->getSecurity().get_resuming()) {
-            while (ssl->getStates().getServer() < clientFinishedComplete) {
-                if (ssl->GetError()) break;
-                processReply(*ssl);
-            }
-        }
-        if (!ssl->GetError())
-            ssl->useStates().UseAccept() = ACCEPT_SECOND_REPLY_DONE;
-        /* fall through */
-
-    case ACCEPT_SECOND_REPLY_DONE :
-        sendChangeCipher(*ssl);
-        sendFinished(*ssl, server_end);
-        ssl->flushBuffer();
-
-        if (!ssl->GetError())
-            ssl->useStates().UseAccept() = ACCEPT_FINISHED_DONE;
-        /* fall through */
-
-    case ACCEPT_FINISHED_DONE :
-        if (ssl->getSecurity().get_resuming()) {
-            while (ssl->getStates().getServer() < clientFinishedComplete) {
-                if (ssl->GetError()) break;
-                processReply(*ssl);
-            }
-        }
-        if (!ssl->GetError())
-            ssl->useStates().UseAccept() = ACCEPT_THIRD_REPLY_DONE;
-        /* fall through */
-
-    case ACCEPT_THIRD_REPLY_DONE :
-        ssl->useLog().ShowTCP(ssl->getSocket().get_fd());
-
-        if (ssl->GetError()) {
-            GetErrors().Add(ssl->GetError());
-            return SSL_FATAL_ERROR;
-        }
-        return SSL_SUCCESS;
-
-    default:
-        return SSL_FATAL_ERROR; // unknown state
-    }
-}
-
-
-int SSL_do_handshake(SSL* ssl)
-{
-    if (ssl->getSecurity().get_parms().entity_ == client_end)
-        return SSL_connect(ssl);
-    else
-        return SSL_accept(ssl);
-}
-
-
-int SSL_clear(SSL* ssl)
-{
-    GetErrors().Remove();
-
-    return SSL_SUCCESS;
-}
-
-
-int SSL_shutdown(SSL* ssl)
-{
-    if (!ssl->GetQuietShutdown()) {
-      Alert alert(warning, close_notify);
-      sendAlert(*ssl, alert);
-    }
-    ssl->useLog().ShowTCP(ssl->getSocket().get_fd(), true);
-
-    GetErrors().Remove();
-
-    return SSL_SUCCESS;
-}
-
-
-void SSL_set_quiet_shutdown(SSL *ssl,int mode)
-{
-    ssl->SetQuietShutdown(mode != 0);
-}
-
-
-int SSL_get_quiet_shutdown(SSL *ssl)
-{
-    return ssl->GetQuietShutdown();
-}
-
-
-/* on by default but allow user to turn off */
-long SSL_CTX_set_session_cache_mode(SSL_CTX* ctx, long mode)
-{
-    if (mode == SSL_SESS_CACHE_OFF)
-        ctx->SetSessionCacheOff();
-
-    if (mode == SSL_SESS_CACHE_NO_AUTO_CLEAR)
-        ctx->SetSessionCacheFlushOff();
-
-    return SSL_SUCCESS;
-}
-
-
-SSL_SESSION* SSL_get_session(SSL* ssl)
-{
-    if (ssl->getSecurity().GetContext()->GetSessionCacheOff())
-        return 0;
-
-    return GetSessions().lookup(
-        ssl->getSecurity().get_connection().sessionID_);
-}
-
-
-int SSL_set_session(SSL* ssl, SSL_SESSION* session)
-{
-    if (ssl->getSecurity().GetContext()->GetSessionCacheOff())
-        return SSL_FAILURE;
-
-    ssl->set_session(session);
-    return SSL_SUCCESS;
-}
-
-
-int SSL_session_reused(SSL* ssl)
-{
-    return ssl->getSecurity().get_resuming();
-}
-
-
-long SSL_SESSION_set_timeout(SSL_SESSION* sess, long t)
-{
-    if (!sess)
-        return SSL_ERROR_NONE;
-
-    sess->SetTimeOut(t);
-    return SSL_SUCCESS;
-}
-
-
-long SSL_get_default_timeout(SSL* /*ssl*/)
-{
-    return DEFAULT_TIMEOUT;
-}
-
-
-void SSL_flush_sessions(SSL_CTX *ctx, long /* tm */)
-{
-    if (ctx->GetSessionCacheOff())
-        return;
-
-    GetSessions().Flush();
-}
-
-
-const char* SSL_get_cipher_name(SSL* ssl)
-{ 
-    return SSL_get_cipher(ssl); 
-}
-
-
-const char* SSL_get_cipher(SSL* ssl)
-{
-    return ssl->getSecurity().get_parms().cipher_name_;
-}
-
-
-// SSLv2 only, not implemented
-char* SSL_get_shared_ciphers(SSL* /*ssl*/, char* buf, int len)
-{
-    return strncpy(buf, "Not Implemented, SSLv2 only", len);
-}
-
-
-const char* SSL_get_cipher_list(SSL* ssl, int priority)
-{
-    if (priority < 0 || priority >= MAX_CIPHERS)
-        return 0;
-
-    if (ssl->getSecurity().get_parms().cipher_list_[priority][0])
-        return ssl->getSecurity().get_parms().cipher_list_[priority];
-
-    return 0;
-}
-
-
-int SSL_CTX_set_cipher_list(SSL_CTX* ctx, const char* list)
-{
-    if (ctx->SetCipherList(list))
-        return SSL_SUCCESS;
-    else
-        return SSL_FAILURE;
-}
-
-
-const char* SSL_get_version(SSL* ssl)
-{
-    static const char* version3 =  "SSLv3";
-    static const char* version31 = "TLSv1";
-
-    return ssl->isTLS() ? version31 : version3;
-}
-
-const char* SSLeay_version(int)
-{
-    static const char* version = "SSLeay yaSSL compatibility";
-    return version;
-}
-
-
-int SSL_get_error(SSL* ssl, int /*previous*/)
-{
-    return ssl->getStates().What();
-}
-
-
-
-/* turn on yaSSL zlib compression
-   returns 0 for success, else error (not built in)
-   only need to turn on for client, becuase server on by default if built in
-   but calling for server will tell you whether it's available or not
-*/
-int SSL_set_compression(SSL* ssl)   /* Chad didn't rename to ya~ because it is prob. bug. */
-{
-    return ssl->SetCompression();
-}
-
-
-
-X509* SSL_get_peer_certificate(SSL* ssl)
-{
-    return ssl->getCrypto().get_certManager().get_peerX509();
-}
-
-
-void X509_free(X509* /*x*/)
-{
-    // peer cert set for deletion during destruction
-    // no need to delete now
-}
-
-
-X509* X509_STORE_CTX_get_current_cert(X509_STORE_CTX* ctx)
-{
-    return ctx->current_cert;
-}
-
-
-int X509_STORE_CTX_get_error(X509_STORE_CTX* ctx)
-{
-    return ctx->error;
-}
-
-
-int X509_STORE_CTX_get_error_depth(X509_STORE_CTX* ctx)
-{
-    return ctx->error_depth;
-}
-
-
-// copy name into buffer, at most sz bytes, if buffer is null
-// will malloc buffer, caller responsible for freeing
-char* X509_NAME_oneline(X509_NAME* name, char* buffer, int sz)
-{
-    if (!name->GetName()) return buffer;
-
-    int len    = (int)strlen(name->GetName()) + 1;
-    int copySz = min(len, sz);
-
-    if (!buffer) {
-        buffer = (char*)malloc(len);
-        if (!buffer) return buffer;
-        copySz = len;
-    }
-
-    if (copySz == 0)
-        return buffer;
-
-    memcpy(buffer, name->GetName(), copySz - 1);
-    buffer[copySz - 1] = 0;
-
-    return buffer;
-}
-
-
-X509_NAME* X509_get_issuer_name(X509* x)
-{
-    return  x->GetIssuer();
-}
-
-
-X509_NAME* X509_get_subject_name(X509* x)
-{
-    return x->GetSubject();
-}
-
-
-void SSL_load_error_strings()   // compatibility only 
-{}
-
-
-void SSL_set_connect_state(SSL*)
-{
-    // already a client by default
-}
-
-
-void SSL_set_accept_state(SSL* ssl)
-{
-    ssl->useSecurity().use_parms().entity_ = server_end;
-}
-
-
-long SSL_get_verify_result(SSL*)
-{
-    // won't get here if not OK
-    return X509_V_OK;
-}
-
-
-long SSL_CTX_sess_set_cache_size(SSL_CTX* /*ctx*/, long /*sz*/)
-{
-    // unlimited size, can't set for now
-    return 0;
-}
-
-
-long SSL_CTX_get_session_cache_mode(SSL_CTX*)
-{
-    // always 0, unlimited size for now
-    return 0;
-}
-
-
-long SSL_CTX_set_tmp_dh(SSL_CTX* ctx, DH* dh)
-{
-    if (ctx->SetDH(*dh))
-        return SSL_SUCCESS;
-    else
-        return SSL_FAILURE;
-}
-
-
-int SSL_CTX_use_certificate_file(SSL_CTX* ctx, const char* file, int format)
-{
-    return read_file(ctx, file, format, Cert);
-}
-
-
-int SSL_CTX_use_PrivateKey_file(SSL_CTX* ctx, const char* file, int format)
-{
-    return read_file(ctx, file, format, PrivateKey);
-}
-
-
-void SSL_CTX_set_verify(SSL_CTX* ctx, int mode, VerifyCallback vc)
-{
-    if (mode & SSL_VERIFY_PEER)
-        ctx->setVerifyPeer();
-
-    if (mode == SSL_VERIFY_NONE)
-        ctx->setVerifyNone();
-
-    if (mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)
-        ctx->setFailNoCert();
-
-    ctx->setVerifyCallback(vc);
-}
-
-
-int SSL_CTX_load_verify_locations(SSL_CTX* ctx, const char* file,
-                                  const char* path)
-{
-    int       ret = SSL_FAILURE;
-
-    if (file) ret = read_file(ctx, file, SSL_FILETYPE_PEM, CA);
-
-    if (ret == SSL_SUCCESS && path) {
-        // call read_file for each reqular file in path
-#ifdef _WIN32
-
-        WIN32_FIND_DATA FindFileData;
-        HANDLE hFind;
-
-        const int DELIMITER_SZ      = 2;
-        const int DELIMITER_STAR_SZ = 3;
-        int pathSz = (int)strlen(path);
-        int nameSz = pathSz + DELIMITER_STAR_SZ + 1; // plus 1 for terminator
-        char* name = NEW_YS char[nameSz];  // directory specification
-        memset(name, 0, nameSz);
-        strncpy(name, path, nameSz - DELIMITER_STAR_SZ - 1);
-        strncat(name, "\\*", DELIMITER_STAR_SZ);
-
-        hFind = FindFirstFile(name, &FindFileData);
-        if (hFind == INVALID_HANDLE_VALUE) {
-            ysArrayDelete(name);
-            return SSL_BAD_PATH;
-        }
-
-        do {
-            if (!(FindFileData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY)) {
-                int curSz = (int)strlen(FindFileData.cFileName);
-                if (pathSz + curSz + DELIMITER_SZ + 1 > nameSz) {
-                    ysArrayDelete(name);
-                    // plus 1 for terminator
-                    nameSz = pathSz + curSz + DELIMITER_SZ + 1;
-                    name = NEW_YS char[nameSz];
-                }
-                memset(name, 0, nameSz);
-                strncpy(name, path, nameSz - curSz - DELIMITER_SZ - 1);
-                strncat(name, "\\", DELIMITER_SZ);
-                strncat(name, FindFileData.cFileName,
-                                            nameSz - pathSz - DELIMITER_SZ - 1);
-                ret = read_file(ctx, name, SSL_FILETYPE_PEM, CA);
-            }
-        } while (ret == SSL_SUCCESS && FindNextFile(hFind, &FindFileData));
-
-        ysArrayDelete(name);
-        FindClose(hFind);
-
-#else   // _WIN32
-        DIR* dir = opendir(path);
-        if (!dir) return SSL_BAD_PATH;
-
-        struct dirent* entry;
-        struct stat    buf;
-        const int DELIMITER_SZ = 1;
-        int pathSz = (int)strlen(path);
-        int nameSz = pathSz + DELIMITER_SZ + 1; //plus 1 for null terminator
-        char* name = NEW_YS char[nameSz];  // directory specification
-
-        while (ret == SSL_SUCCESS && (entry = readdir(dir))) {
-            int curSz = (int)strlen(entry->d_name);
-            if (pathSz + curSz + DELIMITER_SZ + 1 > nameSz) {
-                ysArrayDelete(name);
-                nameSz = pathSz + DELIMITER_SZ + curSz + 1;
-                name = NEW_YS char[nameSz];
-            }
-            memset(name, 0, nameSz);
-            strncpy(name, path, nameSz - curSz - 1);
-            strncat(name, "/",  DELIMITER_SZ);
-            strncat(name, entry->d_name, nameSz - pathSz - DELIMITER_SZ - 1);
-
-            if (stat(name, &buf) < 0) {
-                ysArrayDelete(name);
-                closedir(dir);
-                return SSL_BAD_STAT;
-            }
-     
-            if (S_ISREG(buf.st_mode))
-                ret = read_file(ctx, name, SSL_FILETYPE_PEM, CA);
-        }
-
-        ysArrayDelete(name);
-        closedir(dir);
-
-#endif
-    }
-
-    return ret;
-}
-
-
-int SSL_CTX_set_default_verify_paths(SSL_CTX* /*ctx*/)
-{
-    // TODO: figure out way to set/store default path, then call load_verify
-    return SSL_NOT_IMPLEMENTED;
-}
-
-
-int SSL_CTX_set_session_id_context(SSL_CTX*, const unsigned char*,
-                                    unsigned int)
-{
-    // No application specific context needed for yaSSL
-    return SSL_SUCCESS;
-}
-
-
-int SSL_CTX_check_private_key(SSL_CTX* /*ctx*/)
-{
-    // TODO: check private against public for RSA match
-    return SSL_NOT_IMPLEMENTED;
-}
-
-
-// TODO: all session stats
-long SSL_CTX_sess_accept(SSL_CTX* ctx)
-{
-    return ctx->GetStats().accept_;
-}
-
-
-long SSL_CTX_sess_connect(SSL_CTX* ctx)
-{
-    return ctx->GetStats().connect_;
-}
-
-
-long SSL_CTX_sess_accept_good(SSL_CTX* ctx)
-{
-    return ctx->GetStats().acceptGood_;
-}
-
-
-long SSL_CTX_sess_connect_good(SSL_CTX* ctx)
-{
-    return ctx->GetStats().connectGood_;
-}
-
-
-long SSL_CTX_sess_accept_renegotiate(SSL_CTX* ctx)
-{
-    return ctx->GetStats().acceptRenegotiate_;
-}
-
-
-long SSL_CTX_sess_connect_renegotiate(SSL_CTX* ctx)
-{
-    return ctx->GetStats().connectRenegotiate_;
-}
-
-
-long SSL_CTX_sess_hits(SSL_CTX* ctx)
-{
-    return ctx->GetStats().hits_;
-}
-
-
-long SSL_CTX_sess_cb_hits(SSL_CTX* ctx)
-{
-    return ctx->GetStats().cbHits_;
-}
-
-
-long SSL_CTX_sess_cache_full(SSL_CTX* ctx)
-{
-    return ctx->GetStats().cacheFull_;
-}
-
-
-long SSL_CTX_sess_misses(SSL_CTX* ctx)
-{
-    return ctx->GetStats().misses_;
-}
-
-
-long SSL_CTX_sess_timeouts(SSL_CTX* ctx)
-{
-    return ctx->GetStats().timeouts_;
-}
-
-
-long SSL_CTX_sess_number(SSL_CTX* ctx)
-{
-    return ctx->GetStats().number_;
-}
-
-
-long SSL_CTX_sess_get_cache_size(SSL_CTX* ctx)
-{
-    return ctx->GetStats().getCacheSize_;
-}
-// end session stats TODO:
-
-
-int SSL_CTX_get_verify_mode(SSL_CTX* ctx)
-{
-    return ctx->GetStats().verifyMode_;
-}
-
-
-int SSL_get_verify_mode(SSL* ssl)
-{
-    return ssl->getSecurity().GetContext()->GetStats().verifyMode_;
-}
-
-
-int SSL_CTX_get_verify_depth(SSL_CTX* ctx)
-{
-    return ctx->GetStats().verifyDepth_;
-}
-
-
-int SSL_get_verify_depth(SSL* ssl)
-{
-    return ssl->getSecurity().GetContext()->GetStats().verifyDepth_;
-}
-
-
-long SSL_CTX_set_options(SSL_CTX*, long)
-{
-    // TDOD:
-    return SSL_SUCCESS;
-}
-
-
-void SSL_CTX_set_info_callback(SSL_CTX*, void (*)())
-{
-    // TDOD:
-}
-
-
-void OpenSSL_add_all_algorithms()  // compatibility only
-{}
-
-
-int SSL_library_init()  // compatibility only
-{
-    return 1;
-}
-
-
-DH* DH_new(void)
-{
-    DH* dh = NEW_YS DH;
-    if (dh)
-        dh->p = dh->g = 0;
-    return dh;
-}
-
-
-void DH_free(DH* dh)
-{
-    ysDelete(dh->g);
-    ysDelete(dh->p);
-    ysDelete(dh);
-}
-
-
-// convert positive big-endian num of length sz into retVal, which may need to 
-// be created
-BIGNUM* BN_bin2bn(const unsigned char* num, int sz, BIGNUM* retVal)
-{
-    bool created = false;
-    mySTL::auto_ptr bn;
-
-    if (!retVal) {
-        created = true;
-        bn.reset(NEW_YS BIGNUM);
-        retVal = bn.get();
-    }
-
-    retVal->assign(num, sz);
-
-    if (created)
-        return bn.release();
-    else
-        return retVal;
-}
-
-
-unsigned long ERR_get_error_line_data(const char**, int*, const char**, int *)
-{
-    //return SSL_NOT_IMPLEMENTED;
-    return 0;
-}
-
-
-void ERR_print_errors_fp(FILE* /*fp*/)
-{
-    // need ssl access to implement TODO:
-    //fprintf(fp, "%s", ssl.get_states().errorString_.c_str());
-}
-
-
-char* ERR_error_string(unsigned long errNumber, char* buffer)
-{
-  static char* msg = (char*)"Please supply a buffer for error string";
-
-    if (buffer) {
-        SetErrorString(YasslError(errNumber), buffer);
-        return buffer;
-    }
-
-    return msg;
-}
-
-
-const char* X509_verify_cert_error_string(long /* error */)
-{
-    // TODO:
-    static const char* msg = "Not Implemented";
-    return msg;
-}
-
-
-const EVP_MD* EVP_md5(void)
-{
-    static const char* type = "MD5";
-    return type;
-}
-
-
-const EVP_CIPHER* EVP_des_ede3_cbc(void)
-{
-    static const char* type = "DES-EDE3-CBC";
-    return type;
-}
-
-
-int EVP_BytesToKey(const EVP_CIPHER* type, const EVP_MD* md, const byte* salt,
-                   const byte* data, int sz, int count, byte* key, byte* iv)
-{
-    // only support MD5 for now
-    if (strncmp(md, "MD5", 3)) return 0;
-
-    int keyLen = 0;
-    int ivLen  = 0;
-
-    // only support CBC DES and AES for now
-    if (strncmp(type, "DES-CBC", 7) == 0) {
-        keyLen = DES_KEY_SZ;
-        ivLen  = DES_IV_SZ;
-    }
-    else if (strncmp(type, "DES-EDE3-CBC", 12) == 0) {
-        keyLen = DES_EDE_KEY_SZ;
-        ivLen  = DES_IV_SZ;
-    }
-    else if (strncmp(type, "AES-128-CBC", 11) == 0) {
-        keyLen = AES_128_KEY_SZ;
-        ivLen  = AES_IV_SZ;
-    }
-    else if (strncmp(type, "AES-192-CBC", 11) == 0) {
-        keyLen = AES_192_KEY_SZ;
-        ivLen  = AES_IV_SZ;
-    }
-    else if (strncmp(type, "AES-256-CBC", 11) == 0) {
-        keyLen = AES_256_KEY_SZ;
-        ivLen  = AES_IV_SZ;
-    }
-    else
-        return 0;
-
-    yaSSL::MD5 myMD;
-    uint digestSz = myMD.get_digestSize();
-    byte digest[SHA_LEN];                   // max size
-
-    int keyLeft   = keyLen;
-    int ivLeft    = ivLen;
-    int keyOutput = 0;
-
-    while (keyOutput < (keyLen + ivLen)) {
-        int digestLeft = digestSz;
-        // D_(i - 1)
-        if (keyOutput)                      // first time D_0 is empty
-            myMD.update(digest, digestSz);
-        // data
-        myMD.update(data, sz);
-        // salt
-        if (salt)
-            myMD.update(salt, EVP_SALT_SZ);
-        myMD.get_digest(digest);
-        // count
-        for (int j = 1; j < count; j++) {
-            myMD.update(digest, digestSz);
-            myMD.get_digest(digest);
-        }
-
-        if (keyLeft) {
-            int store = min(keyLeft, static_cast(digestSz));
-            memcpy(&key[keyLen - keyLeft], digest, store);
-
-            keyOutput  += store;
-            keyLeft    -= store;
-            digestLeft -= store;
-        }
-
-        if (ivLeft && digestLeft) {
-            int store = min(ivLeft, digestLeft);
-            memcpy(&iv[ivLen - ivLeft], &digest[digestSz - digestLeft], store);
-
-            keyOutput += store;
-            ivLeft    -= store;
-        }
-    }
-    return keyOutput;
-}
-
-
-
-void DES_set_key_unchecked(const_DES_cblock* key, DES_key_schedule* schedule)
-{
-    memcpy(schedule, key, sizeof(const_DES_cblock));
-}
-
-
-void DES_ede3_cbc_encrypt(const byte* input, byte* output, long sz,
-                          DES_key_schedule* ks1, DES_key_schedule* ks2,
-                          DES_key_schedule* ks3, DES_cblock* ivec, int enc)
-{
-    DES_EDE des;
-    byte key[DES_EDE_KEY_SZ];
-
-    memcpy(key, *ks1, DES_BLOCK);
-    memcpy(&key[DES_BLOCK], *ks2, DES_BLOCK);
-    memcpy(&key[DES_BLOCK * 2], *ks3, DES_BLOCK);
-
-    if (enc) {
-        des.set_encryptKey(key, *ivec);
-        des.encrypt(output, input, sz);
-    }
-    else {
-        des.set_decryptKey(key, *ivec);
-        des.decrypt(output, input, sz);
-    }
-}
-
-
-// functions for libcurl
-int RAND_status()
-{
-    return 1;  /* TaoCrypt provides enough seed */
-}
-
-
-int DES_set_key(const_DES_cblock* key, DES_key_schedule* schedule)
-{
-    memcpy(schedule, key, sizeof(const_DES_cblock));
-    return 1;
-}
-
-
-void DES_set_odd_parity(DES_cblock* key)
-{
-    // not needed now for TaoCrypt
-}
-
-
-void DES_ecb_encrypt(DES_cblock* input, DES_cblock* output,
-                     DES_key_schedule* key, int enc)
-{
-    DES  des;
-
-    if (enc) {
-        des.set_encryptKey(*key, 0);
-        des.encrypt(*output, *input, DES_BLOCK);
-    }
-    else {
-        des.set_decryptKey(*key, 0);
-        des.decrypt(*output, *input, DES_BLOCK);
-    }
-}
-
-
-void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX* ctx, void* userdata)
-{
-    ctx->SetUserData(userdata);
-}
-
-
-X509* SSL_get_certificate(SSL* ssl)
-{
-    return ssl->getCrypto().get_certManager().get_selfX509();
-}
-
-
-EVP_PKEY* SSL_get_privatekey(SSL* ssl)
-{
-    // only called, not used
-    return 0;
-}
-
-
-void SSL_SESSION_free(SSL_SESSION* session)
-{
-    // managed by singleton
-}
-
-
-
-EVP_PKEY* X509_get_pubkey(X509* x)
-{
-    // called, not used though
-    return 0;
-}
-
-
-int EVP_PKEY_copy_parameters(EVP_PKEY* to, const EVP_PKEY* from)
-{
-    // called, not used though
-    return 0;
-}
-
-
-void EVP_PKEY_free(EVP_PKEY* pkey)
-{
-    // never allocated from above
-}
-
-
-void ERR_error_string_n(unsigned long e, char *buf, size_t len)
-{
-    if (len) ERR_error_string(e, buf);
-}
-
-
-void ERR_free_strings(void)
-{
-    // handled internally
-}
-
-
-void EVP_cleanup(void)
-{
-    // nothing to do yet
-}
-
-
-ASN1_TIME* X509_get_notBefore(X509* x)
-{
-    if (x) return x->GetBefore();
-    return 0;
-}
-
-
-ASN1_TIME* X509_get_notAfter(X509* x)
-{
-    if (x) return x->GetAfter();
-    return 0;
-}
-
-
-SSL_METHOD* SSLv2_client_method(void)   /* will never work, no v 2    */
-{
-    return 0;
-}
-
-
-SSL_SESSION* SSL_get1_session(SSL* ssl)  /* what's ref count */
-{
-    return SSL_get_session(ssl);
-}
-
-
-void GENERAL_NAMES_free(STACK_OF(GENERAL_NAME) *x)
-{
-    // no extension names supported yet
-}
-
-
-int sk_GENERAL_NAME_num(STACK_OF(GENERAL_NAME) *x)
-{
-    // no extension names supported yet
-    return 0;
-}
-
-
-GENERAL_NAME* sk_GENERAL_NAME_value(STACK_OF(GENERAL_NAME) *x, int i)
-{
-    // no extension names supported yet
-    return 0;
-}
-
-
-unsigned char* ASN1_STRING_data(ASN1_STRING* x)
-{
-    if (x) return x->data;
-    return 0;
-}
-
-
-int ASN1_STRING_length(ASN1_STRING* x)
-{
-    if (x) return x->length;
-    return 0;
-}
-
-
-int ASN1_STRING_type(ASN1_STRING *x)
-{
-    if (x) return x->type;
-    return 0;
-}
-
-
-int X509_NAME_get_index_by_NID(X509_NAME* name,int nid, int lastpos)
-{
-    int idx = -1;  // not found
-    int cnPos = -1;
-
-    switch (nid) {
-    case NID_commonName:
-        cnPos = name->GetCnPosition();
-        if (lastpos < cnPos)
-            idx = cnPos;
-        break;
-    }
-
-    return idx;
-}
-
-
-ASN1_STRING* X509_NAME_ENTRY_get_data(X509_NAME_ENTRY* ne)
-{
-    // the same in yaSSL
-    return ne;
-}
-
-
-X509_NAME_ENTRY* X509_NAME_get_entry(X509_NAME* name, int loc)
-{
-    return name->GetEntry(loc);
-}
-
-
-// already formatted, caller responsible for freeing *out
-int ASN1_STRING_to_UTF8(unsigned char** out, ASN1_STRING* in)
-{
-    if (!in) return 0;
-
-    *out = (unsigned char*)malloc(in->length + 1);
-    if (*out) {
-        memcpy(*out, in->data, in->length);
-        (*out)[in->length] = 0;
-    }
-    return in->length;
-}
-
-
-void* X509_get_ext_d2i(X509* x, int nid, int* crit, int* idx)
-{
-    // no extensions supported yet
-    return 0;
-}
-
-
-void MD4_Init(MD4_CTX* md4)
-{
-    // make sure we have a big enough buffer
-    typedef char ok[sizeof(md4->buffer) >= sizeof(TaoCrypt::MD4) ? 1 : -1];
-    (void) sizeof(ok);
-
-    // using TaoCrypt since no dynamic memory allocated
-    // and no destructor will be called
-    new (reinterpret_cast(md4->buffer)) TaoCrypt::MD4();
-}
-
-
-void MD4_Update(MD4_CTX* md4, const void* data, unsigned long sz)
-{
-    reinterpret_cast(md4->buffer)->Update(
-                static_cast(data), static_cast(sz));
-}
-
-
-void MD4_Final(unsigned char* hash, MD4_CTX* md4)
-{
-    reinterpret_cast(md4->buffer)->Final(hash);
-}
-
-
-void MD5_Init(MD5_CTX* md5)
-{
-    // make sure we have a big enough buffer
-    typedef char ok[sizeof(md5->buffer) >= sizeof(TaoCrypt::MD5) ? 1 : -1];
-    (void) sizeof(ok);
-
-    // using TaoCrypt since no dynamic memory allocated
-    // and no destructor will be called
-    new (reinterpret_cast(md5->buffer)) TaoCrypt::MD5();
-}
-
-
-void MD5_Update(MD5_CTX* md5, const void* data, unsigned long sz)
-{
-    reinterpret_cast(md5->buffer)->Update(
-                static_cast(data), static_cast(sz));
-}
-
-
-void MD5_Final(unsigned char* hash, MD5_CTX* md5)
-{
-    reinterpret_cast(md5->buffer)->Final(hash);
-}
-
-
-int RAND_bytes(unsigned char* buf, int num)
-{
-    RandomPool ran;
-
-    if (ran.GetError()) return 0;
-
-    ran.Fill(buf, num);
-    return 1;
-}
-
-
-int SSL_peek(SSL* ssl, void* buffer, int sz)
-{
-    Data data(min(sz, MAX_RECORD_SIZE), static_cast(buffer));
-    return receiveData(*ssl, data, true);
-}
-
-
-int SSL_pending(SSL* ssl)
-{
-    return ssl->bufferedData();
-}
-
-
-void SSL_CTX_set_default_passwd_cb(SSL_CTX* ctx, pem_password_cb cb)
-{
-    ctx->SetPasswordCb(cb);
-}
-
-
-int SSLeay_add_ssl_algorithms()  // compatibility only
-{
-    return 1;
-}
-
-
-void ERR_remove_state(unsigned long)
-{
-    if (HasErrors())
-       GetErrors().Remove();
-}
-
-
-int ERR_GET_REASON(int l)
-{
-    return l & 0xfff;
-}
-
-
-unsigned long err_helper(bool peek = false)
-{
-    int ysError = GetErrors().Lookup(peek);
-
-    // translate cert error for libcurl, it uses OpenSSL hex code
-    switch (ysError) {
-    case TaoCrypt::SIG_OTHER_E:
-        return CERTFICATE_ERROR;
-        break;
-    default :
-        return 0;
-    }
-
-    return 0;  // shut up compiler
-}
-
-
-unsigned long ERR_peek_error()
-{
-    return err_helper(true);
-}
-
-
-unsigned long ERR_get_error()
-{
-    return err_helper();
-}
-
-
-    // functions for stunnel
-
-    void RAND_screen()
-    {
-        // TODO:
-    }
-
-
-    const char* RAND_file_name(char*, size_t)
-    {
-        // TODO:
-        return 0;
-    }
-
-
-    int RAND_write_file(const char*)
-    {
-        // TODO:
-        return 0;
-    }
-
-
-    int RAND_load_file(const char*, long)
-    {
-        // TODO:
-        return 0;
-    }
-
-
-    void RSA_free(RSA*)
-    {
-        // TODO:
-    }
-
-
-    RSA* RSA_generate_key(int, unsigned long, void(*)(int, int, void*), void*)
-    {
-        //  TODO:
-        return 0;
-    }
-
-
-    int X509_LOOKUP_add_dir(X509_LOOKUP*, const char*, long)
-    {
-        // TODO:
-        return SSL_SUCCESS;
-    }
-
-
-    int X509_LOOKUP_load_file(X509_LOOKUP*, const char*, long)
-    {
-        // TODO:
-        return SSL_SUCCESS;
-    }
-
-
-    X509_LOOKUP_METHOD* X509_LOOKUP_hash_dir(void)
-    {
-        // TODO:
-        return 0;
-    }
-
-
-    X509_LOOKUP_METHOD* X509_LOOKUP_file(void)
-    {
-        // TODO:
-        return 0;
-    }
-
-
-    X509_LOOKUP* X509_STORE_add_lookup(X509_STORE*, X509_LOOKUP_METHOD*)
-    {
-        // TODO:
-        return 0;
-    }
-
-
-    int X509_STORE_get_by_subject(X509_STORE_CTX*, int, X509_NAME*, X509_OBJECT*)
-    {
-        // TODO:
-        return SSL_SUCCESS;
-    }
-
-
-    X509_STORE* X509_STORE_new(void)
-    {
-        // TODO:
-        return 0;
-    }
-
-    char* SSL_alert_type_string_long(int)
-    {
-        // TODO:
-        return 0;
-    }
-
-
-    char* SSL_alert_desc_string_long(int)
-    {
-        // TODO:
-        return 0;
-    }
-
-
-    char* SSL_state_string_long(SSL*)
-    {
-        // TODO:
-        return 0;
-    }
-
-
-    void SSL_CTX_set_tmp_rsa_callback(SSL_CTX*, RSA*(*)(SSL*, int, int))
-    {
-        // TDOD:
-    }
-
-
-    long SSL_CTX_set_timeout(SSL_CTX*, long)
-    {
-        // TDOD:
-        return SSL_SUCCESS;
-    }
-
-
-    int SSL_CTX_use_certificate_chain_file(SSL_CTX* ctx, const char* file)
-    {
-        // For the moment, treat like use_certificate_file
-        return read_file(ctx, file, SSL_FILETYPE_PEM, Cert);
-    }
-
-
-    int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX*, const char*, int)
-    {
-        // TDOD:
-        return SSL_SUCCESS;
-    }
-
-
-    int SSL_set_rfd(SSL*, int)
-    {
-        return SSL_SUCCESS; // TODO:
-    }
-
-
-    int SSL_set_wfd(SSL*, int)
-    {
-        return SSL_SUCCESS; // TODO:
-    }
-
-
-    int SSL_want_read(SSL*)
-    {
-        return 0; // TODO:
-    }
-
-
-    int SSL_want_write(SSL*)
-    {
-        return 0; // TODO:
-    }
-
-
-    void SSL_set_shutdown(SSL*, int)
-    {
-        // TODO:
-    }
-
-    SSL_CIPHER* SSL_get_current_cipher(SSL*)
-    {
-        // TODO:
-        return 0;
-    }
-
-
-    char* SSL_CIPHER_description(SSL_CIPHER*, char*, int)
-    {
-        // TODO:
-        return 0;
-    }
-
-    // end stunnel needs
-
-    char *yaSSL_ASN1_TIME_to_string(const ASN1_TIME *time, char *buf, size_t len)
-    {
-      tm t;
-      static const char *month_names[12]=
-      {
-        "Jan","Feb","Mar","Apr","May","Jun",
-        "Jul","Aug","Sep","Oct","Nov","Dec"
-      };
-
-      TaoCrypt::ASN1_TIME_extract(time->data, time->type, &t);
-      snprintf(buf, len, "%s %2d %02d:%02d:%02d %d GMT",
-               month_names[t.tm_mon], t.tm_mday, t.tm_hour, t.tm_min, 
-               t.tm_sec, t.tm_year + 1900);
-      return buf;
-    }
-
-
-    void yaSSL_transport_set_ptr(SSL *ssl, void *ptr)
-    {
-      ssl->useSocket().set_transport_ptr(ptr);
-    }
-
-
-    void yaSSL_transport_set_recv_function(SSL *ssl, yaSSL_recv_func_t func)
-    {
-      ssl->useSocket().set_transport_recv_function(func);
-    }
-
-
-    void yaSSL_transport_set_send_function(SSL *ssl, yaSSL_send_func_t func)
-    {
-      ssl->useSocket().set_transport_send_function(func);
-    }
-
-} // extern "C"
-} // namespace
diff --git a/extra/yassl/src/timer.cpp b/extra/yassl/src/timer.cpp
deleted file mode 100644
index dadb3ebf378..00000000000
--- a/extra/yassl/src/timer.cpp
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* timer.cpp implements a high res and low res timer
- *
-*/
-
-#include "runtime.hpp"
-#include "timer.hpp"
-
-#ifdef _WIN32
-#define WIN32_LEAN_AND_MEAN 1
-#include 
-#else
-#include 
-#endif
-
-namespace yaSSL {
-
-#ifdef _WIN32
-
-    timer_d timer()
-    {
-        static bool          init(false);
-        static LARGE_INTEGER freq;
-    
-        if (!init) {
-            QueryPerformanceFrequency(&freq);
-            init = true;
-        }
-
-        LARGE_INTEGER count;
-        QueryPerformanceCounter(&count);
-
-        return static_cast(count.QuadPart) / freq.QuadPart;
-    }
-
-
-    uint lowResTimer()
-    {
-        return static_cast(timer());
-    }
-
-#else // _WIN32
-
-    timer_d timer()
-    {
-        struct timeval tv;
-        gettimeofday(&tv, 0);
-
-        return static_cast(tv.tv_sec) 
-             + static_cast(tv.tv_usec) / 1000000;
-    }
-
-
-    uint lowResTimer()
-    {
-        struct timeval tv;
-        gettimeofday(&tv, 0);
-
-        return tv.tv_sec; 
-    }
-
-
-#endif // _WIN32
-} // namespace yaSSL
diff --git a/extra/yassl/src/yassl.cpp b/extra/yassl/src/yassl.cpp
deleted file mode 100644
index 89600359401..00000000000
--- a/extra/yassl/src/yassl.cpp
+++ /dev/null
@@ -1,229 +0,0 @@
-/*
-   Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-
-/* yaSSL implements external API
- */
-
-#include "runtime.hpp"
-#include "yassl.hpp"
-#include "yassl_int.hpp"
-#include "handshake.hpp"
-#include 
-
-#include "openssl/ssl.h"  // get rid of this
-
-
-
-namespace yaSSL {
-
-
-
-struct Base {
-    SSL_METHOD* method_;
-    SSL_CTX*    ctx_;
-    SSL*        ssl_;
-
-    char*       ca_;
-    char*       cert_;
-    char*       key_;
-
-    DH*         dh_;
-
-    Base() : method_(0), ctx_(0), ssl_(0), ca_(0), cert_(0), key_(0), dh_(0)
-    {}
-
-    ~Base()
-    {
-        if (dh_) DH_free(dh_);
-        delete[] key_;
-        delete[] cert_;
-        delete[] ca_;
-        SSL_CTX_free(ctx_);   // frees method_ too
-        SSL_free(ssl_);
-    }
-};
-
-
-void SetDH(Base&);
-
-void SetUpBase(Base& base, ConnectionEnd end, SOCKET_T s)
-{
-    base.method_ = new SSL_METHOD(end, ProtocolVersion(3,1));
-    base.ctx_ =    new SSL_CTX(base.method_);
-
-    if (base.ca_)
-        if (SSL_CTX_load_verify_locations(base.ctx_,
-            base.ca_, 0) != SSL_SUCCESS) throw(0);
-    if (base.cert_)
-        if (SSL_CTX_use_certificate_file(base.ctx_,
-            base.cert_, SSL_FILETYPE_PEM) != SSL_SUCCESS) throw(0);
-    if (base.key_)
-        if (SSL_CTX_use_PrivateKey_file(base.ctx_, base.key_,
-            SSL_FILETYPE_PEM) != SSL_SUCCESS) throw(0);
-
-    if (end == server_end) SetDH(base);
-
-    base.ssl_ = new SSL(base.ctx_);
-    base.ssl_->useSocket().set_fd(s);
-}
-
-
-void SetDH(Base& base)
-{
-    static unsigned char dh512_p[] =
-    {
-      0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,0xD0,0xE4,0xAF,0x75,
-      0x6F,0x4C,0xCA,0x92,0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F,
-      0xED,0x94,0xEF,0x9C,0x8A,0x44,0x03,0xED,0x57,0x46,0x50,0xD3,
-      0x69,0x99,0xDB,0x29,0xD7,0x76,0x27,0x6B,0xA2,0xD3,0xD4,0x12,
-      0xE2,0x18,0xF4,0xDD,0x1E,0x08,0x4C,0xF6,0xD8,0x00,0x3E,0x7C,
-      0x47,0x74,0xE8,0x33,
-    };
-
-    static unsigned char dh512_g[] =
-    {
-      0x02,
-    };
-
-    if ( (base.dh_ = DH_new()) ) {
-        base.dh_->p = BN_bin2bn(dh512_p, sizeof(dh512_p), 0);
-        base.dh_->g = BN_bin2bn(dh512_g, sizeof(dh512_g), 0);
-    }
-    if (!base.dh_->p || !base.dh_->g) {
-        DH_free(base.dh_);
-        base.dh_ = 0;
-    }
-    SSL_CTX_set_tmp_dh(base.ctx_, base.dh_);
-}
-
-
-void NewCopy(char*& dst, const char* src)
-{
-    size_t len = strlen(src) + 1;
-    dst = new char[len];
-
-    strncpy(dst, src, len);
-}
-
-
-// Client Implementation
-struct Client::ClientImpl {
-    Base base_;
-};
-
-
-Client::Client() : pimpl_(new ClientImpl)
-{}
-
-
-Client::~Client() { delete pimpl_; }
-
-
-int Client::Connect(SOCKET_T s)
-{
-    SetUpBase(pimpl_->base_, client_end, s);
-    return SSL_connect(pimpl_->base_.ssl_);
-}
-
-
-int Client::Write(const void* buffer, int sz)
-{
-    return sendData(*pimpl_->base_.ssl_, buffer, sz);
-}
-
-
-int Client::Read(void* buffer, int sz)
-{
-    Data data(min(sz, MAX_RECORD_SIZE), static_cast(buffer));
-    return receiveData(*pimpl_->base_.ssl_, data);
-}
-
-
-void Client::SetCA(const char* name)
-{
-    NewCopy(pimpl_->base_.ca_, name);
-}
-
-
-void Client::SetCert(const char* name)
-{
-    NewCopy(pimpl_->base_.cert_, name);
-}
-
-
-void Client::SetKey(const char* name)
-{
-    NewCopy(pimpl_->base_.key_, name);
-}
-
-
-
-// Server Implementation
-struct Server::ServerImpl {
-    Base base_;
-};
-
-
-Server::Server() : pimpl_(new ServerImpl)
-{}
-
-
-Server::~Server() { delete pimpl_; }
-
-
-int Server::Accept(SOCKET_T s)
-{
-    SetUpBase(pimpl_->base_, server_end, s);
-    return SSL_accept(pimpl_->base_.ssl_);
-}
-
-
-int Server::Write(const void* buffer, int sz)
-{
-    return sendData(*pimpl_->base_.ssl_, buffer, sz);
-}
-
-
-int Server::Read(void* buffer, int sz)
-{
-    Data data(min(sz, MAX_RECORD_SIZE), static_cast(buffer));
-    return receiveData(*pimpl_->base_.ssl_, data);
-}
-
-
-void Server::SetCA(const char* name)
-{
-    NewCopy(pimpl_->base_.ca_, name);
-}
-
-
-void Server::SetCert(const char* name)
-{
-    NewCopy(pimpl_->base_.cert_, name);
-}
-
-
-void Server::SetKey(const char* name)
-{
-    NewCopy(pimpl_->base_.key_, name);
-}
-
-
-
-} // namespace yaSSL
diff --git a/extra/yassl/src/yassl_error.cpp b/extra/yassl/src/yassl_error.cpp
deleted file mode 100644
index bb3825ca972..00000000000
--- a/extra/yassl/src/yassl_error.cpp
+++ /dev/null
@@ -1,288 +0,0 @@
-/*
-   Copyright (c) 2005, 2013, Oracle and/or its affiliates
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-
-/* yaSSL error implements and an exception class
- */
-
-#include "runtime.hpp"
-#include "yassl_error.hpp"
-#include "error.hpp"        // TaoCrypt error numbers
-#include "openssl/ssl.h"    // SSL_ERROR_WANT_READ
-#include          // strncpy
-
-#ifdef _MSC_VER
-    // 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy
-    #pragma warning(disable: 4996)
-#endif
-
-namespace yaSSL {
-
-
-/* may bring back in future
-Error::Error(const char* s, YasslError e, Library l) 
-    : mySTL::runtime_error(s), error_(e), lib_(l) 
-{
-}
-
-
-YasslError Error::get_number() const
-{
-    return error_;
-}
-
-
-Library Error::get_lib() const
-{
-
-    return lib_;
-}
-*/
-
-
-void SetErrorString(YasslError error, char* buffer)
-{
-    using namespace TaoCrypt;
-    const int max = MAX_ERROR_SZ;  // shorthand
-    int localError = error;        // errors from a few enums 
-
-    switch (localError) {
-
-        // yaSSL proper errors
-    case range_error :
-        strncpy(buffer, "buffer index error, out of range", max);
-        break; 
-
-    case realloc_error :
-        strncpy(buffer, "trying to realloc a fixed buffer", max);
-        break; 
-
-    case factory_error : 
-        strncpy(buffer, "unknown factory create request", max);
-        break; 
-
-    case unknown_cipher :
-        strncpy(buffer, "trying to use an unknown cipher", max);
-        break; 
-
-    case prefix_error : 
-        strncpy(buffer, "bad master secret derivation, prefix too big", max);
-        break; 
-
-    case record_layer : 
-        strncpy(buffer, "record layer not ready yet", max);
-        break; 
-        
-    case handshake_layer :
-        strncpy(buffer, "handshake layer not ready yet", max);
-        break; 
-
-    case out_of_order :
-        strncpy(buffer, "handshake message received in wrong order", max);
-        break; 
-
-    case bad_input : 
-        strncpy(buffer, "bad cipher suite input", max);
-        break; 
-
-    case match_error :
-        strncpy(buffer, "unable to match a supported cipher suite", max);
-        break; 
-
-    case no_key_file : 
-        strncpy(buffer, "the server needs a private key file", max);
-        break; 
-
-    case verify_error :
-        strncpy(buffer, "unable to verify peer checksum", max);
-        break; 
-
-    case send_error :
-        strncpy(buffer, "socket layer send error", max);
-        break; 
-
-    case receive_error :
-        strncpy(buffer, "socket layer receive error", max);
-        break; 
-
-    case certificate_error :
-        strncpy(buffer, "unable to process cerificate", max);
-        break;
-
-    case privateKey_error :
-        strncpy(buffer, "unable to process private key, bad format", max);
-        break;
-
-    case badVersion_error :
-        strncpy(buffer, "protocol version mismatch", max);
-        break;
-
-    case compress_error :
-        strncpy(buffer, "compression error", max);
-        break;
-
-    case decompress_error :
-        strncpy(buffer, "decompression error", max);
-        break;
-
-    case pms_version_error :
-        strncpy(buffer, "bad PreMasterSecret version error", max);
-        break;
-
-    case sanityCipher_error :
-        strncpy(buffer, "sanity check on cipher text size error", max);
-        break;
-
-    case rsaSignFault_error:
-        strncpy(buffer, "rsa signature fault error", max);
-        break;
-
-        // openssl errors
-    case SSL_ERROR_WANT_READ :
-        strncpy(buffer, "the read operation would block", max);
-        break;
-
-    case SSL_ERROR_WANT_WRITE :
-        strncpy(buffer, "the write operation would block", max);
-        break;
-
-    case CERTFICATE_ERROR :
-        strncpy(buffer, "Unable to verify certificate", max);
-        break;
-
-        // TaoCrypt errors
-    case NO_ERROR_E :
-        strncpy(buffer, "not in error state", max);
-        break;
-
-    case WINCRYPT_E :
-        strncpy(buffer, "bad wincrypt acquire", max);
-        break;
-
-    case CRYPTGEN_E :
-        strncpy(buffer, "CryptGenRandom error", max);
-        break;
-
-    case OPEN_RAN_E :
-        strncpy(buffer, "unable to use random device", max);
-        break;
-
-    case READ_RAN_E :
-        strncpy(buffer, "unable to use random device", max);
-        break;
-
-    case INTEGER_E :
-        strncpy(buffer, "ASN: bad DER Integer Header", max);
-        break;
-
-    case SEQUENCE_E :
-        strncpy(buffer, "ASN: bad Sequence Header", max);
-        break;
-
-    case SET_E :
-        strncpy(buffer, "ASN: bad Set Header", max);
-        break;
-
-    case VERSION_E :
-        strncpy(buffer, "ASN: version length not 1", max);
-        break;
-
-    case SIG_OID_E :
-        strncpy(buffer, "ASN: signature OID mismatch", max);
-        break;
-
-    case BIT_STR_E :
-        strncpy(buffer, "ASN: bad BitString Header", max);
-        break;
-
-    case UNKNOWN_OID_E :
-        strncpy(buffer, "ASN: unknown key OID type", max);
-        break;
-
-    case OBJECT_ID_E :
-        strncpy(buffer, "ASN: bad Ojbect ID Header", max);
-        break;
-
-    case TAG_NULL_E :
-        strncpy(buffer, "ASN: expected TAG NULL", max);
-        break;
-
-    case EXPECT_0_E :
-        strncpy(buffer, "ASN: expected 0", max);
-        break;
-
-    case OCTET_STR_E :
-        strncpy(buffer, "ASN: bad Octet String Header", max);
-        break;
-
-    case TIME_E :
-        strncpy(buffer, "ASN: bad TIME", max);
-        break;
-
-    case DATE_SZ_E :
-        strncpy(buffer, "ASN: bad Date Size", max);
-        break;
-
-    case SIG_LEN_E :
-        strncpy(buffer, "ASN: bad Signature Length", max);
-        break;
-
-    case UNKOWN_SIG_E :
-        strncpy(buffer, "ASN: unknown signature OID", max);
-        break;
-
-    case UNKOWN_HASH_E :
-        strncpy(buffer, "ASN: unknown hash OID", max);
-        break;
-
-    case DSA_SZ_E :
-        strncpy(buffer, "ASN: bad DSA r or s size", max);
-        break;
-
-    case BEFORE_DATE_E :
-        strncpy(buffer, "ASN: before date in the future", max);
-        break;
-
-    case AFTER_DATE_E :
-        strncpy(buffer, "ASN: after date in the past", max);
-        break;
-
-    case SIG_CONFIRM_E :
-        strncpy(buffer, "ASN: bad self signature confirmation", max);
-        break;
-
-    case SIG_OTHER_E :
-        strncpy(buffer, "ASN: bad other signature confirmation", max);
-        break;
-
-    case CONTENT_E :
-        strncpy(buffer, "bad content processing", max);
-        break;
-
-    case PEM_E :
-        strncpy(buffer, "bad PEM format processing", max);
-        break;
-
-    default :
-        strncpy(buffer, "unknown error number", max);
-    }
-}
-
-
-
-}  // namespace yaSSL
diff --git a/extra/yassl/src/yassl_imp.cpp b/extra/yassl/src/yassl_imp.cpp
deleted file mode 100644
index a4b1b50e10f..00000000000
--- a/extra/yassl/src/yassl_imp.cpp
+++ /dev/null
@@ -1,2636 +0,0 @@
-/*
-   Copyright (c) 2005, 2017, Oracle and/or its affiliates.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/*  yaSSL source implements all SSL.v3 secification structures.
- */
-
-#include "runtime.hpp"
-#include "yassl_int.hpp"
-#include "handshake.hpp"
-
-#include "asn.hpp"  // provide crypto wrapper??
-#include 
-
-
-namespace yaSSL {
-
-
-namespace { // locals
-
-bool isTLS(ProtocolVersion pv)
-{
-    if (pv.major_ >= 3 && pv.minor_ >= 1)
-        return true;
-
-    return false;
-}
-
-
-}  // namespace (locals)
-
-
-void hashHandShake(SSL&, const input_buffer&, uint);
-
-
-ProtocolVersion::ProtocolVersion(uint8 maj, uint8 min) 
-    : major_(maj), minor_(min) 
-{}
-
-
-// construct key exchange with known ssl parms
-void ClientKeyExchange::createKey(SSL& ssl)
-{
-    const ClientKeyFactory& ckf = ssl.getFactory().getClientKey();
-    client_key_ = ckf.CreateObject(ssl.getSecurity().get_parms().kea_);
-
-    if (!client_key_)
-        ssl.SetError(factory_error);
-}
-
-
-// construct key exchange with known ssl parms
-void ServerKeyExchange::createKey(SSL& ssl)
-{
-    const ServerKeyFactory& skf = ssl.getFactory().getServerKey();
-    server_key_ = skf.CreateObject(ssl.getSecurity().get_parms().kea_);
-
-    if (!server_key_)
-        ssl.SetError(factory_error);
-}
-
-
-// build/set PreMaster secret and encrypt, client side
-void EncryptedPreMasterSecret::build(SSL& ssl)
-{
-    opaque tmp[SECRET_LEN];
-    memset(tmp, 0, sizeof(tmp));
-    ssl.getCrypto().get_random().Fill(tmp, SECRET_LEN);
-    ProtocolVersion pv = ssl.getSecurity().get_connection().chVersion_;
-    tmp[0] = pv.major_;
-    tmp[1] = pv.minor_;
-    ssl.set_preMaster(tmp, SECRET_LEN);
-
-    const CertManager& cert = ssl.getCrypto().get_certManager();
-    RSA rsa(cert.get_peerKey(), cert.get_peerKeyLength());
-    bool tls = ssl.isTLS();     // if TLS, put length for encrypted data
-    alloc(rsa.get_cipherLength() + (tls ? 2 : 0));
-    byte* holder = secret_;
-    if (tls) {
-        byte len[2];
-        c16toa(rsa.get_cipherLength(), len);
-        memcpy(secret_, len, sizeof(len));
-        holder += 2;
-    }
-    rsa.encrypt(holder, tmp, SECRET_LEN, ssl.getCrypto().get_random());
-}
-
-
-// build/set premaster and Client Public key, client side
-void ClientDiffieHellmanPublic::build(SSL& ssl)
-{
-    DiffieHellman& dhServer = ssl.useCrypto().use_dh();
-    DiffieHellman  dhClient(dhServer);
-
-    uint keyLength = dhClient.get_agreedKeyLength(); // pub and agree same
-
-    alloc(keyLength, true);
-    dhClient.makeAgreement(dhServer.get_publicKey(),
-                           dhServer.get_publicKeyLength());
-    c16toa(keyLength, Yc_);
-    memcpy(Yc_ + KEY_OFFSET, dhClient.get_publicKey(), keyLength);
-
-    ssl.set_preMaster(dhClient.get_agreedKey(), keyLength);
-}
-
-
-// build server exhange, server side
-void DH_Server::build(SSL& ssl)
-{
-    DiffieHellman& dhServer = ssl.useCrypto().use_dh();
-
-    int pSz, gSz, pubSz;
-    dhServer.set_sizes(pSz, gSz, pubSz);
-    dhServer.get_parms(parms_.alloc_p(pSz), parms_.alloc_g(gSz),
-                       parms_.alloc_pub(pubSz));
-
-    short sigSz = 0;
-    mySTL::auto_ptr auth;
-    const CertManager& cert = ssl.getCrypto().get_certManager();
-    
-    if (ssl.getSecurity().get_parms().sig_algo_ == rsa_sa_algo) {
-        if (cert.get_keyType() != rsa_sa_algo) {
-            ssl.SetError(privateKey_error);
-            return;
-        }
-        auth.reset(NEW_YS RSA(cert.get_privateKey(),
-                   cert.get_privateKeyLength(), false));
-    }
-    else {
-        if (cert.get_keyType() != dsa_sa_algo) {
-            ssl.SetError(privateKey_error);
-            return;
-        }
-        auth.reset(NEW_YS DSS(cert.get_privateKey(),
-                   cert.get_privateKeyLength(), false));
-        sigSz += DSS_ENCODED_EXTRA;
-    }
-    
-    sigSz += auth->get_signatureLength();
-    if (!sigSz) {
-        ssl.SetError(privateKey_error);
-        return;
-    }
-
-    length_ = 8; // pLen + gLen + YsLen + SigLen
-    length_ += pSz + gSz + pubSz + sigSz;
-
-    output_buffer tmp(length_);
-    byte len[2];
-    // P
-    c16toa(pSz, len);
-    tmp.write(len, sizeof(len));
-    tmp.write(parms_.get_p(), pSz);
-    // G
-    c16toa(gSz, len);
-    tmp.write(len, sizeof(len));
-    tmp.write(parms_.get_g(), gSz);
-    // Ys
-    c16toa(pubSz, len);
-    tmp.write(len, sizeof(len));
-    tmp.write(parms_.get_pub(), pubSz);
-
-    // Sig
-    byte hash[FINISHED_SZ];
-    MD5  md5;
-    SHA  sha;
-    signature_ = NEW_YS byte[sigSz];
-
-    const Connection& conn = ssl.getSecurity().get_connection();
-    // md5
-    md5.update(conn.client_random_, RAN_LEN);
-    md5.update(conn.server_random_, RAN_LEN);
-    md5.update(tmp.get_buffer(), tmp.get_size());
-    md5.get_digest(hash);
-
-    // sha
-    sha.update(conn.client_random_, RAN_LEN);
-    sha.update(conn.server_random_, RAN_LEN);
-    sha.update(tmp.get_buffer(), tmp.get_size());
-    sha.get_digest(&hash[MD5_LEN]);
-
-    if (ssl.getSecurity().get_parms().sig_algo_ == rsa_sa_algo) {
-        auth->sign(signature_, hash, sizeof(hash),
-                   ssl.getCrypto().get_random());
-        // check for rsa signautre fault
-        if (!auth->verify(hash, sizeof(hash), signature_,
-                                              auth->get_signatureLength())) {
-            ssl.SetError(rsaSignFault_error);
-            return;
-        }
-    }
-    else {
-        auth->sign(signature_, &hash[MD5_LEN], SHA_LEN,
-                   ssl.getCrypto().get_random());
-        byte encoded[DSS_SIG_SZ + DSS_ENCODED_EXTRA];
-        TaoCrypt::EncodeDSA_Signature(signature_, encoded);
-        memcpy(signature_, encoded, sizeof(encoded));
-    }
-
-    c16toa(sigSz, len);
-    tmp.write(len, sizeof(len));
-    tmp.write(signature_, sigSz);
-
-    // key message
-    keyMessage_ = NEW_YS opaque[length_];
-    memcpy(keyMessage_, tmp.get_buffer(), tmp.get_size());
-}
-
-
-// read PreMaster secret and decrypt, server side
-void EncryptedPreMasterSecret::read(SSL& ssl, input_buffer& input)
-{
-    if (input.get_error()) {
-        ssl.SetError(bad_input);
-        return;
-    }
-
-    const CertManager& cert = ssl.getCrypto().get_certManager();
-    RSA rsa(cert.get_privateKey(), cert.get_privateKeyLength(), false);
-    uint16 cipherLen = rsa.get_cipherLength();
-    if (ssl.isTLS()) {
-        byte len[2];
-        len[0] = input[AUTO];
-        len[1] = input[AUTO];
-        ato16(len, cipherLen);
-    }
-    alloc(cipherLen);
-    input.read(secret_, length_);
-    if (input.get_error()) {
-        ssl.SetError(bad_input);
-        return;
-    }
-
-    opaque preMasterSecret[SECRET_LEN];
-    memset(preMasterSecret, 0, sizeof(preMasterSecret));
-    rsa.decrypt(preMasterSecret, secret_, length_, 
-                ssl.getCrypto().get_random());
-
-    ProtocolVersion pv = ssl.getSecurity().get_connection().chVersion_;
-    if (pv.major_ != preMasterSecret[0] || pv.minor_ != preMasterSecret[1])
-        ssl.SetError(pms_version_error); // continue deriving for timing attack
-
-    ssl.set_preMaster(preMasterSecret, SECRET_LEN);
-    ssl.makeMasterSecret();
-}
-
-
-EncryptedPreMasterSecret::EncryptedPreMasterSecret()
-    : secret_(0), length_(0)
-{}
-
-
-EncryptedPreMasterSecret::~EncryptedPreMasterSecret()
-{
-    ysArrayDelete(secret_);
-}
-
-
-int EncryptedPreMasterSecret::get_length() const
-{
-    return length_;
-}
-
-
-opaque* EncryptedPreMasterSecret::get_clientKey() const
-{
-    return secret_;
-}
-
-
-void EncryptedPreMasterSecret::alloc(int sz)
-{
-    length_ = sz;
-    secret_ = NEW_YS opaque[sz];
-}
-
-
-// read client's public key, server side
-void ClientDiffieHellmanPublic::read(SSL& ssl, input_buffer& input)
-{
-    if (input.get_error() || input.get_remaining() < (uint)LENGTH_SZ) {
-        ssl.SetError(bad_input);
-        return;
-    }
-
-    DiffieHellman& dh = ssl.useCrypto().use_dh();
-
-    uint16 keyLength;
-    byte tmp[2];
-    tmp[0] = input[AUTO];
-    tmp[1] = input[AUTO];
-    ato16(tmp, keyLength);
-
-    if (keyLength < dh.get_agreedKeyLength()/2) {
-        ssl.SetError(bad_input);
-        return;
-    }
-
-    alloc(keyLength);
-    input.read(Yc_, keyLength);
-    if (input.get_error()) {
-        ssl.SetError(bad_input);
-        return;
-    }
-    dh.makeAgreement(Yc_, keyLength); 
-
-    ssl.set_preMaster(dh.get_agreedKey(), dh.get_agreedKeyLength());
-    ssl.makeMasterSecret();
-}
-
-
-ClientDiffieHellmanPublic::ClientDiffieHellmanPublic()
-    : length_(0), Yc_(0)
-{}
-
-
-ClientDiffieHellmanPublic::~ClientDiffieHellmanPublic()
-{
-    ysArrayDelete(Yc_);
-}
-
-
-int ClientDiffieHellmanPublic::get_length() const
-{
-    return length_;
-}
-
-
-opaque* ClientDiffieHellmanPublic::get_clientKey() const
-{
-    return Yc_;
-}
-
-
-void ClientDiffieHellmanPublic::alloc(int sz, bool offset) 
-{
-    length_ = sz + (offset ? KEY_OFFSET : 0); 
-    Yc_ = NEW_YS opaque[length_];
-}
-
-
-// read server's p, g, public key and sig, client side
-void DH_Server::read(SSL& ssl, input_buffer& input)
-{
-    if (input.get_error() || input.get_remaining() < (uint)LENGTH_SZ) {
-        ssl.SetError(bad_input);
-        return;
-    }
-    uint16 length, messageTotal = 6; // pSz + gSz + pubSz
-    byte tmp[2];
-
-    // p
-    tmp[0] = input[AUTO];
-    tmp[1] = input[AUTO];
-    ato16(tmp, length);
-    messageTotal += length;
-
-    input.read(parms_.alloc_p(length), length);
-    if (input.get_error() || input.get_remaining() < (uint)LENGTH_SZ) {
-        ssl.SetError(bad_input);
-        return;
-    }
-
-    // g
-    tmp[0] = input[AUTO];
-    tmp[1] = input[AUTO];
-    ato16(tmp, length);
-    messageTotal += length;
-
-    input.read(parms_.alloc_g(length), length);
-    if (input.get_error() || input.get_remaining() < (uint)LENGTH_SZ) {
-        ssl.SetError(bad_input);
-        return;
-    }
-
-    // pub
-    tmp[0] = input[AUTO];
-    tmp[1] = input[AUTO];
-    ato16(tmp, length);
-    messageTotal += length;
-
-    input.read(parms_.alloc_pub(length), length);
-    if (input.get_error() || input.get_remaining() < (uint)LENGTH_SZ) {
-        ssl.SetError(bad_input);
-        return;
-    }
-
-    // save message for hash verify
-    input_buffer message(messageTotal);
-    input.set_current(input.get_current() - messageTotal);
-    input.read(message.get_buffer(), messageTotal);
-    message.add_size(messageTotal);
-    if (input.get_error() || input.get_remaining() < (uint)LENGTH_SZ) {
-        ssl.SetError(bad_input);
-        return;
-    }
-
-    // signature
-    tmp[0] = input[AUTO];
-    tmp[1] = input[AUTO];
-    ato16(tmp, length);
-
-    if (length == 0) {
-        ssl.SetError(bad_input);
-        return;
-    }
-    signature_ = NEW_YS byte[length];
-    input.read(signature_, length);
-    if (input.get_error()) {
-        ssl.SetError(bad_input);
-        return;
-    }
-
-    // verify signature
-    byte hash[FINISHED_SZ];
-    MD5  md5;
-    SHA  sha;
-
-    const Connection& conn = ssl.getSecurity().get_connection();
-    // md5
-    md5.update(conn.client_random_, RAN_LEN);
-    md5.update(conn.server_random_, RAN_LEN);
-    md5.update(message.get_buffer(), message.get_size());
-    md5.get_digest(hash);
-
-    // sha
-    sha.update(conn.client_random_, RAN_LEN);
-    sha.update(conn.server_random_, RAN_LEN);
-    sha.update(message.get_buffer(), message.get_size());
-    sha.get_digest(&hash[MD5_LEN]);
-
-    const CertManager& cert = ssl.getCrypto().get_certManager();
-    
-    if (ssl.getSecurity().get_parms().sig_algo_ == rsa_sa_algo) {
-        RSA rsa(cert.get_peerKey(), cert.get_peerKeyLength());
-        if (!rsa.verify(hash, sizeof(hash), signature_, length))
-            ssl.SetError(verify_error);
-    }
-    else {
-        byte decodedSig[DSS_SIG_SZ];
-        length = TaoCrypt::DecodeDSA_Signature(decodedSig, signature_, length);
-        
-        DSS dss(cert.get_peerKey(), cert.get_peerKeyLength());
-        if (!dss.verify(&hash[MD5_LEN], SHA_LEN, decodedSig, length))
-            ssl.SetError(verify_error);
-    }
-
-    // save input
-    ssl.useCrypto().SetDH(NEW_YS DiffieHellman(parms_.get_p(),
-               parms_.get_pSize(), parms_.get_g(), parms_.get_gSize(),
-               parms_.get_pub(), parms_.get_pubSize(),
-               ssl.getCrypto().get_random()));
-}
-
-
-DH_Server::DH_Server()
-    : signature_(0), length_(0), keyMessage_(0)
-{}
-
-
-DH_Server::~DH_Server()
-{
-    ysArrayDelete(keyMessage_);
-    ysArrayDelete(signature_);
-}
-
-
-int DH_Server::get_length() const
-{
-    return length_;
-}
-
-
-opaque* DH_Server::get_serverKey() const
-{
-    return keyMessage_;
-}
-
-
-// set available suites
-Parameters::Parameters(ConnectionEnd ce, const Ciphers& ciphers, 
-                       ProtocolVersion pv, bool haveDH) : entity_(ce)
-{
-    pending_ = true;	// suite not set yet
-    strncpy(cipher_name_, "NONE", 5);
-
-    removeDH_ = !haveDH;   // only use on server side for set suites
-
-    if (ciphers.setSuites_) {   // use user set list
-        suites_size_ = ciphers.suiteSz_;
-        memcpy(suites_, ciphers.suites_, ciphers.suiteSz_);
-        SetCipherNames();
-    }
-    else 
-        SetSuites(pv, ce == server_end && removeDH_);  // defaults
-
-}
-
-
-void Parameters::SetSuites(ProtocolVersion pv, bool removeDH, bool removeRSA,
-                           bool removeDSA)
-{
-    int i = 0;
-    // available suites, best first
-    // when adding more, make sure cipher_names is updated and
-    //      MAX_CIPHERS is big enough
-
-    if (isTLS(pv)) {
-        if (!removeDH) {
-            if (!removeRSA) {
-                suites_[i++] = 0x00;
-                suites_[i++] = TLS_DHE_RSA_WITH_AES_256_CBC_SHA;
-            }
-            if (!removeDSA) {
-                suites_[i++] = 0x00;
-                suites_[i++] = TLS_DHE_DSS_WITH_AES_256_CBC_SHA;
-            }
-        }
-        if (!removeRSA) {
-            suites_[i++] = 0x00;
-            suites_[i++] = TLS_RSA_WITH_AES_256_CBC_SHA;
-        }
-        if (!removeDH) {
-            if (!removeRSA) {
-                suites_[i++] = 0x00;
-                suites_[i++] = TLS_DHE_RSA_WITH_AES_128_CBC_SHA;
-            }
-            if (!removeDSA) {
-                suites_[i++] = 0x00;
-                suites_[i++] = TLS_DHE_DSS_WITH_AES_128_CBC_SHA;
-            }
-        }
-        if (!removeRSA) {
-            suites_[i++] = 0x00;
-            suites_[i++] = TLS_RSA_WITH_AES_128_CBC_SHA;
-            suites_[i++] = 0x00;
-            suites_[i++] = TLS_RSA_WITH_AES_256_CBC_RMD160;
-            suites_[i++] = 0x00;
-            suites_[i++] = TLS_RSA_WITH_AES_128_CBC_RMD160;
-            suites_[i++] = 0x00;
-            suites_[i++] = TLS_RSA_WITH_3DES_EDE_CBC_RMD160;
-        }
-        if (!removeDH) {
-            if (!removeRSA) {
-                suites_[i++] = 0x00;
-                suites_[i++] = TLS_DHE_RSA_WITH_AES_256_CBC_RMD160;
-                suites_[i++] = 0x00;
-                suites_[i++] = TLS_DHE_RSA_WITH_AES_128_CBC_RMD160;
-                suites_[i++] = 0x00;
-                suites_[i++] = TLS_DHE_RSA_WITH_3DES_EDE_CBC_RMD160;
-            }
-            if (!removeDSA) {
-                suites_[i++] = 0x00;
-                suites_[i++] = TLS_DHE_DSS_WITH_AES_256_CBC_RMD160;
-                suites_[i++] = 0x00;
-                suites_[i++] = TLS_DHE_DSS_WITH_AES_128_CBC_RMD160;
-                suites_[i++] = 0x00;
-                suites_[i++] = TLS_DHE_DSS_WITH_3DES_EDE_CBC_RMD160;
-            }
-        }
-    }
-
-    if (!removeRSA) {
-        suites_[i++] = 0x00;
-        suites_[i++] = SSL_RSA_WITH_RC4_128_SHA;  
-        suites_[i++] = 0x00;
-        suites_[i++] = SSL_RSA_WITH_RC4_128_MD5;
-
-        suites_[i++] = 0x00;
-        suites_[i++] = SSL_RSA_WITH_3DES_EDE_CBC_SHA;
-        suites_[i++] = 0x00;
-        suites_[i++] = SSL_RSA_WITH_DES_CBC_SHA;
-    }
-    if (!removeDH) {
-        if (!removeRSA) {
-            suites_[i++] = 0x00;
-            suites_[i++] = SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA;
-        }
-        if (!removeDSA) {
-            suites_[i++] = 0x00;
-            suites_[i++] = SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA;
-        }
-        if (!removeRSA) {
-            suites_[i++] = 0x00;
-            suites_[i++] = SSL_DHE_RSA_WITH_DES_CBC_SHA;
-        }
-        if (!removeDSA) {
-            suites_[i++] = 0x00;
-            suites_[i++] = SSL_DHE_DSS_WITH_DES_CBC_SHA;
-        }
-    }
-
-    suites_size_ = i;
-
-    SetCipherNames();
-}
-
-
-void Parameters::SetCipherNames()
-{
-    const int suites = suites_size_ / 2;
-    int pos = 0;
-
-    for (int j = 0; j < suites; j++) {
-        int index = suites_[j*2 + 1];  // every other suite is suite id
-        size_t len = strlen(cipher_names[index]) + 1;
-        strncpy(cipher_list_[pos++], cipher_names[index], len);
-    }
-    cipher_list_[pos][0] = 0;
-}
-
-
-// input operator for RecordLayerHeader, adjust stream
-input_buffer& operator>>(input_buffer& input, RecordLayerHeader& hdr)
-{
-    hdr.type_ = ContentType(input[AUTO]);
-    hdr.version_.major_ = input[AUTO];
-    hdr.version_.minor_ = input[AUTO];
-
-    // length
-    byte tmp[2];
-    tmp[0] = input[AUTO];
-    tmp[1] = input[AUTO];
-    ato16(tmp, hdr.length_);
-
-    return input;
-}
-
-
-// output operator for RecordLayerHeader
-output_buffer& operator<<(output_buffer& output, const RecordLayerHeader& hdr)
-{
-    output[AUTO] = hdr.type_;
-    output[AUTO] = hdr.version_.major_;
-    output[AUTO] = hdr.version_.minor_;
-    
-    // length
-    byte tmp[2];
-    c16toa(hdr.length_, tmp);
-    output[AUTO] = tmp[0];
-    output[AUTO] = tmp[1];
-
-    return output;
-}
-
-
-// virtual input operator for Messages
-input_buffer& operator>>(input_buffer& input, Message& msg)
-{
-    return msg.set(input);
-}
-
-// virtual output operator for Messages
-output_buffer& operator<<(output_buffer& output, const Message& msg)
-{
-    return msg.get(output);
-}
-
-
-// input operator for HandShakeHeader
-input_buffer& operator>>(input_buffer& input, HandShakeHeader& hs)
-{
-    hs.type_ = HandShakeType(input[AUTO]);
-
-    hs.length_[0] = input[AUTO];
-    hs.length_[1] = input[AUTO];
-    hs.length_[2] = input[AUTO];
-    
-    return input;
-}
-
-
-// output operator for HandShakeHeader
-output_buffer& operator<<(output_buffer& output, const HandShakeHeader& hdr)
-{
-    output[AUTO] = hdr.type_;
-    output.write(hdr.length_, sizeof(hdr.length_));
-    return output;
-}
-
-
-// HandShake Header Processing function
-void HandShakeHeader::Process(input_buffer& input, SSL& ssl)
-{
-    ssl.verifyState(*this);
-    if (ssl.GetError()) return;
-    if (input.get_error()) {
-        ssl.SetError(bad_input);
-        return;
-    }
-    const HandShakeFactory& hsf = ssl.getFactory().getHandShake();
-    mySTL::auto_ptr hs(hsf.CreateObject(type_));
-    if (!hs.get()) {
-        ssl.SetError(factory_error);
-        return;
-    }
-
-    uint len = c24to32(length_);
-    if (len > input.get_remaining()) {
-        ssl.SetError(bad_input);
-        return;
-    }
-    hashHandShake(ssl, input, len);
-
-    hs->set_length(len);
-    input >> *hs;
-    hs->Process(input, ssl);
-}
-
-
-ContentType HandShakeHeader::get_type() const
-{
-    return handshake;
-}
-
-
-uint16 HandShakeHeader::get_length() const
-{
-    return c24to32(length_);
-}
-
-
-HandShakeType HandShakeHeader::get_handshakeType() const
-{
-    return type_;
-}
-
-
-void HandShakeHeader::set_type(HandShakeType hst)
-{
-    type_ = hst;
-}
-
-
-void HandShakeHeader::set_length(uint32 u32)
-{
-    c32to24(u32, length_);
-}
-
-
-input_buffer& HandShakeHeader::set(input_buffer& in)
-{
-    return in >> *this;
-}
-
-
-output_buffer& HandShakeHeader::get(output_buffer& out) const
-{
-    return out << *this;
-}
-
-
-
-int HandShakeBase::get_length() const
-{
-    return length_;
-}
-
-
-void HandShakeBase::set_length(int l)
-{
-    length_ = l;
-}
-
-
-// for building buffer's type field
-HandShakeType HandShakeBase::get_type() const
-{
-    return no_shake;
-}
-
-
-input_buffer& HandShakeBase::set(input_buffer& in)
-{
-    return in;
-}
-
- 
-output_buffer& HandShakeBase::get(output_buffer& out) const
-{
-    return out;
-}
-
-
-void HandShakeBase::Process(input_buffer&, SSL&) 
-{}
-
-
-input_buffer& HelloRequest::set(input_buffer& in)
-{
-    return in;
-}
-
-
-output_buffer& HelloRequest::get(output_buffer& out) const
-{
-    return out;
-}
-
-
-void HelloRequest::Process(input_buffer&, SSL&)
-{}
-
-
-HandShakeType HelloRequest::get_type() const
-{
-    return hello_request;
-}
-
-
-// input operator for CipherSpec
-input_buffer& operator>>(input_buffer& input, ChangeCipherSpec& cs)
-{
-    cs.type_ = CipherChoice(input[AUTO]);
-    return input; 
-}
-
-// output operator for CipherSpec
-output_buffer& operator<<(output_buffer& output, const ChangeCipherSpec& cs)
-{
-    output[AUTO] = cs.type_;
-    return output;
-}
-
-
-ChangeCipherSpec::ChangeCipherSpec() 
-    : type_(change_cipher_spec_choice)
-{}
-
-
-input_buffer& ChangeCipherSpec::set(input_buffer& in)
-{
-    return in >> *this;
-}
-
-
-output_buffer& ChangeCipherSpec::get(output_buffer& out) const
-{
-    return out << *this;
-}
-
-
-ContentType ChangeCipherSpec::get_type() const
-{
-    return change_cipher_spec;
-}
-
-
-uint16 ChangeCipherSpec::get_length() const
-{
-    return SIZEOF_ENUM;
-}
-
-
-// CipherSpec processing handler
-void ChangeCipherSpec::Process(input_buffer& input, SSL& ssl)
-{
-    if (input.get_error()) {
-        ssl.SetError(bad_input);
-        return;
-    }
-
-    // detect duplicate change_cipher
-    if (ssl.getSecurity().get_parms().pending_ == false) {
-        ssl.order_error();
-        return;
-    }
-
-    ssl.useSecurity().use_parms().pending_ = false;
-    if (ssl.getSecurity().get_resuming()) {
-        if (ssl.getSecurity().get_parms().entity_ == client_end)
-            buildFinished(ssl, ssl.useHashes().use_verify(), server); // server
-    }
-    else if (ssl.getSecurity().get_parms().entity_ == server_end)
-        buildFinished(ssl, ssl.useHashes().use_verify(), client);     // client
-}
-
-
-Alert::Alert(AlertLevel al, AlertDescription ad)
-    : level_(al), description_(ad)
-{}
-
-
-ContentType Alert::get_type() const
-{
-    return alert;
-}
-
-
-uint16 Alert::get_length() const
-{
-    return SIZEOF_ENUM * 2;
-}
-
-
-input_buffer& Alert::set(input_buffer& in)
-{
-    return in >> *this;
-}
-
-
-output_buffer& Alert::get(output_buffer& out) const
-{
-    return out << *this;
-}
-
-
-// input operator for Alert
-input_buffer& operator>>(input_buffer& input, Alert& a)
-{
-    a.level_ = AlertLevel(input[AUTO]);
-    a.description_ = AlertDescription(input[AUTO]);
- 
-    return input;
-}
-
-
-// output operator for Alert
-output_buffer& operator<<(output_buffer& output, const Alert& a)
-{
-    output[AUTO] = a.level_;
-    output[AUTO] = a.description_;
-    return output;
-}
-
-
-// Alert processing handler
-void Alert::Process(input_buffer& input, SSL& ssl)
-{
-    if (input.get_error()) {
-        ssl.SetError(bad_input);
-        return;
-    }
-
-    if (ssl.getSecurity().get_parms().pending_ == false)  { // encrypted alert
-        int            aSz = get_length();  // alert size already read on input
-        opaque         verify[SHA_LEN];
-        const  opaque* data = input.get_buffer() + input.get_current() - aSz;
-
-        if (ssl.isTLS())
-            TLS_hmac(ssl, verify, data, aSz, alert, true);
-        else
-            hmac(ssl, verify, data, aSz, alert, true);
-
-        // read mac and skip fill
-        int    digestSz = ssl.getCrypto().get_digest().get_digestSize();
-        opaque mac[SHA_LEN];
-        input.read(mac, digestSz);
-
-        if (ssl.getSecurity().get_parms().cipher_type_ == block) {
-            int    ivExtra = 0;
-            opaque fill __attribute__((unused));
-
-            if (ssl.isTLSv1_1())
-                ivExtra = ssl.getCrypto().get_cipher().get_blockSize();
-            int padSz = ssl.getSecurity().get_parms().encrypt_size_ - ivExtra -
-                        aSz - digestSz;
-            for (int i = 0; i < padSz; i++) 
-                fill = input[AUTO];
-        }
-
-        if (input.get_error()) {
-            ssl.SetError(bad_input);
-            return;
-        }
-
-        // verify
-        if (memcmp(mac, verify, digestSz)) {
-            ssl.SetError(verify_error);
-            return;
-        }
-    }
-    if (level_ == fatal) {
-        ssl.useStates().useRecord()    = recordNotReady;
-        ssl.useStates().useHandShake() = handShakeNotReady;
-        ssl.SetError(YasslError(description_));
-    }
-}
-
-
-Data::Data()
-    : length_(0), buffer_(0), write_buffer_(0)
-{}
-
-
-Data::Data(uint16 len, opaque* b)
-    : length_(len), buffer_(b), write_buffer_(0)
-{}
-
-
-void Data::SetData(uint16 len, const opaque* buffer)
-{
-    length_ = len;
-    write_buffer_ = buffer;
-}
-
-input_buffer& Data::set(input_buffer& in)
-{
-    return in;
-}
-
-
-output_buffer& Data::get(output_buffer& out) const
-{
-    return out << *this;
-}
-
-
-ContentType Data::get_type() const
-{
-    return application_data;
-}
-
-
-uint16 Data::get_length() const
-{
-    return length_;
-}
-
-
-void Data::set_length(uint16 l)
-{
-    length_ = l;
-}
-
-
-opaque* Data::set_buffer()
-{
-    return buffer_;
-}
-
-
-// output operator for Data
-output_buffer& operator<<(output_buffer& output, const Data& data)
-{
-    output.write(data.write_buffer_, data.length_);
-    return output;
-}
-
-
-// check all bytes for equality 
-static int constant_compare(const byte* a, const byte* b, int len)
-{
-    int good = 0;
-    int bad  = 0;
-
-    for (int i = 0; i < len; i++) {
-        if (a[i] == b[i])
-            good++;
-        else
-            bad++;
-    }
-
-    if (good == len)
-        return 0;
-    else
-        return 0 - bad;  // failure
-}
-
-
-// check bytes for pad value
-static int pad_check(const byte* input, byte pad, int len)
-{
-    int good = 0;
-    int bad  = 0;
-
-    for (int i = 0; i < len; i++) {
-        if (input[i] == pad)
-            good++;
-        else
-            bad++;
-    }
-
-    if (good == len)
-        return 0;
-    else
-        return 0 - bad;  // failure
-}
-
-
-// get number of compression rounds
-static inline int get_rounds(int pLen, int padLen, int t)
-{
-    int  roundL1 = 1;  // round ups 
-    int  roundL2 = 1;
-
-    int L1 = COMPRESS_CONSTANT + pLen - t;
-    int L2 = COMPRESS_CONSTANT + pLen - padLen - 1 - t;
-
-    L1 -= COMPRESS_UPPER;
-    L2 -= COMPRESS_UPPER;
-
-    if ( (L1 % COMPRESS_LOWER) == 0)
-        roundL1 = 0;
-    if ( (L2 % COMPRESS_LOWER) == 0)
-        roundL2 = 0;
-
-    L1 /= COMPRESS_LOWER;
-    L2 /= COMPRESS_LOWER;
-
-    L1 += roundL1;
-    L2 += roundL2;
-
-    return L1 - L2;
-}
-
-
-// do compression rounds on dummy data
-static inline void compress_rounds(SSL& ssl, int rounds, const byte* dummy)
-{
-    if (rounds) {
-        Digest* digest = NULL;
-
-        MACAlgorithm ma = ssl.getSecurity().get_parms().mac_algorithm_;
-        if (ma == sha) 
-            digest = NEW_YS SHA;
-        else if (ma == md5)
-            digest = NEW_YS MD5;
-        else if (ma == rmd)
-            digest = NEW_YS RMD;
-        else
-            return;
-
-        for (int i = 0; i < rounds; i++)
-            digest->update(dummy, COMPRESS_LOWER);
-
-        ysDelete(digest);    
-    }
-}
-
-
-// timing resistant pad verification
-static int timing_verify(SSL& ssl, const byte* input, int padLen, int t,
-                         int pLen)
-{
-    byte verify[SHA_LEN];
-    byte dummy[MAX_PAD_SIZE];
-
-    memset(dummy, 1, sizeof(dummy));
-
-    if ( (t + padLen + 1) > pLen) {
-        pad_check(dummy, (byte)padLen, MAX_PAD_SIZE);
-        if (ssl.isTLS())
-            TLS_hmac(ssl, verify, input, pLen - t, application_data, 1);
-        else
-            hmac(ssl, verify, input, pLen - t, application_data, 1);
-        constant_compare(verify, input + pLen - t, t);
-
-        return -1;
-    }
-
-    if (pad_check(input + pLen - (padLen + 1), (byte)padLen, padLen + 1) != 0) {
-        pad_check(dummy, (byte)padLen, MAX_PAD_SIZE - padLen - 1);
-        if (ssl.isTLS())
-            TLS_hmac(ssl, verify, input, pLen - t, application_data, 1);
-        else
-            hmac(ssl, verify, input, pLen - t, application_data, 1);
-        constant_compare(verify, input + pLen - t, t);
-
-        return -1;
-    }
-
-    pad_check(dummy, (byte)padLen, MAX_PAD_SIZE - padLen - 1);
-    if (ssl.isTLS())
-        TLS_hmac(ssl, verify, input, pLen - padLen - 1 - t, application_data,1);
-    else
-        hmac(ssl, verify, input, pLen - padLen - 1 - t, application_data, 1);
-
-    compress_rounds(ssl, get_rounds(pLen, padLen, t), dummy);
-
-    if (constant_compare(verify, input + (pLen - padLen - 1 - t), t) != 0)
-        return -1;
-
-    return 0;
-}
-
-
-// Process handler for Data
-void Data::Process(input_buffer& input, SSL& ssl)
-{
-    if (input.get_error()) {
-        ssl.SetError(bad_input);
-        return;
-    }
-
-    int msgSz = ssl.getSecurity().get_parms().encrypt_size_;
-    int pad   = 0, padSz = 0;
-    int ivExtra = 0;
-    int digestSz = ssl.getCrypto().get_digest().get_digestSize();
-    const byte* rawData = input.get_buffer() + input.get_current();
-    opaque verify[SHA_LEN];
-
-    if (ssl.getSecurity().get_parms().cipher_type_ == block) {
-        if (ssl.isTLSv1_1())  // IV
-            ivExtra = ssl.getCrypto().get_cipher().get_blockSize();
-        pad = *(input.get_buffer() + input.get_current() + msgSz -ivExtra - 1);
-        padSz = 1;
-
-        if (ssl.isTLS()) {
-            if (timing_verify(ssl, rawData, pad,digestSz, msgSz-ivExtra) != 0) {
-                ssl.SetError(verify_error);
-                return;
-            }
-        }
-        else {   // SSLv3, some don't do this padding right
-            int sz3 = msgSz - digestSz - pad - 1; 
-            hmac(ssl, verify, rawData, sz3, application_data, true);
-            if (constant_compare(verify, rawData + sz3, digestSz) != 0) {
-                ssl.SetError(verify_error);
-                return;
-            }
-        } 
-    }
-    else {  // stream
-        int streamSz = msgSz - digestSz; 
-        if (ssl.isTLS())
-            TLS_hmac(ssl, verify, rawData, streamSz, application_data, true);
-        else
-            hmac(ssl, verify, rawData, streamSz, application_data, true);
-        if (constant_compare(verify, rawData + streamSz, digestSz) != 0) {
-            ssl.SetError(verify_error);
-            return;
-        }
-    }
-
-    int dataSz = msgSz - ivExtra - digestSz - pad - padSz;
-
-    if (dataSz < 0 || dataSz > (MAX_RECORD_SIZE + COMPRESS_EXTRA)) {
-        ssl.SetError(bad_input);
-        return;
-    }
-
-    // read data
-    if (dataSz) {                               // could be compressed
-        if (ssl.CompressionOn()) {
-            input_buffer tmp;
-            if (DeCompress(input, dataSz, tmp) == -1) {
-                ssl.SetError(decompress_error);
-                return;
-            }
-            ssl.addData(NEW_YS input_buffer(tmp.get_size(),
-                                            tmp.get_buffer(), tmp.get_size()));
-        }
-        else {
-            input_buffer* data;
-            ssl.addData(data = NEW_YS input_buffer(dataSz));
-            input.read(data->get_buffer(), dataSz);
-            data->add_size(dataSz);
-        }
-    }
-
-    // advance past mac and fill
-    input.set_current(input.get_current() + digestSz + pad + padSz);
-    if (input.get_error()) {
-        ssl.SetError(bad_input);
-        return;
-    }
-}
-
-
-// virtual input operator for HandShakes
-input_buffer& operator>>(input_buffer& input, HandShakeBase& hs)
-{
-    return hs.set(input);
-}
-
-
-// virtual output operator for HandShakes
-output_buffer& operator<<(output_buffer& output, const HandShakeBase& hs)
-{
-    return hs.get(output);
-}
-
-
-Certificate::Certificate(const x509* cert) : cert_(cert) 
-{
-    if (cert)
-      set_length(cert_->get_length() + 2 * CERT_HEADER); // list and cert size
-    else
-      set_length(CERT_HEADER); // total blank cert size, just list header
-}
-
-
-const opaque* Certificate::get_buffer() const
-{
-    if (cert_)
-      return cert_->get_buffer();
-
-    return NULL;
-}
-
-
-// output operator for Certificate
-output_buffer& operator<<(output_buffer& output, const Certificate& cert)
-{
-    uint sz = cert.get_length();
-    opaque tmp[CERT_HEADER];
-
-    if ((int)sz > CERT_HEADER)
-      sz -= 2 * CERT_HEADER;  // actual cert, not including headers
-    else {
-      sz = 0;                 // blank cert case
-      c32to24(sz, tmp);
-      output.write(tmp, CERT_HEADER);
-
-      return output;
-    }
-
-    c32to24(sz + CERT_HEADER, tmp);
-    output.write(tmp, CERT_HEADER);
-    c32to24(sz, tmp);
-    output.write(tmp, CERT_HEADER);
-    output.write(cert.get_buffer(), sz);
-
-    return output;
-}
-
-
-// certificate processing handler
-void Certificate::Process(input_buffer& input, SSL& ssl)
-{
-    if (input.get_error()) {
-        ssl.SetError(bad_input);
-        return;
-    }
-
-    CertManager& cm = ssl.useCrypto().use_certManager();
-  
-    uint32 list_sz;
-    byte   tmp[3];
-
-    if (input.get_remaining() < sizeof(tmp)) {
-        ssl.SetError(YasslError(bad_input));
-        return;
-    }
-    tmp[0] = input[AUTO];
-    tmp[1] = input[AUTO];
-    tmp[2] = input[AUTO];
-    c24to32(tmp, list_sz);
-
-    if (list_sz > (uint)MAX_RECORD_SIZE) { // sanity check
-        ssl.SetError(YasslError(bad_input));
-        return;
-    }
-    
-    while (list_sz) {
-        // cert size
-        uint32 cert_sz;
-
-        if (input.get_remaining() < sizeof(tmp)) {
-            ssl.SetError(YasslError(bad_input));
-            return;
-        }
-        tmp[0] = input[AUTO];
-        tmp[1] = input[AUTO];
-        tmp[2] = input[AUTO];
-        c24to32(tmp, cert_sz);
-        
-        if (cert_sz > (uint)MAX_RECORD_SIZE || input.get_remaining() < cert_sz){
-            ssl.SetError(YasslError(bad_input));
-            return;
-        }
-        if (cert_sz) {
-          x509* myCert;
-          cm.AddPeerCert(myCert = NEW_YS x509(cert_sz));
-          input.read(myCert->use_buffer(), myCert->get_length());
-        }
-
-        list_sz -= cert_sz + CERT_HEADER;
-    }
-    if (int err = cm.Validate())
-        ssl.SetError(YasslError(err));
-    else if (ssl.getSecurity().get_parms().entity_ == client_end)
-        ssl.useStates().useClient() = serverCertComplete;
-}
-
-
-Certificate::Certificate()
-    : cert_(0)
-{}
-
-
-input_buffer& Certificate::set(input_buffer& in)
-{
-    return in;
-}
-
-
-output_buffer& Certificate::get(output_buffer& out) const
-{
-    return out << *this;
-}
-
-
-HandShakeType Certificate::get_type() const
-{
-    return certificate;
-}
-
-
-ServerDHParams::ServerDHParams()
-    : pSz_(0), gSz_(0), pubSz_(0), p_(0), g_(0), Ys_(0)
-{}
-
-
-ServerDHParams::~ServerDHParams()
-{
-    ysArrayDelete(Ys_);
-    ysArrayDelete(g_);
-    ysArrayDelete(p_);
-}
-
-
-int ServerDHParams::get_pSize() const
-{
-    return pSz_;
-}
-
-
-int ServerDHParams::get_gSize() const
-{
-    return gSz_;
-}
-
-
-int ServerDHParams::get_pubSize() const
-{
-    return pubSz_;
-}
-
-
-const opaque* ServerDHParams::get_p() const
-{
-    return p_;
-}
-
-
-const opaque* ServerDHParams::get_g() const
-{
-    return g_;
-}
-
-
-const opaque* ServerDHParams::get_pub() const
-{
-    return Ys_;
-}
-
-
-opaque* ServerDHParams::alloc_p(int sz)
-{
-    p_ = NEW_YS opaque[pSz_ = sz];
-    return p_;
-}
-
-
-opaque* ServerDHParams::alloc_g(int sz)
-{
-    g_ = NEW_YS opaque[gSz_ = sz];
-    return g_;
-}
-
-
-opaque* ServerDHParams::alloc_pub(int sz)
-{
-    Ys_ = NEW_YS opaque[pubSz_ = sz];
-    return Ys_;
-}
-
-
-int ServerKeyBase::get_length() const
-{
-    return 0;
-}
-
-
-opaque* ServerKeyBase::get_serverKey() const
-{
-    return 0;
-}
-
-
-// input operator for ServerHello
-input_buffer& operator>>(input_buffer& input, ServerHello& hello)
-{ 
-    // Protocol
-    hello.server_version_.major_ = input[AUTO];
-    hello.server_version_.minor_ = input[AUTO];
-   
-    // Random
-    input.read(hello.random_, RAN_LEN);
-    
-    // Session
-    hello.id_len_ = input[AUTO];
-    if (hello.id_len_ > ID_LEN) {
-        input.set_error(); 
-        return input;
-    }
-    if (hello.id_len_)
-        input.read(hello.session_id_, hello.id_len_);
- 
-    // Suites
-    hello.cipher_suite_[0] = input[AUTO];
-    hello.cipher_suite_[1] = input[AUTO];
-   
-    // Compression
-    hello.compression_method_ = CompressionMethod(input[AUTO]);
-
-    return input;
-}
-
-
-// output operator for ServerHello
-output_buffer& operator<<(output_buffer& output, const ServerHello& hello)
-{
-    // Protocol
-    output[AUTO] = hello.server_version_.major_;
-    output[AUTO] = hello.server_version_.minor_;
-
-    // Random
-    output.write(hello.random_, RAN_LEN);
-
-    // Session
-    output[AUTO] = hello.id_len_;
-    output.write(hello.session_id_, ID_LEN);
-
-    // Suites
-    output[AUTO] = hello.cipher_suite_[0];
-    output[AUTO] = hello.cipher_suite_[1];
-
-    // Compression
-    output[AUTO] = hello.compression_method_;
-
-    return output;
-}
-
-
-// Server Hello processing handler
-void ServerHello::Process(input_buffer& input, SSL& ssl)
-{
-    if (input.get_error()) {
-        ssl.SetError(bad_input);
-        return;
-    }
-
-    if (ssl.GetMultiProtocol()) {   // SSLv23 support
-        if (ssl.isTLS() && server_version_.minor_ < 1)
-            // downgrade to SSLv3
-            ssl.useSecurity().use_connection().TurnOffTLS();
-        else if (ssl.isTLSv1_1() && server_version_.minor_ == 1)
-            // downdrage to TLSv1
-            ssl.useSecurity().use_connection().TurnOffTLS1_1();
-    }
-    else if (ssl.isTLSv1_1() && server_version_.minor_ < 2) {
-        ssl.SetError(badVersion_error);
-        return;
-    }
-    else if (ssl.isTLS() && server_version_.minor_ < 1) {
-        ssl.SetError(badVersion_error);
-        return;
-    }
-    else if (!ssl.isTLS() && (server_version_.major_ == 3 &&
-                              server_version_.minor_ >= 1)) {
-        ssl.SetError(badVersion_error);
-        return;
-    }
-    if (cipher_suite_[0] != 0x00) {
-        ssl.SetError(unknown_cipher);
-        return;
-    }
-    ssl.set_pending(cipher_suite_[1]);
-    ssl.set_random(random_, server_end);
-    if (id_len_)
-        ssl.set_sessionID(session_id_);
-    else
-        ssl.useSecurity().use_connection().sessionID_Set_ = false;
-
-    if (ssl.getSecurity().get_resuming()) {
-        if (memcmp(session_id_, ssl.getSecurity().get_resume().GetID(),
-                   ID_LEN) == 0) {
-            ssl.set_masterSecret(ssl.getSecurity().get_resume().GetSecret());
-            if (ssl.isTLS())
-                ssl.deriveTLSKeys();
-            else
-                ssl.deriveKeys();
-            ssl.useStates().useClient() = serverHelloDoneComplete;
-            return;
-        }
-        else {
-            ssl.useSecurity().set_resuming(false);
-            ssl.useLog().Trace("server denied resumption");
-        }
-    }
-
-    if (ssl.CompressionOn() && !compression_method_)
-        ssl.UnSetCompression(); // server isn't supporting yaSSL zlib request
-
-    ssl.useStates().useClient() = serverHelloComplete;
-}
-
-
-ServerHello::ServerHello()
-{
-    memset(random_, 0, RAN_LEN);
-    memset(session_id_, 0, ID_LEN);
-}
-
-
-ServerHello::ServerHello(ProtocolVersion pv, bool useCompression)
-    : server_version_(pv),
-      compression_method_(useCompression ? zlib : no_compression)
-{
-    memset(random_, 0, RAN_LEN);
-    memset(session_id_, 0, ID_LEN);
-}
-
-
-input_buffer& ServerHello::set(input_buffer& in)
-{
-    return in  >> *this;
-}
-
-
-output_buffer& ServerHello::get(output_buffer& out) const
-{
-    return out << *this;
-}
-
-
-HandShakeType ServerHello::get_type() const
-{
-    return server_hello;
-}
-
-
-const opaque* ServerHello::get_random() const
-{
-    return random_;
-}
-
-
-// Server Hello Done processing handler
-void ServerHelloDone::Process(input_buffer& input, SSL& ssl)
-{
-    if (input.get_error()) {
-        ssl.SetError(bad_input);
-        return;
-    }
-    ssl.useStates().useClient() = serverHelloDoneComplete;
-}
-
-
-ServerHelloDone::ServerHelloDone()
-{
-    set_length(0);
-}
-
-
-input_buffer& ServerHelloDone::set(input_buffer& in)
-{
-    return in;
-}
-
-
-output_buffer& ServerHelloDone::get(output_buffer& out) const
-{
-    return out;
-}
-
-
-HandShakeType ServerHelloDone::get_type() const
-{
-    return server_hello_done;
-}
-
-
-int ClientKeyBase::get_length() const
-{
-    return 0;
-}
-
-
-opaque* ClientKeyBase::get_clientKey() const
-{
-    return 0;
-}
-
-
-// input operator for Client Hello
-input_buffer& operator>>(input_buffer& input, ClientHello& hello)
-{
-    uint begin = input.get_current();  // could have extensions at end
-
-    // Protocol
-    hello.client_version_.major_ = input[AUTO];
-    hello.client_version_.minor_ = input[AUTO];
-
-    // Random
-    input.read(hello.random_, RAN_LEN);
-
-    // Session
-    hello.id_len_ = input[AUTO];
-    if (hello.id_len_) input.read(hello.session_id_, ID_LEN);
-    
-    // Suites
-    byte   tmp[2];
-    uint16 len;
-    tmp[0] = input[AUTO];
-    tmp[1] = input[AUTO];
-    ato16(tmp, len);
-
-    hello.suite_len_ = min(len, static_cast(MAX_SUITE_SZ));
-    input.read(hello.cipher_suites_, hello.suite_len_);
-    if (len > hello.suite_len_)  // ignore extra suites
-        input.set_current(input.get_current() + len - hello.suite_len_);
-
-    // Compression
-    hello.comp_len_ = input[AUTO];
-    hello.compression_methods_ = no_compression;
-    while (hello.comp_len_--) {
-        CompressionMethod cm = CompressionMethod(input[AUTO]);
-        if (cm == zlib)
-            hello.compression_methods_ = zlib;
-    }
-
-    uint read = input.get_current() - begin;
-    uint expected = hello.get_length();
-
-    // ignore client hello extensions for now
-    if (read < expected)
-        input.set_current(input.get_current() + expected - read);
-
-    return input;
-}
-
-
-// output operaotr for Client Hello
-output_buffer& operator<<(output_buffer& output, const ClientHello& hello)
-{ 
-    // Protocol
-    output[AUTO] = hello.client_version_.major_;
-    output[AUTO] = hello.client_version_.minor_;
-
-    // Random
-    output.write(hello.random_, RAN_LEN);
-
-    // Session
-    output[AUTO] = hello.id_len_;
-    if (hello.id_len_) output.write(hello.session_id_, ID_LEN);
-
-    // Suites
-    byte tmp[2];
-    c16toa(hello.suite_len_, tmp);
-    output[AUTO] = tmp[0];
-    output[AUTO] = tmp[1];
-    output.write(hello.cipher_suites_, hello.suite_len_);
-  
-    // Compression
-    output[AUTO] = hello.comp_len_;
-    output[AUTO] = hello.compression_methods_;
-
-    return output;
-}
-
-
-// Client Hello processing handler
-void ClientHello::Process(input_buffer& input, SSL& ssl)
-{
-    if (input.get_error()) {
-        ssl.SetError(bad_input);
-        return;
-    }
-
-    // store version for pre master secret
-    ssl.useSecurity().use_connection().chVersion_ = client_version_;
-
-    if (client_version_.major_ != 3) {
-        ssl.SetError(badVersion_error);
-        return;
-    }
-    if (ssl.GetMultiProtocol()) {   // SSLv23 support
-        if (ssl.isTLS() && client_version_.minor_ < 1) {
-            // downgrade to SSLv3
-            ssl.useSecurity().use_connection().TurnOffTLS();
-            
-            ProtocolVersion pv = ssl.getSecurity().get_connection().version_;
-            bool removeDH  = ssl.getSecurity().get_parms().removeDH_;
-            bool removeRSA = false;
-            bool removeDSA = false;
-            
-            const CertManager& cm = ssl.getCrypto().get_certManager();
-            if (cm.get_keyType() == rsa_sa_algo)
-                removeDSA = true;
-            else
-                removeRSA = true;
-            
-            // reset w/ SSL suites
-            ssl.useSecurity().use_parms().SetSuites(pv, removeDH, removeRSA,
-                                                    removeDSA);
-        }
-        else if (ssl.isTLSv1_1() && client_version_.minor_ == 1)
-            // downgrade to TLSv1, but use same suites
-            ssl.useSecurity().use_connection().TurnOffTLS1_1();
-    }
-    else if (ssl.isTLSv1_1() && client_version_.minor_ < 2) {
-        ssl.SetError(badVersion_error);
-        return;
-    }
-    else if (ssl.isTLS() && client_version_.minor_ < 1) {
-        ssl.SetError(badVersion_error);
-        return;
-    }
-    else if (!ssl.isTLS() && client_version_.minor_ >= 1) {
-        ssl.SetError(badVersion_error);
-        return;
-    }
-
-    ssl.set_random(random_, client_end);
-
-    while (id_len_) {  // trying to resume
-        SSL_SESSION* session = 0;
-        if (!ssl.getSecurity().GetContext()->GetSessionCacheOff())
-            session = GetSessions().lookup(session_id_);
-        if (!session)  {
-            ssl.useLog().Trace("session lookup failed");
-            break;
-        }
-        ssl.set_session(session);
-        ssl.useSecurity().set_resuming(true);
-        ssl.matchSuite(session->GetSuite(), SUITE_LEN);
-        if (ssl.GetError()) return;
-        ssl.set_pending(ssl.getSecurity().get_parms().suite_[1]);
-        ssl.set_masterSecret(session->GetSecret());
-
-        opaque serverRandom[RAN_LEN];
-        ssl.getCrypto().get_random().Fill(serverRandom, sizeof(serverRandom));
-        ssl.set_random(serverRandom, server_end);
-        if (ssl.isTLS())
-            ssl.deriveTLSKeys();
-        else
-            ssl.deriveKeys();
-        ssl.useStates().useServer() = clientKeyExchangeComplete;
-        return;
-    }
-    ssl.matchSuite(cipher_suites_, suite_len_);
-    if (ssl.GetError()) return;
-    ssl.set_pending(ssl.getSecurity().get_parms().suite_[1]);
-
-    if (compression_methods_ == zlib)
-        ssl.SetCompression();
-
-    ssl.useStates().useServer() = clientHelloComplete;
-}
-
-
-input_buffer& ClientHello::set(input_buffer& in)
-{
-    return in  >> *this;
-}
-
-
-output_buffer& ClientHello::get(output_buffer& out) const
-{
-    return out << *this;
-}
-
-
-HandShakeType ClientHello::get_type() const
-{
-    return client_hello;
-}
-
-
-const opaque* ClientHello::get_random() const
-{
-    return random_;
-}
-
-
-ClientHello::ClientHello()
-{
-    memset(random_, 0, RAN_LEN);
-}
-
-
-ClientHello::ClientHello(ProtocolVersion pv, bool useCompression)
-    : client_version_(pv),
-      compression_methods_(useCompression ? zlib : no_compression)
-{
-    memset(random_, 0, RAN_LEN);
-}
-
-
-// output operator for ServerKeyExchange
-output_buffer& operator<<(output_buffer& output, const ServerKeyExchange& sk)
-{
-    output.write(sk.getKey(), sk.getKeyLength());
-    return output;
-}
-
-
-// Server Key Exchange processing handler
-void ServerKeyExchange::Process(input_buffer& input, SSL& ssl)
-{
-    if (input.get_error()) {
-        ssl.SetError(bad_input);
-        return;
-    }
-    createKey(ssl);
-    if (ssl.GetError()) return;
-    server_key_->read(ssl, input);
-    if (input.get_error()) {
-        ssl.SetError(bad_input);
-        return;
-    }
-
-    ssl.useStates().useClient() = serverKeyExchangeComplete;
-}
-
-
-ServerKeyExchange::ServerKeyExchange(SSL& ssl)
-{
-    createKey(ssl);
-}
-
-
-ServerKeyExchange::ServerKeyExchange()
-    : server_key_(0)
-{}
-
-
-ServerKeyExchange::~ServerKeyExchange()
-{
-    ysDelete(server_key_);
-}
-
-
-void ServerKeyExchange::build(SSL& ssl) 
-{ 
-    server_key_->build(ssl); 
-    set_length(server_key_->get_length());
-}
-
-
-const opaque* ServerKeyExchange::getKey() const
-{
-    return server_key_->get_serverKey();
-}
-
-
-int ServerKeyExchange::getKeyLength() const
-{
-    return server_key_->get_length();
-}
-
-
-input_buffer& ServerKeyExchange::set(input_buffer& in)
-{
-    return in;      // process does
-}
-
-
-output_buffer& ServerKeyExchange::get(output_buffer& out) const
-{
-    return out << *this;
-}
-
-
-HandShakeType ServerKeyExchange::get_type() const
-{
-    return server_key_exchange;
-}
-
-
-// CertificateRequest 
-CertificateRequest::CertificateRequest()
-    : typeTotal_(0)
-{
-    memset(certificate_types_, 0, sizeof(certificate_types_));
-}
-
-
-CertificateRequest::~CertificateRequest()
-{
-
-    STL::for_each(certificate_authorities_.begin(),
-                  certificate_authorities_.end(),
-                  del_ptr_zero()) ;
-}
-
-
-void CertificateRequest::Build()
-{
-    certificate_types_[0] = rsa_sign;
-    certificate_types_[1] = dss_sign;
-
-    typeTotal_ = 2;
-
-    uint16 authCount = 0;
-    uint16 authSz = 0;
-  
-    for (int j = 0; j < authCount; j++) {
-        int sz = REQUEST_HEADER + MIN_DIS_SIZE;
-        DistinguishedName dn;
-        certificate_authorities_.push_back(dn = NEW_YS byte[sz]);
-
-        opaque tmp[REQUEST_HEADER];
-        c16toa(MIN_DIS_SIZE, tmp);
-        memcpy(dn, tmp, sizeof(tmp));
-  
-        // fill w/ junk for now
-        memcpy(dn, tmp, MIN_DIS_SIZE);
-        authSz += sz;
-    }
-
-    set_length(SIZEOF_ENUM + typeTotal_ + REQUEST_HEADER + authSz);
-}
-
-
-input_buffer& CertificateRequest::set(input_buffer& in)
-{
-    return in >> *this;
-}
-
-
-output_buffer& CertificateRequest::get(output_buffer& out) const
-{
-    return out << *this;
-}
-
-
-// input operator for CertificateRequest
-input_buffer& operator>>(input_buffer& input, CertificateRequest& request)
-{
-    // types
-    request.typeTotal_ = input[AUTO];
-    if (request.typeTotal_ > CERT_TYPES) {
-        input.set_error();
-        return input;
-    }
-    for (int i = 0; i < request.typeTotal_; i++)
-        request.certificate_types_[i] = ClientCertificateType(input[AUTO]);
-
-    byte tmp[2];
-    tmp[0] = input[AUTO];
-    tmp[1] = input[AUTO];
-    uint16 sz;
-    ato16(tmp, sz);
-
-    // authorities
-    while (sz) {
-        uint16 dnSz;
-        tmp[0] = input[AUTO];
-        tmp[1] = input[AUTO];
-        ato16(tmp, dnSz);
-       
-        input.set_current(input.get_current() + dnSz);
-
-        sz -= dnSz + REQUEST_HEADER;
-
-        if (input.get_error())
-            break;
-    }
-
-    return input;
-}
-
-
-// output operator for CertificateRequest
-output_buffer& operator<<(output_buffer& output,
-                          const CertificateRequest& request)
-{
-    // types
-    output[AUTO] = request.typeTotal_;
-    for (int i = 0; i < request.typeTotal_; i++)
-        output[AUTO] = request.certificate_types_[i];
-
-    // authorities
-    opaque tmp[REQUEST_HEADER];
-    c16toa(request.get_length() - SIZEOF_ENUM -
-           request.typeTotal_ - REQUEST_HEADER, tmp);
-    output.write(tmp, sizeof(tmp));
-
-    STL::list::const_iterator first =
-                                    request.certificate_authorities_.begin();
-    STL::list::const_iterator last =
-                                    request.certificate_authorities_.end();
-    while (first != last) {
-        uint16 sz;
-        ato16(*first, sz);
-        output.write(*first, sz + REQUEST_HEADER);
-
-        ++first;
-    }
-
-    return output;
-}
-
-
-// CertificateRequest processing handler
-void CertificateRequest::Process(input_buffer& input, SSL& ssl)
-{
-    if (input.get_error()) {
-        ssl.SetError(bad_input);
-        return;
-    }
-    CertManager& cm = ssl.useCrypto().use_certManager();
-
-    cm.setSendVerify();
-    if (cm.get_cert() == NULL || cm.get_privateKey() == NULL)
-      cm.setSendBlankCert();  // send blank cert, OpenSSL requires now
-}
-
-
-HandShakeType CertificateRequest::get_type() const
-{
-    return certificate_request;
-}
-
-
-// CertificateVerify 
-CertificateVerify::CertificateVerify() : signature_(0)
-{}
-
-
-CertificateVerify::~CertificateVerify()
-{
-    ysArrayDelete(signature_);
-}
-
-
-void CertificateVerify::Build(SSL& ssl)
-{
-    build_certHashes(ssl, hashes_);
-
-    uint16 sz = 0;
-    byte   len[VERIFY_HEADER];
-    mySTL::auto_array sig;
-
-    // sign
-    const CertManager& cert = ssl.getCrypto().get_certManager();
-    if (cert.get_keyType() == rsa_sa_algo) {
-        RSA rsa(cert.get_privateKey(), cert.get_privateKeyLength(), false);
-
-        sz = rsa.get_cipherLength() + VERIFY_HEADER;
-        sig.reset(NEW_YS byte[sz]);
-
-        c16toa(sz - VERIFY_HEADER, len);
-        memcpy(sig.get(), len, VERIFY_HEADER);
-        rsa.sign(sig.get() + VERIFY_HEADER, hashes_.md5_, sizeof(Hashes),
-                 ssl.getCrypto().get_random());
-        // check for rsa signautre fault
-        if (!rsa.verify(hashes_.md5_, sizeof(Hashes), sig.get() + VERIFY_HEADER,
-                                                      rsa.get_cipherLength())) {
-            ssl.SetError(rsaSignFault_error);
-            return;
-        }
-    }
-    else {  // DSA
-        DSS dss(cert.get_privateKey(), cert.get_privateKeyLength(), false);
-
-        sz = DSS_SIG_SZ + DSS_ENCODED_EXTRA + VERIFY_HEADER;
-        sig.reset(NEW_YS byte[sz]);
-
-        c16toa(sz - VERIFY_HEADER, len);
-        memcpy(sig.get(), len, VERIFY_HEADER);
-        dss.sign(sig.get() + VERIFY_HEADER, hashes_.sha_, SHA_LEN,
-                 ssl.getCrypto().get_random());
-
-        byte encoded[DSS_SIG_SZ + DSS_ENCODED_EXTRA];
-        TaoCrypt::EncodeDSA_Signature(sig.get() + VERIFY_HEADER, encoded);
-        memcpy(sig.get() + VERIFY_HEADER, encoded, sizeof(encoded));
-    }
-    set_length(sz);
-    signature_ = sig.release();
-}
-
-
-input_buffer& CertificateVerify::set(input_buffer& in)
-{
-    return in >> *this;
-}
-
-
-output_buffer& CertificateVerify::get(output_buffer& out) const
-{
-    return out << *this;
-}
-
-
-// input operator for CertificateVerify
-input_buffer& operator>>(input_buffer& input, CertificateVerify& request)
-{
-    byte tmp[VERIFY_HEADER];
-    tmp[0] = input[AUTO];
-    tmp[1] = input[AUTO];
-
-    uint16 sz = 0;
-    ato16(tmp, sz);
-    request.set_length(sz);
-
-    if (sz == 0) {
-        input.set_error();
-        return input;
-    }
-
-    request.signature_ = NEW_YS byte[sz];
-    input.read(request.signature_, sz);
-
-    return input;
-}
-
-
-// output operator for CertificateVerify
-output_buffer& operator<<(output_buffer& output,
-                          const CertificateVerify& verify)
-{
-    output.write(verify.signature_, verify.get_length());
-
-    return output;
-}
-
-
-// CertificateVerify processing handler
-void CertificateVerify::Process(input_buffer& input, SSL& ssl)
-{
-    if (input.get_error()) {
-        ssl.SetError(bad_input);
-        return;
-    }
-
-    const Hashes&      hashVerify = ssl.getHashes().get_certVerify();
-    const CertManager& cert       = ssl.getCrypto().get_certManager();
-
-    if (cert.get_peerKeyType() == rsa_sa_algo) {
-        RSA rsa(cert.get_peerKey(), cert.get_peerKeyLength());
-
-        if (!rsa.verify(hashVerify.md5_, sizeof(hashVerify), signature_,
-                        get_length()))
-            ssl.SetError(verify_error);
-    }
-    else { // DSA
-        byte decodedSig[DSS_SIG_SZ];
-        TaoCrypt::DecodeDSA_Signature(decodedSig, signature_, get_length());
-        
-        DSS dss(cert.get_peerKey(), cert.get_peerKeyLength());
-        if (!dss.verify(hashVerify.sha_, SHA_LEN, decodedSig, get_length()))
-            ssl.SetError(verify_error);
-    }
-}
-
-
-HandShakeType CertificateVerify::get_type() const
-{
-    return certificate_verify;
-}
-
-
-// output operator for ClientKeyExchange
-output_buffer& operator<<(output_buffer& output, const ClientKeyExchange& ck)
-{
-    output.write(ck.getKey(), ck.getKeyLength());
-    return output;
-}
-
-
-// Client Key Exchange processing handler
-void ClientKeyExchange::Process(input_buffer& input, SSL& ssl)
-{
-    if (input.get_error()) {
-        ssl.SetError(bad_input);
-        return;
-    }
-    createKey(ssl);
-    if (ssl.GetError()) return;
-    client_key_->read(ssl, input);
-    if (input.get_error()) {
-        ssl.SetError(bad_input);
-        return;
-    }
-
-    if (ssl.getCrypto().get_certManager().verifyPeer())
-        build_certHashes(ssl, ssl.useHashes().use_certVerify());
-
-    ssl.useStates().useServer() = clientKeyExchangeComplete;
-}
-
-
-ClientKeyExchange::ClientKeyExchange(SSL& ssl)
-{
-    createKey(ssl);
-}
-
-
-ClientKeyExchange::ClientKeyExchange()
-    : client_key_(0)
-{}
-
-
-ClientKeyExchange::~ClientKeyExchange()
-{
-    ysDelete(client_key_);
-}
-
-
-void ClientKeyExchange::build(SSL& ssl) 
-{ 
-    client_key_->build(ssl); 
-    set_length(client_key_->get_length());
-}
-
-const opaque* ClientKeyExchange::getKey() const
-{
-    return client_key_->get_clientKey();
-}
-
-
-int ClientKeyExchange::getKeyLength() const
-{
-    return client_key_->get_length();
-}
-
-
-input_buffer& ClientKeyExchange::set(input_buffer& in)
-{
-    return in;
-}
-
-
-output_buffer& ClientKeyExchange::get(output_buffer& out) const
-{
-    return out << *this;
-}
-
-
-HandShakeType ClientKeyExchange::get_type() const
-{
-    return client_key_exchange;
-}
-
-
-// input operator for Finished
-input_buffer& operator>>(input_buffer& input, Finished&)
-{
-    /*  do in process */
-
-    return input; 
-}
-
-// output operator for Finished
-output_buffer& operator<<(output_buffer& output, const Finished& fin)
-{
-    if (fin.get_length() == FINISHED_SZ) {
-        output.write(fin.hashes_.md5_, MD5_LEN);
-        output.write(fin.hashes_.sha_, SHA_LEN);
-    }
-    else    // TLS_FINISHED_SZ
-        output.write(fin.hashes_.md5_, TLS_FINISHED_SZ);
-
-    return output;
-}
-
-
-// Finished processing handler
-void Finished::Process(input_buffer& input, SSL& ssl)
-{
-    if (input.get_error()) {
-        ssl.SetError(bad_input);
-        return;
-    }
-    // verify hashes
-    const  Finished& verify = ssl.getHashes().get_verify();
-    uint finishedSz = ssl.isTLS() ? TLS_FINISHED_SZ : FINISHED_SZ;
-    
-    input.read(hashes_.md5_, finishedSz);
-    if (input.get_error()) {
-        ssl.SetError(bad_input);
-        return;
-    }
-
-    if (memcmp(&hashes_, &verify.hashes_, finishedSz)) {
-        ssl.SetError(verify_error);
-        return;
-    }
-
-    // read verify mac
-    opaque verifyMAC[SHA_LEN];
-    uint macSz = finishedSz + HANDSHAKE_HEADER;
-
-    if (ssl.isTLS())
-        TLS_hmac(ssl, verifyMAC, input.get_buffer() + input.get_current()
-                 - macSz, macSz, handshake, true);
-    else
-        hmac(ssl, verifyMAC, input.get_buffer() + input.get_current() - macSz,
-             macSz, handshake, true);
-
-    // read mac and fill
-    opaque mac[SHA_LEN];   // max size
-    int    digestSz = ssl.getCrypto().get_digest().get_digestSize();
-    input.read(mac, digestSz);
-    if (input.get_error()) {
-        ssl.SetError(bad_input);
-        return;
-    }
-
-    uint ivExtra = 0;
-    if (ssl.getSecurity().get_parms().cipher_type_ == block)
-        if (ssl.isTLSv1_1())
-            ivExtra = ssl.getCrypto().get_cipher().get_blockSize();
-
-    opaque fill __attribute__((unused));
-    int    padSz = ssl.getSecurity().get_parms().encrypt_size_ - ivExtra -
-                     HANDSHAKE_HEADER - finishedSz - digestSz;
-    for (int i = 0; i < padSz; i++) 
-        fill = input[AUTO];
-    if (input.get_error()) {
-        ssl.SetError(bad_input);
-        return;
-    }
-
-    // update states
-    ssl.useStates().useHandShake() = handShakeReady;
-    if (ssl.getSecurity().get_parms().entity_ == client_end)
-        ssl.useStates().useClient() = serverFinishedComplete;
-    else
-        ssl.useStates().useServer() = clientFinishedComplete;
-}
-
-
-Finished::Finished()
-{
-    set_length(FINISHED_SZ);
-}
-
-
-uint8* Finished::set_md5()
-{
-    return hashes_.md5_;
-}
-
-
-uint8* Finished::set_sha()
-{
-    return hashes_.sha_;
-}
-
-
-input_buffer& Finished::set(input_buffer& in)
-{
-    return in  >> *this;
-}
-
-
-output_buffer& Finished::get(output_buffer& out) const
-{
-    return out << *this;
-}
-
-
-HandShakeType Finished::get_type() const
-{
-    return finished;
-}
-
-
-void clean(volatile opaque* p, uint sz, RandomPool& ran)
-{
-    uint i(0);
-
-    for (i = 0; i < sz; ++i)
-        p[i] = 0;
-
-    ran.Fill(const_cast(p), sz);
-
-    for (i = 0; i < sz; ++i)
-        p[i] = 0;
-}
-
-
-
-Connection::Connection(ProtocolVersion v, RandomPool& ran)
-    : pre_master_secret_(0), sequence_number_(0), peer_sequence_number_(0),
-      pre_secret_len_(0), send_server_key_(false), master_clean_(false),
-      TLS_(v.major_ >= 3 && v.minor_ >= 1),
-      TLSv1_1_(v.major_ >= 3 && v.minor_ >= 2), compression_(false),
-      version_(v), random_(ran)
-{
-    memset(sessionID_, 0, sizeof(sessionID_));
-}
-
-
-Connection::~Connection() 
-{ 
-    CleanMaster(); CleanPreMaster(); ysArrayDelete(pre_master_secret_);
-}
-
-
-void Connection::AllocPreSecret(uint sz) 
-{ 
-    pre_master_secret_ = NEW_YS opaque[pre_secret_len_ = sz];
-}
-
-
-void Connection::TurnOffTLS()
-{
-    TLS_ = false;
-    version_.minor_ = 0;
-}
-
-
-void Connection::TurnOffTLS1_1()
-{
-    TLSv1_1_ = false;
-    version_.minor_ = 1;
-}
-
-
-// wipeout master secret
-void Connection::CleanMaster()
-{
-    if (!master_clean_) {
-        volatile opaque* p = master_secret_;
-        clean(p, SECRET_LEN, random_);
-        master_clean_ = true;
-    }
-}
-
-
-// wipeout pre master secret
-void Connection::CleanPreMaster()
-{
-    if (pre_master_secret_) {
-        volatile opaque* p = pre_master_secret_;
-        clean(p, pre_secret_len_, random_);
-
-        ysArrayDelete(pre_master_secret_);
-        pre_master_secret_ = 0;
-    }
-}
-
-
-// Create functions for message factory
-Message* CreateCipherSpec() { return NEW_YS ChangeCipherSpec; }
-Message* CreateAlert()      { return NEW_YS Alert; }
-Message* CreateHandShake()  { return NEW_YS HandShakeHeader; }
-Message* CreateData()       { return NEW_YS Data; }
-
-// Create functions for handshake factory
-HandShakeBase* CreateHelloRequest()       { return NEW_YS HelloRequest; }
-HandShakeBase* CreateClientHello()        { return NEW_YS ClientHello; }
-HandShakeBase* CreateServerHello()        { return NEW_YS ServerHello; }
-HandShakeBase* CreateCertificate()        { return NEW_YS Certificate; }
-HandShakeBase* CreateServerKeyExchange()  { return NEW_YS ServerKeyExchange;}
-HandShakeBase* CreateCertificateRequest() { return NEW_YS 
-                                                    CertificateRequest; }
-HandShakeBase* CreateServerHelloDone()    { return NEW_YS ServerHelloDone; }
-HandShakeBase* CreateCertificateVerify()  { return NEW_YS CertificateVerify;}
-HandShakeBase* CreateClientKeyExchange()  { return NEW_YS ClientKeyExchange;}
-HandShakeBase* CreateFinished()           { return NEW_YS Finished; }
-
-// Create functions for server key exchange factory
-ServerKeyBase* CreateRSAServerKEA()       { return NEW_YS RSA_Server; }
-ServerKeyBase* CreateDHServerKEA()        { return NEW_YS DH_Server; }
-ServerKeyBase* CreateFortezzaServerKEA()  { return NEW_YS Fortezza_Server; }
-
-// Create functions for client key exchange factory
-ClientKeyBase* CreateRSAClient()      { return NEW_YS 
-                                                EncryptedPreMasterSecret; }
-ClientKeyBase* CreateDHClient()       { return NEW_YS 
-                                                ClientDiffieHellmanPublic; }
-ClientKeyBase* CreateFortezzaClient() { return NEW_YS FortezzaKeys; }
-
-
-// Constructor calls this to Register compile time callbacks
-void InitMessageFactory(MessageFactory& mf)
-{
-    mf.Reserve(4);
-    mf.Register(alert, CreateAlert);
-    mf.Register(change_cipher_spec, CreateCipherSpec);
-    mf.Register(handshake, CreateHandShake);
-    mf.Register(application_data, CreateData);
-}
-
-
-// Constructor calls this to Register compile time callbacks
-void InitHandShakeFactory(HandShakeFactory& hsf)
-{
-    hsf.Reserve(10);
-    hsf.Register(hello_request, CreateHelloRequest);
-    hsf.Register(client_hello, CreateClientHello);
-    hsf.Register(server_hello, CreateServerHello);
-    hsf.Register(certificate, CreateCertificate);
-    hsf.Register(server_key_exchange, CreateServerKeyExchange);
-    hsf.Register(certificate_request, CreateCertificateRequest);
-    hsf.Register(server_hello_done, CreateServerHelloDone);
-    hsf.Register(certificate_verify, CreateCertificateVerify);
-    hsf.Register(client_key_exchange, CreateClientKeyExchange);
-    hsf.Register(finished, CreateFinished);
-}
-
-
-// Constructor calls this to Register compile time callbacks
-void InitServerKeyFactory(ServerKeyFactory& skf)
-{
-    skf.Reserve(3);
-    skf.Register(rsa_kea, CreateRSAServerKEA);
-    skf.Register(diffie_hellman_kea, CreateDHServerKEA);
-    skf.Register(fortezza_kea, CreateFortezzaServerKEA);
-}
-
-
-// Constructor calls this to Register compile time callbacks
-void InitClientKeyFactory(ClientKeyFactory& ckf)
-{
-    ckf.Reserve(3);
-    ckf.Register(rsa_kea, CreateRSAClient);
-    ckf.Register(diffie_hellman_kea, CreateDHClient);
-    ckf.Register(fortezza_kea, CreateFortezzaClient);
-}
-
-
-} // namespace
diff --git a/extra/yassl/src/yassl_int.cpp b/extra/yassl/src/yassl_int.cpp
deleted file mode 100644
index e244761e647..00000000000
--- a/extra/yassl/src/yassl_int.cpp
+++ /dev/null
@@ -1,2705 +0,0 @@
-/*
-   Copyright (c) 2005, 2017, Oracle and/or its affiliates.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-
-/* yaSSL internal source implements SSL supporting types not specified in the
- * draft along with type conversion functions.
- */
-
-#include "runtime.hpp"
-#include "yassl_int.hpp"
-#include "handshake.hpp"
-#include "timer.hpp"
-
-#ifdef _POSIX_THREADS
-    #include "pthread.h"
-#endif
-
-
-#ifdef HAVE_LIBZ
-    #include "zlib.h"
-#endif
-
-
-#ifdef YASSL_PURE_C
-
-    void* operator new(size_t sz, yaSSL::new_t)
-    {
-        void* ptr = malloc(sz ? sz : 1);
-        if (!ptr) abort();
-
-        return ptr;
-    }
-
-
-    void operator delete(void* ptr, yaSSL::new_t)
-    {
-        if (ptr) free(ptr);
-    }
-
-
-    void* operator new[](size_t sz, yaSSL::new_t nt)
-    {
-        return ::operator new(sz, nt);
-    }
-
-
-    void operator delete[](void* ptr, yaSSL::new_t nt)
-    {
-        ::operator delete(ptr, nt);
-    }
-
-    namespace yaSSL {
-
-        new_t ys;   // for yaSSL library new
-
-    }
-
-#endif // YASSL_PURE_C
-
-
-namespace yaSSL {
-
-
-
-
-
-
-// convert a 32 bit integer into a 24 bit one
-void c32to24(uint32 u32, uint24& u24)
-{
-    u24[0] = (u32 >> 16) & 0xff;
-    u24[1] = (u32 >>  8) & 0xff;
-    u24[2] =  u32 & 0xff;
-}
-
-
-// convert a 24 bit integer into a 32 bit one
-void c24to32(const uint24 u24, uint32& u32)
-{
-    u32 = 0;
-    u32 = (u24[0] << 16) | (u24[1] << 8) | u24[2];
-}
-
-
-// convert with return for ease of use
-uint32 c24to32(const uint24 u24)
-{
-    uint32 ret;
-    c24to32(u24, ret);
-
-    return ret;
-}
-
-
-// using a for opaque since underlying type is unsgined char and o is not a
-// good leading identifier
-
-// convert opaque to 16 bit integer
-void ato16(const opaque* c, uint16& u16)
-{
-    u16 = 0;
-    u16 = (c[0] << 8) | (c[1]);
-}
-
-
-// convert (copy) opaque to 24 bit integer
-void ato24(const opaque* c, uint24& u24)
-{
-    u24[0] = c[0];
-    u24[1] = c[1];
-    u24[2] = c[2];
-}
-
-
-// convert 16 bit integer to opaque
-void c16toa(uint16 u16, opaque* c)
-{
-    c[0] = (u16 >> 8) & 0xff;
-    c[1] =  u16 & 0xff;
-}
-
-
-// convert 24 bit integer to opaque
-void c24toa(const uint24 u24, opaque* c)
-{
-    c[0] =  u24[0]; 
-    c[1] =  u24[1];
-    c[2] =  u24[2];
-}
-
-
-// convert 32 bit integer to opaque
-void c32toa(uint32 u32, opaque* c)
-{
-    c[0] = (u32 >> 24) & 0xff;
-    c[1] = (u32 >> 16) & 0xff;
-    c[2] = (u32 >>  8) & 0xff;
-    c[3] =  u32 & 0xff;
-}
-
-
-States::States() : recordLayer_(recordReady), handshakeLayer_(preHandshake),
-           clientState_(serverNull),  serverState_(clientNull),
-           connectState_(CONNECT_BEGIN), acceptState_(ACCEPT_BEGIN),
-           what_(no_error) {}
-
-const RecordLayerState& States::getRecord() const 
-{
-    return recordLayer_;
-}
-
-
-const HandShakeState& States::getHandShake() const
-{
-    return handshakeLayer_;
-}
-
-
-const ClientState& States::getClient() const
-{
-    return clientState_;
-}
-
-
-const ServerState& States::getServer() const
-{
-    return serverState_;
-}
-
-
-const ConnectState& States::GetConnect() const
-{
-    return connectState_;
-}
-
-
-const AcceptState& States::GetAccept() const
-{
-    return acceptState_;
-}
-
-
-const char* States::getString() const
-{
-    return errorString_;
-}
-
-
-YasslError States::What() const
-{
-    return what_;
-}
-
-
-RecordLayerState& States::useRecord()
-{
-    return recordLayer_;
-}
-
-
-HandShakeState& States::useHandShake()
-{
-    return handshakeLayer_;
-}
-
-
-ClientState& States::useClient()
-{
-    return clientState_;
-}
-
-
-ServerState& States::useServer()
-{
-    return serverState_;
-}
-
-
-ConnectState& States::UseConnect()
-{
-    return connectState_;
-}
-
-
-AcceptState& States::UseAccept()
-{
-    return acceptState_;
-}
-
-
-char* States::useString()
-{
-    return errorString_;
-}
-
-
-void States::SetError(YasslError ye)
-{
-    what_ = ye;
-}
-
-
-// mark message recvd, check for duplicates, return 0 on success
-int States::SetMessageRecvd(HandShakeType hst)
-{
-    switch (hst) {
-        case hello_request:
-            break;  // could send more than one
-
-        case client_hello:
-            if (recvdMessages_.gotClientHello_)
-                return -1;
-            recvdMessages_.gotClientHello_ = 1;
-            break;
-
-        case server_hello:
-            if (recvdMessages_.gotServerHello_)
-                return -1;
-            recvdMessages_.gotServerHello_ = 1;
-            break;
-
-        case certificate:
-            if (recvdMessages_.gotCert_)
-                return -1;
-            recvdMessages_.gotCert_ = 1;
-            break;
-
-        case server_key_exchange:
-            if (recvdMessages_.gotServerKeyExchange_)
-                return -1;
-            recvdMessages_.gotServerKeyExchange_ = 1;
-            break;
-
-        case certificate_request:
-            if (recvdMessages_.gotCertRequest_)
-                return -1;
-            recvdMessages_.gotCertRequest_ = 1;
-            break;
-
-        case server_hello_done:
-            if (recvdMessages_.gotServerHelloDone_)
-                return -1;
-            recvdMessages_.gotServerHelloDone_ = 1;
-            break;
-
-        case certificate_verify:
-            if (recvdMessages_.gotCertVerify_)
-                return -1;
-            recvdMessages_.gotCertVerify_ = 1;
-            break;
-
-        case client_key_exchange:
-            if (recvdMessages_.gotClientKeyExchange_)
-                return -1;
-            recvdMessages_.gotClientKeyExchange_ = 1;
-            break;
-
-        case finished:
-            if (recvdMessages_.gotFinished_)
-                return -1;
-            recvdMessages_.gotFinished_ = 1;
-            break;
-
-
-        default:
-            return -1;
-
-    }
-
-    return 0;
-}
-
-
-sslFactory::sslFactory() :           
-        messageFactory_(InitMessageFactory),
-        handShakeFactory_(InitHandShakeFactory),
-        serverKeyFactory_(InitServerKeyFactory),
-        clientKeyFactory_(InitClientKeyFactory) 
-{}
-
-
-const MessageFactory& sslFactory::getMessage() const
-{
-    return messageFactory_;
-}
-
-
-const HandShakeFactory& sslFactory::getHandShake() const
-{
-    return handShakeFactory_;
-}
-
-
-const ServerKeyFactory& sslFactory::getServerKey() const
-{
-    return serverKeyFactory_;
-}
-
-
-const ClientKeyFactory& sslFactory::getClientKey() const
-{
-    return clientKeyFactory_;
-}
-
-
-// extract context parameters and store
-SSL::SSL(SSL_CTX* ctx) 
-    : secure_(ctx->getMethod()->getVersion(), crypto_.use_random(),
-              ctx->getMethod()->getSide(), ctx->GetCiphers(), ctx,
-              ctx->GetDH_Parms().set_), quietShutdown_(false), has_data_(false)
-{
-    if (int err = crypto_.get_random().GetError()) {
-        SetError(YasslError(err));
-        return;
-    }
-
-    CertManager& cm = crypto_.use_certManager();
-    cm.CopySelfCert(ctx->getCert());
-
-    bool serverSide = secure_.use_parms().entity_ == server_end;
-
-    if (ctx->getKey()) {
-        if (int err = cm.SetPrivateKey(*ctx->getKey())) {
-            SetError(YasslError(err));
-            return;
-        }
-        else if (serverSide && ctx->GetCiphers().setSuites_ == 0) {
-            // remove RSA or DSA suites depending on cert key type
-            // but don't override user sets
-            ProtocolVersion pv = secure_.get_connection().version_;
-            
-            bool removeDH  = secure_.use_parms().removeDH_;
-            bool removeRSA = false;
-            bool removeDSA = false;
-            
-            if (cm.get_keyType() == rsa_sa_algo)
-                removeDSA = true;
-            else
-                removeRSA = true;
-            secure_.use_parms().SetSuites(pv, removeDH, removeRSA, removeDSA);
-        }
-    }
-    else if (serverSide) {
-        SetError(no_key_file);
-        return;
-    }
-
-    if (ctx->getMethod()->verifyPeer())
-        cm.setVerifyPeer();
-    if (ctx->getMethod()->verifyNone())
-        cm.setVerifyNone();
-    if (ctx->getMethod()->failNoCert())
-        cm.setFailNoCert();
-    cm.setVerifyCallback(ctx->getVerifyCallback());
-
-    if (serverSide)
-        crypto_.SetDH(ctx->GetDH_Parms());
-
-    const SSL_CTX::CertList& ca = ctx->GetCA_List();
-    SSL_CTX::CertList::const_iterator first(ca.begin());
-    SSL_CTX::CertList::const_iterator last(ca.end());
-
-    while (first != last) {
-        if (int err = cm.CopyCaCert(*first)) {
-            SetError(YasslError(err));
-            return;
-        }
-        ++first;
-    }
-}
-
-
-// store pending security parameters from Server Hello
-void SSL::set_pending(Cipher suite)
-{
-    Parameters& parms = secure_.use_parms();
-
-    switch (suite) {
-
-    case TLS_RSA_WITH_AES_256_CBC_SHA:
-        parms.bulk_cipher_algorithm_ = aes;
-        parms.mac_algorithm_         = sha;
-        parms.kea_                   = rsa_kea;
-        parms.hash_size_ = SHA_LEN;
-        parms.key_size_  = AES_256_KEY_SZ;
-        parms.iv_size_   = AES_BLOCK_SZ;
-        parms.cipher_type_ = block;
-        crypto_.setDigest(NEW_YS SHA);
-        crypto_.setCipher(NEW_YS AES(AES_256_KEY_SZ));
-        strncpy(parms.cipher_name_, cipher_names[TLS_RSA_WITH_AES_256_CBC_SHA],
-                MAX_SUITE_NAME);
-        break;
-
-    case TLS_RSA_WITH_AES_128_CBC_SHA:
-        parms.bulk_cipher_algorithm_ = aes;
-        parms.mac_algorithm_         = sha;
-        parms.kea_                   = rsa_kea;
-        parms.hash_size_ = SHA_LEN;
-        parms.key_size_  = AES_128_KEY_SZ;
-        parms.iv_size_   = AES_BLOCK_SZ;
-        parms.cipher_type_ = block;
-        crypto_.setDigest(NEW_YS SHA);
-        crypto_.setCipher(NEW_YS AES);
-        strncpy(parms.cipher_name_, cipher_names[TLS_RSA_WITH_AES_128_CBC_SHA],
-                MAX_SUITE_NAME);
-        break;
-
-    case SSL_RSA_WITH_3DES_EDE_CBC_SHA:
-        parms.bulk_cipher_algorithm_ = triple_des;
-        parms.mac_algorithm_         = sha;
-        parms.kea_                   = rsa_kea;
-        parms.hash_size_ = SHA_LEN;
-        parms.key_size_  = DES_EDE_KEY_SZ;
-        parms.iv_size_   = DES_IV_SZ;
-        parms.cipher_type_ = block;
-        crypto_.setDigest(NEW_YS SHA);
-        crypto_.setCipher(NEW_YS DES_EDE);
-        strncpy(parms.cipher_name_, cipher_names[SSL_RSA_WITH_3DES_EDE_CBC_SHA]
-                , MAX_SUITE_NAME);
-        break;
-
-    case SSL_RSA_WITH_DES_CBC_SHA:
-        parms.bulk_cipher_algorithm_ = des;
-        parms.mac_algorithm_         = sha;
-        parms.kea_                   = rsa_kea;
-        parms.hash_size_ = SHA_LEN;
-        parms.key_size_  = DES_KEY_SZ;
-        parms.iv_size_   = DES_IV_SZ;
-        parms.cipher_type_ = block;
-        crypto_.setDigest(NEW_YS SHA);
-        crypto_.setCipher(NEW_YS DES);
-        strncpy(parms.cipher_name_, cipher_names[SSL_RSA_WITH_DES_CBC_SHA],
-                MAX_SUITE_NAME);
-        break;
-
-    case SSL_RSA_WITH_RC4_128_SHA:
-        parms.bulk_cipher_algorithm_ = rc4;
-        parms.mac_algorithm_         = sha;
-        parms.kea_                   = rsa_kea;
-        parms.hash_size_ = SHA_LEN;
-        parms.key_size_  = RC4_KEY_SZ;
-        parms.iv_size_   = 0;
-        parms.cipher_type_ = stream;
-        crypto_.setDigest(NEW_YS SHA);
-        crypto_.setCipher(NEW_YS RC4);
-        strncpy(parms.cipher_name_, cipher_names[SSL_RSA_WITH_RC4_128_SHA],
-                MAX_SUITE_NAME);
-        break;
-
-    case SSL_RSA_WITH_RC4_128_MD5:
-        parms.bulk_cipher_algorithm_ = rc4;
-        parms.mac_algorithm_         = md5;
-        parms.kea_                   = rsa_kea;
-        parms.hash_size_ = MD5_LEN;
-        parms.key_size_  = RC4_KEY_SZ;
-        parms.iv_size_   = 0;
-        parms.cipher_type_ = stream;
-        crypto_.setDigest(NEW_YS MD5);
-        crypto_.setCipher(NEW_YS RC4);
-        strncpy(parms.cipher_name_, cipher_names[SSL_RSA_WITH_RC4_128_MD5],
-                MAX_SUITE_NAME);
-        break;
-
-    case SSL_DHE_RSA_WITH_DES_CBC_SHA:
-        parms.bulk_cipher_algorithm_ = des;
-        parms.mac_algorithm_         = sha;
-        parms.kea_                   = diffie_hellman_kea;
-        parms.sig_algo_              = rsa_sa_algo;
-        parms.hash_size_ = SHA_LEN;
-        parms.key_size_  = DES_KEY_SZ;
-        parms.iv_size_   = DES_IV_SZ;
-        parms.cipher_type_ = block;
-        secure_.use_connection().send_server_key_  = true; // eph
-        crypto_.setDigest(NEW_YS SHA);
-        crypto_.setCipher(NEW_YS DES);
-        strncpy(parms.cipher_name_, cipher_names[SSL_DHE_RSA_WITH_DES_CBC_SHA],
-                MAX_SUITE_NAME);
-        break;
-
-    case SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
-        parms.bulk_cipher_algorithm_ = triple_des;
-        parms.mac_algorithm_         = sha;
-        parms.kea_                   = diffie_hellman_kea;
-        parms.sig_algo_              = rsa_sa_algo;
-        parms.hash_size_ = SHA_LEN;
-        parms.key_size_  = DES_EDE_KEY_SZ;
-        parms.iv_size_   = DES_IV_SZ;
-        parms.cipher_type_ = block;
-        secure_.use_connection().send_server_key_  = true; // eph
-        crypto_.setDigest(NEW_YS SHA);
-        crypto_.setCipher(NEW_YS DES_EDE);
-        strncpy(parms.cipher_name_,
-              cipher_names[SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA], MAX_SUITE_NAME);
-        break;
-
-    case TLS_DHE_RSA_WITH_AES_256_CBC_SHA:
-        parms.bulk_cipher_algorithm_ = aes;
-        parms.mac_algorithm_         = sha;
-        parms.kea_                   = diffie_hellman_kea;
-        parms.sig_algo_              = rsa_sa_algo;
-        parms.hash_size_ = SHA_LEN;
-        parms.key_size_  = AES_256_KEY_SZ;
-        parms.iv_size_   = AES_BLOCK_SZ;
-        parms.cipher_type_ = block;
-        secure_.use_connection().send_server_key_  = true; // eph
-        crypto_.setDigest(NEW_YS SHA);
-        crypto_.setCipher(NEW_YS AES(AES_256_KEY_SZ));
-        strncpy(parms.cipher_name_,
-               cipher_names[TLS_DHE_RSA_WITH_AES_256_CBC_SHA], MAX_SUITE_NAME);
-        break;
-
-    case TLS_DHE_RSA_WITH_AES_128_CBC_SHA:
-        parms.bulk_cipher_algorithm_ = aes;
-        parms.mac_algorithm_         = sha;
-        parms.kea_                   = diffie_hellman_kea;
-        parms.sig_algo_              = rsa_sa_algo;
-        parms.hash_size_ = SHA_LEN;
-        parms.key_size_  = AES_128_KEY_SZ;
-        parms.iv_size_   = AES_BLOCK_SZ;
-        parms.cipher_type_ = block;
-        secure_.use_connection().send_server_key_  = true; // eph
-        crypto_.setDigest(NEW_YS SHA);
-        crypto_.setCipher(NEW_YS AES);
-        strncpy(parms.cipher_name_,
-               cipher_names[TLS_DHE_RSA_WITH_AES_128_CBC_SHA], MAX_SUITE_NAME);
-        break;
-
-    case SSL_DHE_DSS_WITH_DES_CBC_SHA:
-        parms.bulk_cipher_algorithm_ = des;
-        parms.mac_algorithm_         = sha;
-        parms.kea_                   = diffie_hellman_kea;
-        parms.sig_algo_              = dsa_sa_algo;
-        parms.hash_size_ = SHA_LEN;
-        parms.key_size_  = DES_KEY_SZ;
-        parms.iv_size_   = DES_IV_SZ;
-        parms.cipher_type_ = block;
-        secure_.use_connection().send_server_key_  = true; // eph
-        crypto_.setDigest(NEW_YS SHA);
-        crypto_.setCipher(NEW_YS DES);
-        strncpy(parms.cipher_name_, cipher_names[SSL_DHE_DSS_WITH_DES_CBC_SHA],
-                MAX_SUITE_NAME);
-        break;
-
-    case SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA:
-        parms.bulk_cipher_algorithm_ = triple_des;
-        parms.mac_algorithm_         = sha;
-        parms.kea_                   = diffie_hellman_kea;
-        parms.sig_algo_              = dsa_sa_algo;
-        parms.hash_size_ = SHA_LEN;
-        parms.key_size_  = DES_EDE_KEY_SZ;
-        parms.iv_size_   = DES_IV_SZ;
-        parms.cipher_type_ = block;
-        secure_.use_connection().send_server_key_  = true; // eph
-        crypto_.setDigest(NEW_YS SHA);
-        crypto_.setCipher(NEW_YS DES_EDE);
-        strncpy(parms.cipher_name_,
-              cipher_names[SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA], MAX_SUITE_NAME);
-        break;
-
-    case TLS_DHE_DSS_WITH_AES_256_CBC_SHA:
-        parms.bulk_cipher_algorithm_ = aes;
-        parms.mac_algorithm_         = sha;
-        parms.kea_                   = diffie_hellman_kea;
-        parms.sig_algo_              = dsa_sa_algo;
-        parms.hash_size_ = SHA_LEN;
-        parms.key_size_  = AES_256_KEY_SZ;
-        parms.iv_size_   = AES_BLOCK_SZ;
-        parms.cipher_type_ = block;
-        secure_.use_connection().send_server_key_  = true; // eph
-        crypto_.setDigest(NEW_YS SHA);
-        crypto_.setCipher(NEW_YS AES(AES_256_KEY_SZ));
-        strncpy(parms.cipher_name_,
-               cipher_names[TLS_DHE_DSS_WITH_AES_256_CBC_SHA], MAX_SUITE_NAME);
-        break;
-
-    case TLS_DHE_DSS_WITH_AES_128_CBC_SHA:
-        parms.bulk_cipher_algorithm_ = aes;
-        parms.mac_algorithm_         = sha;
-        parms.kea_                   = diffie_hellman_kea;
-        parms.sig_algo_              = dsa_sa_algo;
-        parms.hash_size_ = SHA_LEN;
-        parms.key_size_  = AES_128_KEY_SZ;
-        parms.iv_size_   = AES_BLOCK_SZ;
-        parms.cipher_type_ = block;
-        secure_.use_connection().send_server_key_  = true; // eph
-        crypto_.setDigest(NEW_YS SHA);
-        crypto_.setCipher(NEW_YS AES);
-        strncpy(parms.cipher_name_,
-               cipher_names[TLS_DHE_DSS_WITH_AES_128_CBC_SHA], MAX_SUITE_NAME);
-        break;
-
-    case TLS_RSA_WITH_AES_256_CBC_RMD160:
-        parms.bulk_cipher_algorithm_ = aes;
-        parms.mac_algorithm_         = rmd;
-        parms.kea_                   = rsa_kea;
-        parms.hash_size_ = RMD_LEN;
-        parms.key_size_  = AES_256_KEY_SZ;
-        parms.iv_size_   = AES_BLOCK_SZ;
-        parms.cipher_type_ = block;
-        crypto_.setDigest(NEW_YS RMD);
-        crypto_.setCipher(NEW_YS AES(AES_256_KEY_SZ));
-        strncpy(parms.cipher_name_,
-                cipher_names[TLS_RSA_WITH_AES_256_CBC_RMD160], MAX_SUITE_NAME);
-        break;
-
-    case TLS_RSA_WITH_AES_128_CBC_RMD160:
-        parms.bulk_cipher_algorithm_ = aes;
-        parms.mac_algorithm_         = rmd;
-        parms.kea_                   = rsa_kea;
-        parms.hash_size_ = RMD_LEN;
-        parms.key_size_  = AES_128_KEY_SZ;
-        parms.iv_size_   = AES_BLOCK_SZ;
-        parms.cipher_type_ = block;
-        crypto_.setDigest(NEW_YS RMD);
-        crypto_.setCipher(NEW_YS AES);
-        strncpy(parms.cipher_name_,
-                cipher_names[TLS_RSA_WITH_AES_128_CBC_RMD160], MAX_SUITE_NAME);
-        break;
-
-    case TLS_RSA_WITH_3DES_EDE_CBC_RMD160:
-        parms.bulk_cipher_algorithm_ = triple_des;
-        parms.mac_algorithm_         = rmd;
-        parms.kea_                   = rsa_kea;
-        parms.hash_size_ = RMD_LEN;
-        parms.key_size_  = DES_EDE_KEY_SZ;
-        parms.iv_size_   = DES_IV_SZ;
-        parms.cipher_type_ = block;
-        crypto_.setDigest(NEW_YS RMD);
-        crypto_.setCipher(NEW_YS DES_EDE);
-        strncpy(parms.cipher_name_,
-               cipher_names[TLS_RSA_WITH_3DES_EDE_CBC_RMD160], MAX_SUITE_NAME);
-        break;
-
-    case TLS_DHE_RSA_WITH_3DES_EDE_CBC_RMD160:
-        parms.bulk_cipher_algorithm_ = triple_des;
-        parms.mac_algorithm_         = rmd;
-        parms.kea_                   = diffie_hellman_kea;
-        parms.sig_algo_              = rsa_sa_algo;
-        parms.hash_size_ = RMD_LEN;
-        parms.key_size_  = DES_EDE_KEY_SZ;
-        parms.iv_size_   = DES_IV_SZ;
-        parms.cipher_type_ = block;
-        secure_.use_connection().send_server_key_  = true; // eph
-        crypto_.setDigest(NEW_YS RMD);
-        crypto_.setCipher(NEW_YS DES_EDE);
-        strncpy(parms.cipher_name_,
-                cipher_names[TLS_DHE_RSA_WITH_3DES_EDE_CBC_RMD160],
-                MAX_SUITE_NAME);
-        break;
-
-    case TLS_DHE_RSA_WITH_AES_256_CBC_RMD160:
-        parms.bulk_cipher_algorithm_ = aes;
-        parms.mac_algorithm_         = rmd;
-        parms.kea_                   = diffie_hellman_kea;
-        parms.sig_algo_              = rsa_sa_algo;
-        parms.hash_size_ = RMD_LEN;
-        parms.key_size_  = AES_256_KEY_SZ;
-        parms.iv_size_   = AES_BLOCK_SZ;
-        parms.cipher_type_ = block;
-        secure_.use_connection().send_server_key_  = true; // eph
-        crypto_.setDigest(NEW_YS RMD);
-        crypto_.setCipher(NEW_YS AES(AES_256_KEY_SZ));
-        strncpy(parms.cipher_name_,
-                cipher_names[TLS_DHE_RSA_WITH_AES_256_CBC_RMD160],
-                MAX_SUITE_NAME);
-        break;
-
-    case TLS_DHE_RSA_WITH_AES_128_CBC_RMD160:
-        parms.bulk_cipher_algorithm_ = aes;
-        parms.mac_algorithm_         = rmd;
-        parms.kea_                   = diffie_hellman_kea;
-        parms.sig_algo_              = rsa_sa_algo;
-        parms.hash_size_ = RMD_LEN;
-        parms.key_size_  = AES_128_KEY_SZ;
-        parms.iv_size_   = AES_BLOCK_SZ;
-        parms.cipher_type_ = block;
-        secure_.use_connection().send_server_key_  = true; // eph
-        crypto_.setDigest(NEW_YS RMD);
-        crypto_.setCipher(NEW_YS AES);
-        strncpy(parms.cipher_name_,
-                cipher_names[TLS_DHE_RSA_WITH_AES_128_CBC_RMD160],
-                MAX_SUITE_NAME);
-        break;
-
-    case TLS_DHE_DSS_WITH_3DES_EDE_CBC_RMD160:
-        parms.bulk_cipher_algorithm_ = triple_des;
-        parms.mac_algorithm_         = rmd;
-        parms.kea_                   = diffie_hellman_kea;
-        parms.sig_algo_              = dsa_sa_algo;
-        parms.hash_size_ = RMD_LEN;
-        parms.key_size_  = DES_EDE_KEY_SZ;
-        parms.iv_size_   = DES_IV_SZ;
-        parms.cipher_type_ = block;
-        secure_.use_connection().send_server_key_  = true; // eph
-        crypto_.setDigest(NEW_YS RMD);
-        crypto_.setCipher(NEW_YS DES_EDE);
-        strncpy(parms.cipher_name_,
-                cipher_names[TLS_DHE_DSS_WITH_3DES_EDE_CBC_RMD160],
-                MAX_SUITE_NAME);
-        break;
-
-    case TLS_DHE_DSS_WITH_AES_256_CBC_RMD160:
-        parms.bulk_cipher_algorithm_ = aes;
-        parms.mac_algorithm_         = rmd;
-        parms.kea_                   = diffie_hellman_kea;
-        parms.sig_algo_              = dsa_sa_algo;
-        parms.hash_size_ = RMD_LEN;
-        parms.key_size_  = AES_256_KEY_SZ;
-        parms.iv_size_   = AES_BLOCK_SZ;
-        parms.cipher_type_ = block;
-        secure_.use_connection().send_server_key_  = true; // eph
-        crypto_.setDigest(NEW_YS RMD);
-        crypto_.setCipher(NEW_YS AES(AES_256_KEY_SZ));
-        strncpy(parms.cipher_name_,
-                cipher_names[TLS_DHE_DSS_WITH_AES_256_CBC_RMD160],
-                MAX_SUITE_NAME);
-        break;
-
-    case TLS_DHE_DSS_WITH_AES_128_CBC_RMD160:
-        parms.bulk_cipher_algorithm_ = aes;
-        parms.mac_algorithm_         = rmd;
-        parms.kea_                   = diffie_hellman_kea;
-        parms.sig_algo_              = dsa_sa_algo;
-        parms.hash_size_ = RMD_LEN;
-        parms.key_size_  = AES_128_KEY_SZ;
-        parms.iv_size_   = AES_BLOCK_SZ;
-        parms.cipher_type_ = block;
-        secure_.use_connection().send_server_key_  = true; // eph
-        crypto_.setDigest(NEW_YS RMD);
-        crypto_.setCipher(NEW_YS AES);
-        strncpy(parms.cipher_name_,
-                cipher_names[TLS_DHE_DSS_WITH_AES_128_CBC_RMD160],
-                MAX_SUITE_NAME);
-        break;
-
-    default:
-        SetError(unknown_cipher);
-    }
-}
-
-
-// store peer's random
-void SSL::set_random(const opaque* random, ConnectionEnd sender)
-{
-    if (sender == client_end)
-        memcpy(secure_.use_connection().client_random_, random, RAN_LEN);
-    else
-        memcpy(secure_.use_connection().server_random_, random, RAN_LEN);
-}
-
-
-// store client pre master secret
-void SSL::set_preMaster(const opaque* pre, uint sz)
-{
-    uint i(0);  // trim leading zeros
-    uint fullSz(sz);
-
-    while (i++ < fullSz && *pre == 0) {
-        sz--;
-        pre++;
-    }
-
-    if (sz == 0) {
-        SetError(bad_input);
-        return;
-    }
-
-    secure_.use_connection().AllocPreSecret(sz);
-    memcpy(secure_.use_connection().pre_master_secret_, pre, sz);
-}
-
-
-// set yaSSL zlib type compression
-int SSL::SetCompression()
-{
-#ifdef HAVE_LIBZ
-    secure_.use_connection().compression_ = true;
-    return 0;
-#else
-    return -1;  // not built in
-#endif
-}
-
-
-// unset yaSSL zlib type compression
-void SSL::UnSetCompression()
-{
-    secure_.use_connection().compression_ = false;
-}
-
-
-// is yaSSL zlib compression on
-bool SSL::CompressionOn() const
-{
-    return secure_.get_connection().compression_;
-}
-
-
-// store master secret
-void SSL::set_masterSecret(const opaque* sec)
-{
-    memcpy(secure_.use_connection().master_secret_, sec, SECRET_LEN);
-}
-
-// store server issued id
-void SSL::set_sessionID(const opaque* sessionID)
-{
-    memcpy(secure_.use_connection().sessionID_, sessionID, ID_LEN);
-    secure_.use_connection().sessionID_Set_ = true;
-}
-
-
-// store error 
-void SSL::SetError(YasslError ye)
-{
-    states_.SetError(ye);
-    //strncpy(states_.useString(), e.what(), mySTL::named_exception::NAME_SIZE);
-    // TODO: add string here
-}
-
-
-// set the quiet shutdown mode (close_nofiy not sent or received on shutdown)
-void SSL::SetQuietShutdown(bool mode)
-{
-  quietShutdown_ = mode;
-}
-
-
-Buffers& SSL::useBuffers()
-{
-    return buffers_;
-}
-
-
-// locals
-namespace {
-
-// DeriveKeys and MasterSecret helper sets prefix letters
-static bool setPrefix(opaque* sha_input, int i)
-{
-    switch (i) {
-    case 0:
-        memcpy(sha_input, "A", 1);
-        break;
-    case 1:
-        memcpy(sha_input, "BB", 2);
-        break;
-    case 2:
-        memcpy(sha_input, "CCC", 3);
-        break;
-    case 3:
-        memcpy(sha_input, "DDDD", 4);
-        break;
-    case 4:
-        memcpy(sha_input, "EEEEE", 5);
-        break;
-    case 5:
-        memcpy(sha_input, "FFFFFF", 6);
-        break;
-    case 6:
-        memcpy(sha_input, "GGGGGGG", 7);
-        break;
-    default:
-        return false;  // prefix_error
-    }
-    return true;
-}
-
-} // namespcae for locals
-
-
-void SSL::order_error()
-{
-    SetError(out_of_order);
-}
-
-
-// Create and store the master secret see page 32, 6.1
-void SSL::makeMasterSecret()
-{
-    if (GetError()) return;
-
-    if (isTLS())
-        makeTLSMasterSecret();
-    else {
-        opaque sha_output[SHA_LEN];
-
-        const uint& preSz = secure_.get_connection().pre_secret_len_;
-        output_buffer md5_input(preSz + SHA_LEN);
-        output_buffer sha_input(PREFIX + preSz + 2 * RAN_LEN);
-
-        MD5 md5;
-        SHA sha;
-
-        md5_input.write(secure_.get_connection().pre_master_secret_, preSz);
-
-        for (int i = 0; i < MASTER_ROUNDS; ++i) {
-            opaque prefix[PREFIX];
-            if (!setPrefix(prefix, i)) {
-                SetError(prefix_error);
-                return;
-            }
-
-            sha_input.set_current(0);
-            sha_input.write(prefix, i + 1);
-
-            sha_input.write(secure_.get_connection().pre_master_secret_,preSz);
-            sha_input.write(secure_.get_connection().client_random_, RAN_LEN);
-            sha_input.write(secure_.get_connection().server_random_, RAN_LEN);
-            sha.get_digest(sha_output, sha_input.get_buffer(),
-                           sha_input.get_size());
-
-            md5_input.set_current(preSz);
-            md5_input.write(sha_output, SHA_LEN);
-            md5.get_digest(&secure_.use_connection().master_secret_[i*MD5_LEN],
-                           md5_input.get_buffer(), md5_input.get_size());
-        }
-        deriveKeys();
-    }
-    secure_.use_connection().CleanPreMaster();
-}
-
-
-// create TLSv1 master secret
-void SSL::makeTLSMasterSecret()
-{
-    opaque seed[SEED_LEN];
-    
-    memcpy(seed, secure_.get_connection().client_random_, RAN_LEN);
-    memcpy(&seed[RAN_LEN], secure_.get_connection().server_random_, RAN_LEN);
-
-    PRF(secure_.use_connection().master_secret_, SECRET_LEN,
-        secure_.get_connection().pre_master_secret_,
-        secure_.get_connection().pre_secret_len_,
-        master_label, MASTER_LABEL_SZ, 
-        seed, SEED_LEN);
-
-    deriveTLSKeys();
-}
-
-
-// derive mac, write, and iv keys for server and client, see page 34, 6.2.2
-void SSL::deriveKeys()
-{
-    int length = 2 * secure_.get_parms().hash_size_ + 
-                 2 * secure_.get_parms().key_size_  +
-                 2 * secure_.get_parms().iv_size_;
-    int rounds = (length + MD5_LEN - 1 ) / MD5_LEN;
-    input_buffer key_data(rounds * MD5_LEN);
-
-    opaque sha_output[SHA_LEN];
-    opaque md5_input[SECRET_LEN + SHA_LEN];
-    opaque sha_input[KEY_PREFIX + SECRET_LEN + 2 * RAN_LEN];
-  
-    MD5 md5;
-    SHA sha;
-
-    memcpy(md5_input, secure_.get_connection().master_secret_, SECRET_LEN);
-
-    for (int i = 0; i < rounds; ++i) {
-        int j = i + 1;
-        if (!setPrefix(sha_input, i)) {
-            SetError(prefix_error);
-            return;
-        }
-
-        memcpy(&sha_input[j], secure_.get_connection().master_secret_,
-               SECRET_LEN);
-        memcpy(&sha_input[j+SECRET_LEN],
-               secure_.get_connection().server_random_, RAN_LEN);
-        memcpy(&sha_input[j + SECRET_LEN + RAN_LEN],
-               secure_.get_connection().client_random_, RAN_LEN);
-        sha.get_digest(sha_output, sha_input,
-                       sizeof(sha_input) - KEY_PREFIX + j);
-
-        memcpy(&md5_input[SECRET_LEN], sha_output, SHA_LEN);
-        md5.get_digest(key_data.get_buffer() + i * MD5_LEN,
-                       md5_input, sizeof(md5_input));
-    }
-    storeKeys(key_data.get_buffer());
-}
-
-
-// derive mac, write, and iv keys for server and client
-void SSL::deriveTLSKeys()
-{
-    int length = 2 * secure_.get_parms().hash_size_ + 
-                 2 * secure_.get_parms().key_size_  +
-                 2 * secure_.get_parms().iv_size_;
-    opaque       seed[SEED_LEN];
-    input_buffer key_data(length);
-
-    memcpy(seed, secure_.get_connection().server_random_, RAN_LEN);
-    memcpy(&seed[RAN_LEN], secure_.get_connection().client_random_, RAN_LEN);
-
-    PRF(key_data.get_buffer(), length, secure_.get_connection().master_secret_,
-        SECRET_LEN, key_label, KEY_LABEL_SZ, seed, SEED_LEN);
-
-    storeKeys(key_data.get_buffer());
-}
-
-
-// store mac, write, and iv keys for client and server
-void SSL::storeKeys(const opaque* key_data)
-{
-    int sz = secure_.get_parms().hash_size_;
-    memcpy(secure_.use_connection().client_write_MAC_secret_, key_data, sz);
-    int i = sz;
-    memcpy(secure_.use_connection().server_write_MAC_secret_,&key_data[i], sz);
-    i += sz;
-
-    sz = secure_.get_parms().key_size_;
-    memcpy(secure_.use_connection().client_write_key_, &key_data[i], sz);
-    i += sz;
-    memcpy(secure_.use_connection().server_write_key_, &key_data[i], sz);
-    i += sz;
-
-    sz = secure_.get_parms().iv_size_;
-    memcpy(secure_.use_connection().client_write_IV_, &key_data[i], sz);
-    i += sz;
-    memcpy(secure_.use_connection().server_write_IV_, &key_data[i], sz);
-
-    setKeys();
-}
-
-
-// set encrypt/decrypt keys and ivs
-void SSL::setKeys()
-{
-    Connection& conn = secure_.use_connection();
-
-    if (secure_.get_parms().entity_ == client_end) {
-        crypto_.use_cipher().set_encryptKey(conn.client_write_key_, 
-                                            conn.client_write_IV_);
-        crypto_.use_cipher().set_decryptKey(conn.server_write_key_,
-                                            conn.server_write_IV_);
-    }
-    else {
-        crypto_.use_cipher().set_encryptKey(conn.server_write_key_,
-                                            conn.server_write_IV_);
-        crypto_.use_cipher().set_decryptKey(conn.client_write_key_,
-                                            conn.client_write_IV_);
-    }
-}
-
-
-
-// local functors
-namespace yassl_int_cpp_local1 {  // for explicit templates
-
-struct SumData {
-    uint total_;
-    SumData() : total_(0) {}
-    void operator()(input_buffer* data) { total_ += data->get_remaining(); }
-};
-
-
-struct SumBuffer {
-    uint total_;
-    SumBuffer() : total_(0) {}
-    void operator()(output_buffer* buffer) { total_ += buffer->get_size(); }
-};
-
-} // namespace for locals
-using namespace yassl_int_cpp_local1;
-
-
-uint SSL::bufferedData()
-{
-    return STL::for_each(buffers_.getData().begin(),buffers_.getData().end(),
-                           SumData()).total_;
-}
-
-
-// use input buffer to fill data
-void SSL::fillData(Data& data)
-{
-    if (GetError()) return;
-    uint dataSz   = data.get_length();        // input, data size to fill
-    size_t elements = buffers_.getData().size();
-
-    data.set_length(0);                         // output, actual data filled
-    dataSz = min(dataSz, bufferedData());
-
-    for (size_t i = 0; i < elements; i++) {
-        input_buffer* front = buffers_.getData().front();
-        uint frontSz = front->get_remaining();
-        uint readSz  = min(dataSz - data.get_length(), frontSz);
-
-        front->read(data.set_buffer() + data.get_length(), readSz);
-        data.set_length(data.get_length() + readSz);
-
-        if (readSz == frontSz) {
-            buffers_.useData().pop_front();
-            ysDelete(front);
-        }
-        if (data.get_length() == dataSz)
-            break;
-    }
-    
-    if (buffers_.getData().size() == 0) has_data_ = false;  // none left
-}
-
-
-// like Fill but keep data in buffer
-void SSL::PeekData(Data& data)
-{
-    if (GetError()) return;
-    uint   dataSz   = data.get_length();        // input, data size to fill
-    size_t elements = buffers_.getData().size();
-
-    data.set_length(0);                         // output, actual data filled
-    dataSz = min(dataSz, bufferedData());
-
-    Buffers::inputList::iterator front = buffers_.useData().begin();
-
-    while (elements) {
-        uint frontSz = (*front)->get_remaining();
-        uint readSz  = min(dataSz - data.get_length(), frontSz);
-        uint before  = (*front)->get_current();
-
-        (*front)->read(data.set_buffer() + data.get_length(), readSz);
-        data.set_length(data.get_length() + readSz);
-        (*front)->set_current(before);
-
-        if (data.get_length() == dataSz)
-            break;
-
-        elements--;
-        front++;
-    }
-}
-
-
-// flush output buffer
-void SSL::flushBuffer()
-{
-    if (GetError()) return;
-
-    uint sz = STL::for_each(buffers_.getHandShake().begin(),
-                            buffers_.getHandShake().end(),
-                            SumBuffer()).total_;
-    output_buffer out(sz);
-    size_t elements = buffers_.getHandShake().size();
-
-    for (size_t i = 0; i < elements; i++) {
-        output_buffer* front = buffers_.getHandShake().front();
-        out.write(front->get_buffer(), front->get_size());
-
-        buffers_.useHandShake().pop_front();
-        ysDelete(front);
-    }
-    Send(out.get_buffer(), out.get_size());
-}
-
-
-void SSL::Send(const byte* buffer, uint sz)
-{
-    unsigned int sent = 0;
-
-    if (socket_.send(buffer, sz, sent) != sz) {
-        if (socket_.WouldBlock()) {
-            buffers_.SetOutput(NEW_YS output_buffer(sz - sent, buffer + sent,
-                                                    sz - sent));
-            SetError(YasslError(SSL_ERROR_WANT_WRITE));
-        }
-        else
-            SetError(send_error);
-    }
-}
-
-
-void SSL::SendWriteBuffered()
-{
-    output_buffer* out = buffers_.TakeOutput();
-
-    if (out) {
-        mySTL::auto_ptr tmp(out);
-        Send(out->get_buffer(), out->get_size());
-    }
-}
-
-
-// get sequence number, if verify get peer's
-uint SSL::get_SEQIncrement(bool verify) 
-{ 
-    if (verify)
-        return secure_.use_connection().peer_sequence_number_++; 
-    else
-        return secure_.use_connection().sequence_number_++; 
-}
-
-
-const byte* SSL::get_macSecret(bool verify)
-{
-    if ( (secure_.get_parms().entity_ == client_end && !verify) ||
-         (secure_.get_parms().entity_ == server_end &&  verify) )
-        return secure_.get_connection().client_write_MAC_secret_;
-    else
-        return secure_.get_connection().server_write_MAC_secret_;
-}
-
-
-void SSL::verifyState(const RecordLayerHeader& rlHeader)
-{
-    if (GetError()) return;
-
-    if (rlHeader.version_.major_ != 3 || rlHeader.version_.minor_ > 2) {
-        SetError(badVersion_error);
-        return;
-    }
-
-    if (states_.getRecord() == recordNotReady || 
-            (rlHeader.type_ == application_data &&        // data and handshake
-             states_.getHandShake() != handShakeReady) )  // isn't complete yet
-              SetError(record_layer);
-}
-
-
-void SSL::verifyState(const HandShakeHeader& hsHeader)
-{
-    if (GetError()) return;
-
-    if (states_.getHandShake() == handShakeNotReady) {
-        SetError(handshake_layer);
-        return;
-    }
-
-    if (states_.SetMessageRecvd(hsHeader.get_handshakeType()) != 0) {
-        order_error();
-        return;
-    }
-
-    if (secure_.get_parms().entity_ == client_end)
-        verifyClientState(hsHeader.get_handshakeType());
-    else
-        verifyServerState(hsHeader.get_handshakeType());
-}
-
-
-void SSL::verifyState(ClientState cs)
-{
-    if (GetError()) return;
-    if (states_.getClient() != cs) order_error();
-}
-
-
-void SSL::verifyState(ServerState ss)
-{
-    if (GetError()) return;
-    if (states_.getServer() != ss) order_error();
-}
-
-
-void SSL::verfiyHandShakeComplete()
-{
-    if (GetError()) return;
-    if (states_.getHandShake() != handShakeReady) order_error();
-}
-
-
-void SSL::verifyClientState(HandShakeType hsType)
-{
-    if (GetError()) return;
-
-    switch(hsType) {
-    case server_hello :
-        if (states_.getClient() != serverNull)
-            order_error();
-        break;
-    case certificate :
-        if (states_.getClient() != serverHelloComplete)
-            order_error();
-        break;
-    case server_key_exchange :
-        if (states_.getClient() != serverCertComplete)
-            order_error();
-        break;
-    case certificate_request :
-        if (states_.getClient() != serverCertComplete &&
-            states_.getClient() != serverKeyExchangeComplete)
-            order_error();
-        break;
-    case server_hello_done :
-        if (states_.getClient() != serverCertComplete &&
-            states_.getClient() != serverKeyExchangeComplete)
-            order_error();
-        break;
-    case finished :
-        if (states_.getClient() != serverHelloDoneComplete || 
-            secure_.get_parms().pending_)    // no change
-                order_error();          // cipher yet
-        break;
-    default :
-        order_error();
-    };
-}
-
-
-void SSL::verifyServerState(HandShakeType hsType)
-{
-    if (GetError()) return;
-
-    switch(hsType) {
-    case client_hello :
-        if (states_.getServer() != clientNull)
-            order_error();
-        break;
-    case certificate :
-        if (states_.getServer() != clientHelloComplete)
-            order_error();
-        break;
-    case client_key_exchange :
-        if (states_.getServer() != clientHelloComplete)
-            order_error();
-        break;
-    case certificate_verify :
-        if (states_.getServer() != clientKeyExchangeComplete)
-            order_error();
-        break;
-    case finished :
-        if (states_.getServer() != clientKeyExchangeComplete || 
-            secure_.get_parms().pending_)    // no change
-                order_error();               // cipher yet
-        break;
-    default :
-        order_error();
-    };
-}
-
-
-// try to find a suite match
-void SSL::matchSuite(const opaque* peer, uint length)
-{
-    if (length == 0 || (length % 2) != 0) {
-        SetError(bad_input);
-        return;
-    }
-
-    // start with best, if a match we are good, Ciphers are at odd index
-    // since all SSL and TLS ciphers have 0x00 first byte
-    for (uint i = 1; i < secure_.get_parms().suites_size_; i += 2)
-        for (uint j = 0; (j + 1) < length; j+= 2) {
-            if (peer[j] != 0x00) {
-                continue; // only 0x00 first byte supported
-            }
-
-            if (secure_.use_parms().suites_[i] == peer[j + 1]) {
-                secure_.use_parms().suite_[0] = 0x00;
-                secure_.use_parms().suite_[1] = peer[j + 1];
-                return;
-            }
-        }
-
-    SetError(match_error);
-}
-
-
-void SSL::set_session(SSL_SESSION* s) 
-{
-    if (getSecurity().GetContext()->GetSessionCacheOff())
-        return;
-
-    if (s && GetSessions().lookup(s->GetID(), &secure_.use_resume())) {
-        secure_.set_resuming(true);
-        crypto_.use_certManager().setPeerX509(s->GetPeerX509());
-    }
-}
-
-
-const Crypto& SSL::getCrypto() const
-{
-    return crypto_;
-}
-
-
-const Security& SSL::getSecurity() const
-{
-    return secure_;
-}
-
-
-const States& SSL::getStates() const
-{
-    return states_;
-}
-
-
-const sslHashes& SSL::getHashes() const
-{
-    return hashes_;
-}
-
-
-const sslFactory& SSL::getFactory() const
-{
-    return GetSSL_Factory();
-}
-
-
-const Socket& SSL::getSocket() const
-{
-    return socket_;
-}
-
-
-YasslError SSL::GetError() const
-{
-    return states_.What();
-}
-
-
-bool SSL::GetQuietShutdown() const
-{
-    return quietShutdown_;
-}
-
-
-bool SSL::GetMultiProtocol() const
-{
-    return secure_.GetContext()->getMethod()->multipleProtocol();
-}
-
-
-Crypto& SSL::useCrypto()
-{
-    return crypto_;
-}
-
-
-Security& SSL::useSecurity()
-{
-    return secure_;
-}
-
-
-States& SSL::useStates()
-{
-    return states_;
-}
-
-
-sslHashes& SSL::useHashes()
-{
-    return hashes_;
-}
-
-
-Socket& SSL::useSocket()
-{
-    return socket_;
-}
-
-
-Log& SSL::useLog()
-{
-    return log_;
-}
-
-
-bool SSL::isTLS() const
-{
-    return secure_.get_connection().TLS_;
-}
-
-
-bool SSL::isTLSv1_1() const
-{
-    return secure_.get_connection().TLSv1_1_;
-}
-
-
-// is there buffered data available, optimization to remove iteration on buffer
-bool SSL::HasData() const
-{ 
-    return has_data_;
-}
-
-
-void SSL::addData(input_buffer* data)
-{
-    buffers_.useData().push_back(data);
-    if (!has_data_) has_data_ = true;
-}
-
-
-void SSL::addBuffer(output_buffer* b)
-{
-    buffers_.useHandShake().push_back(b);
-}
-
-
-void SSL_SESSION::CopyX509(X509* x)
-{
-    if (x == 0) return;
-
-    X509_NAME* issuer   = x->GetIssuer();
-    X509_NAME* subject  = x->GetSubject();
-    ASN1_TIME* before = x->GetBefore();
-    ASN1_TIME* after  = x->GetAfter();
-
-    peerX509_ = NEW_YS X509(issuer->GetName(), issuer->GetLength(),
-        subject->GetName(), subject->GetLength(), before, after,
-        issuer->GetCnPosition(), issuer->GetCnLength(),
-        subject->GetCnPosition(), subject->GetCnLength());
-}
-
-
-// store connection parameters
-SSL_SESSION::SSL_SESSION(const SSL& ssl, RandomPool& ran) 
-    : timeout_(DEFAULT_TIMEOUT), random_(ran), peerX509_(0)
-{
-    const Connection& conn = ssl.getSecurity().get_connection();
-
-    memcpy(sessionID_, conn.sessionID_, ID_LEN);
-    memcpy(master_secret_, conn.master_secret_, SECRET_LEN);
-    memcpy(suite_, ssl.getSecurity().get_parms().suite_, SUITE_LEN);
-
-    bornOn_ = lowResTimer();
-
-    CopyX509(ssl.getCrypto().get_certManager().get_peerX509());
-}
-
-
-// for resumption copy in ssl::parameters
-SSL_SESSION::SSL_SESSION(RandomPool& ran) 
-    : bornOn_(0), timeout_(0), random_(ran), peerX509_(0)
-{
-    memset(sessionID_, 0, ID_LEN);
-    memset(master_secret_, 0, SECRET_LEN);
-    memset(suite_, 0, SUITE_LEN);
-}
-
-
-SSL_SESSION& SSL_SESSION::operator=(const SSL_SESSION& that)
-{
-    memcpy(sessionID_, that.sessionID_, ID_LEN);
-    memcpy(master_secret_, that.master_secret_, SECRET_LEN);
-    memcpy(suite_, that.suite_, SUITE_LEN);
-    
-    bornOn_  = that.bornOn_;
-    timeout_ = that.timeout_;
-
-    if (peerX509_) {
-        ysDelete(peerX509_);
-        peerX509_ = 0;
-    }
-    CopyX509(that.peerX509_);
-
-    return *this;
-}
-
-
-const opaque* SSL_SESSION::GetID() const
-{
-    return sessionID_;
-}
-
-
-const opaque* SSL_SESSION::GetSecret() const
-{
-    return master_secret_;
-}
-
-
-const Cipher* SSL_SESSION::GetSuite() const
-{
-    return suite_;
-}
-
-
-X509* SSL_SESSION::GetPeerX509() const
-{
-    return peerX509_;
-}
-
-
-uint SSL_SESSION::GetBornOn() const
-{
-    return bornOn_;
-}
-
-
-uint SSL_SESSION::GetTimeOut() const
-{
-    return timeout_;
-}
-
-
-void SSL_SESSION::SetTimeOut(uint t)
-{
-    timeout_ = t;
-}
-
-
-extern void clean(volatile opaque*, uint, RandomPool&);
-
-
-// clean up secret data
-SSL_SESSION::~SSL_SESSION()
-{
-    volatile opaque* p = master_secret_;
-    clean(p, SECRET_LEN, random_);
-
-    ysDelete(peerX509_);
-}
-
-
-static Sessions* sessionsInstance = 0;
-
-Sessions& GetSessions()
-{
-    if (!sessionsInstance)
-        sessionsInstance = NEW_YS Sessions;
-    return *sessionsInstance;
-}
-
-
-static sslFactory* sslFactoryInstance = 0;
-
-sslFactory& GetSSL_Factory()
-{  
-    if (!sslFactoryInstance)
-        sslFactoryInstance = NEW_YS sslFactory;
-    return *sslFactoryInstance;
-}
-
-
-static Errors* errorsInstance = 0;
-
-Errors& GetErrors()
-{
-    if (!errorsInstance)
-        errorsInstance = NEW_YS Errors;
-    return *errorsInstance;
-}
-
-bool HasErrors()
-{
-  return (errorsInstance != 0);
-}
-
-
-typedef Mutex::Lock Lock;
-
-
- 
-void Sessions::add(const SSL& ssl) 
-{
-    if (ssl.getSecurity().get_connection().sessionID_Set_) {
-        Lock guard(mutex_);
-        list_.push_back(NEW_YS SSL_SESSION(ssl, random_));
-        count_++;
-    }
-
-    if (count_ > SESSION_FLUSH_COUNT)
-        if (!ssl.getSecurity().GetContext()->GetSessionCacheFlushOff())
-            Flush();
-}
-
-
-Sessions::~Sessions() 
-{ 
-    STL::for_each(list_.begin(), list_.end(), del_ptr_zero()); 
-}
-
-
-// locals
-namespace yassl_int_cpp_local2 { // for explicit templates
-
-typedef STL::list::iterator sess_iterator;
-typedef STL::list::iterator  thr_iterator;
-
-struct sess_match {
-    const opaque* id_;
-    explicit sess_match(const opaque* p) : id_(p) {}
-
-    bool operator()(SSL_SESSION* sess)
-    {
-        if ( memcmp(sess->GetID(), id_, ID_LEN) == 0)
-            return true;
-        return false;
-    }
-};
-
-
-THREAD_ID_T GetSelf()
-{
-#ifndef _POSIX_THREADS
-    return GetCurrentThreadId();
-#else
-    return pthread_self();
-#endif
-}
-
-struct thr_match {
-    THREAD_ID_T id_;
-    explicit thr_match() : id_(GetSelf()) {}
-
-    bool operator()(ThreadError thr)
-    {
-        if (thr.threadID_ == id_)
-            return true;
-        return false;
-    }
-};
-
-
-} // local namespace
-using namespace yassl_int_cpp_local2;
-
-
-// lookup session by id, return a copy if space provided
-SSL_SESSION* Sessions::lookup(const opaque* id, SSL_SESSION* copy)
-{
-    Lock guard(mutex_);
-    sess_iterator find = STL::find_if(list_.begin(), list_.end(),
-                                        sess_match(id));
-    if (find != list_.end()) {
-        uint current = lowResTimer();
-        if ( ((*find)->GetBornOn() + (*find)->GetTimeOut()) < current) {
-            del_ptr_zero()(*find);
-            list_.erase(find);
-            return 0;
-        }
-        if (copy)
-            *copy = *(*find);
-        return *find;
-    }
-    return 0;
-}
-
-
-// remove a session by id
-void Sessions::remove(const opaque* id)
-{
-    Lock guard(mutex_);
-    sess_iterator find = STL::find_if(list_.begin(), list_.end(),
-                                        sess_match(id));
-    if (find != list_.end()) {
-        del_ptr_zero()(*find);
-        list_.erase(find);
-    }
-}
-
-
-// flush expired sessions from cache 
-void Sessions::Flush()
-{
-    Lock guard(mutex_);
-    sess_iterator next = list_.begin();
-    uint current = lowResTimer();
-
-    while (next != list_.end()) {
-        sess_iterator si = next;
-        ++next;
-        if ( ((*si)->GetBornOn() + (*si)->GetTimeOut()) < current) {
-            del_ptr_zero()(*si);
-            list_.erase(si);
-        }
-    }
-    count_ = 0;  // reset flush counter
-}
-
-
-// remove a self thread error
-void Errors::Remove()
-{
-    Lock guard(mutex_);
-    thr_iterator find = STL::find_if(list_.begin(), list_.end(),
-                                       thr_match());
-    if (find != list_.end())
-        list_.erase(find);
-}
-
-
-// lookup self error code
-int Errors::Lookup(bool peek)
-{
-    Lock guard(mutex_);
-    thr_iterator find = STL::find_if(list_.begin(), list_.end(),
-                                       thr_match());
-    if (find != list_.end()) {
-        int ret = find->errorID_;
-        if (!peek)
-            list_.erase(find);
-        return ret;
-    }
-    else
-        return 0;
-}
-
-
-// add a new error code for self
-void Errors::Add(int error)
-{
-    ThreadError add;
-    add.errorID_  = error;
-    add.threadID_ = GetSelf();
-
-    Remove();   // may have old error
-
-    Lock guard(mutex_);
-    list_.push_back(add);
-}
-
-
-SSL_METHOD::SSL_METHOD(ConnectionEnd ce, ProtocolVersion pv, bool multiProto) 
-    : version_(pv), side_(ce), verifyPeer_(false), verifyNone_(false),
-      failNoCert_(false), multipleProtocol_(multiProto)
-{}
-
-
-ProtocolVersion SSL_METHOD::getVersion() const
-{
-    return version_;
-}
-
-
-ConnectionEnd SSL_METHOD::getSide() const
-{
-    return side_;
-}
-
-
-void SSL_METHOD::setVerifyPeer()
-{
-    verifyPeer_ = true;
-}
-
-
-void SSL_METHOD::setVerifyNone()
-{
-    verifyNone_ = true;
-}
-
-
-void SSL_METHOD::setFailNoCert()
-{
-    failNoCert_ = true;
-}
-
-
-bool SSL_METHOD::verifyPeer() const
-{
-    return verifyPeer_;
-}
-
-
-bool SSL_METHOD::verifyNone() const
-{
-    return verifyNone_;
-}
-
-
-bool SSL_METHOD::failNoCert() const
-{
-    return failNoCert_;
-}
-
-
-bool SSL_METHOD::multipleProtocol() const
-{
-    return multipleProtocol_;
-}
-
-
-SSL_CTX::SSL_CTX(SSL_METHOD* meth) 
-    : method_(meth), certificate_(0), privateKey_(0), passwordCb_(0),
-      userData_(0), sessionCacheOff_(false), sessionCacheFlushOff_(false),
-      verifyCallback_(0)
-{}
-
-
-SSL_CTX::~SSL_CTX()
-{
-    ysDelete(method_);
-    ysDelete(certificate_);
-    ysDelete(privateKey_);
-
-    STL::for_each(caList_.begin(), caList_.end(), del_ptr_zero());
-}
-
-
-void SSL_CTX::AddCA(x509* ca)
-{
-    caList_.push_back(ca);
-}
-
-
-const SSL_CTX::CertList& 
-SSL_CTX::GetCA_List() const
-{
-    return caList_;
-}
-
-
-VerifyCallback SSL_CTX::getVerifyCallback() const
-{
-    return verifyCallback_;
-}
-
-
-const x509* SSL_CTX::getCert() const
-{
-    return certificate_;
-}
-
-
-const x509* SSL_CTX::getKey() const
-{
-    return privateKey_;
-}
-
-
-const SSL_METHOD* SSL_CTX::getMethod() const
-{
-    return method_;
-}
-
-
-const Ciphers& SSL_CTX::GetCiphers() const
-{
-    return ciphers_;
-}
-
-
-const DH_Parms& SSL_CTX::GetDH_Parms() const
-{
-    return dhParms_;
-}
-
-
-const Stats& SSL_CTX::GetStats() const
-{
-    return stats_;
-}
-
-
-pem_password_cb SSL_CTX::GetPasswordCb() const
-{
-    return passwordCb_;
-}
-
-
-void SSL_CTX::SetPasswordCb(pem_password_cb cb)
-{
-    passwordCb_ = cb;
-}
-
-
-void* SSL_CTX::GetUserData() const
-{
-    return userData_;
-}
-
-
-bool SSL_CTX::GetSessionCacheOff() const
-{
-    return sessionCacheOff_;
-}
-
-
-bool SSL_CTX::GetSessionCacheFlushOff() const
-{
-    return sessionCacheFlushOff_;
-}
-
-
-void SSL_CTX::SetUserData(void* data)
-{
-    userData_ = data;
-}
-
-
-void SSL_CTX::SetSessionCacheOff()
-{
-    sessionCacheOff_ = true;
-}
-
-
-void SSL_CTX::SetSessionCacheFlushOff()
-{
-    sessionCacheFlushOff_ = true;
-}
-
-
-void SSL_CTX::setVerifyPeer()
-{
-    method_->setVerifyPeer();
-}
-
-
-void SSL_CTX::setVerifyNone()
-{
-    method_->setVerifyNone();
-}
-
-
-void SSL_CTX::setFailNoCert()
-{
-    method_->setFailNoCert();
-}
-
-
-void SSL_CTX::setVerifyCallback(VerifyCallback vc)
-{
-    verifyCallback_ = vc;
-}
-
-
-bool SSL_CTX::SetDH(const DH& dh)
-{
-    dhParms_.p_ = dh.p->int_;
-    dhParms_.g_ = dh.g->int_;
-
-    return dhParms_.set_ = true;
-}
-
-
-bool SSL_CTX::SetCipherList(const char* list)
-{
-    if (!list)
-        return false;
-
-    bool ret = false;
-    char name[MAX_SUITE_NAME];
-
-    char  needle[] = ":";
-    char* haystack = const_cast(list);
-    char* prev;
-
-    const int suiteSz = sizeof(cipher_names) / sizeof(cipher_names[0]);
-    int idx = 0;
-
-    for(;;) {
-        size_t len;
-        prev = haystack;
-        haystack = strstr(haystack, needle);
-
-        if (!haystack)    // last cipher
-            len = min(sizeof(name), strlen(prev));
-        else
-            len = min(sizeof(name), (size_t)(haystack - prev));
-
-        strncpy(name, prev, len);
-        name[(len == sizeof(name)) ? len - 1 : len] = 0;
-
-        for (int i = 0; i < suiteSz; i++)
-            if (strncmp(name, cipher_names[i], sizeof(name)) == 0) {
-
-                ciphers_.suites_[idx++] = 0x00;  // first byte always zero
-                ciphers_.suites_[idx++] = i;
-
-                if (!ret) ret = true;   // found at least one
-                break;
-            }
-        if (!haystack) break;
-        haystack++;
-    }
-
-    if (ret) {
-        ciphers_.setSuites_ = true;
-        ciphers_.suiteSz_ = idx;
-    }
-
-    return ret;
-}
-
-
-void SSL_CTX::IncrementStats(StatsField fd)
-{
-
-    Lock guard(mutex_);
-    
-    switch (fd) {
-
-	case Accept:
-        ++stats_.accept_;
-        break;
-
-    case Connect:
-        ++stats_.connect_;
-        break;
-
-    case AcceptGood:
-        ++stats_.acceptGood_;
-        break;
-
-    case ConnectGood:
-        ++stats_.connectGood_;
-        break;
-
-    case AcceptRenegotiate:
-        ++stats_.acceptRenegotiate_;
-        break;
-
-    case ConnectRenegotiate:
-        ++stats_.connectRenegotiate_;
-        break;
-
-    case Hits:
-        ++stats_.hits_;
-        break;
-
-    case CbHits:
-        ++stats_.cbHits_;
-        break;
-
-    case CacheFull:
-        ++stats_.cacheFull_;
-        break;
-
-    case Misses:
-        ++stats_.misses_;
-        break;
-
-    case Timeouts:
-        ++stats_.timeouts_;
-        break;
-
-    case Number:
-        ++stats_.number_;
-        break;
-
-    case GetCacheSize:
-        ++stats_.getCacheSize_;
-        break;
-
-    case VerifyMode:
-        ++stats_.verifyMode_;
-        break;
-
-    case VerifyDepth:
-        ++stats_.verifyDepth_;
-        break;
-
-    default:
-        break;
-    }
-}
-
-
-Crypto::Crypto() 
-    : digest_(0), cipher_(0), dh_(0) 
-{}
-
-
-Crypto::~Crypto()
-{
-    ysDelete(dh_);
-    ysDelete(cipher_);
-    ysDelete(digest_);
-}
-
-
-const Digest& Crypto::get_digest() const
-{
-    return *digest_;
-}
-
-
-const BulkCipher& Crypto::get_cipher() const
-{
-    return *cipher_;
-}
-
-
-const DiffieHellman& Crypto::get_dh() const
-{
-    return *dh_;
-}
-
-
-const RandomPool& Crypto::get_random() const
-{
-    return random_;
-}
-
-
-const CertManager& Crypto::get_certManager() const
-{
-    return cert_;
-}
-
-
-      
-Digest& Crypto::use_digest()
-{
-    return *digest_;
-}
-
-
-BulkCipher& Crypto::use_cipher()
-{
-    return *cipher_;
-}
-
-
-DiffieHellman& Crypto::use_dh()
-{
-    return *dh_;
-}
-
-
-RandomPool& Crypto::use_random()
-{
-    return random_;
-}
-
-
-CertManager& Crypto::use_certManager()
-{
-    return cert_;
-}
-
-
-
-void Crypto::SetDH(DiffieHellman* dh)
-{
-    dh_ = dh;
-}
-
-
-void Crypto::SetDH(const DH_Parms& dh)
-{
-    if (dh.set_)
-        dh_ = NEW_YS DiffieHellman(dh.p_, dh.g_, random_);
-}
-
-
-bool Crypto::DhSet()
-{
-    return dh_ != 0;
-}
-
-
-void Crypto::setDigest(Digest* digest)
-{
-    digest_ = digest;
-}
-
-
-void Crypto::setCipher(BulkCipher* c)
-{
-    cipher_ = c;
-}
-
-
-const MD5& sslHashes::get_MD5() const
-{
-    return md5HandShake_;
-}
-
-
-const SHA& sslHashes::get_SHA() const
-{
-    return shaHandShake_;
-}
-
-
-const Finished& sslHashes::get_verify() const
-{
-    return verify_;
-}
-
-
-const Hashes& sslHashes::get_certVerify() const
-{
-    return certVerify_;
-}
-
-
-MD5& sslHashes::use_MD5(){
-    return md5HandShake_;
-}
-
-
-SHA& sslHashes::use_SHA()
-{
-    return shaHandShake_;
-}
-
-
-Finished& sslHashes::use_verify()
-{
-    return verify_;
-}
-
-
-Hashes& sslHashes::use_certVerify()
-{
-    return certVerify_;
-}
-
-
-Buffers::Buffers() : prevSent(0), plainSz(0), rawInput_(0), output_(0)
-{}
-
-
-Buffers::~Buffers()
-{
-    STL::for_each(handShakeList_.begin(), handShakeList_.end(),
-                  del_ptr_zero()) ;
-    STL::for_each(dataList_.begin(), dataList_.end(),
-                  del_ptr_zero()) ;
-    ysDelete(rawInput_);
-    ysDelete(output_);
-}
-
-
-void Buffers::SetOutput(output_buffer* ob)
-{
-    output_ = ob;
-}
-
-
-void Buffers::SetRawInput(input_buffer* ib)
-{
-    rawInput_ = ib;
-}
-
-
-input_buffer* Buffers::TakeRawInput()
-{
-    input_buffer* ret = rawInput_;
-    rawInput_ = 0;
-
-    return ret;
-}
-
-
-output_buffer* Buffers::TakeOutput()
-{
-    output_buffer* ret = output_;
-    output_ = 0;
-
-    return ret;
-}
-
-
-const Buffers::inputList& Buffers::getData() const
-{
-    return dataList_;
-}
-
-
-const Buffers::outputList& Buffers::getHandShake() const
-{
-    return handShakeList_;
-}
-
-
-Buffers::inputList& Buffers::useData()
-{
-    return dataList_;
-}
-
-
-Buffers::outputList& Buffers::useHandShake()
-{
-    return handShakeList_;
-}
-
-
-Security::Security(ProtocolVersion pv, RandomPool& ran, ConnectionEnd ce,
-                   const Ciphers& ciphers, SSL_CTX* ctx, bool haveDH)
-   : conn_(pv, ran), parms_(ce, ciphers, pv, haveDH), resumeSession_(ran),
-     ctx_(ctx), resuming_(false)
-{}
-
-
-const Connection& Security::get_connection() const
-{
-    return conn_;
-}
-
-
-const SSL_CTX* Security::GetContext() const
-{
-    return ctx_;
-}
-
-
-const Parameters& Security::get_parms() const
-{
-    return parms_;
-}
-
-
-const SSL_SESSION& Security::get_resume() const
-{
-    return resumeSession_;
-}
-
-
-bool Security::get_resuming() const
-{
-    return resuming_;
-}
-
-
-Connection& Security::use_connection()
-{
-    return conn_;
-}
-
-
-Parameters& Security::use_parms()
-{
-    return parms_;
-}
-
-
-SSL_SESSION& Security::use_resume()
-{
-    return resumeSession_;
-}
-
-
-void Security::set_resuming(bool b)
-{
-    resuming_ = b;
-}
-
-
-X509_NAME::X509_NAME(const char* n, size_t sz, int pos, int len)
-    : name_(0), sz_(sz), cnPosition_(pos), cnLen_(len)
-{
-    if (sz) {
-        name_ = NEW_YS char[sz];
-        memcpy(name_, n, sz);
-    }
-    entry_.data = 0;
-}
-
-
-X509_NAME::~X509_NAME()
-{
-    ysArrayDelete(name_);
-    ysArrayDelete(entry_.data);
-}
-
-
-const char* X509_NAME::GetName() const
-{
-    return name_;
-}
-
-
-size_t X509_NAME::GetLength() const
-{
-    return sz_;
-}
-
-
-X509::X509(const char* i, size_t iSz, const char* s, size_t sSz,
-           ASN1_STRING *b, ASN1_STRING *a,
-           int issPos, int issLen,
-           int subPos, int subLen)
-    : issuer_(i, iSz, issPos, issLen), subject_(s, sSz, subPos, subLen),
-      beforeDate_((char *) b->data, b->length, b->type),
-      afterDate_((char *) a->data, a->length, a->type)
-{}
-
-
-X509_NAME* X509::GetIssuer()
-{
-    return &issuer_;
-}
-
-
-X509_NAME* X509::GetSubject()
-{
-    return &subject_;
-}
-
-
-ASN1_TIME* X509::GetBefore()
-{
-    return beforeDate_.GetString();
-}
-
-
-ASN1_TIME* X509::GetAfter()
-{
-    return afterDate_.GetString();
-}
-
-
-ASN1_STRING* X509_NAME::GetEntry(int i)
-{
-    if (i < 0 || i >= int(sz_))
-        return 0;
-
-    if (i != cnPosition_ || cnLen_ <= 0)   // only entry currently supported
-        return 0;
-
-    if (cnLen_ > int(sz_-i))   // make sure there's room in read buffer
-        return 0;
-
-    if (entry_.data)
-        ysArrayDelete(entry_.data);
-    entry_.data = NEW_YS byte[cnLen_+1];       // max size;
-
-    memcpy(entry_.data, &name_[i], cnLen_);
-    entry_.data[cnLen_] = 0;
-    entry_.length = cnLen_;
-    entry_.type = 0;
-
-    return &entry_;
-}
-
-
-StringHolder::StringHolder(const char* str, int sz, byte type)
-{
-    asnString_.length = sz;
-    asnString_.data = NEW_YS byte[sz + 1];
-    memcpy(asnString_.data, str, sz);
-    asnString_.type = type;
-}
-
-
-StringHolder::~StringHolder()
-{
-    ysArrayDelete(asnString_.data);
-}
-
-
-ASN1_STRING* StringHolder::GetString()
-{
-    return &asnString_;
-}
-
-
-#ifdef HAVE_LIBZ
-
-    void* myAlloc(void* /* opaque */, unsigned int item, unsigned int size)
-    {
-        return NEW_YS unsigned char[item * size];
-    }
-
-
-    void myFree(void* /* opaque */, void* memory)
-    {
-        unsigned char* ptr = static_cast(memory);
-        yaSSL::ysArrayDelete(ptr);
-    }
-
-
-    // put size in front of compressed data
-    int Compress(const byte* in, int sz, input_buffer& buffer)
-    {
-        byte     tmp[LENGTH_SZ];
-        z_stream c_stream; /* compression stream */
-
-        buffer.allocate(sz + sizeof(uint16) + COMPRESS_EXTRA);
-
-        c_stream.zalloc = myAlloc;
-        c_stream.zfree  = myFree;
-        c_stream.opaque = (voidpf)0;
-
-        c_stream.next_in   = const_cast(in);
-        c_stream.avail_in  = sz;
-        c_stream.next_out  = buffer.get_buffer() + sizeof(tmp);
-        c_stream.avail_out = buffer.get_capacity() - sizeof(tmp);
-
-        if (deflateInit(&c_stream, 8) != Z_OK) return -1;
-        int err = deflate(&c_stream, Z_FINISH);
-        deflateEnd(&c_stream);
-        if (err != Z_OK && err != Z_STREAM_END) return -1;
-
-        c16toa(sz, tmp);
-        memcpy(buffer.get_buffer(), tmp, sizeof(tmp));
-        buffer.add_size(c_stream.total_out + sizeof(tmp));
-
-        return 0;
-    }
-
-
-    // get uncompressed size in front
-    int DeCompress(input_buffer& in, int sz, input_buffer& out)
-    {
-        byte tmp[LENGTH_SZ];
-   
-        tmp[0] = in[AUTO]; 
-        tmp[1] = in[AUTO]; 
-
-        uint16 len;
-        ato16(tmp, len);
-
-        out.allocate(len);
-
-        z_stream d_stream; /* decompression stream */
-
-        d_stream.zalloc = myAlloc;
-        d_stream.zfree  = myFree;
-        d_stream.opaque = (voidpf)0;
-
-        d_stream.next_in   = in.get_buffer() + in.get_current();
-        d_stream.avail_in  = sz - sizeof(tmp);
-        d_stream.next_out  = out.get_buffer();
-        d_stream.avail_out = out.get_capacity();
-
-        if (inflateInit(&d_stream) != Z_OK) return -1;
-        int err = inflate(&d_stream, Z_FINISH);
-        inflateEnd(&d_stream);
-        if (err != Z_OK && err != Z_STREAM_END) return -1;
-
-        out.add_size(d_stream.total_out);
-        in.set_current(in.get_current() + sz - sizeof(tmp));
-
-        return 0;
-    }
-
-
-#else  // LIBZ
-
-    // these versions should never get called
-    int Compress(const byte* in, int sz, input_buffer& buffer)
-    {
-        return -1;
-    } 
-
-
-    int DeCompress(input_buffer& in, int sz, input_buffer& out)
-    {
-        return -1;
-    } 
-
-
-#endif // LIBZ
-
-
-} // namespace
-
-
-
-extern "C" void yaSSL_CleanUp()
-{
-    TaoCrypt::CleanUp();
-    yaSSL::ysDelete(yaSSL::sslFactoryInstance);
-    yaSSL::ysDelete(yaSSL::sessionsInstance);
-    yaSSL::ysDelete(yaSSL::errorsInstance);
-
-    // In case user calls more than once, prevent seg fault
-    yaSSL::sslFactoryInstance = 0;
-    yaSSL::sessionsInstance = 0;
-    yaSSL::errorsInstance = 0;
-}
diff --git a/extra/yassl/taocrypt/CMakeLists.txt b/extra/yassl/taocrypt/CMakeLists.txt
deleted file mode 100644
index ebfa70e8799..00000000000
--- a/extra/yassl/taocrypt/CMakeLists.txt
+++ /dev/null
@@ -1,34 +0,0 @@
-# Copyright (c) 2006, 2014, Oracle and/or its affiliates. All rights reserved.
-# 
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; version 2 of the License.
-# 
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-# 
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1335 USA
-
-INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/extra/yassl/taocrypt/mySTL
-                    ${CMAKE_SOURCE_DIR}/extra/yassl/taocrypt/include)
-
-INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include)
-ADD_DEFINITIONS(${SSL_DEFINES})
-SET(TAOCRYPT_SOURCES		src/aes.cpp src/aestables.cpp src/algebra.cpp src/arc4.cpp src/asn.cpp src/coding.cpp 
-				src/des.cpp src/dh.cpp src/dsa.cpp src/file.cpp src/hash.cpp src/integer.cpp src/md2.cpp 
-				src/md4.cpp src/md5.cpp src/misc.cpp src/random.cpp src/ripemd.cpp src/rsa.cpp src/sha.cpp 
-                                src/rabbit.cpp src/hc128.cpp
-				include/aes.hpp include/algebra.hpp include/arc4.hpp include/asn.hpp include/block.hpp 
-				include/coding.hpp include/des.hpp include/dh.hpp include/dsa.hpp include/dsa.hpp
-				include/error.hpp include/file.hpp include/hash.hpp include/hmac.hpp include/integer.hpp 
-				include/md2.hpp include/md5.hpp include/misc.hpp include/modarith.hpp include/modes.hpp
-				include/random.hpp include/ripemd.hpp include/rsa.hpp include/sha.hpp
-                                include/rabbit.hpp include/hc128.hpp)
-
-ADD_CONVENIENCE_LIBRARY(taocrypt ${TAOCRYPT_SOURCES})
-RESTRICT_SYMBOL_EXPORTS(taocrypt)
-
diff --git a/extra/yassl/taocrypt/COPYING b/extra/yassl/taocrypt/COPYING
deleted file mode 100644
index 98861a5402d..00000000000
--- a/extra/yassl/taocrypt/COPYING
+++ /dev/null
@@ -1,340 +0,0 @@
-		    GNU GENERAL PUBLIC LICENSE
-		       Version 2, June 1991
-
- Copyright (C) 1989, 1991 Free Software Foundation, Inc.
-     51 Franklin Street, Fifth Floor, Boston, MA  02110-1335  USA
- Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
-
-			    Preamble
-
-  The licenses for most software are designed to take away your
-freedom to share and change it.  By contrast, the GNU General Public
-License is intended to guarantee your freedom to share and change free
-software--to make sure the software is free for all its users.  This
-General Public License applies to most of the Free Software
-Foundation's software and to any other program whose authors commit to
-using it.  (Some other Free Software Foundation software is covered by
-the GNU Library General Public License instead.)  You can apply it to
-your programs, too.
-
-  When we speak of free software, we are referring to freedom, not
-price.  Our General Public Licenses are designed to make sure that you
-have the freedom to distribute copies of free software (and charge for
-this service if you wish), that you receive source code or can get it
-if you want it, that you can change the software or use pieces of it
-in new free programs; and that you know you can do these things.
-
-  To protect your rights, we need to make restrictions that forbid
-anyone to deny you these rights or to ask you to surrender the rights.
-These restrictions translate to certain responsibilities for you if you
-distribute copies of the software, or if you modify it.
-
-  For example, if you distribute copies of such a program, whether
-gratis or for a fee, you must give the recipients all the rights that
-you have.  You must make sure that they, too, receive or can get the
-source code.  And you must show them these terms so they know their
-rights.
-
-  We protect your rights with two steps: (1) copyright the software, and
-(2) offer you this license which gives you legal permission to copy,
-distribute and/or modify the software.
-
-  Also, for each author's protection and ours, we want to make certain
-that everyone understands that there is no warranty for this free
-software.  If the software is modified by someone else and passed on, we
-want its recipients to know that what they have is not the original, so
-that any problems introduced by others will not reflect on the original
-authors' reputations.
-
-  Finally, any free program is threatened constantly by software
-patents.  We wish to avoid the danger that redistributors of a free
-program will individually obtain patent licenses, in effect making the
-program proprietary.  To prevent this, we have made it clear that any
-patent must be licensed for everyone's free use or not licensed at all.
-
-  The precise terms and conditions for copying, distribution and
-modification follow.
-
-		    GNU GENERAL PUBLIC LICENSE
-   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
-
-  0. This License applies to any program or other work which contains
-a notice placed by the copyright holder saying it may be distributed
-under the terms of this General Public License.  The "Program", below,
-refers to any such program or work, and a "work based on the Program"
-means either the Program or any derivative work under copyright law:
-that is to say, a work containing the Program or a portion of it,
-either verbatim or with modifications and/or translated into another
-language.  (Hereinafter, translation is included without limitation in
-the term "modification".)  Each licensee is addressed as "you".
-
-Activities other than copying, distribution and modification are not
-covered by this License; they are outside its scope.  The act of
-running the Program is not restricted, and the output from the Program
-is covered only if its contents constitute a work based on the
-Program (independent of having been made by running the Program).
-Whether that is true depends on what the Program does.
-
-  1. You may copy and distribute verbatim copies of the Program's
-source code as you receive it, in any medium, provided that you
-conspicuously and appropriately publish on each copy an appropriate
-copyright notice and disclaimer of warranty; keep intact all the
-notices that refer to this License and to the absence of any warranty;
-and give any other recipients of the Program a copy of this License
-along with the Program.
-
-You may charge a fee for the physical act of transferring a copy, and
-you may at your option offer warranty protection in exchange for a fee.
-
-  2. You may modify your copy or copies of the Program or any portion
-of it, thus forming a work based on the Program, and copy and
-distribute such modifications or work under the terms of Section 1
-above, provided that you also meet all of these conditions:
-
-    a) You must cause the modified files to carry prominent notices
-    stating that you changed the files and the date of any change.
-
-    b) You must cause any work that you distribute or publish, that in
-    whole or in part contains or is derived from the Program or any
-    part thereof, to be licensed as a whole at no charge to all third
-    parties under the terms of this License.
-
-    c) If the modified program normally reads commands interactively
-    when run, you must cause it, when started running for such
-    interactive use in the most ordinary way, to print or display an
-    announcement including an appropriate copyright notice and a
-    notice that there is no warranty (or else, saying that you provide
-    a warranty) and that users may redistribute the program under
-    these conditions, and telling the user how to view a copy of this
-    License.  (Exception: if the Program itself is interactive but
-    does not normally print such an announcement, your work based on
-    the Program is not required to print an announcement.)
-
-These requirements apply to the modified work as a whole.  If
-identifiable sections of that work are not derived from the Program,
-and can be reasonably considered independent and separate works in
-themselves, then this License, and its terms, do not apply to those
-sections when you distribute them as separate works.  But when you
-distribute the same sections as part of a whole which is a work based
-on the Program, the distribution of the whole must be on the terms of
-this License, whose permissions for other licensees extend to the
-entire whole, and thus to each and every part regardless of who wrote it.
-
-Thus, it is not the intent of this section to claim rights or contest
-your rights to work written entirely by you; rather, the intent is to
-exercise the right to control the distribution of derivative or
-collective works based on the Program.
-
-In addition, mere aggregation of another work not based on the Program
-with the Program (or with a work based on the Program) on a volume of
-a storage or distribution medium does not bring the other work under
-the scope of this License.
-
-  3. You may copy and distribute the Program (or a work based on it,
-under Section 2) in object code or executable form under the terms of
-Sections 1 and 2 above provided that you also do one of the following:
-
-    a) Accompany it with the complete corresponding machine-readable
-    source code, which must be distributed under the terms of Sections
-    1 and 2 above on a medium customarily used for software interchange; or,
-
-    b) Accompany it with a written offer, valid for at least three
-    years, to give any third party, for a charge no more than your
-    cost of physically performing source distribution, a complete
-    machine-readable copy of the corresponding source code, to be
-    distributed under the terms of Sections 1 and 2 above on a medium
-    customarily used for software interchange; or,
-
-    c) Accompany it with the information you received as to the offer
-    to distribute corresponding source code.  (This alternative is
-    allowed only for noncommercial distribution and only if you
-    received the program in object code or executable form with such
-    an offer, in accord with Subsection b above.)
-
-The source code for a work means the preferred form of the work for
-making modifications to it.  For an executable work, complete source
-code means all the source code for all modules it contains, plus any
-associated interface definition files, plus the scripts used to
-control compilation and installation of the executable.  However, as a
-special exception, the source code distributed need not include
-anything that is normally distributed (in either source or binary
-form) with the major components (compiler, kernel, and so on) of the
-operating system on which the executable runs, unless that component
-itself accompanies the executable.
-
-If distribution of executable or object code is made by offering
-access to copy from a designated place, then offering equivalent
-access to copy the source code from the same place counts as
-distribution of the source code, even though third parties are not
-compelled to copy the source along with the object code.
-
-  4. You may not copy, modify, sublicense, or distribute the Program
-except as expressly provided under this License.  Any attempt
-otherwise to copy, modify, sublicense or distribute the Program is
-void, and will automatically terminate your rights under this License.
-However, parties who have received copies, or rights, from you under
-this License will not have their licenses terminated so long as such
-parties remain in full compliance.
-
-  5. You are not required to accept this License, since you have not
-signed it.  However, nothing else grants you permission to modify or
-distribute the Program or its derivative works.  These actions are
-prohibited by law if you do not accept this License.  Therefore, by
-modifying or distributing the Program (or any work based on the
-Program), you indicate your acceptance of this License to do so, and
-all its terms and conditions for copying, distributing or modifying
-the Program or works based on it.
-
-  6. Each time you redistribute the Program (or any work based on the
-Program), the recipient automatically receives a license from the
-original licensor to copy, distribute or modify the Program subject to
-these terms and conditions.  You may not impose any further
-restrictions on the recipients' exercise of the rights granted herein.
-You are not responsible for enforcing compliance by third parties to
-this License.
-
-  7. If, as a consequence of a court judgment or allegation of patent
-infringement or for any other reason (not limited to patent issues),
-conditions are imposed on you (whether by court order, agreement or
-otherwise) that contradict the conditions of this License, they do not
-excuse you from the conditions of this License.  If you cannot
-distribute so as to satisfy simultaneously your obligations under this
-License and any other pertinent obligations, then as a consequence you
-may not distribute the Program at all.  For example, if a patent
-license would not permit royalty-free redistribution of the Program by
-all those who receive copies directly or indirectly through you, then
-the only way you could satisfy both it and this License would be to
-refrain entirely from distribution of the Program.
-
-If any portion of this section is held invalid or unenforceable under
-any particular circumstance, the balance of the section is intended to
-apply and the section as a whole is intended to apply in other
-circumstances.
-
-It is not the purpose of this section to induce you to infringe any
-patents or other property right claims or to contest validity of any
-such claims; this section has the sole purpose of protecting the
-integrity of the free software distribution system, which is
-implemented by public license practices.  Many people have made
-generous contributions to the wide range of software distributed
-through that system in reliance on consistent application of that
-system; it is up to the author/donor to decide if he or she is willing
-to distribute software through any other system and a licensee cannot
-impose that choice.
-
-This section is intended to make thoroughly clear what is believed to
-be a consequence of the rest of this License.
-
-  8. If the distribution and/or use of the Program is restricted in
-certain countries either by patents or by copyrighted interfaces, the
-original copyright holder who places the Program under this License
-may add an explicit geographical distribution limitation excluding
-those countries, so that distribution is permitted only in or among
-countries not thus excluded.  In such case, this License incorporates
-the limitation as if written in the body of this License.
-
-  9. The Free Software Foundation may publish revised and/or new versions
-of the General Public License from time to time.  Such new versions will
-be similar in spirit to the present version, but may differ in detail to
-address new problems or concerns.
-
-Each version is given a distinguishing version number.  If the Program
-specifies a version number of this License which applies to it and "any
-later version", you have the option of following the terms and conditions
-either of that version or of any later version published by the Free
-Software Foundation.  If the Program does not specify a version number of
-this License, you may choose any version ever published by the Free Software
-Foundation.
-
-  10. If you wish to incorporate parts of the Program into other free
-programs whose distribution conditions are different, write to the author
-to ask for permission.  For software which is copyrighted by the Free
-Software Foundation, write to the Free Software Foundation; we sometimes
-make exceptions for this.  Our decision will be guided by the two goals
-of preserving the free status of all derivatives of our free software and
-of promoting the sharing and reuse of software generally.
-
-			    NO WARRANTY
-
-  11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
-FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN
-OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
-PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
-OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK AS
-TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE
-PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
-REPAIR OR CORRECTION.
-
-  12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
-WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
-REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
-INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
-OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
-TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
-YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
-PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
-POSSIBILITY OF SUCH DAMAGES.
-
-		     END OF TERMS AND CONDITIONS
-
-	    How to Apply These Terms to Your New Programs
-
-  If you develop a new program, and you want it to be of the greatest
-possible use to the public, the best way to achieve this is to make it
-free software which everyone can redistribute and change under these terms.
-
-  To do so, attach the following notices to the program.  It is safest
-to attach them to the start of each source file to most effectively
-convey the exclusion of warranty; and each file should have at least
-the "copyright" line and a pointer to where the full notice is found.
-
-    
-    Copyright (C)   
-
-    This program is free software; you can redistribute it and/or modify
-    it under the terms of the GNU General Public License as published by
-    the Free Software Foundation; either version 2 of the License, or
-    (at your option) any later version.
-
-    This program is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU General Public License for more details.
-
-    You should have received a copy of the GNU General Public License
-    along with this program; if not, write to the Free Software
-    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1335  USA
-
-
-Also add information on how to contact you by electronic and paper mail.
-
-If the program is interactive, make it output a short notice like this
-when it starts in an interactive mode:
-
-    Gnomovision version 69, Copyright (C) year  name of author
-    Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
-    This is free software, and you are welcome to redistribute it
-    under certain conditions; type `show c' for details.
-
-The hypothetical commands `show w' and `show c' should show the appropriate
-parts of the General Public License.  Of course, the commands you use may
-be called something other than `show w' and `show c'; they could even be
-mouse-clicks or menu items--whatever suits your program.
-
-You should also get your employer (if you work as a programmer) or your
-school, if any, to sign a "copyright disclaimer" for the program, if
-necessary.  Here is a sample; alter the names:
-
-  Yoyodyne, Inc., hereby disclaims all copyright interest in the program
-  `Gnomovision' (which makes passes at compilers) written by James Hacker.
-
-  , 1 April 1989
-  Ty Coon, President of Vice
-
-This General Public License does not permit incorporating your program into
-proprietary programs.  If your program is a subroutine library, you may
-consider it more useful to permit linking proprietary applications with the
-library.  If this is what you want to do, use the GNU Library General
-Public License instead of this License.
diff --git a/extra/yassl/taocrypt/INSTALL b/extra/yassl/taocrypt/INSTALL
deleted file mode 100644
index 54caf7c190f..00000000000
--- a/extra/yassl/taocrypt/INSTALL
+++ /dev/null
@@ -1,229 +0,0 @@
-Copyright (C) 1994, 1995, 1996, 1999, 2000, 2001, 2002 Free Software
-Foundation, Inc.
-
-   This file is free documentation; the Free Software Foundation gives
-unlimited permission to copy, distribute and modify it.
-
-Basic Installation
-==================
-
-   These are generic installation instructions.
-
-   The `configure' shell script attempts to guess correct values for
-various system-dependent variables used during compilation.  It uses
-those values to create a `Makefile' in each directory of the package.
-It may also create one or more `.h' files containing system-dependent
-definitions.  Finally, it creates a shell script `config.status' that
-you can run in the future to recreate the current configuration, and a
-file `config.log' containing compiler output (useful mainly for
-debugging `configure').
-
-   It can also use an optional file (typically called `config.cache'
-and enabled with `--cache-file=config.cache' or simply `-C') that saves
-the results of its tests to speed up reconfiguring.  (Caching is
-disabled by default to prevent problems with accidental use of stale
-cache files.)
-
-   If you need to do unusual things to compile the package, please try
-to figure out how `configure' could check whether to do them, and mail
-diffs or instructions to the address given in the `README' so they can
-be considered for the next release.  If you are using the cache, and at
-some point `config.cache' contains results you don't want to keep, you
-may remove or edit it.
-
-   The file `configure.ac' (or `configure.in') is used to create
-`configure' by a program called `autoconf'.  You only need
-`configure.ac' if you want to change it or regenerate `configure' using
-a newer version of `autoconf'.
-
-The simplest way to compile this package is:
-
-  1. `cd' to the directory containing the package's source code and type
-     `./configure' to configure the package for your system.  If you're
-     using `csh' on an old version of System V, you might need to type
-     `sh ./configure' instead to prevent `csh' from trying to execute
-     `configure' itself.
-
-     Running `configure' takes awhile.  While running, it prints some
-     messages telling which features it is checking for.
-
-  2. Type `make' to compile the package.
-
-  3. Optionally, type `make check' to run any self-tests that come with
-     the package.
-
-  4. Type `make install' to install the programs and any data files and
-     documentation.
-
-  5. You can remove the program binaries and object files from the
-     source code directory by typing `make clean'.  To also remove the
-     files that `configure' created (so you can compile the package for
-     a different kind of computer), type `make distclean'.  There is
-     also a `make maintainer-clean' target, but that is intended mainly
-     for the package's developers.  If you use it, you may have to get
-     all sorts of other programs in order to regenerate files that came
-     with the distribution.
-
-Compilers and Options
-=====================
-
-   Some systems require unusual options for compilation or linking that
-the `configure' script does not know about.  Run `./configure --help'
-for details on some of the pertinent environment variables.
-
-   You can give `configure' initial values for configuration parameters
-by setting variables in the command line or in the environment.  Here
-is an example:
-
-     ./configure CC=c89 CFLAGS=-O2 LIBS=-lposix
-
-   *Note Defining Variables::, for more details.
-
-Compiling For Multiple Architectures
-====================================
-
-   You can compile the package for more than one kind of computer at the
-same time, by placing the object files for each architecture in their
-own directory.  To do this, you must use a version of `make' that
-supports the `VPATH' variable, such as GNU `make'.  `cd' to the
-directory where you want the object files and executables to go and run
-the `configure' script.  `configure' automatically checks for the
-source code in the directory that `configure' is in and in `..'.
-
-   If you have to use a `make' that does not support the `VPATH'
-variable, you have to compile the package for one architecture at a
-time in the source code directory.  After you have installed the
-package for one architecture, use `make distclean' before reconfiguring
-for another architecture.
-
-Installation Names
-==================
-
-   By default, `make install' will install the package's files in
-`/usr/local/bin', `/usr/local/man', etc.  You can specify an
-installation prefix other than `/usr/local' by giving `configure' the
-option `--prefix=PATH'.
-
-   You can specify separate installation prefixes for
-architecture-specific files and architecture-independent files.  If you
-give `configure' the option `--exec-prefix=PATH', the package will use
-PATH as the prefix for installing programs and libraries.
-Documentation and other data files will still use the regular prefix.
-
-   In addition, if you use an unusual directory layout you can give
-options like `--bindir=PATH' to specify different values for particular
-kinds of files.  Run `configure --help' for a list of the directories
-you can set and what kinds of files go in them.
-
-   If the package supports it, you can cause programs to be installed
-with an extra prefix or suffix on their names by giving `configure' the
-option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'.
-
-Optional Features
-=================
-
-   Some packages pay attention to `--enable-FEATURE' options to
-`configure', where FEATURE indicates an optional part of the package.
-They may also pay attention to `--with-PACKAGE' options, where PACKAGE
-is something like `gnu-as' or `x' (for the X Window System).  The
-`README' should mention any `--enable-' and `--with-' options that the
-package recognizes.
-
-   For packages that use the X Window System, `configure' can usually
-find the X include and library files automatically, but if it doesn't,
-you can use the `configure' options `--x-includes=DIR' and
-`--x-libraries=DIR' to specify their locations.
-
-Specifying the System Type
-==========================
-
-   There may be some features `configure' cannot figure out
-automatically, but needs to determine by the type of machine the package
-will run on.  Usually, assuming the package is built to be run on the
-_same_ architectures, `configure' can figure that out, but if it prints
-a message saying it cannot guess the machine type, give it the
-`--build=TYPE' option.  TYPE can either be a short name for the system
-type, such as `sun4', or a canonical name which has the form:
-
-     CPU-COMPANY-SYSTEM
-
-where SYSTEM can have one of these forms:
-
-     OS KERNEL-OS
-
-   See the file `config.sub' for the possible values of each field.  If
-`config.sub' isn't included in this package, then this package doesn't
-need to know the machine type.
-
-   If you are _building_ compiler tools for cross-compiling, you should
-use the `--target=TYPE' option to select the type of system they will
-produce code for.
-
-   If you want to _use_ a cross compiler, that generates code for a
-platform different from the build platform, you should specify the
-"host" platform (i.e., that on which the generated programs will
-eventually be run) with `--host=TYPE'.
-
-Sharing Defaults
-================
-
-   If you want to set default values for `configure' scripts to share,
-you can create a site shell script called `config.site' that gives
-default values for variables like `CC', `cache_file', and `prefix'.
-`configure' looks for `PREFIX/share/config.site' if it exists, then
-`PREFIX/etc/config.site' if it exists.  Or, you can set the
-`CONFIG_SITE' environment variable to the location of the site script.
-A warning: not all `configure' scripts look for a site script.
-
-Defining Variables
-==================
-
-   Variables not defined in a site shell script can be set in the
-environment passed to `configure'.  However, some packages may run
-configure again during the build, and the customized values of these
-variables may be lost.  In order to avoid this problem, you should set
-them in the `configure' command line, using `VAR=value'.  For example:
-
-     ./configure CC=/usr/local2/bin/gcc
-
-will cause the specified gcc to be used as the C compiler (unless it is
-overridden in the site shell script).
-
-`configure' Invocation
-======================
-
-   `configure' recognizes the following options to control how it
-operates.
-
-`--help'
-`-h'
-     Print a summary of the options to `configure', and exit.
-
-`--version'
-`-V'
-     Print the version of Autoconf used to generate the `configure'
-     script, and exit.
-
-`--cache-file=FILE'
-     Enable the cache: use and save the results of the tests in FILE,
-     traditionally `config.cache'.  FILE defaults to `/dev/null' to
-     disable caching.
-
-`--config-cache'
-`-C'
-     Alias for `--cache-file=config.cache'.
-
-`--quiet'
-`--silent'
-`-q'
-     Do not print messages saying which checks are being made.  To
-     suppress all normal output, redirect it to `/dev/null' (any error
-     messages will still be shown).
-
-`--srcdir=DIR'
-     Look for the package's source code in directory DIR.  Usually
-     `configure' can determine that directory automatically.
-
-`configure' also accepts some other, not widely useful, options.  Run
-`configure --help' for more details.
-
diff --git a/extra/yassl/taocrypt/README b/extra/yassl/taocrypt/README
deleted file mode 100644
index bd786b7ce54..00000000000
--- a/extra/yassl/taocrypt/README
+++ /dev/null
@@ -1,48 +0,0 @@
-TaoCrypt release 0.9.2   02/5/2007
-
-
-This release includes bug fixes, portability enhancements, and some 
-optimiations.
-
-See 0.9.0 for build instructions.
-
-
-
-
-******************TaoCrypt release 0.9.0   09/18/2006
-
-This is the first release of TaoCrypt, it was previously only included with
-yaSSL. TaoCrypt is highly portable and fast, its features include:
-
-One way hash functions: SHA-1, MD2, MD4, MD5, RIPEMD-160
-Message authentication codes: HMAC
-Block Ciphers: DES, Triple-DES, AES, Blowfish, Twofish
-Stream Ciphers: ARC4
-Public Key Crypto: RSA, DSA, Diffie-Hellman
-Password based key derivation: PBKDF2 from PKCS #5
-Pseudo Random Number Generators
-Large Integer Support
-Base 16/64 encoding/decoding
-DER encoding/decoding
-X.509 processing
-SSE2 and ia32 asm for the right processors and compilers
-
-
-To build on Unix
-
-    ./configure
-    make
-
-    To test the build, from the ./test directory run ./test
-
-
-On Windows
-
-    Open the taocrypt project workspace
-    Choose (Re)Build All
-
-    To test the build, run the test executable
-
-
-Please send any questions or comments to todd@yassl.com.
-
diff --git a/extra/yassl/taocrypt/benchmark/benchmark.cpp b/extra/yassl/taocrypt/benchmark/benchmark.cpp
deleted file mode 100644
index 6afad32ed41..00000000000
--- a/extra/yassl/taocrypt/benchmark/benchmark.cpp
+++ /dev/null
@@ -1,462 +0,0 @@
-/*
-   Copyright (c) 2006, 2012, Oracle and/or its affiliates.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-// benchmark.cpp
-// TaoCrypt benchmark
-
-#ifdef HAVE_CONFIG_H
-#include "config.h"
-#endif
-
-#include 
-#include 
-
-#include "runtime.hpp"
-#include "des.hpp"
-#include "aes.hpp"
-#include "twofish.hpp"
-#include "blowfish.hpp"
-#include "arc4.hpp"
-#include "md5.hpp"
-#include "sha.hpp"
-#include "ripemd.hpp"
-#include "rsa.hpp"
-#include "dh.hpp"
-#include "dsa.hpp"
-
-
-using namespace TaoCrypt;
-
-void bench_aes(bool show);
-void bench_des();
-void bench_blowfish();
-void bench_twofish();
-void bench_arc4();
-
-void bench_md5();
-void bench_sha();
-void bench_ripemd();
-
-void bench_rsa();
-void bench_dh();
-void bench_dsa();
-
-double current_time();
-
-
-
-
-int main(int argc, char** argv)
-{
-    bench_aes(false);
-    bench_aes(true);
-    bench_blowfish();
-    bench_twofish();
-    bench_arc4();
-    bench_des();
-    
-    printf("\n");
-
-    bench_md5();
-    bench_sha();
-    bench_ripemd();
-
-    printf("\n");
-    
-    bench_rsa();
-    bench_dh();
-    bench_dsa();
-
-    return 0;
-}
-
-const int megs = 5;  // how much to test
-
-const byte key[] = 
-{
-    0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
-    0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10,
-    0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
-};
-
-const byte iv[] = 
-{
-    0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef,
-    0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
-    0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81
-    
-};
-
-
-byte plain [1024*1024];
-byte cipher[1024*1024];
-
-
-void bench_des()
-{
-    DES_EDE3_CBC_Encryption enc;
-    enc.SetKey(key, 16, iv);
-
-    double start = current_time();
-
-    for(int i = 0; i < megs; i++)
-        enc.Process(plain, cipher, sizeof(plain));
-
-    double total = current_time() - start;
-
-    double persec = 1 / total * megs;
-
-    printf("3DES     %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total,
-                                                             persec);
-}
-
-
-void bench_aes(bool show)
-{
-    AES_CBC_Encryption enc;
-    enc.SetKey(key, 16, iv);
-
-    double start = current_time();
- 
-    for(int i = 0; i < megs; i++)
-        enc.Process(plain, cipher, sizeof(plain));
-
-    double total = current_time() - start;
-
-    double persec = 1 / total * megs;
-
-    if (show)
-        printf("AES      %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total,
-                                                                 persec);
-}
-
-
-void bench_twofish()
-{
-    Twofish_CBC_Encryption enc;
-    enc.SetKey(key, 16, iv);
-
-    double start = current_time();
-
-    for(int i = 0; i < megs; i++)
-        enc.Process(plain, cipher, sizeof(plain));
-
-    double total = current_time() - start;
-
-    double persec = 1 / total * megs;
-
-    printf("Twofish  %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total,
-                                                            persec);
-
-}
-
-
-void bench_blowfish()
-{
-    Blowfish_CBC_Encryption enc;
-    enc.SetKey(key, 16, iv);
-
-    double start = current_time();
-
-    for(int i = 0; i < megs; i++)
-        enc.Process(plain, cipher, sizeof(plain));
-
-    double total = current_time() - start;
-
-    double persec = 1 / total * megs;
-
-    printf("Blowfish %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total,
-                                                             persec);
-}
-
-
-void bench_arc4()
-{
-    ARC4 enc;
-    enc.SetKey(key, 16);
-
-    double start = current_time();
-
-    for(int i = 0; i < megs; i++)
-        enc.Process(cipher, plain, sizeof(plain));
-
-    double total = current_time() - start;
-
-    double persec = 1 / total * megs;
-
-    printf("ARC4     %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total,
-                                                             persec);
-}
-
-
-void bench_md5()
-{
-    MD5 hash;
-    byte digest[MD5::DIGEST_SIZE];
-
-    double start = current_time();
-
-    
-    for(int i = 0; i < megs; i++)
-        hash.Update(plain, sizeof(plain));
-   
-    hash.Final(digest);
-
-    double total = current_time() - start;
-
-    double persec = 1 / total * megs;
-
-    printf("MD5      %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total,
-                                                             persec);
-}
-
-
-void bench_sha()
-{
-    SHA hash;
-    byte digest[SHA::DIGEST_SIZE];
-
-    double start = current_time();
-
-    
-    for(int i = 0; i < megs; i++)
-        hash.Update(plain, sizeof(plain));
-   
-    hash.Final(digest);
-
-    /*
-    for(int i = 0; i < megs; i++)
-        hash.AsmTransform(plain, 16384);
-    */
-
-
-    double total = current_time() - start;
-
-    double persec = 1 / total * megs;
-
-    printf("SHA      %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total,
-                                                             persec);
-}
-
-
-void bench_ripemd()
-{
-    RIPEMD160 hash;
-    byte digest[RIPEMD160::DIGEST_SIZE];
-
-    double start = current_time();
-
-    
-    for(int i = 0; i < megs; i++)
-        hash.Update(plain, sizeof(plain));
-   
-    hash.Final(digest);
-
-    double total = current_time() - start;
-
-    double persec = 1 / total * megs;
-
-    printf("RIPEMD   %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total,
-                                                             persec);
-}
-
-RandomNumberGenerator rng;
-
-void bench_rsa()
-{
-    const int times = 100;
-
-    Source source;
-    FileSource("./rsa1024.der", source);
-
-    if (source.size() == 0) {
-        printf("can't find ./rsa1024.der\n");
-        return;
-    }
-    RSA_PrivateKey priv(source);
-    RSAES_Encryptor enc(priv);
-
-    byte      message[] = "Everyone gets Friday off.";
-    byte      cipher[128];  // for 1024 bit
-    byte      plain[128];   // for 1024 bit
-    const int len = (word32)strlen((char*)message);
-    
-    int i;    
-    double start = current_time();
-
-    for (i = 0; i < times; i++)
-        enc.Encrypt(message, len, cipher, rng);
-
-    double total = current_time() - start;
-    double each  = total / times;   // per second
-    double milliEach = each * 1000; // milliseconds
-
-    printf("RSA 1024 encryption took %6.2f milliseconds, avg over %d" 
-           " iterations\n", milliEach, times);
-
-    RSAES_Decryptor dec(priv);
-
-    start = current_time();
-
-    for (i = 0; i < times; i++)
-        dec.Decrypt(cipher, 128, plain, rng);
-
-    total = current_time() - start;
-    each  = total / times;   // per second
-    milliEach = each * 1000; // milliseconds
-
-    printf("RSA 1024 decryption took %6.2f milliseconds, avg over %d" 
-           " iterations\n", milliEach, times);
-}
-
-
-void bench_dh()
-{
-    const int times = 100;
-
-    Source source;
-    FileSource("./dh1024.der", source);
-
-    if (source.size() == 0) {
-        printf("can't find ./dh1024.der\n");
-        return;
-    }
-    DH dh(source);
-
-    byte      pub[128];    // for 1024 bit
-    byte      priv[128];   // for 1024 bit
-    
-    int i;    
-    double start = current_time();
-
-    for (i = 0; i < times; i++)
-        dh.GenerateKeyPair(rng, priv, pub);
-
-    double total = current_time() - start;
-    double each  = total / times;   // per second
-    double milliEach = each * 1000; // milliseconds
-
-    printf("DH  1024 key generation  %6.2f milliseconds, avg over %d" 
-           " iterations\n", milliEach, times);
-
-    DH dh2(dh); 
-    byte      pub2[128];    // for 1024 bit
-    byte      priv2[128];   // for 1024 bit
-    dh2.GenerateKeyPair(rng, priv2, pub2);
-    unsigned char key[256];
-
-    start = current_time();
-
-    for (i = 0; i < times; i++)
-        dh.Agree(key, priv, pub2);
-
-    total = current_time() - start;
-    each  = total / times;      // per second
-    milliEach = each * 1000;   //  in milliseconds
-
-    printf("DH  1024 key agreement   %6.2f milliseconds, avg over %d"
-           " iterations\n", milliEach, times);
-}
-
-void bench_dsa()
-{
-    const int times = 100;
-
-    Source source;
-    FileSource("./dsa1024.der", source);
-
-    if (source.size() == 0) {
-        printf("can't find ./dsa1024.der\n");
-        return;
-    }
-
-    DSA_PrivateKey key(source);
-    DSA_Signer signer(key);
-
-    SHA sha;
-    byte digest[SHA::DIGEST_SIZE];
-    byte signature[40];
-    const char msg[] = "this is the message";
-    sha.Update((byte*)msg, sizeof(msg));
-    sha.Final(digest);
-    
-    int i;    
-    double start = current_time();
-
-    for (i = 0; i < times; i++)
-        signer.Sign(digest, signature, rng); 
-
-    double total = current_time() - start;
-    double each  = total / times;   // per second
-    double milliEach = each * 1000; // milliseconds
-
-    printf("DSA 1024 sign   took     %6.2f milliseconds, avg over %d" 
-           " iterations\n", milliEach, times);
-
-    DSA_Verifier verifier(key);
-
-    start = current_time();
-
-    for (i = 0; i < times; i++)
-        verifier.Verify(digest, signature); 
-
-    total = current_time() - start;
-    each  = total / times;      // per second
-    milliEach = each * 1000;   //  in milliseconds
-
-    printf("DSA 1024 verify took     %6.2f milliseconds, avg over %d"
-           " iterations\n", milliEach, times);
-}
-
-
-
-#ifdef _WIN32
-
-    #define WIN32_LEAN_AND_MEAN
-    #include 
-
-    double current_time()
-    {
-        static bool          init(false);
-        static LARGE_INTEGER freq;
-    
-        if (!init) {
-            QueryPerformanceFrequency(&freq);
-            init = true;
-        }
-
-        LARGE_INTEGER count;
-        QueryPerformanceCounter(&count);
-
-        return static_cast(count.QuadPart) / freq.QuadPart;
-    }
-
-#else
-
-    #include 
-
-    double current_time()
-    {
-        struct timeval tv;
-        gettimeofday(&tv, 0);
-
-        return static_cast(tv.tv_sec) 
-             + static_cast(tv.tv_usec) / 1000000;
-    }
-
-#endif // _WIN32
diff --git a/extra/yassl/taocrypt/benchmark/benchmark.dsp b/extra/yassl/taocrypt/benchmark/benchmark.dsp
deleted file mode 100644
index 449299a1c8d..00000000000
--- a/extra/yassl/taocrypt/benchmark/benchmark.dsp
+++ /dev/null
@@ -1,101 +0,0 @@
-# Microsoft Developer Studio Project File - Name="benchmark" - Package Owner=<4>
-# Microsoft Developer Studio Generated Build File, Format Version 6.00
-# ** DO NOT EDIT **
-
-# TARGTYPE "Win32 (x86) Console Application" 0x0103
-
-CFG=benchmark - Win32 Debug
-!MESSAGE This is not a valid makefile. To build this project using NMAKE,
-!MESSAGE use the Export Makefile command and run
-!MESSAGE 
-!MESSAGE NMAKE /f "benchmark.mak".
-!MESSAGE 
-!MESSAGE You can specify a configuration when running NMAKE
-!MESSAGE by defining the macro CFG on the command line. For example:
-!MESSAGE 
-!MESSAGE NMAKE /f "benchmark.mak" CFG="benchmark - Win32 Debug"
-!MESSAGE 
-!MESSAGE Possible choices for configuration are:
-!MESSAGE 
-!MESSAGE "benchmark - Win32 Release" (based on "Win32 (x86) Console Application")
-!MESSAGE "benchmark - Win32 Debug" (based on "Win32 (x86) Console Application")
-!MESSAGE 
-
-# Begin Project
-# PROP AllowPerConfigDependencies 0
-# PROP Scc_ProjName ""
-# PROP Scc_LocalPath ""
-CPP=cl.exe
-RSC=rc.exe
-
-!IF  "$(CFG)" == "benchmark - Win32 Release"
-
-# PROP BASE Use_MFC 0
-# PROP BASE Use_Debug_Libraries 0
-# PROP BASE Output_Dir "benchmark___Win32_Release"
-# PROP BASE Intermediate_Dir "benchmark___Win32_Release"
-# PROP BASE Target_Dir ""
-# PROP Use_MFC 0
-# PROP Use_Debug_Libraries 0
-# PROP Output_Dir "Release"
-# PROP Intermediate_Dir "Release"
-# PROP Ignore_Export_Lib 0
-# PROP Target_Dir ""
-# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
-# ADD CPP /nologo /MT /W3 /GX /O2 /I "..\include" /I "..\mySTL" /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
-# ADD BASE RSC /l 0x409 /d "NDEBUG"
-# ADD RSC /l 0x409 /d "NDEBUG"
-BSC32=bscmake.exe
-# ADD BASE BSC32 /nologo
-# ADD BSC32 /nologo
-LINK32=link.exe
-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
-# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
-
-!ELSEIF  "$(CFG)" == "benchmark - Win32 Debug"
-
-# PROP BASE Use_MFC 0
-# PROP BASE Use_Debug_Libraries 1
-# PROP BASE Output_Dir "benchmark___Win32_Debug"
-# PROP BASE Intermediate_Dir "benchmark___Win32_Debug"
-# PROP BASE Target_Dir ""
-# PROP Use_MFC 0
-# PROP Use_Debug_Libraries 1
-# PROP Output_Dir "Debug"
-# PROP Intermediate_Dir "Debug"
-# PROP Target_Dir ""
-# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c
-# ADD CPP /nologo /MTd /W3 /Gm /GX /ZI /Od /I "..\include" /I "..\mySTL" /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ  /c
-# ADD BASE RSC /l 0x409 /d "_DEBUG"
-# ADD RSC /l 0x409 /d "_DEBUG"
-BSC32=bscmake.exe
-# ADD BASE BSC32 /nologo
-# ADD BSC32 /nologo
-LINK32=link.exe
-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
-# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
-
-!ENDIF 
-
-# Begin Target
-
-# Name "benchmark - Win32 Release"
-# Name "benchmark - Win32 Debug"
-# Begin Group "Source Files"
-
-# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"
-# Begin Source File
-
-SOURCE=.\benchmark.cpp
-# End Source File
-# End Group
-# Begin Group "Header Files"
-
-# PROP Default_Filter "h;hpp;hxx;hm;inl"
-# End Group
-# Begin Group "Resource Files"
-
-# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe"
-# End Group
-# End Target
-# End Project
diff --git a/extra/yassl/taocrypt/benchmark/dh1024.der b/extra/yassl/taocrypt/benchmark/dh1024.der
deleted file mode 100644
index 09f81ee14c1433f2976ecbd6f005f08bab148fc9..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 138
zcmV;50CoQ`frkQtfdJzSP$YVrg24|O8KaTE_~w4Yl;};FUoGsR9lw0C(6T;r
s7lz80Qg_hFWcwke)}*PMa1+xurq+{@w?<}rUFSuFc-iKdchdp^0(h}S$^ZZW

diff --git a/extra/yassl/taocrypt/benchmark/dsa1024.der b/extra/yassl/taocrypt/benchmark/dsa1024.der
deleted file mode 100644
index 3a6dfca4b8f4a175a86291c7a763b924de848584..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 445
zcmV;u0Yd&Tf&sb$0RRGlfdGY;GA122v6Zit#o~2yEAdw|`9S}F6VlbhZ%oJ{udl2?
z8$kW+RDugM9mCw>YTyqlLLi+v{@G1Qx9}O>X+J6;k5Np*1%QyYiORw=kP`76+^0`6
zN)~9}BSK*KgIk37ql+^1#&ybI%Z>MmmvWhqyaZ
z1aWrcK}^J&B13cKWP7al9mk2EXe;pm!1}sI^^IH%#OGG2618s8eh+KFQ+-Q00*uZ3
zH|eBa#WS<9sP0zk4f}8SDufx@hIQM_f4VPkkaaQyzy`qTPb0(vfq-A&@13ewPgDl*
zq)?VIdw?0w$RBra?@!Lz{I6UsHj56hmU)dqxu7CiwHHAnB;ZbK1e@4_5!8_vGAo|c
z>^lC#T7qf_=8UY+I)!3o49gMdG%EtMSxts}h1%x;!9GKcwy!%taaLTPHzALJ-BUf>
n4H!HQeqbj!h|B!}CFBAWVHFP6GA$IV5#k~Ten9E%&kzrLV06&q

diff --git a/extra/yassl/taocrypt/benchmark/make.bat b/extra/yassl/taocrypt/benchmark/make.bat
deleted file mode 100755
index 8f445986c7e..00000000000
--- a/extra/yassl/taocrypt/benchmark/make.bat
+++ /dev/null
@@ -1,24 +0,0 @@
-REM Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved.
-REM 
-REM This program is free software; you can redistribute it and/or modify
-REM it under the terms of the GNU General Public License as published by
-REM the Free Software Foundation; version 2 of the License.
-REM 
-REM This program is distributed in the hope that it will be useful,
-REM but WITHOUT ANY WARRANTY; without even the implied warranty of
-REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-REM GNU General Public License for more details.
-REM 
-REM You should have received a copy of the GNU General Public License
-REM along with this program; if not, write to the Free Software
-REM Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1335  USA
-
-REM quick and dirty build file for testing different MSDEVs
-setlocal 
-
-set myFLAGS= /I../include /I../mySTL /c /W3 /G6 /O2
-
-cl %myFLAGS% benchmark.cpp
-
-link.exe  /out:benchmark.exe ../src/taocrypt.lib benchmark.obj advapi32.lib
-
diff --git a/extra/yassl/taocrypt/benchmark/rsa1024.der b/extra/yassl/taocrypt/benchmark/rsa1024.der
deleted file mode 100644
index 5ba3fbe6c9c1924168019953bfd98aa3820aab5c..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 606
zcmV-k0-^mdf&yFu0RRGlfdIwfN}k!E0^v1<5%kq!S9kmq4nG1~SitQ=Dn*yNhF*>DZvq1W009DlfI=@g
zW+@~4(wDRfZFzBv5B8tw1L`G>$@!6;yWQTEUB9fscN00gfY>
zE_qZp`JCx^J5T6EZ>VfG+~Bk0wYEaXzNIKUheDSElC$2LfSOPM#l%nZuOYf`A?66p
zeu&zCdOp2o4iz^L{oys3HJ^&10Rlk)7zP9J}{i~XY+dnvvTP5SxUG2kLFjSnsXce7saro%6!uG0zm-Xt_GP*jyTe|RL7YY
zkrVMZA`AGFI>VO^irJeisN9esS?;ma9*8`Q6`(WTj?C;VPCR-u^s%Kf
z#pL^x7#DzwuS)k}z?UMXm@5$kJJ>MIsTyelKxuf)6tNSHSJf$aZJgTr?HaD!sv4Li0ayQXo=pUmVga7~l

diff --git a/extra/yassl/taocrypt/certs/client-cert.der b/extra/yassl/taocrypt/certs/client-cert.der
deleted file mode 100644
index 9c2ef138bf6fc2630912ef6de6d3b6cf0301c25e..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 782
zcmXqLV&*ewV%o8QnTe5!iId^z^&CO752gt37V!S$Cd{c2w
z+xe{@pPtL$xw%NlvgT7T6Eh6`G!AGtU6f7X1Ree9RIvE9TA<<2M1$?+Gmul%m|
XpzgmxZ4lSP1`oI0Ghf~;KUWF>dNSg%

diff --git a/extra/yassl/taocrypt/certs/client-key.der b/extra/yassl/taocrypt/certs/client-key.der
deleted file mode 100644
index 649406c441767b2fc535821ce7c97bd4e0d6d582..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 319
zcmV-F0l@w+f&n}N0RRF)0KHL46#Z%$gbXt{{3kM;mka!)7+`5m+1Pkc3+W(T)*Wyh
z3?!c;g3LMr)t48tb8LpswejW7Xbjn+5;=VGQvw44009C(RAJUGQsJhn*RVks3iY8J
zCMcedit&X;&KR0KB-Gnop9+L4$c$`V0)_@SMRl3I=r&fTY?)V-Vd8(NC0wDn4
zM18Ssb(*B)>6>jE5mfR!`GzLBxER$nNIt2t9S#B^0N5JSLP*YUd!+;PnLAD&B}QzU
zvtajORva>HMXB6L-vS{3rWv#PasflN&Kx6LFRv7+`|v^
zVG1Ri@*x3g&8mzy=gMZ=R`d^jdeIoULj4;N0u=zQB`K>4p9vhntpgx-f2OzHO#=x6
zKoW?V+UL*c!cZIQhO-Q%7jd2qIS;
zyLXY#TQ=?UB!ZBN&5(TCclj4Bb93*zxq<=|BZKF@YOJKk3>*_>cJA226^%Byxu9@E

diff --git a/extra/yassl/taocrypt/include/aes.hpp b/extra/yassl/taocrypt/include/aes.hpp
deleted file mode 100644
index 191f294b2b5..00000000000
--- a/extra/yassl/taocrypt/include/aes.hpp
+++ /dev/null
@@ -1,155 +0,0 @@
-/*
-   Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* aes.hpp defines AES
-*/
-
-
-#ifndef TAO_CRYPT_AES_HPP
-#define TAO_CRYPT_AES_HPP
-
-#include "misc.hpp"
-#include "modes.hpp"
-
-
-#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM)
-    #define DO_AES_ASM
-#endif
-
-
-
-namespace TaoCrypt {
-
-
-enum { AES_BLOCK_SIZE = 16 };
-
-
-// AES encryption and decryption, see FIPS-197
-class AES : public Mode_BASE {
-public:
-    enum { BLOCK_SIZE = AES_BLOCK_SIZE };
-
-    AES(CipherDir DIR, Mode MODE)
-        : Mode_BASE(BLOCK_SIZE, DIR, MODE) {}
-
-#ifdef DO_AES_ASM
-    void Process(byte*, const byte*, word32);
-#endif
-    void SetKey(const byte* key, word32 sz, CipherDir fake = ENCRYPTION);
-    void SetIV(const byte* iv) { memcpy(r_, iv, BLOCK_SIZE); }
-private:
-    static const word32 rcon_[];
-
-    word32      rounds_;
-    word32      key_[60];                        // max size
-
-    static const word32 Te[5][256];
-    static const word32 Td[5][256];
-    static const byte   CTd4[256];
-
-    static const word32* Te0;
-    static const word32* Te1;
-    static const word32* Te2;
-    static const word32* Te3;
-    static const word32* Te4;
-
-    static const word32* Td0;
-    static const word32* Td1;
-    static const word32* Td2;
-    static const word32* Td3;
-    static const word32* Td4;
-
-    void encrypt(const byte*, const byte*, byte*) const;
-    void AsmEncrypt(const byte*, byte*, void*) const;
-    void decrypt(const byte*, const byte*, byte*) const;
-    void AsmDecrypt(const byte*, byte*, void*) const;
-
-    void ProcessAndXorBlock(const byte*, const byte*, byte*) const;
-
-    word32 PreFetchTe() const;
-    word32 PreFetchTd() const;
-    word32 PreFetchCTd4() const;
-
-    AES(const AES&);            // hide copy
-    AES& operator=(const AES&); // and assign
-};
-
-
-#if defined(__x86_64__) || defined(_M_X64) || \
-           (defined(__ILP32__) && (__ILP32__ >= 1))
-    #define TC_CACHE_LINE_SZ 64
-#else
-    /* default cache line size */
-    #define TC_CACHE_LINE_SZ 32
-#endif
-
-inline word32 AES::PreFetchTe() const
-{
-    word32 x = 0;
-
-    /* 4 tables of 256 entries */
-    for (int i = 0; i < 4; i++) {
-        /* each entry is 4 bytes */
-        for (int j = 0; j < 256; j += TC_CACHE_LINE_SZ/4) {
-            x &= Te[i][j];
-        }
-    }
-
-    return x;
-}
-
-
-inline word32 AES::PreFetchTd() const
-{
-    word32 x = 0;
-
-    /* 4 tables of 256 entries */
-    for (int i = 0; i < 4; i++) {
-        /* each entry is 4 bytes */
-        for (int j = 0; j < 256; j += TC_CACHE_LINE_SZ/4) {
-            x &= Td[i][j];
-        }
-    }
-
-    return x;
-}
-
-
-inline word32 AES::PreFetchCTd4() const
-{
-    word32 x = 0;
-    int i;
-
-    for (i = 0; i < 256; i += TC_CACHE_LINE_SZ) {
-        x &= CTd4[i];
-    }
-
-    return x;
-}
-
-
-typedef BlockCipher AES_ECB_Encryption;
-typedef BlockCipher AES_ECB_Decryption;
-
-typedef BlockCipher AES_CBC_Encryption;
-typedef BlockCipher AES_CBC_Decryption;
-
-
-} // naemspace
-
-#endif // TAO_CRYPT_AES_HPP
diff --git a/extra/yassl/taocrypt/include/algebra.hpp b/extra/yassl/taocrypt/include/algebra.hpp
deleted file mode 100644
index b216e5cccca..00000000000
--- a/extra/yassl/taocrypt/include/algebra.hpp
+++ /dev/null
@@ -1,227 +0,0 @@
-/*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* based on Wei Dai's algebra.h from CryptoPP */
-
-#ifndef TAO_CRYPT_ALGEBRA_HPP
-#define TAO_CRYPT_ALGEBRA_HPP
-
-#include "integer.hpp"
-
-namespace TaoCrypt {
-
-
-// "const Element&" returned by member functions are references
-// to internal data members. Since each object may have only
-// one such data member for holding results, the following code
-// will produce incorrect results:
-// abcd = group.Add(group.Add(a,b), group.Add(c,d));
-// But this should be fine:
-// abcd = group.Add(a, group.Add(b, group.Add(c,d));
-
-// Abstract Group
-class TAOCRYPT_NO_VTABLE AbstractGroup : public virtual_base
-{
-public:
-    typedef Integer Element;
-
-    virtual ~AbstractGroup() {}
-
-    virtual bool Equal(const Element &a, const Element &b) const =0;
-    virtual const Element& Identity() const =0;
-    virtual const Element& Add(const Element &a, const Element &b) const =0;
-    virtual const Element& Inverse(const Element &a) const =0;
-    virtual bool InversionIsFast() const {return false;}
-
-    virtual const Element& Double(const Element &a) const;
-    virtual const Element& Subtract(const Element &a, const Element &b) const;
-    virtual Element& Accumulate(Element &a, const Element &b) const;
-    virtual Element& Reduce(Element &a, const Element &b) const;
-
-    virtual Element ScalarMultiply(const Element &a, const Integer &e) const;
-    virtual Element CascadeScalarMultiply(const Element &x, const Integer &e1,
-                                    const Element &y, const Integer &e2) const;
-
-    virtual void SimultaneousMultiply(Element *results, const Element &base,
-                  const Integer *exponents, unsigned int exponentsCount) const;
-};
-
-// Abstract Ring
-class TAOCRYPT_NO_VTABLE AbstractRing : public AbstractGroup
-{
-public:
-    typedef Integer Element;
-
-    AbstractRing() : AbstractGroup() {m_mg.m_pRing = this;}
-    AbstractRing(const AbstractRing &source) : AbstractGroup()
-                                                {m_mg.m_pRing = this;}
-    AbstractRing& operator=(const AbstractRing &source) {return *this;}
-
-    virtual bool IsUnit(const Element &a) const =0;
-    virtual const Element& MultiplicativeIdentity() const =0;
-    virtual const Element& Multiply(const Element&, const Element&) const =0;
-    virtual const Element& MultiplicativeInverse(const Element &a) const =0;
-
-    virtual const Element& Square(const Element &a) const;
-    virtual const Element& Divide(const Element &a, const Element &b) const;
-
-    virtual Element Exponentiate(const Element &a, const Integer &e) const;
-    virtual Element CascadeExponentiate(const Element &x, const Integer &e1,
-                                    const Element &y, const Integer &e2) const;
-
-    virtual void SimultaneousExponentiate(Element *results, const Element&,
-                  const Integer *exponents, unsigned int exponentsCount) const;
-
-    virtual const AbstractGroup& MultiplicativeGroup() const
-        {return m_mg;}
-
-private:
-    class MultiplicativeGroupT : public AbstractGroup
-    {
-    public:
-        const AbstractRing& GetRing() const
-            {return *m_pRing;}
-
-        bool Equal(const Element &a, const Element &b) const
-            {return GetRing().Equal(a, b);}
-
-        const Element& Identity() const
-            {return GetRing().MultiplicativeIdentity();}
-
-        const Element& Add(const Element &a, const Element &b) const
-            {return GetRing().Multiply(a, b);}
-
-        Element& Accumulate(Element &a, const Element &b) const
-            {return a = GetRing().Multiply(a, b);}
-
-        const Element& Inverse(const Element &a) const
-            {return GetRing().MultiplicativeInverse(a);}
-
-        const Element& Subtract(const Element &a, const Element &b) const
-            {return GetRing().Divide(a, b);}
-
-        Element& Reduce(Element &a, const Element &b) const
-            {return a = GetRing().Divide(a, b);}
-
-        const Element& Double(const Element &a) const
-            {return GetRing().Square(a);}
-
-        Element ScalarMultiply(const Element &a, const Integer &e) const
-            {return GetRing().Exponentiate(a, e);}
-
-        Element CascadeScalarMultiply(const Element &x, const Integer &e1,
-                                     const Element &y, const Integer &e2) const
-            {return GetRing().CascadeExponentiate(x, e1, y, e2);}
-
-        void SimultaneousMultiply(Element *results, const Element &base,
-                   const Integer *exponents, unsigned int exponentsCount) const
-            {GetRing().SimultaneousExponentiate(results, base, exponents,
-                                                exponentsCount);}
-
-        const AbstractRing* m_pRing;
-    };
-
-    MultiplicativeGroupT m_mg;
-};
-
-
-// Abstract Euclidean Domain
-class TAOCRYPT_NO_VTABLE AbstractEuclideanDomain
-    : public AbstractRing
-{
-public:
-    typedef Integer Element;
-
-    virtual void DivisionAlgorithm(Element &r, Element &q, const Element &a,
-                                   const Element &d) const =0;
-
-    virtual const Element& Mod(const Element &a, const Element &b) const =0;
-    virtual const Element& Gcd(const Element &a, const Element &b) const;
-
-protected:
-    mutable Element result;
-};
-
-
-// EuclideanDomainOf
-class EuclideanDomainOf : public AbstractEuclideanDomain
-{
-public:
-    typedef Integer Element;
-
-    EuclideanDomainOf() {}
-
-    bool Equal(const Element &a, const Element &b) const
-        {return a==b;}
-
-    const Element& Identity() const
-        {return Element::Zero();}
-
-    const Element& Add(const Element &a, const Element &b) const
-        {return result = a+b;}
-
-    Element& Accumulate(Element &a, const Element &b) const
-        {return a+=b;}
-
-    const Element& Inverse(const Element &a) const
-        {return result = -a;}
-
-    const Element& Subtract(const Element &a, const Element &b) const
-        {return result = a-b;}
-
-    Element& Reduce(Element &a, const Element &b) const
-        {return a-=b;}
-
-    const Element& Double(const Element &a) const
-        {return result = a.Doubled();}
-
-    const Element& MultiplicativeIdentity() const
-        {return Element::One();}
-
-    const Element& Multiply(const Element &a, const Element &b) const
-        {return result = a*b;}
-
-    const Element& Square(const Element &a) const
-        {return result = a.Squared();}
-
-    bool IsUnit(const Element &a) const
-        {return a.IsUnit();}
-
-    const Element& MultiplicativeInverse(const Element &a) const
-        {return result = a.MultiplicativeInverse();}
-
-    const Element& Divide(const Element &a, const Element &b) const
-        {return result = a/b;}
-
-    const Element& Mod(const Element &a, const Element &b) const
-        {return result = a%b;}
-
-    void DivisionAlgorithm(Element &r, Element &q, const Element &a,
-                           const Element &d) const
-        {Element::Divide(r, q, a, d);}
-
-private:
-    mutable Element result;
-};
-
-
-
-} // namespace
-
-#endif // TAO_CRYPT_ALGEBRA_HPP
diff --git a/extra/yassl/taocrypt/include/arc4.hpp b/extra/yassl/taocrypt/include/arc4.hpp
deleted file mode 100644
index ed6a35e054a..00000000000
--- a/extra/yassl/taocrypt/include/arc4.hpp
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* arc4.hpp defines ARC4
-*/
-
-
-#ifndef TAO_CRYPT_ARC4_HPP
-#define TAO_CRYPT_ARC4_HPP
-
-#include "misc.hpp"
-
-namespace TaoCrypt {
-
-
-// ARC4 encryption and decryption
-class ARC4 {
-public:
-    enum { STATE_SIZE = 256 };
-
-    typedef ARC4 Encryption;
-    typedef ARC4 Decryption;
-
-    ARC4() {}
-
-    void Process(byte*, const byte*, word32);
-    void SetKey(const byte*, word32);
-private:
-    byte x_;
-    byte y_;
-    byte state_[STATE_SIZE];
-
-    ARC4(const ARC4&);                  // hide copy
-    const ARC4 operator=(const ARC4&);  // and assign
-
-    void AsmProcess(byte*, const byte*, word32);
-};
-
-} // namespace
-
-
-#endif // TAO_CRYPT_ARC4_HPP
-
diff --git a/extra/yassl/taocrypt/include/asn.hpp b/extra/yassl/taocrypt/include/asn.hpp
deleted file mode 100644
index e8a8820ed1a..00000000000
--- a/extra/yassl/taocrypt/include/asn.hpp
+++ /dev/null
@@ -1,392 +0,0 @@
-/*
-   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* asn.hpp provides ASN1 BER, PublicKey, and x509v3 decoding 
-*/
-
-
-#ifndef TAO_CRYPT_ASN_HPP
-#define TAO_CRYPT_ASN_HPP
-
-
-#include "misc.hpp"
-#include "block.hpp"
-#include "error.hpp"
-#ifdef USE_SYS_STL
-    #include 
-#else
-    #include "list.hpp"
-#endif
-#include 
-
-namespace STL = STL_NAMESPACE;
-
-
-namespace TaoCrypt {
-
-// these tags and flags are not complete
-enum ASNTag
-{
-    BOOLEAN             = 0x01,
-    INTEGER             = 0x02,
-    BIT_STRING          = 0x03,
-    OCTET_STRING        = 0x04,
-    TAG_NULL            = 0x05,
-    OBJECT_IDENTIFIER   = 0x06,
-    OBJECT_DESCRIPTOR   = 0x07,
-    EXTERNAL            = 0x08,
-    REAL                = 0x09,
-    ENUMERATED          = 0x0a,
-    UTF8_STRING         = 0x0c,
-    SEQUENCE            = 0x10,
-    SET                 = 0x11,
-    NUMERIC_STRING      = 0x12,
-    PRINTABLE_STRING    = 0x13,
-    T61_STRING          = 0x14,
-    VIDEOTEXT_STRING    = 0x15,
-    IA5_STRING          = 0x16,
-    UTC_TIME            = 0x17,
-    GENERALIZED_TIME    = 0x18,
-    GRAPHIC_STRING      = 0x19,
-    VISIBLE_STRING      = 0x1a,
-    GENERAL_STRING      = 0x1b,
-    LONG_LENGTH         = 0x80
-};
-
-enum ASNIdFlag
-{
-    UNIVERSAL           = 0x00,
-    DATA                = 0x01,
-    HEADER              = 0x02,
-    CONSTRUCTED         = 0x20,
-    APPLICATION         = 0x40,
-    CONTEXT_SPECIFIC    = 0x80,
-    PRIVATE             = 0xc0
-};
-
-
-enum DNTags
-{
-    COMMON_NAME         = 0x03,  // CN
-    SUR_NAME            = 0x04,  // SN
-    COUNTRY_NAME        = 0x06,  // C
-    LOCALITY_NAME       = 0x07,  // L
-    STATE_NAME          = 0x08,  // ST
-    ORG_NAME            = 0x0a,  // O
-    ORGUNIT_NAME        = 0x0b   // OU
-};
-
-
-enum PCKS12_Tags
-{
-    /* DATA                      = 1, */ // from ASN1
-    SIGNED_DATA               = 2,
-    ENVELOPED_DATA            = 3,
-    SIGNED_AND_ENVELOPED_DATA = 4,
-    DIGESTED_DATA             = 5,
-    ENCRYPTED_DATA            = 6
-};
-
-
-enum Constants
-{
-    MIN_DATE_SZ   = 13,
-    MAX_DATE_SZ   = 16,
-    MAX_ALGO_SZ   = 16,
-    MAX_LENGTH_SZ =  5,    
-    MAX_SEQ_SZ    =  5,    // enum(seq|con) + length(4)
-    MAX_ALGO_SIZE =  9,
-    MAX_DIGEST_SZ = 69,    // SHA512 + enum(Bit or Octet) + length(4)
-    DSA_SIG_SZ    = 40,
-    ASN_NAME_MAX  = 512    // max total of all included names
-};
-
-
-class Source;
-class RSA_PublicKey;
-class RSA_PrivateKey;
-class DSA_PublicKey;
-class DSA_PrivateKey;
-class Integer;
-class DH;
-
-
-// General BER decoding
-class BER_Decoder : public virtual_base {
-protected:
-    Source& source_;
-public:
-    explicit BER_Decoder(Source& s) : source_(s) {}
-    virtual ~BER_Decoder() {}
-
-    Integer& GetInteger(Integer&);
-    word32   GetSequence();
-    word32   GetSet();
-    word32   GetVersion();
-    word32   GetExplicitVersion();
-
-    Error GetError();
-private:
-    virtual void ReadHeader() = 0;
-
-    BER_Decoder(const BER_Decoder&);            // hide copy
-    BER_Decoder& operator=(const BER_Decoder&); // and assign
-};
-
-
-// RSA Private Key BER Decoder
-class RSA_Private_Decoder : public BER_Decoder {
-public:
-    explicit RSA_Private_Decoder(Source& s) : BER_Decoder(s) {}
-    void Decode(RSA_PrivateKey&);
-private:
-    void ReadHeader();
-};
-
-
-// RSA Public Key BER Decoder
-class RSA_Public_Decoder : public BER_Decoder {
-public:
-    explicit RSA_Public_Decoder(Source& s) : BER_Decoder(s) {}
-    void Decode(RSA_PublicKey&);
-private:
-    void ReadHeader();
-    void ReadHeaderOpenSSL();
-};
-
-
-// DSA Private Key BER Decoder
-class DSA_Private_Decoder : public BER_Decoder {
-public:
-    explicit DSA_Private_Decoder(Source& s) : BER_Decoder(s) {}
-    void Decode(DSA_PrivateKey&);
-private:
-    void ReadHeader();
-};
-
-
-// DSA Public Key BER Decoder
-class DSA_Public_Decoder : public BER_Decoder {
-public:
-    explicit DSA_Public_Decoder(Source& s) : BER_Decoder(s) {}
-    void Decode(DSA_PublicKey&);
-private:
-    void ReadHeader();
-};
-
-
-// DH Key BER Decoder
-class DH_Decoder : public BER_Decoder {
-public:
-    explicit DH_Decoder(Source& s) : BER_Decoder(s) {}
-    void Decode(DH&);
-private:
-    void ReadHeader();
-};
-
-
-// PKCS12 BER Decoder
-class PKCS12_Decoder : public BER_Decoder {
-public:
-    explicit PKCS12_Decoder(Source& s) : BER_Decoder(s) {}
-    void Decode();
-private:
-    void ReadHeader();
-};
-
-
-// General PublicKey
-class PublicKey {
-    byte*  key_;
-    word32 sz_;
-public:
-    explicit PublicKey(const byte* k = 0, word32 s = 0);
-    ~PublicKey() { tcArrayDelete(key_); }
-
-    const byte* GetKey() const { return key_; }
-    word32      size()   const { return sz_; }
-
-    void SetKey(const byte*);
-    void SetSize(word32 s);
-
-    void AddToEnd(const byte*, word32);
-private:
-    PublicKey(const PublicKey&);            // hide copy
-    PublicKey& operator=(const PublicKey&); // and assign
-};
-
-
-enum { SHA_SIZE = 20 };
-
-
-// A Signing Authority
-class Signer {
-    PublicKey key_;
-    char      name_[ASN_NAME_MAX];
-    byte      hash_[SHA_SIZE];
-public:
-    Signer(const byte* k, word32 kSz, const char* n, const byte* h);
-    ~Signer();
-
-    const PublicKey& GetPublicKey()  const { return key_; }
-    const char*      GetName()       const { return name_; }
-    const byte*      GetHash()       const { return hash_; }
-
-private:
-    Signer(const Signer&);              // hide copy
-    Signer& operator=(const Signer&);   // and assign
-};
-
-
-typedef STL::list SignerList;
-
-
-enum ContentType { HUH = 651 };
-enum SigType  { SHAwDSA = 517, MD2wRSA = 646, MD5wRSA = 648, SHAwRSA = 649,
-                SHA256wRSA = 655, SHA384wRSA = 656, SHA512wRSA = 657,
-                SHA256wDSA = 416 };
-enum HashType { MD2h = 646, MD5h = 649, SHAh = 88, SHA256h = 414, SHA384h = 415,
-                SHA512h = 416 };
-enum KeyType  { DSAk = 515, RSAk = 645 };     // sums of algo OID
-
-
-// an x509v Certificate BER Decoder
-class CertDecoder : public BER_Decoder {
-public:
-    enum DateType { BEFORE, AFTER };   
-    enum NameType { ISSUER, SUBJECT };
-    enum CertType { CA, USER };
-
-    explicit CertDecoder(Source&, bool decode = true, SignerList* sl = 0,
-                         bool noVerify = false, CertType ct = USER);
-    ~CertDecoder();
-
-    const PublicKey& GetPublicKey()  const { return key_; }
-    KeyType          GetKeyType()    const { return KeyType(keyOID_); }
-    const char*      GetIssuer()     const { return issuer_; }
-    const char*      GetCommonName() const { return subject_; }
-    const byte*      GetHash()       const { return subjectHash_; }
-    const char*      GetBeforeDate() const { return beforeDate_; }
-    byte             GetBeforeDateType() const { return beforeDateType_; }
-    const char*      GetAfterDate()  const { return afterDate_; }
-    byte             GetAfterDateType() const { return afterDateType_; }
-    int              GetSubjectCnStart()  const { return subCnPos_; }
-    int              GetIssuerCnStart()   const { return issCnPos_; }
-    int              GetSubjectCnLength() const { return subCnLen_; }
-    int              GetIssuerCnLength()  const { return issCnLen_; }
-
-    void DecodeToKey();
-private:
-    PublicKey key_;
-    word32    certBegin_;               // offset to start of cert
-    word32    sigIndex_;                // offset to start of signature
-    word32    sigLength_;               // length of signature
-    word32    signatureOID_;            // sum of algorithm object id
-    word32    keyOID_;                  // sum of key algo  object id
-    int       subCnPos_;                // subject common name start, -1 is none
-    int       subCnLen_;                // length of above
-    int       issCnPos_;                // issuer common name start, -1 is none
-    int       issCnLen_;                // length of above
-    byte      subjectHash_[SHA_SIZE];   // hash of all Names
-    byte      issuerHash_[SHA_SIZE];    // hash of all Names
-    byte*     signature_;
-    char      issuer_[ASN_NAME_MAX];    // Names
-    char      subject_[ASN_NAME_MAX];   // Names
-    char      beforeDate_[MAX_DATE_SZ+1]; // valid before date, +null term
-    byte      beforeDateType_;          // beforeDate time type
-    char      afterDate_[MAX_DATE_SZ+1];  // valid after date, +null term
-    byte      afterDateType_;           // afterDate time type
-    bool      verify_;                    // Default to yes, but could be off
-
-    void   ReadHeader();
-    void   Decode(SignerList*, CertType);
-    void   StoreKey();
-    void   AddDSA();
-    bool   ValidateSelfSignature();
-    bool   ValidateSignature(SignerList*);
-    bool   ConfirmSignature(Source&);
-    void   GetKey();
-    char*  AddTag(char*, const char*, const char*, word32, word32);
-    void   GetName(NameType);
-    void   GetValidity();
-    void   GetDate(DateType);
-    void   GetCompareHash(const byte*, word32, byte*, word32);
-    word32 GetAlgoId();
-    word32 GetSignature();
-    word32 GetDigest();
-};
-
-
-word32 GetLength(Source&);
-
-word32 SetLength(word32, byte*);
-word32 SetSequence(word32, byte*);
-
-word32 EncodeDSA_Signature(const byte* signature, byte* output);
-word32 EncodeDSA_Signature(const Integer& r, const Integer& s, byte* output);
-word32 DecodeDSA_Signature(byte* decoded, const byte* encoded, word32 sz);
-
-
-// General DER encoding
-class DER_Encoder : public virtual_base {
-public:
-    DER_Encoder() {}
-    virtual ~DER_Encoder() {}
-
-    word32 SetAlgoID(HashType, byte*);
-
-    Error  GetError() const { return error_; }
-private:
-    //virtual void WriteHeader() = 0;
-    Error error_;
-
-    DER_Encoder(const DER_Encoder&);            // hide copy
-    DER_Encoder& operator=(const DER_Encoder&); // and assign
-};
-
-
-
-class Signature_Encoder : public DER_Encoder {
-    const byte* digest_;
-    word32      digestSz_;
-    SigType     digestOID_;
-public:
-    explicit Signature_Encoder(const byte*, word32, HashType, Source&);
-
-private:
-    void   WriteHeader();
-    word32 SetDigest(const byte*, word32, byte*);
-
-    Signature_Encoder(const Signature_Encoder&);            // hide copy
-    Signature_Encoder& operator=(const Signature_Encoder&); // and assign
-};
-
-
-// Get Cert in PEM format from BEGIN to END
-int GetCert(Source&);
-
-// Get Cert in PEM format from pkcs12 file
-int GetPKCS_Cert(const char* password, Source&);
-
-void ASN1_TIME_extract(const unsigned char* date, unsigned char format,
-                       tm *parsed_time);
-
-} // namespace
-
-
-#endif // TAO_CRYPT_ASN_HPP
diff --git a/extra/yassl/taocrypt/include/block.hpp b/extra/yassl/taocrypt/include/block.hpp
deleted file mode 100644
index b5958a06955..00000000000
--- a/extra/yassl/taocrypt/include/block.hpp
+++ /dev/null
@@ -1,203 +0,0 @@
-/*
-   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-
-/* block.hpp provides word and byte blocks with configurable allocators
-*/
-
-
-#ifndef TAO_CRYPT_BLOCK_HPP
-#define TAO_CRYPT_BLOCK_HPP
-
-#include "misc.hpp"
-#include          // memcpy
-#include          // ptrdiff_t
-
-#ifdef USE_SYS_STL
-    #include 
-#else
-    #include "algorithm.hpp"
-#endif
-
-
-namespace STL = STL_NAMESPACE;
-
-
-namespace TaoCrypt {
-
-
-// a Base class for Allocators
-template
-class AllocatorBase
-{
-public:
-    typedef T         value_type;
-    typedef size_t    size_type;
-    typedef ptrdiff_t difference_type;
-    typedef T*        pointer;
-    typedef const T*  const_pointer;
-    typedef T&        reference;
-    typedef const T&  const_reference;
-
-    pointer       address(reference r) const {return (&r);}
-    const_pointer address(const_reference r) const {return (&r); }
-    void          construct(pointer p, const T& val) {new (p) T(val);}
-    void          destroy(pointer p) {p->~T();}
-    size_type     max_size() const {return ~size_type(0)/sizeof(T);}
-protected:
-};
-
-
-// General purpose realloc
-template
-typename A::pointer StdReallocate(A& a, T* p, typename A::size_type oldSize,
-                                  typename A::size_type newSize, bool preserve)
-{
-    if (oldSize == newSize)
-        return p;
-
-    if (preserve) {
-        A b = A();
-        typename A::pointer newPointer = b.allocate(newSize, 0);
-        memcpy(newPointer, p, sizeof(T) * min(oldSize, newSize));
-        a.deallocate(p, oldSize);
-        STL::swap(a, b);
-        return newPointer;
-    }
-    else {
-        a.deallocate(p, oldSize);
-        return a.allocate(newSize, 0);
-    }
-}
-
-
-// Allocator that zeros out memory on deletion
-template 
-class AllocatorWithCleanup : public AllocatorBase
-{
-public:
-    typedef typename AllocatorBase::pointer   pointer;
-    typedef typename AllocatorBase::size_type size_type;
-
-    pointer allocate(size_type n, const void* = 0)
-    {
-        if (n > this->max_size())
-            return 0;
-        if (n == 0)
-            return 0;
-        return NEW_TC T[n];
-    }
-
-    void deallocate(void* p, size_type n)
-    {
-        memset(p, 0, n * sizeof(T));
-        tcArrayDelete((T*)p);
-    }
-
-    pointer reallocate(T* p, size_type oldSize, size_type newSize,
-                       bool preserve)
-    {
-        return StdReallocate(*this, p, oldSize, newSize, preserve);
-    }
-
-    // VS.NET STL enforces the policy of "All STL-compliant allocators have to
-    // provide a template class member called rebind".
-    template  struct rebind { typedef AllocatorWithCleanup other;};
-};
-
-
-// Block class template
-template >
-class Block {
-public:
-    explicit Block(word32 s = 0) : sz_(s), buffer_(allocator_.allocate(sz_)) 
-                    { CleanNew(sz_); }
-
-    Block(const T* buff, word32 s) : sz_(s), buffer_(allocator_.allocate(sz_))
-        { memcpy(buffer_, buff, sz_ * sizeof(T)); }
-
-    Block(const Block& that) : sz_(that.sz_), buffer_(allocator_.allocate(sz_))
-        { memcpy(buffer_, that.buffer_, sz_ * sizeof(T)); }
-
-    Block& operator=(const Block& that) {
-        Block tmp(that);
-        Swap(tmp);
-        return *this;
-    }
-
-    T& operator[] (word32 i) { return buffer_[i]; }
-    const T& operator[] (word32 i) const { return buffer_[i]; }
-
-    T* operator+ (word32 i) { return buffer_ + i; }
-    const T* operator+ (word32 i) const { return buffer_ + i; }
-
-    word32 size() const { return sz_; }
-
-    T* get_buffer() const { return buffer_; }
-    T* begin()      const { return get_buffer(); }
-
-    void CleanGrow(word32 newSize)
-    {
-        if (newSize > sz_) {
-            buffer_ = allocator_.reallocate(buffer_, sz_, newSize, true);
-            memset(buffer_ + sz_, 0, (newSize - sz_) * sizeof(T));
-            sz_ = newSize;
-        }
-    }
-
-    void CleanNew(word32 newSize)
-    {
-        New(newSize);
-        if (sz_ > 0)
-          memset(buffer_, 0, sz_ * sizeof(T));
-    }
-
-    void New(word32 newSize)
-    {
-        buffer_ = allocator_.reallocate(buffer_, sz_, newSize, false);
-        sz_ = newSize;
-    }
-
-    void resize(word32 newSize)
-    {
-        buffer_ = allocator_.reallocate(buffer_, sz_, newSize, true);
-        sz_ = newSize;
-    }
-
-    void Swap(Block& other) {
-        STL::swap(sz_, other.sz_);
-        STL::swap(buffer_, other.buffer_);
-        STL::swap(allocator_, other.allocator_);
-    }
-
-    ~Block() { allocator_.deallocate(buffer_, sz_); }
-private:
-    A      allocator_;
-    word32 sz_;     // size in Ts
-    T*     buffer_;
-};
-
-
-typedef Block   ByteBlock;
-typedef Block   WordBlock;
-typedef Block Word32Block;
-
-
-} // namespace
-
-#endif // TAO_CRYPT_BLOCK_HPP
diff --git a/extra/yassl/taocrypt/include/blowfish.hpp b/extra/yassl/taocrypt/include/blowfish.hpp
deleted file mode 100644
index 74ea7f99480..00000000000
--- a/extra/yassl/taocrypt/include/blowfish.hpp
+++ /dev/null
@@ -1,88 +0,0 @@
-/*
-   Copyright (c) 2006, 2012, Oracle and/or its affiliates
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* blowfish.hpp defines Blowfish
-*/
-
-
-#ifndef TAO_CRYPT_BLOWFISH_HPP
-#define TAO_CRYPT_BLOWFISH_HPP
-
-#include "misc.hpp"
-#include "modes.hpp"
-#ifdef USE_SYS_STL
-    #include 
-#else
-    #include "algorithm.hpp"
-#endif
-
-
-namespace STL = STL_NAMESPACE;
-
-
-#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM)
-    #define DO_BLOWFISH_ASM
-#endif
-
-
-namespace TaoCrypt {
-
-enum { BLOWFISH_BLOCK_SIZE = 8 };
-
-
-// Blowfish encryption and decryption, see 
-class Blowfish : public Mode_BASE {
-public:
-    enum { BLOCK_SIZE = BLOWFISH_BLOCK_SIZE, ROUNDS = 16 };
-
-    Blowfish(CipherDir DIR, Mode MODE)
-        : Mode_BASE(BLOCK_SIZE, DIR, MODE), sbox_(pbox_ + ROUNDS + 2) {}
-
-#ifdef DO_BLOWFISH_ASM
-    void Process(byte*, const byte*, word32);
-#endif
-    void SetKey(const byte* key, word32 sz, CipherDir fake = ENCRYPTION);
-    void SetIV(const byte* iv) { memcpy(r_, iv, BLOCK_SIZE); }
-private:
-    static const word32 p_init_[ROUNDS + 2];
-    static const word32 s_init_[4 * 256];
-
-    word32 pbox_[ROUNDS + 2 + 4 * 256];
-    word32* sbox_;
-
-    void crypt_block(const word32 in[2], word32 out[2]) const;
-    void AsmProcess(const byte* in, byte* out) const;
-    void ProcessAndXorBlock(const byte*, const byte*, byte*) const;
-
-    Blowfish(const Blowfish&);            // hide copy
-    Blowfish& operator=(const Blowfish&); // and assign
-};
-
-
-typedef BlockCipher Blowfish_ECB_Encryption;
-typedef BlockCipher Blowfish_ECB_Decryption;
-
-typedef BlockCipher Blowfish_CBC_Encryption;
-typedef BlockCipher Blowfish_CBC_Decryption;
-
-
-
-} // namespace
-
-#endif // TAO_CRYPT_BLOWFISH_HPP
-
diff --git a/extra/yassl/taocrypt/include/coding.hpp b/extra/yassl/taocrypt/include/coding.hpp
deleted file mode 100644
index 758ac452673..00000000000
--- a/extra/yassl/taocrypt/include/coding.hpp
+++ /dev/null
@@ -1,92 +0,0 @@
-/*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* coding.hpp defines hex and base64 encoding/decoing
-*/
-
-#ifndef TAO_CRYPT_CODING_HPP
-#define TAO_CRYPT_CODING_HPP
-
-#include "misc.hpp"
-#include "block.hpp"
-
-namespace TaoCrypt {
-
-class Source;
-
-
-// Hex Encoding, see RFC 3548
-class HexEncoder {
-    ByteBlock encoded_;
-    Source&     plain_;
-public:
-    explicit HexEncoder(Source& s) : plain_(s) { Encode(); }
-private:
-    void Encode();
-
-    HexEncoder(const HexEncoder&);              // hide copy
-    HexEncoder& operator=(const HexEncoder&);   // and assign
-};
-
-
-// Hex Decoding, see RFC 3548
-class HexDecoder {
-    ByteBlock decoded_;
-    Source&     coded_;
-public:
-    explicit HexDecoder(Source& s) : coded_(s) { Decode(); }
-private:
-    void Decode();
-
-    HexDecoder(const HexDecoder&);              // hide copy
-    HexDecoder& operator=(const HexDecoder&);   // and assign
-};
-
-
-// Base 64 encoding, see RFC 3548
-class Base64Encoder {
-    ByteBlock encoded_;
-    Source&     plain_;
-public:
-    explicit Base64Encoder(Source& s) : plain_(s) { Encode(); }
-private:
-    void Encode();
-
-    Base64Encoder(const Base64Encoder&);              // hide copy
-    Base64Encoder& operator=(const Base64Encoder&);   // and assign
-};
-
-
-// Base 64 decoding, see RFC 3548
-class Base64Decoder {
-    ByteBlock decoded_;
-    Source&     coded_;
-public:
-    explicit Base64Decoder(Source& s) : coded_(s) { Decode(); }
-private:
-    void Decode();
-
-    Base64Decoder(const Base64Decoder&);              // hide copy
-    Base64Decoder& operator=(const Base64Decoder&);   // and assign
-};
-
-
-}  // namespace
-
-#endif // TAO_CRYPT_CODING_HPP
diff --git a/extra/yassl/taocrypt/include/des.hpp b/extra/yassl/taocrypt/include/des.hpp
deleted file mode 100644
index 074cc80d3dd..00000000000
--- a/extra/yassl/taocrypt/include/des.hpp
+++ /dev/null
@@ -1,130 +0,0 @@
-/*
-   Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* des.hpp defines DES, DES_EDE2, and DES_EDE3
-   see FIPS 46-2 and FIPS 81
-*/
-
-
-#ifndef TAO_CRYPT_DES_HPP
-#define TAO_CRYPT_DES_HPP
-
-#include "misc.hpp"
-#include "modes.hpp"
-
-
-#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM)
-    #define DO_DES_ASM
-#endif
-
-
-namespace TaoCrypt {
-
-
-enum { DES_BLOCK_SIZE = 8, DES_KEY_SIZE = 32 };
-
-
-class BasicDES {
-public:
-    void SetKey(const byte*, word32, CipherDir dir);
-    void RawProcessBlock(word32&, word32&) const;
-protected:
-    word32 k_[DES_KEY_SIZE];
-};
-
-
-// DES 
-class DES : public Mode_BASE, public BasicDES {
-public:
-    DES(CipherDir DIR, Mode MODE) 
-        : Mode_BASE(DES_BLOCK_SIZE, DIR, MODE) {}
-
-private:
-    void ProcessAndXorBlock(const byte*, const byte*, byte*) const;
-
-    DES(const DES&);              // hide copy
-    DES& operator=(const DES&);   // and assign
-};
-
-
-// DES_EDE2
-class DES_EDE2 : public Mode_BASE {
-public:
-    DES_EDE2(CipherDir DIR, Mode MODE) 
-        : Mode_BASE(DES_BLOCK_SIZE, DIR, MODE) {}
-
-    void SetKey(const byte*, word32, CipherDir dir);
-private:
-    BasicDES  des1_;
-    BasicDES  des2_;
-
-    void ProcessAndXorBlock(const byte*, const byte*, byte*) const;
-
-    DES_EDE2(const DES_EDE2&);              // hide copy
-    DES_EDE2& operator=(const DES_EDE2&);   // and assign
-};
-
-
-
-// DES_EDE3
-class DES_EDE3 : public Mode_BASE {
-public:
-    DES_EDE3(CipherDir DIR, Mode MODE)
-        : Mode_BASE(DES_BLOCK_SIZE, DIR, MODE) {}
-
-    void SetKey(const byte*, word32, CipherDir dir);
-    void SetIV(const byte* iv) { memcpy(r_, iv, DES_BLOCK_SIZE); }
-#ifdef DO_DES_ASM
-    void Process(byte*, const byte*, word32);
-#endif
-private:
-    BasicDES  des1_;
-    BasicDES  des2_;
-    BasicDES  des3_;
-
-    void AsmProcess(const byte* in, byte* out, void* box) const;
-    void ProcessAndXorBlock(const byte*, const byte*, byte*) const;
-
-    DES_EDE3(const DES_EDE3&);              // hide copy
-    DES_EDE3& operator=(const DES_EDE3&);   // and assign
-};
-
-
-typedef BlockCipher DES_ECB_Encryption;
-typedef BlockCipher DES_ECB_Decryption;
-
-typedef BlockCipher DES_CBC_Encryption;
-typedef BlockCipher DES_CBC_Decryption;
-
-typedef BlockCipher DES_EDE2_ECB_Encryption;
-typedef BlockCipher DES_EDE2_ECB_Decryption;
-
-typedef BlockCipher DES_EDE2_CBC_Encryption;
-typedef BlockCipher DES_EDE2_CBC_Decryption;
-
-typedef BlockCipher DES_EDE3_ECB_Encryption;
-typedef BlockCipher DES_EDE3_ECB_Decryption;
-
-typedef BlockCipher DES_EDE3_CBC_Encryption;
-typedef BlockCipher DES_EDE3_CBC_Decryption;
-
-
-} // namespace
-
-
-#endif // TAO_CRYPT_DES_HPP
diff --git a/extra/yassl/taocrypt/include/dh.hpp b/extra/yassl/taocrypt/include/dh.hpp
deleted file mode 100644
index 84c41004107..00000000000
--- a/extra/yassl/taocrypt/include/dh.hpp
+++ /dev/null
@@ -1,87 +0,0 @@
-/*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* dh.hpp provides Diffie-Hellman support
-*/
-
-
-#ifndef TAO_CRYPT_DH_HPP
-#define TAO_CRYPT_DH_HPP
-
-#include "misc.hpp"
-#include "integer.hpp"
-
-namespace TaoCrypt {
-
-
-class Source;
-
-
-// Diffie-Hellman
-class DH {
-public:
-    DH() {}
-    DH(Integer& p, Integer& g) : p_(p), g_(g) {}
-    explicit DH(Source&);
-
-    DH(const DH& that) : p_(that.p_), g_(that.g_) {}
-    DH& operator=(const DH& that) 
-    {
-        DH tmp(that);
-        Swap(tmp);
-        return *this;
-    }
-
-    void Swap(DH& other)
-    {
-        p_.Swap(other.p_);
-        g_.Swap(other.g_);
-    }
-
-    void Initialize(Source&);
-    void Initialize(Integer& p, Integer& g)
-    {
-        SetP(p);
-        SetG(g);
-    }
-
-    void GenerateKeyPair(RandomNumberGenerator&, byte*, byte*);
-    void Agree(byte*, const byte*, const byte*, word32 otherSz = 0);
-
-    void SetP(const Integer& p) { p_ = p; }
-    void SetG(const Integer& g) { g_ = g; }
-
-    Integer& GetP() { return p_; }
-    Integer& GetG() { return g_; }
-
-    // for p and agree
-    word32 GetByteLength() const { return p_.ByteCount(); }
-private:
-    // group parms
-    Integer p_;
-    Integer g_;
-
-    void GeneratePrivate(RandomNumberGenerator&, byte*);
-    void GeneratePublic(const byte*, byte*);    
-};
-
-
-} // namespace
-
-#endif // TAO_CRYPT_DH_HPP
diff --git a/extra/yassl/taocrypt/include/dsa.hpp b/extra/yassl/taocrypt/include/dsa.hpp
deleted file mode 100644
index e35b56a1d91..00000000000
--- a/extra/yassl/taocrypt/include/dsa.hpp
+++ /dev/null
@@ -1,127 +0,0 @@
-/*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* dsa.hpp provides Digitial Signautre Algorithm see FIPS 186-2
-*/
-
-#ifndef TAO_CRYPT_DSA_HPP
-#define TAO_CRYPT_DSA_HPP
-
-#include "integer.hpp"
-
-
-namespace TaoCrypt {
-
-class Source;
-
-
-class DSA_PublicKey {
-protected:
-    Integer p_;
-    Integer q_;
-    Integer g_;
-    Integer y_;
-public:
-    DSA_PublicKey() {}
-    explicit DSA_PublicKey(Source&);
-
-    void Initialize(Source&);
-    void Initialize(const Integer& p, const Integer& q, const Integer& g,
-                    const Integer& y);
-    
-    const Integer& GetModulus() const;
-    const Integer& GetSubGroupOrder() const;
-    const Integer& GetSubGroupGenerator() const;
-    const Integer& GetPublicPart() const;
-
-    void SetModulus(const Integer&);
-    void SetSubGroupOrder(const Integer&);
-    void SetSubGroupGenerator(const Integer&);
-    void SetPublicPart(const Integer&);
-
-    word32 SignatureLength() const;
- 
-    DSA_PublicKey(const DSA_PublicKey&);
-    DSA_PublicKey& operator=(const DSA_PublicKey&);
-
-    void Swap(DSA_PublicKey& other);
-};
-
-
-
-class DSA_PrivateKey : public DSA_PublicKey {
-    Integer x_;
-public:
-    DSA_PrivateKey() {}
-    explicit DSA_PrivateKey(Source&);
-
-    void Initialize(Source&);
-    void Initialize(const Integer& p, const Integer& q, const Integer& g,
-                    const Integer& y, const Integer& x);
-    
-    const Integer& GetPrivatePart() const;
-
-    void SetPrivatePart(const Integer&);
-private:
-    DSA_PrivateKey(const DSA_PrivateKey&);            // hide copy
-    DSA_PrivateKey& operator=(const DSA_PrivateKey&); // and assign
-};
-
-
-
-class DSA_Signer {
-    const DSA_PrivateKey& key_;
-    Integer               r_;
-    Integer               s_;
-public:
-    explicit DSA_Signer(const DSA_PrivateKey&);
-
-    word32 Sign(const byte* sha_digest, byte* sig, RandomNumberGenerator&);
-
-    const Integer& GetR() const;
-    const Integer& GetS() const;
-private:
-    DSA_Signer(const DSA_Signer&);      // hide copy
-    DSA_Signer& operator=(DSA_Signer&); // and assign
-};
-
-
-class DSA_Verifier {
-    const DSA_PublicKey& key_;
-    Integer              r_;
-    Integer              s_;
-public:
-    explicit DSA_Verifier(const DSA_PublicKey&);
-
-    bool Verify(const byte* sha_digest, const byte* sig);
-
-    const Integer& GetR() const;
-    const Integer& GetS() const;
-private:
-    DSA_Verifier(const DSA_Verifier&);              // hide copy
-    DSA_Verifier& operator=(const DSA_Verifier&);   // and assign
-};
-
-
-
-
-
-} // namespace
-
-#endif // TAO_CRYPT_DSA_HPP
diff --git a/extra/yassl/taocrypt/include/error.hpp b/extra/yassl/taocrypt/include/error.hpp
deleted file mode 100644
index a749c00d80d..00000000000
--- a/extra/yassl/taocrypt/include/error.hpp
+++ /dev/null
@@ -1,89 +0,0 @@
-/*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* error.hpp provides a taocrypt error numbers
- *
- */
-
-
-#ifndef TAO_CRYPT_ERROR_HPP
-#define TAO_CRYPT_ERROR_HPP
-
-
-namespace TaoCrypt {
-
-
-enum ErrorNumber {
-
-NO_ERROR_E   =    0, // "not in error state"
-
-// RandomNumberGenerator
-WINCRYPT_E      = 1001, // "bad wincrypt acquire"
-CRYPTGEN_E      = 1002, // "CryptGenRandom error"
-OPEN_RAN_E      = 1003, // "open /dev/urandom error"
-READ_RAN_E      = 1004, // "read /dev/urandom error"
-
-// Integer
-INTEGER_E       = 1010, // "bad DER Integer Header"
-
-
-// ASN.1
-SEQUENCE_E      = 1020, // "bad Sequence Header"
-SET_E           = 1021, // "bad Set Header"
-VERSION_E       = 1022, // "version length not 1"
-SIG_OID_E       = 1023, // "signature OID mismatch"
-BIT_STR_E       = 1024, // "bad BitString Header"
-UNKNOWN_OID_E   = 1025, // "unknown key OID type"
-OBJECT_ID_E     = 1026, // "bad Ojbect ID Header"
-TAG_NULL_E      = 1027, // "expected TAG NULL"
-EXPECT_0_E      = 1028, // "expected 0"
-OCTET_STR_E     = 1029, // "bad Octet String Header"
-TIME_E          = 1030, // "bad TIME"
-
-DATE_SZ_E       = 1031, // "bad Date Size"
-SIG_LEN_E       = 1032, // "bad Signature Length"
-UNKOWN_SIG_E    = 1033, // "unknown signature OID"
-UNKOWN_HASH_E   = 1034, // "unknown hash OID"
-DSA_SZ_E        = 1035, // "bad DSA r or s size"
-BEFORE_DATE_E   = 1036, // "before date in the future"
-AFTER_DATE_E    = 1037, // "after date in the past"
-SIG_CONFIRM_E   = 1038, // "bad self  signature confirmation"
-SIG_OTHER_E     = 1039, // "bad other signature confirmation"
-
-CONTENT_E       = 1040, // "bad content processing"
-PEM_E           = 1041  // "bad pem format error"
-
-    //  add error string to yassl/src/yassl_error.cpp !!! 
-};
-
-
-struct Error {
-    ErrorNumber  what_;    // description number, 0 for no error
-
-    explicit Error(ErrorNumber w = NO_ERROR_E) : what_(w) {}
-
-    ErrorNumber What()            const  { return what_; }
-    void        SetError(ErrorNumber w)  { what_ = w; }
-};
-
-
-
-} // namespace TaoCrypt
-
-#endif // TAO_CRYPT_ERROR_HPP
diff --git a/extra/yassl/taocrypt/include/file.hpp b/extra/yassl/taocrypt/include/file.hpp
deleted file mode 100644
index 1e2955d8737..00000000000
--- a/extra/yassl/taocrypt/include/file.hpp
+++ /dev/null
@@ -1,130 +0,0 @@
-/*
-   Copyright (C) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* file.hpp provies File Sources and Sinks
-*/
-
-
-#ifndef TAO_CRYPT_FILE_HPP
-#define TAO_CRYPT_FILE_HPP
-
-#include "misc.hpp"
-#include "block.hpp"
-#include "error.hpp"
-#include 
-
-namespace TaoCrypt {
-
-
-class Source {
-    ByteBlock buffer_;
-    word32    current_;
-    Error     error_;
-public:
-    explicit Source(word32 sz = 0) : buffer_(sz), current_(0) {}
-    Source(const byte* b, word32 sz) : buffer_(b, sz), current_(0) {}
-
-    word32 remaining()         { if (GetError().What()) return 0;
-                                 else return buffer_.size() - current_; } 
-    word32 size() const        { return buffer_.size(); }
-    void   grow(word32 sz)     { buffer_.CleanGrow(sz); }
-
-    bool IsLeft(word32 sz) { if (remaining() >= sz) return true;
-                             else { SetError(CONTENT_E); return false; } }
-   
-    const byte*  get_buffer()  const { return buffer_.get_buffer(); }
-    const byte*  get_current() const { return &buffer_[current_]; }
-    word32       get_index()   const { return current_; }
-    void         set_index(word32 i) { if (i < size()) current_ = i; }
-
-    byte operator[] (word32 i) { current_ = i; return next(); }
-    byte next() { if (IsLeft(1)) return buffer_[current_++]; else return 0; }
-    byte prev() { if (current_)  return buffer_[--current_]; else return 0; }
-
-    void add(const byte* data, word32 len)
-    {
-        if (IsLeft(len)) {
-            memcpy(buffer_.get_buffer() + current_, data, len);
-            current_ += len;
-        }
-    }
-
-    void advance(word32 i) { if (IsLeft(i)) current_ += i; }
-    void reset(ByteBlock&);
-
-    Error  GetError()              { return error_; }
-    void   SetError(ErrorNumber w) { error_.SetError(w); }
-
-    friend class FileSource;  // for get()
-
-    Source(const Source& that)
-        : buffer_(that.buffer_), current_(that.current_) {}
-
-    Source& operator=(const Source& that)
-    {
-        Source tmp(that);
-        Swap(tmp);
-        return *this;
-    }
-
-    void Swap(Source& other) 
-    {
-        buffer_.Swap(other.buffer_);
-        STL::swap(current_, other.current_);
-    }
-
-};
-
-
-// File Source
-class FileSource {
-    FILE* file_;
-public:
-    FileSource(const char* fname, Source& source);
-    ~FileSource();
-   
-    word32   size(bool use_current = false);
-private:
-    word32   get(Source&);
-    word32   size_left();                     
-
-    FileSource(const FileSource&);            // hide
-    FileSource& operator=(const FileSource&); // hide
-};
-
-
-// File Sink
-class FileSink {
-    FILE* file_;
-public:
-    FileSink(const char* fname, Source& source);
-    ~FileSink();
-
-    word32 size(bool use_current = false);
-private:
-    size_t put(Source&);
-
-    FileSink(const FileSink&);            // hide
-    FileSink& operator=(const FileSink&); // hide
-};
-
-
-
-} // namespace
-
-#endif // TAO_CRYPT_FILE_HPP
diff --git a/extra/yassl/taocrypt/include/hash.hpp b/extra/yassl/taocrypt/include/hash.hpp
deleted file mode 100644
index 4ffb305869a..00000000000
--- a/extra/yassl/taocrypt/include/hash.hpp
+++ /dev/null
@@ -1,110 +0,0 @@
-/*
-   Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* hash.hpp provides a base for digest types
-*/
-
-
-#ifndef TAO_CRYPT_HASH_HPP
-#define TAO_CRYPT_HASH_HPP
-
-#include "misc.hpp"
-
-namespace TaoCrypt {
-
-
-// HASH
-class HASH : public virtual_base {
-public:
-    virtual ~HASH() {}
-
-    virtual void Update(const byte*, word32) = 0;
-    virtual void Final(byte*)                = 0;
-
-    virtual void Init() = 0;
-
-    virtual word32 getBlockSize()  const = 0;
-    virtual word32 getDigestSize() const = 0;
-};
-
-
-// HASH with Transform
-class HASHwithTransform : public HASH {
-public:
-    HASHwithTransform(word32 digSz, word32 buffSz);
-    virtual ~HASHwithTransform() {}
-    virtual ByteOrder getByteOrder()  const = 0;
-    virtual word32    getPadSize()    const = 0;
-
-    virtual void Update(const byte*, word32);
-    virtual void Final(byte*);
-
-    word32  GetBitCountLo() const { return  loLen_ << 3; }
-    word32  GetBitCountHi() const { return (loLen_ >> (8*sizeof(loLen_) - 3)) +
-                                           (hiLen_ << 3); } 
-    enum { MaxDigestSz = 8, MaxBufferSz = 64 };
-protected:
-    typedef word32 HashLengthType;
-    word32          buffLen_;   // in bytes
-    HashLengthType  loLen_;     // length in bytes
-    HashLengthType  hiLen_;     // length in bytes
-    word32          digest_[MaxDigestSz];
-    word32          buffer_[MaxBufferSz / sizeof(word32)];
-
-    virtual void Transform() = 0;
-
-    void AddLength(word32);
-};
-
-
-#ifdef WORD64_AVAILABLE
-
-// 64-bit HASH with Transform
-class HASH64withTransform : public HASH {
-public:
-    HASH64withTransform(word32 digSz, word32 buffSz);
-    virtual ~HASH64withTransform() {}
-    virtual ByteOrder getByteOrder()  const = 0;
-    virtual word32    getPadSize()    const = 0;
-
-    virtual void Update(const byte*, word32);
-    virtual void Final(byte*);
-
-    word32  GetBitCountLo() const { return  loLen_ << 3; }
-    word32  GetBitCountHi() const { return (loLen_ >> (8*sizeof(loLen_) - 3)) +
-                                           (hiLen_ << 3); } 
-    enum { MaxDigestSz = 8, MaxBufferSz = 128 };
-protected:
-    typedef word32 HashLengthType;
-    word32          buffLen_;   // in bytes
-    HashLengthType  loLen_;     // length in bytes
-    HashLengthType  hiLen_;     // length in bytes
-    word64          digest_[MaxDigestSz];
-    word64          buffer_[MaxBufferSz / sizeof(word64)];
-
-    virtual void Transform() = 0;
-
-    void AddLength(word32);
-};
-
-#endif // WORD64_AVAILABLE
-
-
-} // namespace
-
-#endif // TAO_CRYPT_HASH_HPP
diff --git a/extra/yassl/taocrypt/include/hc128.hpp b/extra/yassl/taocrypt/include/hc128.hpp
deleted file mode 100644
index e1ed337de6a..00000000000
--- a/extra/yassl/taocrypt/include/hc128.hpp
+++ /dev/null
@@ -1,63 +0,0 @@
-/*
-   Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
- 
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
- 
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
- 
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* hc128.hpp defines HC128
-*/
-
-
-#ifndef TAO_CRYPT_HC128_HPP
-#define TAO_CRYPT_HC128_HPP
-
-#include "misc.hpp"
-
-namespace TaoCrypt {
-
-
-// HC128 encryption and decryption
-class HC128 {
-public:
-
-    typedef HC128 Encryption;
-    typedef HC128 Decryption;
-
-
-    HC128() {}
-
-    void Process(byte*, const byte*, word32);
-    void SetKey(const byte*, const byte*);
-private:
-    word32 T_[1024];             /* P[i] = T[i];  Q[i] = T[1024 + i ]; */
-    word32 X_[16];
-    word32 Y_[16];
-    word32 counter1024_;         /* counter1024 = i mod 1024 at the ith step */
-    word32 key_[8];
-    word32 iv_[8];
-
-    void SetIV(const byte*);
-    void GenerateKeystream(word32*);
-    void SetupUpdate();
-
-    HC128(const HC128&);                  // hide copy
-    const HC128 operator=(const HC128&);  // and assign
-};
-
-} // namespace
-
-
-#endif // TAO_CRYPT_HC128_HPP
-
diff --git a/extra/yassl/taocrypt/include/hmac.hpp b/extra/yassl/taocrypt/include/hmac.hpp
deleted file mode 100644
index a5b16cdaf38..00000000000
--- a/extra/yassl/taocrypt/include/hmac.hpp
+++ /dev/null
@@ -1,139 +0,0 @@
-/*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* hamc.hpp implements HMAC, see RFC 2104
-*/
-
-
-#ifndef TAO_CRYPT_HMAC_HPP
-#define TAO_CRYPT_HMAC_HPP
-
-#include "hash.hpp"
-
-namespace TaoCrypt {
-
-
-// HMAC class template
-template 
-class HMAC {
-public:
-    enum { IPAD = 0x36, OPAD = 0x5C };
-
-    HMAC() : ipad_(reinterpret_cast(&ip_)), 
-             opad_(reinterpret_cast(&op_)),
-             innerHash_(reinterpret_cast(&innerH_)) 
-    { 
-        Init(); 
-    }
-    void Update(const byte*, word32);
-    void Final(byte*);
-    void Init();
-
-    void SetKey(const byte*, word32);
-private:
-    byte* ipad_;
-    byte* opad_;
-    byte* innerHash_;
-    bool  innerHashKeyed_;
-    T     mac_;
-
-    // MSVC 6 HACK, gives compiler error if calculated in array
-    enum { HMAC_BSIZE = T::BLOCK_SIZE  / sizeof(word32),
-           HMAC_DSIZE = T::DIGEST_SIZE / sizeof(word32) };
-
-    word32 ip_[HMAC_BSIZE];          // align ipad_ on word32
-    word32 op_[HMAC_BSIZE];          // align opad_ on word32
-    word32 innerH_[HMAC_DSIZE];      // align innerHash_ on word32
-
-    void KeyInnerHash();
-
-    HMAC(const HMAC&);
-    HMAC& operator= (const HMAC&);
-};
-
-
-// Setup
-template 
-void HMAC::Init()
-{
-    mac_.Init();
-    innerHashKeyed_ = false;
-}
-
-
-// Key generation
-template 
-void HMAC::SetKey(const byte* key, word32 length)
-{
-    Init();
-
-    if (length <= T::BLOCK_SIZE)
-        memcpy(ipad_, key, length);
-    else {
-        mac_.Update(key, length);
-        mac_.Final(ipad_);
-        length = T::DIGEST_SIZE;
-    }
-    memset(ipad_ + length, 0, T::BLOCK_SIZE - length);
-
-    for (word32 i = 0; i < T::BLOCK_SIZE; i++) {
-        opad_[i] = ipad_[i] ^ OPAD;
-        ipad_[i] ^= IPAD;
-    }
-}
-
-
-// Inner Key Hash
-template 
-void HMAC::KeyInnerHash()
-{
-    mac_.Update(ipad_, T::BLOCK_SIZE);
-    innerHashKeyed_ = true;
-}
-
-
-// Update
-template 
-void HMAC::Update(const byte* msg, word32 length)
-{
-    if (!innerHashKeyed_)
-        KeyInnerHash();
-    mac_.Update(msg, length);
-}
-
-
-// Final
-template 
-void HMAC::Final(byte* hash)
-{
-    if (!innerHashKeyed_)
-        KeyInnerHash();
-    mac_.Final(innerHash_);
-
-    mac_.Update(opad_, T::BLOCK_SIZE);
-    mac_.Update(innerHash_, T::DIGEST_SIZE);
-    mac_.Final(hash);
-
-    innerHashKeyed_ = false;
-}
-
-
-} // namespace
-
-#endif // TAO_CRYPT_HMAC_HPP
diff --git a/extra/yassl/taocrypt/include/integer.hpp b/extra/yassl/taocrypt/include/integer.hpp
deleted file mode 100644
index 613ed44b13d..00000000000
--- a/extra/yassl/taocrypt/include/integer.hpp
+++ /dev/null
@@ -1,332 +0,0 @@
-/*
-   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* based on Wei Dai's integer.h from CryptoPP */
-
-
-#ifndef TAO_CRYPT_INTEGER_HPP
-#define TAO_CRYPT_INTEGER_HPP
-
-
-#ifdef _MSC_VER
-    // 4250: dominance
-    // 4660: explicitly instantiating a class already implicitly instantiated
-    // 4661: no suitable definition provided for explicit template request
-    // 4786: identifer was truncated in debug information
-    // 4355: 'this' : used in base member initializer list
-#   pragma warning(disable: 4250 4660 4661 4786 4355)
-#endif
-
-
-#include "misc.hpp"
-#include "block.hpp"
-#include "random.hpp"
-#include "file.hpp"
-#include 
-#ifdef USE_SYS_STL
-    #include 
-#else
-    #include "algorithm.hpp"
-#endif
-
-
-#ifdef TAOCRYPT_X86ASM_AVAILABLE
-    #if defined(__GNUC__) && (__GNUC__ >= 4)
-        // GCC 4 or greater optimizes too much inline on recursive for bigint, 
-        // -O3 just as fast without asm here anyway
-        #undef TAOCRYPT_X86ASM_AVAILABLE
-    #endif
-#endif
-
-#ifdef TAOCRYPT_X86ASM_AVAILABLE
-
-#ifdef _M_IX86
-    #if (defined(__INTEL_COMPILER) && (__INTEL_COMPILER >= 500)) || \
-      (defined(__ICL) && (__ICL >= 500))
-        #define SSE2_INTRINSICS_AVAILABLE
-        #define TAOCRYPT_MM_MALLOC_AVAILABLE
-    #elif defined(_MSC_VER)
-        // _mm_free seems to be the only way to tell if the Processor Pack is
-        //installed or not
-        #include 
-        #if defined(_mm_free)
-            #define SSE2_INTRINSICS_AVAILABLE
-            #define TAOCRYPT_MM_MALLOC_AVAILABLE
-        #endif
-    #endif
-#endif
-
-// SSE2 intrinsics work in GCC 3.3 or later
-#if defined(__SSE2__) && (__GNUC__ == 4 || __GNUC_MAJOR__ > 3 ||  \
-                          __GNUC_MINOR__ > 2)
-    #define SSE2_INTRINSICS_AVAILABLE
-#endif
-
-#endif  // X86ASM
-
-
-
-
-namespace TaoCrypt {
-
-#if defined(SSE2_INTRINSICS_AVAILABLE)
-
-    // Allocator handling proper alignment
-    template 
-    class AlignedAllocator : public AllocatorBase
-    {
-    public:
-        typedef typename AllocatorBase::pointer   pointer;
-        typedef typename AllocatorBase::size_type size_type;
-
-        pointer allocate(size_type n, const void* = 0);
-        void deallocate(void* p, size_type n);
-        pointer reallocate(T* p, size_type oldSize, size_type newSize,
-                           bool preserve)
-        {
-            return StdReallocate(*this, p, oldSize, newSize, preserve);
-        }
-
-    #if !(defined(TAOCRYPT_MALLOC_ALIGNMENT_IS_16) || \
-        defined(TAOCRYPT_MEMALIGN_AVAILABLE) || \
-        defined(TAOCRYPT_MM_MALLOC_AVAILABLE))
-    #define TAOCRYPT_NO_ALIGNED_ALLOC
-        AlignedAllocator() : m_pBlock(0) {}
-    protected:
-        void *m_pBlock;
-    #endif
-    };
-
-    typedef Block > AlignedWordBlock;
-#else
-    typedef WordBlock AlignedWordBlock;
-#endif
-
-
-
-#ifdef _WIN32
-    #undef max // avoid name clash
-#endif
-// general MAX
-template inline
-const T& max(const T& a, const T& b)
-{
-    return a > b ? a : b;
-}
-
-
-// Large Integer class
-class Integer {
-public:
-        enum Sign {POSITIVE = 0, NEGATIVE = 1 };
-        enum Signedness { UNSIGNED, SIGNED };
-        enum RandomNumberType { ANY, PRIME };
-
-        class DivideByZero {};
-
-        Integer();
-        Integer(const Integer& t);
-        Integer(signed long value);
-        Integer(Sign s, word highWord, word lowWord);
-
-        // BER Decode Source
-        explicit Integer(Source&);
-
-        Integer(const byte* encodedInteger, unsigned int byteCount,
-                Signedness s = UNSIGNED);
-
-        ~Integer() {}
-      
-        static const Integer& Zero();
-        static const Integer& One();
-
-        Integer& Ref() { return *this; }
-
-        Integer(RandomNumberGenerator& rng, const Integer& min,
-                const Integer& max);
-
-        static Integer Power2(unsigned int e);
-
-        unsigned int MinEncodedSize(Signedness = UNSIGNED) const;
-        unsigned int Encode(byte* output, unsigned int outputLen,
-                            Signedness = UNSIGNED) const;
-
-        void Decode(const byte* input, unsigned int inputLen,
-                    Signedness = UNSIGNED);
-        void Decode(Source&);
-
-        bool  IsConvertableToLong() const;
-        signed long ConvertToLong() const;
-
-        unsigned int BitCount() const;
-        unsigned int ByteCount() const;
-        unsigned int WordCount() const;
-
-        bool GetBit(unsigned int i) const;
-        byte GetByte(unsigned int i) const;
-        unsigned long GetBits(unsigned int i, unsigned int n) const;
-
-        bool IsZero()      const { return !*this; }
-        bool NotZero()     const { return !IsZero(); }
-        bool IsNegative()  const { return sign_ == NEGATIVE; }
-        bool NotNegative() const { return !IsNegative(); }
-        bool IsPositive()  const { return NotNegative() && NotZero(); }
-        bool NotPositive() const { return !IsPositive(); }
-        bool IsEven()      const { return GetBit(0) == 0; }
-        bool IsOdd()       const { return GetBit(0) == 1; }
-
-        Integer&  operator=(const Integer& t);
-        Integer&  operator+=(const Integer& t);
-        Integer&  operator-=(const Integer& t);
-        Integer&  operator*=(const Integer& t)	{ return *this = Times(t); }
-        Integer&  operator/=(const Integer& t)	
-                        { return *this = DividedBy(t);}
-        Integer&  operator%=(const Integer& t)	{ return *this = Modulo(t); }
-        Integer&  operator/=(word t)  { return *this = DividedBy(t); }
-        Integer&  operator%=(word t)  { return *this = Modulo(t); }
-        Integer&  operator<<=(unsigned int);
-        Integer&  operator>>=(unsigned int);
-
-     
-        void Randomize(RandomNumberGenerator &rng, unsigned int bitcount);
-        void Randomize(RandomNumberGenerator &rng, const Integer &min,
-                       const Integer &max);
-
-        void SetBit(unsigned int n, bool value = 1);
-        void SetByte(unsigned int n, byte value);
-
-        void Negate();		
-        void SetPositive() { sign_ = POSITIVE; }
-        void SetNegative() { if (!!(*this)) sign_ = NEGATIVE; }
-        void Swap(Integer& a);
-
-        bool	    operator!() const;
-        Integer     operator+() const {return *this;}
-        Integer     operator-() const;
-        Integer&    operator++();
-        Integer&    operator--();
-        Integer     operator++(int) 
-            { Integer temp = *this; ++*this; return temp; }
-        Integer     operator--(int) 
-            { Integer temp = *this; --*this; return temp; }
-
-        int Compare(const Integer& a) const;
-
-        Integer Plus(const Integer &b) const;
-        Integer Minus(const Integer &b) const;
-        Integer Times(const Integer &b) const;
-        Integer DividedBy(const Integer &b) const;
-        Integer Modulo(const Integer &b) const;
-        Integer DividedBy(word b) const;
-        word    Modulo(word b) const;
-
-        Integer operator>>(unsigned int n) const { return Integer(*this)>>=n; }
-        Integer operator<<(unsigned int n) const { return Integer(*this)<<=n; }
-
-        Integer AbsoluteValue() const;
-        Integer Doubled() const { return Plus(*this); }
-        Integer Squared() const { return Times(*this); }
-        Integer SquareRoot() const;
-
-        bool    IsSquare() const;
-        bool    IsUnit() const;
-
-        Integer MultiplicativeInverse() const;
-
-        friend Integer a_times_b_mod_c(const Integer& x, const Integer& y,
-                                       const Integer& m);
-        friend Integer a_exp_b_mod_c(const Integer& x, const Integer& e,
-                                     const Integer& m);
-
-        static void Divide(Integer& r, Integer& q, const Integer& a,
-                           const Integer& d);
-        static void Divide(word& r, Integer& q, const Integer& a, word d);
-        static void DivideByPowerOf2(Integer& r, Integer& q, const Integer& a,
-                                     unsigned int n);
-        static Integer Gcd(const Integer& a, const Integer& n);
-
-        Integer InverseMod(const Integer& n) const;
-        word InverseMod(word n) const;
-
-private:
-    friend class ModularArithmetic;
-    friend class MontgomeryRepresentation;
-
-    Integer(word value, unsigned int length);
-    int PositiveCompare(const Integer& t) const;
-
-    friend void PositiveAdd(Integer& sum, const Integer& a, const Integer& b);
-    friend void PositiveSubtract(Integer& diff, const Integer& a,
-                                 const Integer& b);
-    friend void PositiveMultiply(Integer& product, const Integer& a,
-                                 const Integer& b);
-    friend void PositiveDivide(Integer& remainder, Integer& quotient, const
-                               Integer& dividend, const Integer& divisor);
-    AlignedWordBlock reg_;
-    Sign             sign_;
-};
-
-inline bool operator==(const Integer& a, const Integer& b) 
-                        {return a.Compare(b)==0;}
-inline bool operator!=(const Integer& a, const Integer& b) 
-                        {return a.Compare(b)!=0;}
-inline bool operator> (const Integer& a, const Integer& b) 
-                        {return a.Compare(b)> 0;}
-inline bool operator>=(const Integer& a, const Integer& b) 
-                        {return a.Compare(b)>=0;}
-inline bool operator< (const Integer& a, const Integer& b) 
-                        {return a.Compare(b)< 0;}
-inline bool operator<=(const Integer& a, const Integer& b) 
-                        {return a.Compare(b)<=0;}
-
-inline Integer operator+(const Integer &a, const Integer &b) 
-                        {return a.Plus(b);}
-inline Integer operator-(const Integer &a, const Integer &b) 
-                        {return a.Minus(b);}
-inline Integer operator*(const Integer &a, const Integer &b) 
-                        {return a.Times(b);}
-inline Integer operator/(const Integer &a, const Integer &b) 
-                        {return a.DividedBy(b);}
-inline Integer operator%(const Integer &a, const Integer &b) 
-                        {return a.Modulo(b);}
-inline Integer operator/(const Integer &a, word b) {return a.DividedBy(b);}
-inline word    operator%(const Integer &a, word b) {return a.Modulo(b);}
-
-inline void swap(Integer &a, Integer &b)
-{
-    a.Swap(b);
-}
-
-
-Integer CRT(const Integer& xp, const Integer& p, const Integer& xq,
-            const Integer& q,  const Integer& u);
-
-inline Integer ModularExponentiation(const Integer& a, const Integer& e,
-                                     const Integer& m)
-{
-    return a_exp_b_mod_c(a, e, m);
-}
-
-Integer ModularRoot(const Integer& a, const Integer& dp, const Integer& dq,
-                    const Integer& p, const Integer& q,  const Integer& u);
-
-
-
-}   // namespace
-
-#endif // TAO_CRYPT_INTEGER_HPP
diff --git a/extra/yassl/taocrypt/include/kernelc.hpp b/extra/yassl/taocrypt/include/kernelc.hpp
deleted file mode 100644
index 5d0ceadc4d0..00000000000
--- a/extra/yassl/taocrypt/include/kernelc.hpp
+++ /dev/null
@@ -1,34 +0,0 @@
-/*
-   Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* kernelc.hpp provides support for C std lib when compiled in kernel mode
-*/
-
-#ifndef TAOCRYPT_KERNELC_HPP
-#define TAOCRYPT_KERNELC_HPP
-
-#include    // get right size_t
-
-// system functions that c++ doesn't like headers for 
-
-extern "C" void* memcpy(void*, const void*, size_t);
-extern "C" void* memset(void*, int, size_t);
-extern "C" void  printk(char *fmt, ...);
-
-
-#endif // TAOCRYPT_KERNELC_HPP
diff --git a/extra/yassl/taocrypt/include/md2.hpp b/extra/yassl/taocrypt/include/md2.hpp
deleted file mode 100644
index 89226fc93a1..00000000000
--- a/extra/yassl/taocrypt/include/md2.hpp
+++ /dev/null
@@ -1,65 +0,0 @@
-/*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* md2.hpp provides MD2 digest support, see RFC 1319
-*/
-
-#ifndef TAO_CRYPT_MD2_HPP
-#define TAO_CRYPT_MD2_HPP
-
-
-#include "hash.hpp"
-#include "block.hpp"
-
-
-namespace TaoCrypt {
-
-
-// MD2 digest
-class MD2 : public HASH {
-public:
-    enum { BLOCK_SIZE = 16, DIGEST_SIZE = 16, PAD_SIZE = 16, X_SIZE = 48 };
-    MD2();
-
-    word32 getBlockSize()  const { return BLOCK_SIZE; }
-    word32 getDigestSize() const { return DIGEST_SIZE; }
-
-    void Update(const byte*, word32);
-    void Final(byte*);
-
-    void Init();
-    void Swap(MD2&);
-private:
-    ByteBlock X_, C_, buffer_;
-    word32    count_;           // bytes % PAD_SIZE
-
-    MD2(const MD2&);
-    MD2& operator=(const MD2&);
-};
-
-inline void swap(MD2& a, MD2& b)
-{
-    a.Swap(b);
-}
-
-
-} // namespace
-
-#endif // TAO_CRYPT_MD2_HPP
-
diff --git a/extra/yassl/taocrypt/include/md4.hpp b/extra/yassl/taocrypt/include/md4.hpp
deleted file mode 100644
index a4e87b5ccf5..00000000000
--- a/extra/yassl/taocrypt/include/md4.hpp
+++ /dev/null
@@ -1,63 +0,0 @@
-/*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* md4.hpp provides MD4 digest support
- * WANRING: MD4 is considered insecure, only use if you have to, e.g., yaSSL
- * libcurl supports needs this for NTLM authentication
-*/
-
-#ifndef TAO_CRYPT_MD4_HPP
-#define TAO_CRYPT_MD4_HPP
-
-#include "hash.hpp"
-
-namespace TaoCrypt {
-
-
-// MD4 digest
-class MD4 : public HASHwithTransform {
-public:
-    enum { BLOCK_SIZE = 64, DIGEST_SIZE = 16, PAD_SIZE = 56,
-           TAO_BYTE_ORDER = LittleEndianOrder };   // in Bytes
-    MD4() : HASHwithTransform(DIGEST_SIZE / sizeof(word32), BLOCK_SIZE) 
-                { Init(); }
-    ByteOrder getByteOrder()  const { return ByteOrder(TAO_BYTE_ORDER); }
-    word32    getBlockSize()  const { return BLOCK_SIZE; }
-    word32    getDigestSize() const { return DIGEST_SIZE; }
-    word32    getPadSize()    const { return PAD_SIZE; }
-
-    MD4(const MD4&);
-    MD4& operator= (const MD4&);
-
-    void Init();
-    void Swap(MD4&);
-private:
-    void Transform();
-};
-
-inline void swap(MD4& a, MD4& b)
-{
-    a.Swap(b);
-}
-
-
-} // namespace
-
-#endif // TAO_CRYPT_MD4_HPP
-
diff --git a/extra/yassl/taocrypt/include/md5.hpp b/extra/yassl/taocrypt/include/md5.hpp
deleted file mode 100644
index a065d3d6e52..00000000000
--- a/extra/yassl/taocrypt/include/md5.hpp
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* md5.hpp provides MD5 digest support, see RFC 1321
-*/
-
-#ifndef TAO_CRYPT_MD5_HPP
-#define TAO_CRYPT_MD5_HPP
-
-#include "hash.hpp"
-
-
-#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM)
-    #define DO_MD5_ASM
-#endif
-
-namespace TaoCrypt {
-
-
-// MD5 digest
-class MD5 : public HASHwithTransform {
-public:
-    enum { BLOCK_SIZE = 64, DIGEST_SIZE = 16, PAD_SIZE = 56,
-           TAO_BYTE_ORDER = LittleEndianOrder };   // in Bytes
-    MD5() : HASHwithTransform(DIGEST_SIZE / sizeof(word32), BLOCK_SIZE) 
-                { Init(); }
-    ByteOrder getByteOrder()  const { return ByteOrder(TAO_BYTE_ORDER); }
-    word32    getBlockSize()  const { return BLOCK_SIZE; }
-    word32    getDigestSize() const { return DIGEST_SIZE; }
-    word32    getPadSize()    const { return PAD_SIZE; }
-
-    MD5(const MD5&);
-    MD5& operator= (const MD5&);
-
-#ifdef DO_MD5_ASM
-    void Update(const byte*, word32);
-#endif
-
-    void Init();
-    void Swap(MD5&);
-private:
-    void Transform();
-    void AsmTransform(const byte* data, word32 times);
-};
-
-inline void swap(MD5& a, MD5& b)
-{
-    a.Swap(b);
-}
-
-
-} // namespace
-
-#endif // TAO_CRYPT_MD5_HPP
-
diff --git a/extra/yassl/taocrypt/include/misc.hpp b/extra/yassl/taocrypt/include/misc.hpp
deleted file mode 100644
index 8147832d28a..00000000000
--- a/extra/yassl/taocrypt/include/misc.hpp
+++ /dev/null
@@ -1,889 +0,0 @@
-/*
-   Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
-   Copyright (c) 2017, MariaDB Corporation.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* based on Wei Dai's misc.h from CryptoPP */
-
-#ifndef TAO_CRYPT_MISC_HPP
-#define TAO_CRYPT_MISC_HPP
-
-
-#if !defined(DO_TAOCRYPT_KERNEL_MODE)
-    #include 
-    #include 
-#else
-    #include "kernelc.hpp"
-#endif
-
-#include "types.hpp"
-#include "type_traits.hpp"
-
-
-
-namespace TaoCrypt {
-
-
-// Delete static singleton holders
-void CleanUp();
-
-
-#ifdef YASSL_PURE_C
-
-    // library allocation
-    struct new_t {};      // TaoCrypt New type
-    extern new_t tc;      // pass in parameter
-
-    } // namespace TaoCrypt
-
-    void* operator new  (size_t, TaoCrypt::new_t);
-    void* operator new[](size_t, TaoCrypt::new_t);
-
-    void operator delete  (void*, TaoCrypt::new_t);
-    void operator delete[](void*, TaoCrypt::new_t);
-
-
-    namespace TaoCrypt {
-
-    template
-    void tcDelete(T* ptr)
-    {
-        if (ptr) ptr->~T();
-        ::operator delete(ptr, TaoCrypt::tc);
-    }
-
-    template
-    void tcArrayDelete(T* ptr)
-    {
-        // can't do array placement destruction since not tracking size in
-        // allocation, only allow builtins to use array placement since they
-        // don't need destructors called
-        typedef char builtin[IsFundamentalType::Yes ? 1 : -1];
-        (void)sizeof(builtin);
-
-        ::operator delete[](ptr, TaoCrypt::tc);
-    }
-
-    #define NEW_TC new (TaoCrypt::tc)
-
-
-    // to resolve compiler generated operator delete on base classes with
-    // virtual destructors (when on stack)
-    class virtual_base {
-    public:
-        static void operator delete(void*) { }
-    };
-
-#else // YASSL_PURE_C
-
-
-    template
-    void tcDelete(T* ptr)
-    {
-        delete ptr;
-    }
-
-    template
-    void tcArrayDelete(T* ptr)
-    {
-        delete[] ptr;
-    }
-
-    #define NEW_TC new
-
-    class virtual_base {};
-   
- 
-#endif // YASSL_PURE_C
-
-
-#if defined(_MSC_VER) || defined(__BCPLUSPLUS__)
-	#define INTEL_INTRINSICS
-	#define FAST_ROTATE
-#elif defined(__MWERKS__) && TARGET_CPU_PPC
-	#define PPC_INTRINSICS
-	#define FAST_ROTATE
-#elif defined(__GNUC__) && defined(__i386__)
-        // GCC does peephole optimizations which should result in using rotate
-        // instructions
-	#define FAST_ROTATE
-#endif
-
-
-// no gas on these systems ?, disable for now
-#if defined(__sun__)
-    #undef  TAOCRYPT_DISABLE_X86ASM
-    #define TAOCRYPT_DISABLE_X86ASM
-#endif
-
-// icc problem with -03 and integer, disable for now
-#if defined(__INTEL_COMPILER)
-    #undef  TAOCRYPT_DISABLE_X86ASM
-    #define TAOCRYPT_DISABLE_X86ASM
-#endif
-
-// indpedent of build system, unless ia32 asm is enabled disable it
-#if !defined(TAOCRYPT_ENABLE_X86ASM)
-    #undef  TAOCRYPT_DISABLE_X86ASM
-    #define TAOCRYPT_DISABLE_X86ASM
-#endif
-
-// Turn on ia32 ASM for Big Integer
-// CodeWarrior defines _MSC_VER
-#if !defined(TAOCRYPT_DISABLE_X86ASM) && ((defined(_MSC_VER) && \
-   !defined(__MWERKS__) && defined(_M_IX86)) || \
-   (defined(__GNUC__) && defined(__i386__)))
-    #define TAOCRYPT_X86ASM_AVAILABLE
-#endif
-
-
-#ifdef TAOCRYPT_X86ASM_AVAILABLE
-    bool HaveCpuId();
-    bool IsPentium();
-    void CpuId(word32 input, word32 *output);
-
-    extern bool isMMX;
-#endif
-
-
-
-
-// Turn on ia32 ASM for Ciphers and Message Digests
-// Seperate define since these are more complex, use member offsets
-// and user may want to turn off while leaving Big Integer optos on 
-#if defined(TAOCRYPT_X86ASM_AVAILABLE) && !defined(DISABLE_TAO_ASM)
-    #define TAO_ASM
-#endif
-
-
-//  Extra word in older vtable implementations, for ASM member offset
-#if defined(__GNUC__) && __GNUC__ < 3
-    #define OLD_GCC_OFFSET
-#endif
-
-
-#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__)
-#	define TAOCRYPT_MALLOC_ALIGNMENT_IS_16
-#endif
-
-#if defined(__linux__) || defined(__sun__) || defined(__CYGWIN__)
-#	define TAOCRYPT_MEMALIGN_AVAILABLE
-#endif
-
-
-#if defined(_WIN32) || defined(__CYGWIN__)
-    #define TAOCRYPT_WIN32_AVAILABLE
-#endif
-
-#if defined(__unix__) || defined(__MACH__)
-    #define TAOCRYPT_UNIX_AVAILABLE
-#endif
-
-
-// VC60 workaround: it doesn't allow typename in some places
-#if defined(_MSC_VER) && (_MSC_VER < 1300)
-    #define CPP_TYPENAME
-#else
-    #define CPP_TYPENAME typename
-#endif
-
-
-#ifdef _MSC_VER
-    #define TAOCRYPT_NO_VTABLE __declspec(novtable)
-#else
-    #define TAOCRYPT_NO_VTABLE
-#endif
-
-
-#ifdef USE_SYS_STL
-    // use system STL
-    #define STL_NAMESPACE       std
-#else
-    // use mySTL
-    #define STL_NAMESPACE       mySTL
-#endif
-
-
-// ***************** DLL related ********************
-
-#ifdef TAOCRYPT_WIN32_AVAILABLE
-
-#ifdef TAOCRYPT_EXPORTS
-    #define TAOCRYPT_IS_DLL
-    #define TAOCRYPT_DLL __declspec(dllexport)
-#elif defined(TAOCRYPT_IMPORTS)
-    #define TAOCRYPT_IS_DLL
-    #define TAOCRYPT_DLL __declspec(dllimport)
-#else
-    #define TAOCRYPT_DLL
-#endif  // EXPORTS
-
-#define TAOCRYPT_API __stdcall
-#define TAOCRYPT_CDECL __cdecl
-
-#else	// TAOCRYPT_WIN32_AVAILABLE
-
-#define TAOCRYPT_DLL
-#define TAOCRYPT_API
-#define TAOCRYPT_CDECL
-
-#endif	// TAOCRYPT_WIN32_AVAILABLE
-
-
-// ****************** tempalte stuff *******************
-
-
-#if defined(TAOCRYPT_MANUALLY_INSTANTIATE_TEMPLATES) && \
-  !defined(TAOCRYPT_IMPORTS)
-    #define TAOCRYPT_DLL_TEMPLATE_CLASS template class TAOCRYPT_DLL
-#elif defined(__MWERKS__)
-    #define TAOCRYPT_DLL_TEMPLATE_CLASS extern class TAOCRYPT_DLL
-#else
-    #define TAOCRYPT_DLL_TEMPLATE_CLASS extern template class TAOCRYPT_DLL
-#endif
-
-
-#if defined(TAOCRYPT_MANUALLY_INSTANTIATE_TEMPLATES) && \
-  !defined(TAOCRYPT_EXPORTS)
-    #define TAOCRYPT_STATIC_TEMPLATE_CLASS template class
-#elif defined(__MWERKS__)
-    #define TAOCRYPT_STATIC_TEMPLATE_CLASS extern class
-#else
-    #define TAOCRYPT_STATIC_TEMPLATE_CLASS extern template class
-#endif
-
-
-// ************** compile-time assertion ***************
-
-template 
-struct CompileAssert
-{
-	static char dummy[2*b-1];
-};
-
-#define TAOCRYPT_COMPILE_ASSERT(assertion) \
-    TAOCRYPT_COMPILE_ASSERT_INSTANCE(assertion, __LINE__)
-
-#if defined(TAOCRYPT_EXPORTS) || defined(TAOCRYPT_IMPORTS)
-    #define TAOCRYPT_COMPILE_ASSERT_INSTANCE(assertion, instance)
-#else
-    #define TAOCRYPT_COMPILE_ASSERT_INSTANCE(assertion, instance) \
-    (void)sizeof(CompileAssert<(assertion)>)
-#endif
-
-#define TAOCRYPT_ASSERT_JOIN(X, Y) TAOCRYPT_DO_ASSERT_JOIN(X, Y)
-
-#define TAOCRYPT_DO_ASSERT_JOIN(X, Y) X##Y
-
-
-/***************  helpers  *****************************/
-
-inline unsigned int BitsToBytes(unsigned int bitCount)
-{
-    return ((bitCount+7)/(8));
-}
-
-inline unsigned int BytesToWords(unsigned int byteCount)
-{
-    return ((byteCount+WORD_SIZE-1)/WORD_SIZE);
-}
-
-inline unsigned int BitsToWords(unsigned int bitCount)
-{
-    return ((bitCount+WORD_BITS-1)/(WORD_BITS));
-}
-
-inline void CopyWords(word* r, const word* a, word32 n)
-{
-    for (word32 i = 0; i < n; i++)
-        r[i] = a[i];
-}
-
-inline unsigned int CountWords(const word* X, unsigned int N)
-{
-    while (N && X[N-1]==0)
-        N--;
-    return N;
-}
-
-inline void SetWords(word* r, word a, unsigned int n)
-{
-    for (unsigned int i=0; i
-struct EnumToType
-{
-    static ENUM_TYPE ToEnum() { return (ENUM_TYPE)VALUE; }
-};
-
-typedef EnumToType LittleEndian;
-typedef EnumToType    BigEndian;
-
-
-#ifndef BIG_ENDIAN_ORDER
-    typedef LittleEndian HostByteOrder;
-#else
-    typedef BigEndian    HostByteOrder;
-#endif
-
-inline ByteOrder GetHostByteOrder()
-{
-    return HostByteOrder::ToEnum();
-}
-
-inline bool HostByteOrderIs(ByteOrder order)
-{
-    return order == GetHostByteOrder();
-}
-
-
-void xorbuf(byte*, const byte*, unsigned int);
-
-
-template 
-inline bool IsPowerOf2(T n)
-{
-    return n > 0 && (n & (n-1)) == 0;
-}
-
-template 
-inline T2 ModPowerOf2(T1 a, T2 b)
-{
-    return T2(a) & (b-1);
-}
-
-template 
-inline T RoundDownToMultipleOf(T n, T m)
-{
-    return n - (IsPowerOf2(m) ? ModPowerOf2(n, m) : (n%m));
-}
-
-template 
-inline T RoundUpToMultipleOf(T n, T m)
-{
-    return RoundDownToMultipleOf(n+m-1, m);
-}
-
-template 
-inline unsigned int GetAlignment(T* dummy = 0)	// VC60 workaround
-{
-#if (_MSC_VER >= 1300)
-    return __alignof(T);
-#elif defined(__GNUC__)
-    return __alignof__(T);
-#else
-    return sizeof(T);
-#endif
-}
-
-inline bool IsAlignedOn(const void* p, unsigned int alignment)
-{
-    return IsPowerOf2(alignment) ? ModPowerOf2((size_t)p, alignment) == 0
-        : (size_t)p % alignment == 0;
-}
-
-template 
-inline bool IsAligned(const void* p, T* dummy = 0)	// VC60 workaround
-{
-    return IsAlignedOn(p, GetAlignment());
-}
-
-
-template  inline T rotlFixed(T x, unsigned int y)
-{
-    return (x<>(sizeof(T)*8-y));
-}
-
-template  inline T rotrFixed(T x, unsigned int y)
-{
-    return (x>>y) | (x<<(sizeof(T)*8-y));
-}
-
-#ifdef INTEL_INTRINSICS
-
-#pragma intrinsic(_lrotl, _lrotr)
-
-template<> inline word32 rotlFixed(word32 x, word32 y)
-{
-    return y ? _lrotl(x, y) : x;
-}
-
-template<> inline word32 rotrFixed(word32 x, word32 y)
-{
-    return y ? _lrotr(x, y) : x;
-}
-
-#endif // INTEL_INTRINSICS
-
-#ifdef min
-#undef min
-#endif 
-
-
-template 
-inline const T& min(const T& a, const T& b)
-{
-    return a < b ? a : b;
-}
-
-
-inline word32 ByteReverse(word32 value)
-{
-#ifdef PPC_INTRINSICS
-    // PPC: load reverse indexed instruction
-    return (word32)__lwbrx(&value,0);
-#elif defined(FAST_ROTATE)
-    // 5 instructions with rotate instruction, 9 without
-    return (rotrFixed(value, 8U) & 0xff00ff00) |
-           (rotlFixed(value, 8U) & 0x00ff00ff);
-#else
-    // 6 instructions with rotate instruction, 8 without
-    value = ((value & 0xFF00FF00) >> 8) | ((value & 0x00FF00FF) << 8);
-    return rotlFixed(value, 16U);
-#endif
-}
-
-
-#ifdef WORD64_AVAILABLE
-
-inline word64 ByteReverse(word64 value)
-{
-#ifdef TAOCRYPT_SLOW_WORD64
-	return (word64(ByteReverse(word32(value))) << 32) | 
-                   ByteReverse(word32(value>>32));
-#else
-	value = ((value & W64LIT(0xFF00FF00FF00FF00)) >> 8) |
-            ((value & W64LIT(0x00FF00FF00FF00FF)) << 8);
-	value = ((value & W64LIT(0xFFFF0000FFFF0000)) >> 16) |
-            ((value & W64LIT(0x0000FFFF0000FFFF)) << 16);
-	return rotlFixed(value, 32U);
-#endif
-}
-
-#endif // WORD64_AVAILABLE
-
-
-template 
-inline void ByteReverse(T* out, const T* in, word32 byteCount)
-{
-    word32 count = byteCount/sizeof(T);
-    for (word32 i=0; i(out);
-    const word32* i = reinterpret_cast(in);
-    ByteReverse(o, i, byteCount);
-}
-
-
-template 
-inline T ByteReverseIf(T value, ByteOrder order)
-{
-    return HostByteOrderIs(order) ? value : ByteReverse(value);
-}
-
-
-template 
-inline void ByteReverseIf(T* out, const T* in, word32 bc, ByteOrder order)
-{
-    if (!HostByteOrderIs(order)) 
-        ByteReverse(out, in, bc);
-    else if (out != in)
-        memcpy(out, in, bc);
-}
-
-
-
-// do Asm Reverse is host is Little and x86asm 
-#ifdef LITTLE_ENDIAN_ORDER
-    #ifdef TAOCRYPT_X86ASM_AVAILABLE
-        #define LittleReverse AsmReverse
-    #else
-        #define LittleReverse ByteReverse
-    #endif
-#else
-    #define LittleReverse
-#endif
-
-
-// do Asm Reverse is host is Big and x86asm 
-#ifdef BIG_ENDIAN_ORDER
-    #ifdef TAOCRYPT_X86ASM_AVAILABLE
-        #define BigReverse AsmReverse
-    #else
-        #define BigReverse ByteReverse
-    #endif
-#else
-    #define BigReverse
-#endif
-
-
-#ifdef TAOCRYPT_X86ASM_AVAILABLE
-
-    // faster than rotate, use bswap
-
-    inline word32 AsmReverse(word32 wd)
-    {
-    #ifdef __GNUC__
-        __asm__ 
-        (
-            "bswap %1"
-            : "=r"(wd)
-            : "0"(wd)
-        );
-    #else
-        __asm 
-        {
-            mov   eax, wd
-            bswap eax
-            mov   wd, eax
-        }
-    #endif
-        return wd;
-    }
-
-#endif 
-
-
-template 
-inline void GetUserKey(ByteOrder order, T* out, word32 outlen, const byte* in,
-                       word32 inlen)
-{
-    const unsigned int U = sizeof(T);
-    memcpy(out, in, inlen);
-    memset((byte *)out+inlen, 0, outlen*U-inlen);
-    ByteReverseIf(out, out, RoundUpToMultipleOf(inlen, U), order);
-}
-
-
-#ifdef _MSC_VER
-    // disable conversion warning
-    // 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy
-    #pragma warning(disable:4244 4996)
-#endif
-
-
-inline byte UnalignedGetWordNonTemplate(ByteOrder order, const byte *block,
-                                        byte*)
-{
-    return block[0];
-}
-
-inline word16 UnalignedGetWordNonTemplate(ByteOrder order, const byte* block,
-                                          word16*)
-{
-    return (order == BigEndianOrder)
-        ? word16(block[1] | (word16(block[0]) << 8))
-        : word16(block[0] | (word16(block[1]) << 8));
-}
-
-inline word32 UnalignedGetWordNonTemplate(ByteOrder order, const byte* block,
-                                          word32*)
-{
-    return (order == BigEndianOrder)
-        ? word32(block[3]) | (word32(block[2]) << 8) | (word32(block[1]) << 16)
-            | (word32(block[0]) << 24)
-        : word32(block[0]) | (word32(block[1]) << 8) | (word32(block[2]) << 16)
-            | (word32(block[3]) << 24);
-}
-
-template 
-inline T UnalignedGetWord(ByteOrder order, const byte *block, T* dummy = 0)
-{
-    return UnalignedGetWordNonTemplate(order, block, dummy);
-}
-
-inline void UnalignedPutWord(ByteOrder order, byte *block, byte value,
-                             const byte *xorBlock = 0)
-{
-    block[0] = xorBlock ? (value ^ xorBlock[0]) : value;
-}
-
-#define GETBYTE(x, y) byte((x)>>(8*(y)))
-
-inline void UnalignedPutWord(ByteOrder order, byte *block, word16 value,
-                             const byte *xorBlock = 0)
-{
-    if (order == BigEndianOrder)
-    {
-        block[0] = GETBYTE(value, 1);
-        block[1] = GETBYTE(value, 0);
-    }
-    else
-    {
-        block[0] = GETBYTE(value, 0);
-        block[1] = GETBYTE(value, 1);
-    }
-
-    if (xorBlock)
-    {
-        block[0] ^= xorBlock[0];
-        block[1] ^= xorBlock[1];
-    }
-}
-
-inline void UnalignedPutWord(ByteOrder order, byte* block, word32 value,
-                             const byte* xorBlock = 0)
-{
-    if (order == BigEndianOrder)
-    {
-        block[0] = GETBYTE(value, 3);
-        block[1] = GETBYTE(value, 2);
-        block[2] = GETBYTE(value, 1);
-        block[3] = GETBYTE(value, 0);
-    }
-    else
-    {
-        block[0] = GETBYTE(value, 0);
-        block[1] = GETBYTE(value, 1);
-        block[2] = GETBYTE(value, 2);
-        block[3] = GETBYTE(value, 3);
-    }
-
-    if (xorBlock)
-    {
-        block[0] ^= xorBlock[0];
-        block[1] ^= xorBlock[1];
-        block[2] ^= xorBlock[2];
-        block[3] ^= xorBlock[3];
-    }
-}
-
-
-template 
-inline T GetWord(bool assumeAligned, ByteOrder order, const byte *block)
-{
-    if (assumeAligned)
-        return ByteReverseIf(*reinterpret_cast(block), order);
-    else
-        return UnalignedGetWord(order, block);
-}
-
-template 
-inline void GetWord(bool assumeAligned, ByteOrder order, T &result,
-                    const byte *block)
-{
-    result = GetWord(assumeAligned, order, block);
-}
-
-template 
-inline void PutWord(bool assumeAligned, ByteOrder order, byte* block, T value,
-                    const byte *xorBlock = 0)
-{
-    if (assumeAligned)
-    {
-        if (xorBlock)
-            *reinterpret_cast(block) = ByteReverseIf(value, order) 
-                ^ *reinterpret_cast(xorBlock);
-        else
-            *reinterpret_cast(block) = ByteReverseIf(value, order);
-    }
-    else
-        UnalignedPutWord(order, block, value, xorBlock);
-}
-
-template 
-class GetBlock
-{
-public:
-    GetBlock(const void *block)
-        : m_block((const byte *)block) {}
-
-    template 
-    inline GetBlock & operator()(U &x)
-    {
-        TAOCRYPT_COMPILE_ASSERT(sizeof(U) >= sizeof(T));
-        x = GetWord(A, B::ToEnum(), m_block);
-        m_block += sizeof(T);
-        return *this;
-    }
-
-private:
-    const byte *m_block;
-};
-
-template 
-class PutBlock
-{
-public:
-    PutBlock(const void *xorBlock, void *block)
-        : m_xorBlock((const byte *)xorBlock), m_block((byte *)block) {}
-
-    template 
-    inline PutBlock & operator()(U x)
-    {
-        PutWord(A, B::ToEnum(), m_block, (T)x, m_xorBlock);
-        m_block += sizeof(T);
-        if (m_xorBlock)
-            m_xorBlock += sizeof(T);
-        return *this;
-    }
-
-private:
-    const byte *m_xorBlock;
-    byte *m_block;
-};
-
-/*
-  XXX MYSQL: Setting A (assumeAligned) to false,
-  keeping it true might trigger segfault on SPARC.
-*/
-template 
-struct BlockGetAndPut
-{
-    // function needed because of C++ grammatical ambiguity between
-    // expression-statements and declarations
-    static inline GetBlock Get(const void *block) 
-        {return GetBlock(block);}
-    typedef PutBlock Put;
-};
-
-
-
-template  struct SafeShifter;
-
-template<> struct SafeShifter
-{
-    template 
-    static inline T RightShift(T value, unsigned int bits)
-    {
-        return 0;
-    }
-
-    template 
-    static inline T LeftShift(T value, unsigned int bits)
-    {
-        return 0;
-    }
-};
-
-template<> struct SafeShifter
-{
-    template 
-    static inline T RightShift(T value, unsigned int bits)
-    {
-        return value >> bits;
-    }
-
-    template 
-    static inline T LeftShift(T value, unsigned int bits)
-    {
-        return value << bits;
-    }
-};
-
-template 
-inline T SafeRightShift(T value)
-{
-    return SafeShifter<(bits>=(8*sizeof(T)))>::RightShift(value, bits);
-}
-
-template 
-inline T SafeLeftShift(T value)
-{
-    return SafeShifter<(bits>=(8*sizeof(T)))>::LeftShift(value, bits);
-}
-
-
-inline
-word ShiftWordsLeftByBits(word* r, unsigned int n, unsigned int shiftBits)
-{
-    word u, carry=0;
-    if (shiftBits)
-        for (unsigned int i=0; i> (WORD_BITS-shiftBits);
-        }
-    return carry;
-}
-
-
-inline
-word ShiftWordsRightByBits(word* r, int n, unsigned int shiftBits)
-{
-    word u, carry=0;
-    if (shiftBits)
-        for (int i=n-1; i>=0; i--)
-        {
-            u = r[i];
-            r[i] = (u >> shiftBits) | carry;
-            carry = u << (WORD_BITS-shiftBits);
-        }
-    return carry;
-}
-
-
-inline
-void ShiftWordsLeftByWords(word* r, unsigned int n, unsigned int shiftWords)
-{
-    shiftWords = min(shiftWords, n);
-    if (shiftWords)
-    {
-        for (unsigned int i=n-1; i>=shiftWords; i--)
-            r[i] = r[i-shiftWords];
-        SetWords(r, 0, shiftWords);
-    }
-}
-
-
-inline
-void ShiftWordsRightByWords(word* r, unsigned int n, unsigned int shiftWords)
-{
-    shiftWords = min(shiftWords, n);
-    if (shiftWords)
-    {
-        for (unsigned int i=0; i+shiftWords
-inline T1 SaturatingSubtract(T1 a, T2 b)
-{
-    TAOCRYPT_COMPILE_ASSERT_INSTANCE(T1(-1)>0, 0);  // T1 is unsigned type
-    TAOCRYPT_COMPILE_ASSERT_INSTANCE(T2(-1)>0, 1);  // T2 is unsigned type
-    return T1((a > b) ? (a - b) : 0);
-}
-
-
-// declares
-unsigned int  BytePrecision(word value);
-unsigned int  BitPrecision(word);
-word Crop(word value, unsigned int size);
-
-
-
-} // namespace
-
-#endif // TAO_CRYPT_MISC_HPP
diff --git a/extra/yassl/taocrypt/include/modarith.hpp b/extra/yassl/taocrypt/include/modarith.hpp
deleted file mode 100644
index e536b5722e3..00000000000
--- a/extra/yassl/taocrypt/include/modarith.hpp
+++ /dev/null
@@ -1,166 +0,0 @@
-/*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-
-/* based on Wei Dai's modarith.h from CryptoPP */
-
-
-#ifndef TAO_CRYPT_MODARITH_HPP
-#define TAO_CRYPT_MODARITH_HPP
-
-#include "misc.hpp"
-#include "algebra.hpp"
-
-namespace TaoCrypt {
-
-
-// ModularArithmetic
-class ModularArithmetic : public AbstractRing
-{
-public:
-
-    typedef int RandomizationParameter;
-    typedef Integer Element;
-
-    ModularArithmetic(const Integer &modulus = Integer::One())
-        : modulus(modulus), result((word)0, modulus.reg_.size()) {}
-
-    ModularArithmetic(const ModularArithmetic &ma)
-        : AbstractRing(),
-        modulus(ma.modulus), result((word)0, modulus.reg_.size()) {}
-
-    const Integer& GetModulus() const {return modulus;}
-    void SetModulus(const Integer &newModulus) 
-    {   
-        modulus = newModulus;
-        result.reg_.resize(modulus.reg_.size());
-    }
-
-    virtual bool IsMontgomeryRepresentation() const {return false;}
-
-    virtual Integer ConvertIn(const Integer &a) const
-        {return a%modulus;}
-
-    virtual Integer ConvertOut(const Integer &a) const
-        {return a;}
-
-    const Integer& Half(const Integer &a) const;
-
-    bool Equal(const Integer &a, const Integer &b) const
-        {return a==b;}
-
-    const Integer& Identity() const
-        {return Integer::Zero();}
-
-    const Integer& Add(const Integer &a, const Integer &b) const;
-
-    Integer& Accumulate(Integer &a, const Integer &b) const;
-
-    const Integer& Inverse(const Integer &a) const;
-
-    const Integer& Subtract(const Integer &a, const Integer &b) const;
-
-    Integer& Reduce(Integer &a, const Integer &b) const;
-
-    const Integer& Double(const Integer &a) const
-        {return Add(a, a);}
-
-    const Integer& MultiplicativeIdentity() const
-        {return Integer::One();}
-
-    const Integer& Multiply(const Integer &a, const Integer &b) const
-        {return result1 = a*b%modulus;}
-
-    const Integer& Square(const Integer &a) const
-        {return result1 = a.Squared()%modulus;}
-
-    bool IsUnit(const Integer &a) const
-        {return Integer::Gcd(a, modulus).IsUnit();}
-
-    const Integer& MultiplicativeInverse(const Integer &a) const
-        {return result1 = a.InverseMod(modulus);}
-
-    const Integer& Divide(const Integer &a, const Integer &b) const
-        {return Multiply(a, MultiplicativeInverse(b));}
-
-    Integer CascadeExponentiate(const Integer &x, const Integer &e1,
-                                const Integer &y, const Integer &e2) const;
-
-    void SimultaneousExponentiate(Element *results, const Element &base,
-                  const Integer *exponents, unsigned int exponentsCount) const;
-
-    unsigned int MaxElementBitLength() const
-        {return (modulus-1).BitCount();}
-
-    unsigned int MaxElementByteLength() const
-        {return (modulus-1).ByteCount();}
-
-
-    static const RandomizationParameter DefaultRandomizationParameter;
-
-protected:
-    Integer modulus;
-    mutable Integer result, result1;
-
-};
-
-
-
-//! do modular arithmetics in Montgomery representation for increased speed
-class MontgomeryRepresentation : public ModularArithmetic
-{
-public:
-    MontgomeryRepresentation(const Integer &modulus);	// modulus must be odd
-
-    bool IsMontgomeryRepresentation() const {return true;}
-
-    Integer ConvertIn(const Integer &a) const
-        {return (a<<(WORD_BITS*modulus.reg_.size()))%modulus;}
-
-    Integer ConvertOut(const Integer &a) const;
-
-    const Integer& MultiplicativeIdentity() const
-     {return result1 = Integer::Power2(WORD_BITS*modulus.reg_.size())%modulus;}
-
-    const Integer& Multiply(const Integer &a, const Integer &b) const;
-
-    const Integer& Square(const Integer &a) const;
-
-    const Integer& MultiplicativeInverse(const Integer &a) const;
-
-    Integer CascadeExponentiate(const Integer &x, const Integer &e1,
-                                const Integer &y, const Integer &e2) const
-        {return AbstractRing::CascadeExponentiate(x, e1, y, e2);}
-
-    void SimultaneousExponentiate(Element *results, const Element &base,
-            const Integer *exponents, unsigned int exponentsCount) const
-        {AbstractRing::SimultaneousExponentiate(results, base,
-                                                exponents, exponentsCount);}
-
-private:
-    Integer u;
-    mutable AlignedWordBlock workspace;
-};
-
-
-
-
-} // namespace
-
-#endif // TAO_CRYPT_MODARITH_HPP
diff --git a/extra/yassl/taocrypt/include/modes.hpp b/extra/yassl/taocrypt/include/modes.hpp
deleted file mode 100644
index 71d2fd908c5..00000000000
--- a/extra/yassl/taocrypt/include/modes.hpp
+++ /dev/null
@@ -1,155 +0,0 @@
-/*
-   Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
-   Copyright (c) 2017, MariaDB Corporation.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* modes.hpp provides ECB and CBC modes for block cipher encryption/decryption
-*/
-
-
-#ifndef TAO_CRYPT_MODES_HPP
-#define TAO_CRYPT_MODES_HPP
-
-#include "misc.hpp"
-
-namespace TaoCrypt {
-
-
-enum Mode { ECB, CBC };
-
-
-
-// BlockCipher abstraction
-template
-class BlockCipher {
-public:
-    BlockCipher() : cipher_(DIR, MODE) {}
-
-    void Process(byte* c, const byte* p, word32 sz) 
-            { cipher_.Process(c, p, sz); }
-    void SetKey(const byte* k, word32 sz)   
-            { cipher_.SetKey(k, sz, DIR); }
-    void SetKey(const byte* k, word32 sz, const byte* iv)   
-            { cipher_.SetKey(k, sz, DIR); cipher_.SetIV(iv); }
-private:
-    T cipher_;
-
-    BlockCipher(const BlockCipher&);            // hide copy
-    BlockCipher& operator=(const BlockCipher&); // and assign
-};
-
-
-// Mode Base for block ciphers, static size
-class Mode_BASE : public virtual_base {
-public:
-    enum { MaxBlockSz = 16 };
-
-    explicit Mode_BASE(unsigned sz, CipherDir dir, Mode mode)
-        : blockSz_(sz), reg_(reinterpret_cast(r_)),
-          tmp_(reinterpret_cast(t_)), dir_(dir), mode_(mode)
-    {}
-    virtual ~Mode_BASE() {}
-
-    virtual void Process(byte*, const byte*, word32);
-
-    void SetIV(const byte* iv) { memcpy(reg_, iv, blockSz_); }
-protected:
-    unsigned blockSz_;
-    byte* reg_;
-    byte* tmp_;
-
-    word32 r_[MaxBlockSz / sizeof(word32)];  // align reg_ on word32
-    word32 t_[MaxBlockSz / sizeof(word32)];  // align tmp_ on word32
-
-    CipherDir dir_;
-    Mode      mode_;
-
-    void ECB_Process(byte*, const byte*, word32);
-    void CBC_Encrypt(byte*, const byte*, word32);
-    void CBC_Decrypt(byte*, const byte*, word32);
-
-    Mode_BASE(const Mode_BASE&);            // hide copy
-    Mode_BASE& operator=(const Mode_BASE&); // and assign
-
-private:
-    virtual void ProcessAndXorBlock(const byte*, const byte*, byte*) const = 0;
-};
-
-
-inline void Mode_BASE::Process(byte* out, const byte* in, word32 sz)
-{
-    if (mode_ == ECB)
-        ECB_Process(out, in, sz);
-    else if (mode_ == CBC) {
-        if (dir_ == ENCRYPTION)
-            CBC_Encrypt(out, in, sz);
-        else
-            CBC_Decrypt(out, in, sz);
-    }
-}
-
-
-// ECB Process blocks
-inline void Mode_BASE::ECB_Process(byte* out, const byte* in, word32 sz)
-{
-    word32 blocks = sz / blockSz_;
-
-    while (blocks--) {
-        ProcessAndXorBlock(in, 0, out);
-        out += blockSz_;
-        in  += blockSz_;
-    }
-}
-
-
-// CBC Encrypt
-inline void Mode_BASE::CBC_Encrypt(byte* out, const byte* in, word32 sz)
-{
-    word32 blocks = sz / blockSz_;
-
-    while (blocks--) {
-        xorbuf(reg_, in, blockSz_);
-        ProcessAndXorBlock(reg_, 0, reg_);
-        memcpy(out, reg_, blockSz_);
-        out += blockSz_;
-        in  += blockSz_;
-    }
-}
-
-
-// CBC Decrypt
-inline void Mode_BASE::CBC_Decrypt(byte* out, const byte* in, word32 sz)
-{
-    word32 blocks = sz / blockSz_;
-    byte   hold[MaxBlockSz];
-
-    while (blocks--) {
-        memcpy(tmp_, in, blockSz_);
-        ProcessAndXorBlock(tmp_, 0, out);
-        xorbuf(out,  reg_, blockSz_);
-        memcpy(hold, reg_,   blockSz_); // swap reg_ and tmp_
-        memcpy(reg_,   tmp_, blockSz_);
-        memcpy(tmp_, hold, blockSz_);
-        out += blockSz_;
-        in  += blockSz_;
-    }
-}
-
-
-} // namespace
-
-#endif  // TAO_CRYPT_MODES_HPP
diff --git a/extra/yassl/taocrypt/include/pwdbased.hpp b/extra/yassl/taocrypt/include/pwdbased.hpp
deleted file mode 100644
index 57495d01b50..00000000000
--- a/extra/yassl/taocrypt/include/pwdbased.hpp
+++ /dev/null
@@ -1,91 +0,0 @@
-/*
-   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-
-/* pwdbased.hpp defines PBKDF2 from PKCS #5
-*/
-
-
-#ifndef TAO_CRYPT_PWDBASED_HPP
-#define TAO_CRYPT_PWDBASED_HPP
-
-#include 
-#include "misc.hpp"
-#include "block.hpp"
-#include "hmac.hpp"
-
-namespace TaoCrypt {
-
-
-// From PKCS #5, T must be type suitable for HMAC 
-template 
-class PBKDF2_HMAC {
-public:
-    word32 MaxDerivedKeyLength() const { return 0xFFFFFFFFU;} // avoid overflow
-
-    word32 DeriveKey(byte* derived, word32 dLen, const byte* pwd, word32 pLen,
-                     const byte* salt, word32 sLen, word32 iterations) const;
-}; 
-
-
-
-template 
-word32 PBKDF2_HMAC::DeriveKey(byte* derived, word32 dLen, const byte* pwd,
-                                 word32 pLen, const byte* salt, word32 sLen,
-                                 word32 iterations) const
-{
-    if (dLen > MaxDerivedKeyLength())
-        return 0;
-
-    ByteBlock buffer(T::DIGEST_SIZE);
-	HMAC   hmac;
-
-    hmac.SetKey(pwd, pLen);
-
-	word32 i = 1;
-
-	while (dLen > 0) {
-		hmac.Update(salt, sLen);
-		word32 j;
-		for (j = 0; j < 4; j++) {
-			byte b = i >> ((3-j)*8);
-			hmac.Update(&b, 1);
-		}
-		hmac.Final(buffer.get_buffer());
-
-		word32 segmentLen = min(dLen, buffer.size());
-		memcpy(derived, buffer.get_buffer(), segmentLen);
-
-		for (j = 1; j < iterations; j++) {
-			hmac.Update(buffer.get_buffer(), buffer.size());
-            hmac.Final(buffer.get_buffer());
-			xorbuf(derived, buffer.get_buffer(), segmentLen);
-		}
-		derived += segmentLen;
-		dLen    -= segmentLen;
-		i++;
-	}
-	return iterations;
-}
-
-
-
-
-} // naemspace
-
-#endif // TAO_CRYPT_PWDBASED_HPP
diff --git a/extra/yassl/taocrypt/include/rabbit.hpp b/extra/yassl/taocrypt/include/rabbit.hpp
deleted file mode 100644
index e9af478fedf..00000000000
--- a/extra/yassl/taocrypt/include/rabbit.hpp
+++ /dev/null
@@ -1,65 +0,0 @@
-/*
-   Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
- 
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
- 
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
- 
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* rabbit.hpp defines Rabbit
-*/
-
-
-#ifndef TAO_CRYPT_RABBIT_HPP
-#define TAO_CRYPT_RABBIT_HPP
-
-#include "misc.hpp"
-
-namespace TaoCrypt {
-
-
-// Rabbit encryption and decryption
-class Rabbit {
-public:
-
-    typedef Rabbit Encryption;
-    typedef Rabbit Decryption;
-
-    enum RabbitCtx { Master = 0, Work = 1 };
-
-    Rabbit() {}
-
-    void Process(byte*, const byte*, word32);
-    void SetKey(const byte*, const byte*);
-private:
-    struct Ctx {
-        word32 x[8];
-        word32 c[8];
-        word32 carry;
-    };
-
-    Ctx masterCtx_;
-    Ctx workCtx_;
-
-    void NextState(RabbitCtx);
-    void SetIV(const byte*);
-
-    Rabbit(const Rabbit&);                  // hide copy
-    const Rabbit operator=(const Rabbit&);  // and assign
-};
-
-} // namespace
-
-
-#endif // TAO_CRYPT_RABBIT_HPP
-
diff --git a/extra/yassl/taocrypt/include/random.hpp b/extra/yassl/taocrypt/include/random.hpp
deleted file mode 100644
index 90d38de7943..00000000000
--- a/extra/yassl/taocrypt/include/random.hpp
+++ /dev/null
@@ -1,85 +0,0 @@
-/*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* random.hpp provides a crypto secure Random Number Generator using an OS
-   specific seed
-*/
-
-
-#ifndef TAO_CRYPT_RANDOM_HPP
-#define TAO_CRYPT_RANDOM_HPP
-
-#include "arc4.hpp"
-#include "error.hpp"
-
-namespace TaoCrypt {
-
-
-// OS specific seeder
-class OS_Seed {
-public:
-    OS_Seed();
-    ~OS_Seed();
-
-    void   GenerateSeed(byte*, word32 sz);
-    Error  GetError() const { return error_; }
-private:
-#if defined(_WIN32)
-    #if defined(_WIN64)
-        typedef unsigned __int64 ProviderHandle;
-        // type HCRYPTPROV, avoid #include 
-    #else
-        typedef unsigned long ProviderHandle;
-    #endif
-    ProviderHandle handle_;
-#else
-    int fd_;
-#endif
-    Error error_;
-
-    OS_Seed(const OS_Seed&);              // hide copy
-    OS_Seed& operator=(const OS_Seed&);   // hide assign
-};
-
-
-// secure Random Nnumber Generator
-class RandomNumberGenerator {
-public:
-    RandomNumberGenerator();
-    ~RandomNumberGenerator() {}
-
-    void GenerateBlock(byte*, word32 sz);
-    byte GenerateByte();
-
-    ErrorNumber GetError() const { return seed_.GetError().What(); }
-private:
-    OS_Seed seed_;
-    ARC4    cipher_;
-
-    RandomNumberGenerator(const RandomNumberGenerator&);           // hide copy
-    RandomNumberGenerator operator=(const RandomNumberGenerator&); // && assign
-};
-
-
-
-
-}  // namespace
-
-#endif // TAO_CRYPT_RANDOM_HPP
-
diff --git a/extra/yassl/taocrypt/include/ripemd.hpp b/extra/yassl/taocrypt/include/ripemd.hpp
deleted file mode 100644
index d50a1714232..00000000000
--- a/extra/yassl/taocrypt/include/ripemd.hpp
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* ripemd.hpp provides RIPEMD digest support
-*/
-
-#ifndef TAO_CRYPT_RIPEMD_HPP
-#define TAO_CRYPT_RIPEMD_HPP
-
-#include "hash.hpp"
-
-
-#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM)
-    #define DO_RIPEMD_ASM
-#endif
-
-namespace TaoCrypt {
-
-
-// RIPEMD160 digest
-class RIPEMD160 : public HASHwithTransform {
-public:
-    enum { BLOCK_SIZE = 64, DIGEST_SIZE = 20, PAD_SIZE = 56,
-           TAO_BYTE_ORDER = LittleEndianOrder };   // in Bytes
-    RIPEMD160() : HASHwithTransform(DIGEST_SIZE / sizeof(word32), BLOCK_SIZE)
-                { Init(); }
-    ByteOrder getByteOrder()  const { return ByteOrder(TAO_BYTE_ORDER); }
-    word32    getBlockSize()  const { return BLOCK_SIZE; }
-    word32    getDigestSize() const { return DIGEST_SIZE; }
-    word32    getPadSize()    const { return PAD_SIZE; }
-
-    RIPEMD160(const RIPEMD160&);
-    RIPEMD160& operator= (const RIPEMD160&);
-
-#ifdef DO_RIPEMD_ASM
-    void Update(const byte*, word32);
-#endif
-    void Init();
-    void Swap(RIPEMD160&);
-private:
-    void Transform();
-    void AsmTransform(const byte* data, word32 times);
-};
-
-inline void swap(RIPEMD160& a, RIPEMD160& b)
-{
-    a.Swap(b);
-}
-
-
-} // namespace
-
-#endif // TAO_CRYPT_RIPEMD_HPP
-
diff --git a/extra/yassl/taocrypt/include/rsa.hpp b/extra/yassl/taocrypt/include/rsa.hpp
deleted file mode 100644
index 446752c64b6..00000000000
--- a/extra/yassl/taocrypt/include/rsa.hpp
+++ /dev/null
@@ -1,250 +0,0 @@
-/*
-   Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* rsa.hpp provides RSA ES encrypt/decrypt, SSL (block type 1) sign and verify
-*/
-
-#ifndef TAO_CRYPT_RSA_HPP
-#define TAO_CRYPT_RSA_HPP
-
-#include "integer.hpp"
-#include "random.hpp"
-
-
-namespace TaoCrypt {
-
-class Source;
-
-
-// Public Key Length helper
-class PK_Lengths {
-    const Integer& image_;
-public:
-    explicit PK_Lengths(const Integer& i) : image_(i) {}
-
-    word32 PaddedBlockBitLength()  const {return image_.BitCount() - 1;}
-    word32 PaddedBlockByteLength() const 
-                {return BitsToBytes(PaddedBlockBitLength());}
-
-    word32 FixedCiphertextLength()   const {return image_.ByteCount();}
-    word32 FixedMaxPlaintextLength() const 
-                {return SaturatingSubtract(PaddedBlockBitLength() / 8, 10U); }
-};
-
-
-// RSA Public Key
-class RSA_PublicKey {
-protected:
-    Integer n_;
-    Integer e_;
-public:
-    RSA_PublicKey() {}
-    explicit RSA_PublicKey(Source&);
-
-    void Initialize(const Integer& n, const Integer& e) {n_ = n; e_ = e;}
-    void Initialize(Source&);
-
-    Integer ApplyFunction(const Integer& x) const;
-
-    const Integer& GetModulus() const {return n_;}
-    const Integer& GetPublicExponent() const {return e_;}
-
-    void SetModulus(const Integer& n) {n_ = n;}
-    void SetPublicExponent(const Integer& e) {e_ = e;}
-
-    word32 FixedCiphertextLength()
-    {
-        return PK_Lengths(n_).FixedCiphertextLength();
-    }
-
-    RSA_PublicKey(const RSA_PublicKey& other) : n_(other.n_), e_(other.e_) {}
-    RSA_PublicKey& operator=(const RSA_PublicKey& that)
-    {
-        RSA_PublicKey tmp(that);
-        Swap(tmp);
-        return *this;
-    }
-
-    void Swap(RSA_PublicKey& other)
-    {
-        n_.Swap(other.n_);
-        e_.Swap(other.e_);
-    }
-};
-
-
-// RSA Private Key
-class RSA_PrivateKey : public RSA_PublicKey {
-    Integer d_;
-    Integer p_;
-    Integer q_;
-    Integer dp_;
-    Integer dq_;
-    Integer u_;
-public:
-    RSA_PrivateKey() {}
-    explicit RSA_PrivateKey(Source&);
-
-    void Initialize(const Integer& n,  const Integer& e, const Integer& d,
-                    const Integer& p,  const Integer& q, const Integer& dp, 
-                    const Integer& dq, const Integer& u)
-        {n_ = n; e_ = e; d_ = d; p_ = p; q_ = q; dp_ = dp; dq_ = dq; u_ = u;}
-    void Initialize(Source&);
-
-    Integer CalculateInverse(RandomNumberGenerator&, const Integer&) const;
-
-    const Integer& GetPrime1() const {return p_;}
-    const Integer& GetPrime2() const {return q_;}
-    const Integer& GetPrivateExponent() const {return d_;}
-    const Integer& GetModPrime1PrivateExponent() const {return dp_;}
-    const Integer& GetModPrime2PrivateExponent() const {return dq_;}
-    const Integer& GetMultiplicativeInverseOfPrime2ModPrime1() const 
-                   {return u_;}
-
-    void SetPrime1(const Integer& p) {p_ = p;}
-    void SetPrime2(const Integer& q) {q_ = q;}
-    void SetPrivateExponent(const Integer& d) {d_ = d;}
-    void SetModPrime1PrivateExponent(const Integer& dp) {dp_ = dp;}
-    void SetModPrime2PrivateExponent(const Integer& dq) {dq_ = dq;}
-    void SetMultiplicativeInverseOfPrime2ModPrime1(const Integer& u) {u_ = u;}
-private:
-    RSA_PrivateKey(const RSA_PrivateKey&);              // hide copy
-    RSA_PrivateKey& operator=(const RSA_PrivateKey&);   // and assign
-};
-
-
-// block type 2 padding
-class RSA_BlockType2  {
-public:
-    void   Pad(const byte*, word32, byte*, word32,
-               RandomNumberGenerator&) const;
-    word32 UnPad(const byte*, word32, byte*) const;
-};
-
-
-// block type 1 padding
-class RSA_BlockType1  {
-public:
-    void   Pad(const byte*, word32, byte*, word32, 
-               RandomNumberGenerator&) const;
-    word32 UnPad(const byte*, word32, byte*) const;
-};
-
-
-// RSA Encryptor, can use any padding
-template
-class RSA_Encryptor {
-    const RSA_PublicKey& key_;
-    Pad                  padding_;
-public:
-    explicit RSA_Encryptor(const RSA_PublicKey& k) : key_(k) {}
-
-    void Encrypt(const byte*, word32, byte*, RandomNumberGenerator&);
-    bool SSL_Verify(const byte* msg, word32 sz, const byte* sig);
-};
-
-
-// RSA Decryptor, can use any padding
-template
-class RSA_Decryptor {
-    const RSA_PrivateKey& key_;
-    Pad                   padding_;
-public:
-    explicit RSA_Decryptor(const RSA_PrivateKey& k) : key_(k) {}
-
-    word32 Decrypt(const byte*, word32, byte*, RandomNumberGenerator&);
-    void   SSL_Sign(const byte*, word32, byte*, RandomNumberGenerator&);
-};
-
-
-// Public Encrypt
-template
-void RSA_Encryptor::Encrypt(const byte* plain, word32 sz, byte* cipher,
-                                 RandomNumberGenerator& rng)
-{
-    PK_Lengths lengths(key_.GetModulus());
-    if (sz > lengths.FixedMaxPlaintextLength())
-        return;
-
-    ByteBlock paddedBlock(lengths.PaddedBlockByteLength());
-    padding_.Pad(plain, sz, paddedBlock.get_buffer(),
-                 lengths.PaddedBlockBitLength(), rng);
-
-    key_.ApplyFunction(Integer(paddedBlock.get_buffer(), paddedBlock.size())).
-        Encode(cipher, lengths.FixedCiphertextLength());
-}
-
-
-// Private Decrypt
-template
-word32 RSA_Decryptor::Decrypt(const byte* cipher, word32 sz, byte* plain,
-                                   RandomNumberGenerator& rng)
-{
-    PK_Lengths lengths(key_.GetModulus());
-
-    if (sz != lengths.FixedCiphertextLength())
-        return 0;
-       
-    ByteBlock paddedBlock(lengths.PaddedBlockByteLength());
-    Integer x = key_.CalculateInverse(rng, Integer(cipher,
-                                      lengths.FixedCiphertextLength()).Ref());
-    if (x.ByteCount() > paddedBlock.size())
-        x = Integer::Zero();	// don't return false, prevents timing attack
-    x.Encode(paddedBlock.get_buffer(), paddedBlock.size());
-    return padding_.UnPad(paddedBlock.get_buffer(),
-                          lengths.PaddedBlockBitLength(), plain);
-}
-
-
-// Private SSL type (block 1) Encrypt
-template
-void RSA_Decryptor::SSL_Sign(const byte* message, word32 sz, byte* sig,
-                                  RandomNumberGenerator& rng)
-{
-    RSA_PublicKey inverse;
-    inverse.Initialize(key_.GetModulus(), key_.GetPrivateExponent());
-    RSA_Encryptor enc(inverse); // SSL Type
-    enc.Encrypt(message, sz, sig, rng);
-}
-
-
-word32 SSL_Decrypt(const RSA_PublicKey& key, const byte* sig, byte* plain);
-
-
-// Public SSL type (block 1) Decrypt
-template
-bool RSA_Encryptor::SSL_Verify(const byte* message, word32 sz,
-                                    const byte* sig)
-{
-    ByteBlock plain(PK_Lengths(key_.GetModulus()).FixedMaxPlaintextLength());
-    if (SSL_Decrypt(key_, sig, plain.get_buffer()) != sz)
-        return false;   // not right justified or bad padding
-
-    if ( (memcmp(plain.get_buffer(), message, sz)) == 0)
-        return true;
-    return false;
-}
-
-
-typedef RSA_Encryptor<> RSAES_Encryptor;
-typedef RSA_Decryptor<> RSAES_Decryptor;
-
-
-} // namespace
-
-#endif // TAO_CRYPT_RSA_HPP
diff --git a/extra/yassl/taocrypt/include/runtime.hpp b/extra/yassl/taocrypt/include/runtime.hpp
deleted file mode 100644
index 90f084320cb..00000000000
--- a/extra/yassl/taocrypt/include/runtime.hpp
+++ /dev/null
@@ -1,68 +0,0 @@
-/*
-   Copyright (c) 2005, 2014, Oracle and/or its affiliates
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* runtime.hpp provides C++ runtime support functions when building a pure C
- * version of yaSSL, user must define YASSL_PURE_C
-*/
-
-
-
-#ifndef yaSSL_NEW_HPP
-#define yaSSL_NEW_HPP
-
-#ifdef HAVE_CONFIG_H
-#include "config.h"
-#endif
-
-#ifdef __sun
- 
-
-// Handler for pure virtual functions
-namespace __Crun {
-    static void pure_error(void)
-    {
-       // "Pure virtual method called, Aborted", GCC 4.2 str cmp fix
-    }
-} // namespace __Crun
-
-#endif // __sun
-
-
-#if defined(__GNUC__) && !(defined(__ICC) || defined(__INTEL_COMPILER))
-
-#if __GNUC__ > 2
-
-extern "C" {
-#if defined(DO_TAOCRYPT_KERNEL_MODE)
-    #include "kernelc.hpp"
-#endif
-
-/* Disallow inline __cxa_pure_virtual() */
-static int __cxa_pure_virtual() __attribute__((noinline, used));
-static int __cxa_pure_virtual()
-{
-    // oops, pure virtual called!
-    return 0;
-}
-
-} // extern "C"
-
-#endif // __GNUC__ > 2
-#endif // compiler check
-#endif // yaSSL_NEW_HPP
-
diff --git a/extra/yassl/taocrypt/include/sha.hpp b/extra/yassl/taocrypt/include/sha.hpp
deleted file mode 100644
index 8b18b7a66ae..00000000000
--- a/extra/yassl/taocrypt/include/sha.hpp
+++ /dev/null
@@ -1,174 +0,0 @@
-/*
-   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* sha.hpp provides SHA-1 digests, see RFC 3174
-*/
-
-#ifndef TAO_CRYPT_SHA_HPP
-#define TAO_CRYPT_SHA_HPP
-
-#include "hash.hpp"
-
-
-#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM)
-    #define DO_SHA_ASM
-#endif
-
-namespace TaoCrypt {
-
-
-// SHA-1 digest
-class SHA : public HASHwithTransform {
-public:
-    enum { BLOCK_SIZE = 64, DIGEST_SIZE = 20, PAD_SIZE = 56,
-           TAO_BYTE_ORDER = BigEndianOrder};   // in Bytes
-    SHA() : HASHwithTransform(DIGEST_SIZE / sizeof(word32), BLOCK_SIZE)
-                { Init(); }
-    ByteOrder getByteOrder()  const { return ByteOrder(TAO_BYTE_ORDER); }
-    word32    getBlockSize()  const { return BLOCK_SIZE; }
-    word32    getDigestSize() const { return DIGEST_SIZE; }
-    word32    getPadSize()    const { return PAD_SIZE; }
-
-#ifdef DO_SHA_ASM
-    void Update(const byte* data, word32 len);
-#endif
-    void Init();
-
-    SHA(const SHA&);
-    SHA& operator= (const SHA&);
-
-    void Swap(SHA&);
-private:
-    void Transform();
-    void AsmTransform(const byte* data, word32 times);
-};
-
-
-inline void swap(SHA& a, SHA& b)
-{
-    a.Swap(b);
-}
-
-// SHA-256 digest
-class SHA256 : public HASHwithTransform {
-public:
-    enum { BLOCK_SIZE = 64, DIGEST_SIZE = 32, PAD_SIZE = 56,
-           TAO_BYTE_ORDER = BigEndianOrder};   // in Bytes
-    SHA256() : HASHwithTransform(DIGEST_SIZE / sizeof(word32), BLOCK_SIZE)
-                { Init(); }
-    ByteOrder getByteOrder()  const { return ByteOrder(TAO_BYTE_ORDER); }
-    word32    getBlockSize()  const { return BLOCK_SIZE; }
-    word32    getDigestSize() const { return DIGEST_SIZE; }
-    word32    getPadSize()    const { return PAD_SIZE; }
-
-    void Init();
-
-    SHA256(const SHA256&);
-    SHA256& operator= (const SHA256&);
-
-    void Swap(SHA256&);
-private:
-    void Transform();
-};
-
-
-// SHA-224 digest
-class SHA224 : public HASHwithTransform {
-public:
-    enum { BLOCK_SIZE = 64, DIGEST_SIZE = 28, PAD_SIZE = 56,
-           TAO_BYTE_ORDER = BigEndianOrder};   // in Bytes
-    SHA224() : HASHwithTransform(SHA256::DIGEST_SIZE /sizeof(word32),BLOCK_SIZE)
-                { Init(); }
-    ByteOrder getByteOrder()  const { return ByteOrder(TAO_BYTE_ORDER); }
-    word32    getBlockSize()  const { return BLOCK_SIZE; }
-    word32    getDigestSize() const { return DIGEST_SIZE; }
-    word32    getPadSize()    const { return PAD_SIZE; }
-
-    void Init();
-
-    SHA224(const SHA224&);
-    SHA224& operator= (const SHA224&);
-
-    void Swap(SHA224&);
-private:
-    void Transform();
-};
-
-
-#ifdef WORD64_AVAILABLE
-
-// SHA-512 digest
-class SHA512 : public HASH64withTransform {
-public:
-    enum { BLOCK_SIZE = 128, DIGEST_SIZE = 64, PAD_SIZE = 112,
-           TAO_BYTE_ORDER = BigEndianOrder};   // in Bytes
-    SHA512() : HASH64withTransform(DIGEST_SIZE / sizeof(word64), BLOCK_SIZE)
-                { Init(); }
-    ByteOrder getByteOrder()  const { return ByteOrder(TAO_BYTE_ORDER); }
-    word32    getBlockSize()  const { return BLOCK_SIZE; }
-    word32    getDigestSize() const { return DIGEST_SIZE; }
-    word32    getPadSize()    const { return PAD_SIZE; }
-
-    void Init();
-
-    SHA512(const SHA512&);
-    SHA512& operator= (const SHA512&);
-
-    void Swap(SHA512&);
-private:
-    void Transform();
-};
-
-
-// SHA-384 digest
-class SHA384 : public HASH64withTransform {
-public:
-    enum { BLOCK_SIZE = 128, DIGEST_SIZE = 48, PAD_SIZE = 112,
-           TAO_BYTE_ORDER = BigEndianOrder};   // in Bytes
-    SHA384() : HASH64withTransform(SHA512::DIGEST_SIZE/ sizeof(word64),
-                                   BLOCK_SIZE)
-                { Init(); }
-    ByteOrder getByteOrder()  const { return ByteOrder(TAO_BYTE_ORDER); }
-    word32    getBlockSize()  const { return BLOCK_SIZE; }
-    word32    getDigestSize() const { return DIGEST_SIZE; }
-    word32    getPadSize()    const { return PAD_SIZE; }
-
-    void Init();
-
-    SHA384(const SHA384&);
-    SHA384& operator= (const SHA384&);
-
-    void Swap(SHA384&);
-private:
-    void Transform();
-};
-
-enum { MAX_SHA2_DIGEST_SIZE = 64 };   // SHA512
-
-#else
-
-enum { MAX_SHA2_DIGEST_SIZE = 32 };   // SHA256
-
-#endif // WORD64_AVAILABLE
-
-
-} // namespace
-
-
-#endif // TAO_CRYPT_SHA_HPP
-
diff --git a/extra/yassl/taocrypt/include/twofish.hpp b/extra/yassl/taocrypt/include/twofish.hpp
deleted file mode 100644
index c2b0e6f75ad..00000000000
--- a/extra/yassl/taocrypt/include/twofish.hpp
+++ /dev/null
@@ -1,95 +0,0 @@
-/*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* twofish.hpp defines Twofish
-*/
-
-
-#ifndef TAO_CRYPT_TWOFISH_HPP
-#define TAO_CRYPT_TWOFISH_HPP
-
-#include "misc.hpp"
-#include "modes.hpp"
-#ifdef USE_SYS_STL
-    #include 
-#else
-    #include "algorithm.hpp"
-#endif
-
-
-namespace STL = STL_NAMESPACE;
-
-
-#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM)
-    #define DO_TWOFISH_ASM
-#endif
-
-namespace TaoCrypt {
-
-enum { TWOFISH_BLOCK_SIZE = 16 };
-
-
-// Twofish encryption and decryption, see 
-class Twofish : public Mode_BASE {
-public:
-    enum { BLOCK_SIZE = TWOFISH_BLOCK_SIZE };
-
-    Twofish(CipherDir DIR, Mode MODE)
-        : Mode_BASE(BLOCK_SIZE, DIR, MODE) {}
-
-#ifdef DO_TWOFISH_ASM
-    void Process(byte*, const byte*, word32);
-#endif
-    void SetKey(const byte* key, word32 sz, CipherDir fake = ENCRYPTION);
-    void SetIV(const byte* iv) { memcpy(r_, iv, BLOCK_SIZE); }
-private:
-	static const byte     q_[2][256];
-	static const word32 mds_[4][256];
-
-	word32 k_[40];
-	word32 s_[4][256];
-
-	static word32 h0(word32 x, const word32 *key, unsigned int kLen);
-	static word32 h(word32 x, const word32 *key, unsigned int kLen);
-
-    void ProcessAndXorBlock(const byte*, const byte*, byte*) const;
-
-    void encrypt(const byte*, const byte*, byte*) const;
-    void decrypt(const byte*, const byte*, byte*) const;
-
-    void AsmEncrypt(const byte* inBlock, byte* outBlock) const;
-    void AsmDecrypt(const byte* inBlock, byte* outBlock) const;
-
-    Twofish(const Twofish&);            // hide copy
-    Twofish& operator=(const Twofish&); // and assign
-};
-
-
-typedef BlockCipher Twofish_ECB_Encryption;
-typedef BlockCipher Twofish_ECB_Decryption;
-
-typedef BlockCipher Twofish_CBC_Encryption;
-typedef BlockCipher Twofish_CBC_Decryption;
-
-
-
-} // naemspace
-
-#endif // TAO_CRYPT_TWOFISH_HPP
-
diff --git a/extra/yassl/taocrypt/include/type_traits.hpp b/extra/yassl/taocrypt/include/type_traits.hpp
deleted file mode 100644
index f85ae552c18..00000000000
--- a/extra/yassl/taocrypt/include/type_traits.hpp
+++ /dev/null
@@ -1,78 +0,0 @@
-/*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* type_traits defines fundamental types
- * see discussion in C++ Templates, $19.1
-*/
-
-
-#ifndef TAO_CRYPT_TYPE_TRAITS_HPP
-#define TAO_CRYPT_TYPE_TRAITS_HPP
-
-#include "types.hpp"
-
-namespace TaoCrypt {
-
-
-// primary template: in general T is not a fundamental type
-
-template 
-class IsFundamentalType {
-    public:
-        enum { Yes = 0, No = 1 };
-};
-
-
-// macro to specialize for fundamental types
-#define MK_FUNDAMENTAL_TYPE(T)                  \
-    template<> class IsFundamentalType {     \
-        public:                                 \
-            enum { Yes = 1, No = 0 };           \
-    };
-
-
-MK_FUNDAMENTAL_TYPE(void)
-
-MK_FUNDAMENTAL_TYPE(bool)
-MK_FUNDAMENTAL_TYPE(         char)
-MK_FUNDAMENTAL_TYPE(signed   char)
-MK_FUNDAMENTAL_TYPE(unsigned char)
-
-MK_FUNDAMENTAL_TYPE(signed   short)
-MK_FUNDAMENTAL_TYPE(unsigned short)
-MK_FUNDAMENTAL_TYPE(signed   int)
-MK_FUNDAMENTAL_TYPE(unsigned int)
-MK_FUNDAMENTAL_TYPE(signed   long)
-MK_FUNDAMENTAL_TYPE(unsigned long)
-
-MK_FUNDAMENTAL_TYPE(float)
-MK_FUNDAMENTAL_TYPE(     double)
-MK_FUNDAMENTAL_TYPE(long double)
-
-#if defined(WORD64_AVAILABLE) && defined(WORD64_IS_DISTINCT_TYPE)
-    MK_FUNDAMENTAL_TYPE(word64)
-#endif
-
-
-#undef MK_FUNDAMENTAL_TYPE
-
-
-} // namespace
-
-#endif // TAO_CRYPT_TYPE_TRAITS_HPP
diff --git a/extra/yassl/taocrypt/include/types.hpp b/extra/yassl/taocrypt/include/types.hpp
deleted file mode 100644
index 97136970e13..00000000000
--- a/extra/yassl/taocrypt/include/types.hpp
+++ /dev/null
@@ -1,99 +0,0 @@
-/*
-   Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* based on Wei Dai's misc.h from CryptoPP, basic crypt types */
-
-
-#ifndef TAO_CRYPT_TYPES_HPP
-#define TAO_CRYPT_TYPES_HPP
-
-#ifdef HAVE_CONFIG_H
-    #include "config.h"
-#endif
-
-namespace TaoCrypt {
-
-
-#if defined(WORDS_BIGENDIAN) || (defined(__MWERKS__) && !defined(__INTEL__))
-    #define BIG_ENDIAN_ORDER
-#endif
-
-#ifndef BIG_ENDIAN_ORDER
-    #define LITTLE_ENDIAN_ORDER
-#endif
-
-
-typedef unsigned char  byte;
-typedef unsigned short word16;
-typedef unsigned int   word32;
-
-#if defined(_MSC_VER) || defined(__BCPLUSPLUS__)
-    #define WORD64_AVAILABLE
-    #define WORD64_IS_DISTINCT_TYPE
-    typedef unsigned __int64 word64;
-    #define W64LIT(x) x##ui64
-#elif SIZEOF_LONG == 8
-    #define WORD64_AVAILABLE
-    typedef unsigned long word64;
-    #define W64LIT(x) x##LL
-#elif SIZEOF_LONG_LONG == 8 
-    #define WORD64_AVAILABLE
-    #define WORD64_IS_DISTINCT_TYPE
-    typedef unsigned long long word64;
-    #define W64LIT(x) x##LL
-#endif
-
-
-// compilers we've found 64-bit multiply insructions for
-#if defined(__GNUC__) || defined(_MSC_VER) || defined(__DECCXX)
-    #if !(defined(__ICC) || defined(__INTEL_COMPILER))
-        #define HAVE_64_MULTIPLY
-    #endif
-#endif
-
-    
-#if defined(HAVE_64_MULTIPLY) && (defined(__alpha__) || defined(__ia64__) \
-    || defined(_ARCH_PPC64) || defined(__mips64)  || defined(__x86_64__) \
-    || defined(_M_X64) || defined(_M_IA64)) 
-// These platforms have 64-bit CPU registers. Unfortunately most C++ compilers
-// don't allow any way to access the 64-bit by 64-bit multiply instruction
-// without using assembly, so in order to use word64 as word, the assembly
-// instruction must be defined in Dword::Multiply().
-    typedef word32 hword;
-    typedef word64 word;
-#else
-    #define TAOCRYPT_NATIVE_DWORD_AVAILABLE
-    #ifdef WORD64_AVAILABLE
-        #define TAOCRYPT_SLOW_WORD64
-        typedef word16 hword;
-        typedef word32 word;
-        typedef word64 dword;
-    #else
-        typedef byte   hword;
-        typedef word16 word;
-        typedef word32 dword;
-    #endif
-#endif
-
-const word32 WORD_SIZE = sizeof(word);
-const word32 WORD_BITS = WORD_SIZE * 8;
-
-
-}  // namespace
-
-#endif // TAO_CRYPT_TYPES_HPP
diff --git a/extra/yassl/taocrypt/mySTL/algorithm.hpp b/extra/yassl/taocrypt/mySTL/algorithm.hpp
deleted file mode 100644
index 06731525bf1..00000000000
--- a/extra/yassl/taocrypt/mySTL/algorithm.hpp
+++ /dev/null
@@ -1,109 +0,0 @@
-/*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-
-/* mySTL algorithm implements max, min, for_each, swap, find_if, copy,
- * copy_backward, fill
- */
-
-#ifndef mySTL_ALGORITHM_HPP
-#define mySTL_ALGORITHM_HPP
-
-
-namespace mySTL {
-
-
-template
-inline const T& max(const T& a, const T&b)
-{
-    return a < b ? b : a;
-}
-
-
-template
-inline const T& min(const T& a, const T&b)
-{
-    return b < a ? b : a;
-}
-
-
-template
-Func for_each(InIter first, InIter last, Func op)
-{
-    while (first != last) {
-        op(*first);
-        ++first;
-    }
-    return op;
-}
-
-
-template
-inline void swap(T& a, T& b)
-{
-    T tmp = a;
-    a = b;
-    b = tmp;
-}
-
-
-template
-InIter find_if(InIter first, InIter last, Pred pred)
-{
-    while (first != last && !pred(*first))
-        ++first;
-    return first;
-}
-
-
-template
-inline OutputIter copy(InputIter first, InputIter last, OutputIter place)
-{
-    while (first != last) {
-        *place = *first;
-        ++first;
-        ++place;
-    }
-    return place;
-}
-
-
-template
-inline OutputIter 
-copy_backward(InputIter first, InputIter last, OutputIter place)
-{
-    while (first != last)
-        *--place = *--last;
-    return place;
-}
-
-
-template
-void fill(InputIter first, InputIter last, const T& v)
-{
-    while (first != last) {
-        *first = v;
-        ++first;
-    }
-}
-
-
-}  // namespace mySTL
-
-#endif // mySTL_ALGORITHM_HPP
diff --git a/extra/yassl/taocrypt/mySTL/helpers.hpp b/extra/yassl/taocrypt/mySTL/helpers.hpp
deleted file mode 100644
index ec9266ddf2a..00000000000
--- a/extra/yassl/taocrypt/mySTL/helpers.hpp
+++ /dev/null
@@ -1,154 +0,0 @@
-/*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-
-/* mySTL helpers implements misc constructs for vector and list
- *
- */
-
-#ifndef mySTL_HELPERS_HPP
-#define mySTL_HELPERS_HPP
-
-#include 
-#ifdef _MSC_VER
-    #include 
-#endif
-
-/*
-      Workaround for the lack of operator new(size_t, void*)
-      in IBM VA C++ 6.0
-      Also used as a workaround to avoid including 
-*/
-    struct Dummy {};
-
-    inline void* operator new(size_t size, Dummy* d) 
-    { 
-        return static_cast(d);
-    }
-
-    // for compilers that want matching delete
-    inline void operator delete(void* ptr, Dummy* d) 
-    { 
-    }
-
-    typedef Dummy* yassl_pointer;
-
-namespace mySTL {
-
-
-template 
-inline void construct(T* p, const T2& value)
-{
-    new (reinterpret_cast(p)) T(value);
-}
-
-
-template 
-inline void construct(T* p)
-{
-    new (reinterpret_cast(p)) T();
-}
-
-
-template 
-inline void destroy(T* p)
-{
-    p->~T();
-}
-
-
-template 
-void destroy(Iter first, Iter last)
-{
-    while (first != last) {
-        destroy(&*first);
-        ++first;
-    }
-}
-
-
-template 
-PlaceIter uninit_copy(Iter first, Iter last, PlaceIter place)
-{
-    while (first != last) {
-        construct(&*place, *first);
-        ++first;
-        ++place;
-    }
-    return place;
-}
-
-
-template 
-PlaceIter uninit_fill_n(PlaceIter place, Size n, const T& value)
-{
-    while (n) {
-        construct(&*place, value);
-        --n;
-        ++place;
-    }
-    return place;
-}
-
-
-template 
-T* GetArrayMemory(size_t items)
-{
-    unsigned char* ret;
-
-    #ifdef YASSL_LIB
-        ret = NEW_YS unsigned char[sizeof(T) * items];
-    #else
-        ret = NEW_TC unsigned char[sizeof(T) * items];
-    #endif
-
-    return reinterpret_cast(ret);
-}
-
-
-template 
-void FreeArrayMemory(T* ptr)
-{
-    unsigned char* p = reinterpret_cast(ptr);
-
-    #ifdef YASSL_LIB
-        yaSSL::ysArrayDelete(p);
-    #else
-        TaoCrypt::tcArrayDelete(p);
-    #endif
-}
-
-
-
-inline void* GetMemory(size_t bytes)
-{
-    return GetArrayMemory(bytes);
-}
-
-
-inline void FreeMemory(void* ptr)
-{
-    FreeArrayMemory(ptr);
-}
-
-
-
-} // namespace mySTL
-
-#endif // mySTL_HELPERS_HPP
diff --git a/extra/yassl/taocrypt/mySTL/list.hpp b/extra/yassl/taocrypt/mySTL/list.hpp
deleted file mode 100644
index c71ebc8def5..00000000000
--- a/extra/yassl/taocrypt/mySTL/list.hpp
+++ /dev/null
@@ -1,368 +0,0 @@
-/*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-
-/* mySTL list implements a simple list
- *
- */
-
-#ifndef mySTL_LIST_HPP
-#define mySTL_LIST_HPP
-
-
-#include "helpers.hpp"
-
-
-namespace mySTL {
-
-
-
-template 
-class list {
-
-#ifdef __SUNPRO_CC
-/*
-   Sun Forte 7 C++ v. 5.4 needs class 'node' public to be visible to
-   the nested class 'iterator' (a non-standard behaviour).
-*/
-public:
-#endif
-
-    struct node {
-        node(T t) : prev_(0), next_(0), value_(t) {}
-
-        node* prev_;
-        node* next_;
-        T     value_;
-    };   
-public:
-    list() : head_(0), tail_(0), sz_(0) {}
-    ~list();
-
-    void   push_front(T);
-    void   pop_front();
-    T      front() const;
-    void   push_back(T);
-    void   pop_back();
-    T      back() const;
-    bool   remove(T);
-    size_t size()  const { return sz_; }
-    bool   empty() const { return sz_ == 0; }
-
-    class iterator {
-        node* current_;
-    public:
-        explicit iterator(node* p = 0) : current_(p) {}
-
-        T& operator*() const
-        {
-            return current_->value_;
-        }
-
-        T* operator->() const
-        {
-            return &(operator*());
-        }
-
-        iterator& operator++()
-        {
-            current_ = current_->next_;
-            return *this;
-        }
-
-        iterator& operator--()
-        {
-            current_ = current_->prev_;
-            return *this;
-        }
-
-        iterator operator++(int)
-        {
-            iterator tmp = *this;
-            current_ = current_->next_;
-            return tmp;
-        }
-
-        iterator operator--(int)
-        {
-            iterator tmp = *this;
-            current_ = current_->prev_;
-            return tmp;
-        }
-
-        bool operator==(const iterator& other) const
-        { 
-            return current_ == other.current_;
-        }
-
-        bool operator!=(const iterator& other) const
-        {
-            return current_ != other.current_;
-        }
-
-        friend class list;
-    };
-
-
-    class reverse_iterator {
-        node* current_;
-    public:
-        explicit reverse_iterator(node* p = 0) : current_(p) {}
-
-        T& operator*() const
-        {
-            return current_->value_;
-        }
-
-        T* operator->() const
-        {
-            return &(operator*());
-        }
-
-        reverse_iterator& operator++()
-        {
-            current_ = current_->prev_;
-            return *this;
-        }
-
-        reverse_iterator& operator--()
-        {
-            current_ = current_->next_;
-            return *this;
-        }
-
-        reverse_iterator operator++(int)
-        {
-            reverse_iterator tmp = *this;
-            current_ = current_->prev_;
-            return tmp;
-        }
-
-        reverse_iterator operator--(int)
-        {
-            reverse_iterator tmp = *this;
-            current_ = current_->next_;
-            return tmp;
-        }
-
-        bool operator==(const reverse_iterator& other) const
-        { 
-            return current_ == other.current_;
-        }
-
-        bool operator!=(const reverse_iterator& other) const
-        {
-            return current_ != other.current_;
-        }
-
-        friend class list;
-    };
-
-    bool erase(iterator);
-
-    iterator         begin()  const { return iterator(head_); }
-    reverse_iterator rbegin() const { return reverse_iterator(tail_); }
-    iterator         end()    const { return iterator(); }
-    reverse_iterator rend()   const { return reverse_iterator(); }
-
-    typedef iterator const_iterator;    // for now
-
-    class underflow {};
-    class overflow {}; 
-private:
-    node*  head_;
-    node*  tail_;
-    size_t sz_;
-
-    node* look_up(T);
-
-    list(const list&);            // hide copy
-    list& operator=(const list&); // and assign
-};
-
-
-template 
-list::~list()
-{
-    node* start = head_;
-    node* next_;
-
-    for (; start; start = next_) {
-        next_ = start->next_;
-        destroy(start);
-        FreeMemory(start);
-    }
-}
-
-
-template 
-void list::push_front(T t)
-{
-    void* mem = GetMemory(sizeof(node));
-    node* add = new (reinterpret_cast(mem)) node(t);
-
-    if (head_) {
-        add->next_ = head_;
-        head_->prev_ = add;
-    }
-    else
-        tail_ = add;
-
-    head_ = add;
-    ++sz_; 
-}
-
-
-template 
-void list::pop_front()
-{
-    node* front = head_;
-
-    if (head_ == 0)
-        return;
-    else if (head_ == tail_)
-        head_ = tail_ = 0;
-    else {
-        head_ = head_->next_;
-        head_->prev_ = 0;
-    }
-    destroy(front);
-    FreeMemory(front);
-    --sz_;
-}
-
-
-template 
-T list::front() const
-{
-    if (head_ == 0) return T();
-    return head_->value_;
-}
-
-
-template 
-void list::push_back(T t)
-{
-    void* mem = GetMemory(sizeof(node));
-    node* add = new (reinterpret_cast(mem)) node(t);
-
-    if (tail_) {
-        tail_->next_ = add;
-        add->prev_ = tail_;
-    }
-    else
-        head_ = add;
-
-    tail_ = add;
-    ++sz_;
-}
-
-
-template 
-void list::pop_back()
-{
-    node* rear = tail_;
-
-    if (tail_ == 0)
-        return;
-    else if (tail_ == head_)
-        tail_ = head_ = 0;
-    else {
-        tail_ = tail_->prev_;
-        tail_->next_ = 0;
-    }
-    destroy(rear);
-    FreeMemory(rear);
-    --sz_;
-}
-
-
-template 
-T list::back() const
-{
-    if (tail_ == 0) return T();
-    return tail_->value_;
-}
-
-
-template
-typename list::node* list::look_up(T t)
-{
-    node* list = head_;
-
-    if (list == 0) return 0;
-
-    for (; list; list = list->next_)
-        if (list->value_ == t)
-            return list;
-
-    return 0;
-}
-
-
-template 
-bool list::remove(T t)
-{
-    node* del = look_up(t);
-
-    if (del == 0)
-        return false;
-    else if (del == head_)
-        pop_front();
-    else if (del == tail_)
-        pop_back();
-    else {
-        del->prev_->next_ = del->next_;
-        del->next_->prev_ = del->prev_;
-
-        destroy(del);
-        FreeMemory(del);
-        --sz_;
-    }
-    return true;
-}
-
-
-template 
-bool list::erase(iterator iter)
-{
-    node* del = iter.current_;
-
-    if (del == 0)
-        return false;
-    else if (del == head_)
-        pop_front();
-    else if (del == tail_)
-        pop_back();
-    else {
-        del->prev_->next_ = del->next_;
-        del->next_->prev_ = del->prev_;
-
-        destroy(del);
-        FreeMemory(del);
-        --sz_;
-    }
-    return true;
-}
-
-
-
-} // namespace mySTL
-
-#endif // mySTL_LIST_HPP
diff --git a/extra/yassl/taocrypt/mySTL/memory.hpp b/extra/yassl/taocrypt/mySTL/memory.hpp
deleted file mode 100644
index fdd34cda125..00000000000
--- a/extra/yassl/taocrypt/mySTL/memory.hpp
+++ /dev/null
@@ -1,137 +0,0 @@
-/*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-
-/* mySTL memory implements auto_ptr
- *
- */
-
-#ifndef mySTL_MEMORY_HPP
-#define mySTL_MEMORY_HPP
-
-#include "memory_array.hpp"   // for auto_array
-
-#ifdef _MSC_VER
-    // disable operator-> warning for builtins
-    #pragma warning(disable:4284)
-#endif
-
-
-namespace mySTL {
-
-
-template
-struct auto_ptr_ref {
-    T* ptr_;
-    explicit auto_ptr_ref(T* p) : ptr_(p) {}
-};
-
-
-template
-class auto_ptr {
-    T*       ptr_;
-
-    void Destroy()
-    {
-        #ifdef YASSL_LIB
-            yaSSL::ysDelete(ptr_);
-        #else
-            TaoCrypt::tcDelete(ptr_);
-        #endif
-    }
-public:
-    explicit auto_ptr(T* p = 0) : ptr_(p) {}
-
-    ~auto_ptr() 
-    {
-        Destroy();
-    }
-
-
-    auto_ptr(auto_ptr& other) : ptr_(other.release()) {}
-
-    auto_ptr& operator=(auto_ptr& that)
-    {
-        if (this != &that) {
-            Destroy();
-            ptr_ = that.release();
-        }
-        return *this;
-    }
-
-
-    T* operator->() const
-    {
-        return ptr_;
-    }
-
-    T& operator*() const
-    {
-        return *ptr_;
-    }
-
-    T* get() const 
-    { 
-        return ptr_; 
-    }
-
-    T* release()
-    {
-        T* tmp = ptr_;
-        ptr_ = 0;
-        return tmp;
-    }
-
-    void reset(T* p = 0)
-    {
-        if (ptr_ != p) {
-            Destroy();
-            ptr_ = p;
-        }
-    }
-
-    // auto_ptr_ref conversions
-    auto_ptr(auto_ptr_ref ref) : ptr_(ref.ptr_) {}
-
-    auto_ptr& operator=(auto_ptr_ref ref)
-    {
-        if (this->ptr_ != ref.ptr_) {
-            Destroy();
-            ptr_ = ref.ptr_;
-        }
-        return *this;
-    }
-
-    template
-    operator auto_ptr()
-    {
-        return auto_ptr(this->release());
-    }
-
-    template
-    operator auto_ptr_ref()
-    {
-        return auto_ptr_ref(this->release());
-    }
-};
-
-
-} // namespace mySTL
-
-#endif // mySTL_MEMORY_HPP
diff --git a/extra/yassl/taocrypt/mySTL/memory_array.hpp b/extra/yassl/taocrypt/mySTL/memory_array.hpp
deleted file mode 100644
index af4c2cdf232..00000000000
--- a/extra/yassl/taocrypt/mySTL/memory_array.hpp
+++ /dev/null
@@ -1,136 +0,0 @@
-/*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-
-/* mySTL memory_arry implements auto_array
- *
- */
-
-#ifndef mySTL_MEMORY_ARRAY_HPP
-#define mySTL_MEMORY_ARRAY_HPP
-
-
-#ifdef _MSC_VER
-    // disable operator-> warning for builtins
-    #pragma warning(disable:4284)
-#endif
-
-
-namespace mySTL {
-
-
-template
-struct auto_array_ref {
-    T* ptr_;
-    explicit auto_array_ref(T* p) : ptr_(p) {}
-};
-
-
-template
-class auto_array {
-    T*       ptr_;
-
-    void Destroy()
-    {
-        #ifdef YASSL_LIB
-            yaSSL::ysArrayDelete(ptr_);
-        #else
-            TaoCrypt::tcArrayDelete(ptr_);
-        #endif
-    }
-public:
-    explicit auto_array(T* p = 0) : ptr_(p) {}
-
-    ~auto_array() 
-    {
-        Destroy();
-    }
-
-
-    auto_array(auto_array& other) : ptr_(other.release()) {}
-
-    auto_array& operator=(auto_array& that)
-    {
-        if (this != &that) {
-            Destroy();
-            ptr_ = that.release();
-        }
-        return *this;
-    }
-
-
-    T* operator->() const
-    {
-        return ptr_;
-    }
-
-    T& operator*() const
-    {
-        return *ptr_;
-    }
-
-    T* get() const 
-    { 
-        return ptr_; 
-    }
-
-    T* release()
-    {
-        T* tmp = ptr_;
-        ptr_ = 0;
-        return tmp;
-    }
-
-    void reset(T* p = 0)
-    {
-        if (ptr_ != p) {
-            Destroy();
-            ptr_ = p;
-        }
-    }
-
-    // auto_array_ref conversions
-    auto_array(auto_array_ref ref) : ptr_(ref.ptr_) {}
-
-    auto_array& operator=(auto_array_ref ref)
-    {
-        if (this->ptr_ != ref.ptr_) {
-            Destroy();
-            ptr_ = ref.ptr_;
-        }
-        return *this;
-    }
-
-    template
-    operator auto_array()
-    {
-        return auto_array(this->release());
-    }
-
-    template
-    operator auto_array_ref()
-    {
-        return auto_array_ref(this->release());
-    }
-};
-
-
-} // namespace mySTL
-
-#endif // mySTL_MEMORY_ARRAY_HPP
diff --git a/extra/yassl/taocrypt/mySTL/pair.hpp b/extra/yassl/taocrypt/mySTL/pair.hpp
deleted file mode 100644
index 9dd97f63bfa..00000000000
--- a/extra/yassl/taocrypt/mySTL/pair.hpp
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-
-/* mySTL pair implements pair
- *
- */
-
-#ifndef mySTL_PAIR_HPP
-#define mySTL_PAIR_HPP
-
-
-
-namespace mySTL {
-
-
-template
-struct pair {
-    typedef T1 first_type;
-    typedef T2 second_type;
-
-    first_type  first;
-    second_type second;
-
-    pair() {}
-    pair(const T1& t1, const T2& t2) : first(t1), second(t2) {}
-
-    template
-    pair(const pair& p) : first(p.first), second(p.second) {}
-};
-
-
-template
-inline pair make_pair(const T1& a, const T2& b)
-{
-    return pair(a, b);
-}
-
-
-
-} // namespace mySTL
-
-#endif // mySTL_PAIR_HPP
diff --git a/extra/yassl/taocrypt/mySTL/stdexcept.hpp b/extra/yassl/taocrypt/mySTL/stdexcept.hpp
deleted file mode 100644
index 8c12b51e130..00000000000
--- a/extra/yassl/taocrypt/mySTL/stdexcept.hpp
+++ /dev/null
@@ -1,76 +0,0 @@
-/*
-   Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-
-/* mySTL memory implements exception, runtime_error
- *
- */
-
-#ifndef mySTL_STDEXCEPT_HPP
-#define mySTL_STDEXCEPT_HPP
-
-
-#include   // strncpy
-#include   // size_t
-
-
-namespace mySTL {
-
-
-class exception {
-public:
-    exception() {}
-    virtual ~exception() {}   // to shut up compiler warnings
-
-    virtual const char* what() const { return ""; }
-
-    // for compiler generated call, never used
-    static void operator delete(void*) { }
-private:
-    // don't allow dynamic creation of exceptions
-    static void* operator new(size_t);
-};
-
-
-class named_exception : public exception {
-public:
-    enum { NAME_SIZE = 80 };
-
-    explicit named_exception(const char* str) 
-    {
-        strncpy(name_, str, NAME_SIZE);
-        name_[NAME_SIZE - 1] = 0;
-    }
-
-    virtual const char* what() const { return name_; }
-private:
-    char name_[NAME_SIZE];
-};
-
-
-class runtime_error : public named_exception {
-public:
-    explicit runtime_error(const char* str) : named_exception(str) {}
-};
-
-
-
-
-} // namespace mySTL
-
-#endif // mySTL_STDEXCEPT_HPP
diff --git a/extra/yassl/taocrypt/mySTL/vector.hpp b/extra/yassl/taocrypt/mySTL/vector.hpp
deleted file mode 100644
index 0abcf910baf..00000000000
--- a/extra/yassl/taocrypt/mySTL/vector.hpp
+++ /dev/null
@@ -1,153 +0,0 @@
-/*
-   Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-
-/* mySTL vector implements simple vector, w/ swap
- *
- */
-
-#ifndef mySTL_VECTOR_HPP
-#define mySTL_VECTOR_HPP
-
-#include "helpers.hpp"    // construct, destory, fill, etc.
-#include "algorithm.hpp"  // swap
-
-
-namespace mySTL {
-
-
-template 
-struct vector_base {
-    T* start_;
-    T* finish_;
-    T* end_of_storage_;
-
-    vector_base() : start_(0), finish_(0), end_of_storage_(0) {}
-    vector_base(size_t n)
-    {
-        start_ = GetArrayMemory(n);
-        finish_ = start_;
-        end_of_storage_ = start_ + n;
-    }
-
-    ~vector_base() 
-    { 
-        FreeArrayMemory(start_);
-    }
-
-    void Swap(vector_base& that) 
-    {
-        swap(start_, that.start_);
-        swap(finish_, that.finish_);
-        swap(end_of_storage_, that.end_of_storage_);
-    }
-};
-
-
-
-template 
-class vector {
-public:
-    typedef T*       iterator;
-    typedef const T* const_iterator;
-
-    vector() {}
-    explicit vector(size_t n) : vec_(n) 
-    { 
-        vec_.finish_ = uninit_fill_n(vec_.start_, n, T()); 
-    }
-
-    ~vector() { destroy(vec_.start_, vec_.finish_); }
-
-    vector(const vector& other) : vec_(other.size())
-    {
-        vec_.finish_ = uninit_copy(other.vec_.start_, other.vec_.finish_,
-                                   vec_.start_);   
-    }
-
-    size_t capacity() const { return vec_.end_of_storage_ - vec_.start_; }
-
-    size_t size() const { return vec_.finish_ - vec_.start_; }
-
-    T&       operator[](size_t idx)       { return *(vec_.start_ + idx); }
-    const T& operator[](size_t idx) const { return *(vec_.start_ + idx); }
-
-    const T* begin() const { return vec_.start_; }
-    const T* end()   const { return vec_.finish_; }
-
-    void push_back(const T& v)
-    {
-        if (vec_.finish_ != vec_.end_of_storage_) {
-            construct(vec_.finish_, v);
-            ++vec_.finish_;
-        }
-        else {
-            vector tmp(size() * 2 + 1, *this);
-            construct(tmp.vec_.finish_, v);
-            ++tmp.vec_.finish_;
-            Swap(tmp);
-        }  
-    }
-
-    void resize(size_t n, const T& v)
-    {
-        if (n == size()) return;
-
-        if (n < size()) {
-            T* first = vec_.start_ + n;
-            destroy(first, vec_.finish_);
-            vec_.finish_ -= vec_.finish_ - first;
-        }
-        else {
-            vector tmp(n, *this);
-            tmp.vec_.finish_ = uninit_fill_n(tmp.vec_.finish_, n - size(), v);
-            Swap(tmp);
-        }
-    }
-
-    void reserve(size_t n)
-    {
-        if (capacity() < n) {
-            vector tmp(n, *this);
-            Swap(tmp);
-        }
-    }
-
-    void Swap(vector& that)
-    {
-        vec_.Swap(that.vec_);
-    }
-private:
-    vector_base vec_;
-
-    vector& operator=(const vector&);   // hide assign
-
-    // for growing, n must be bigger than other size
-    vector(size_t n, const vector& other) : vec_(n)
-    {
-        if (n > other.size())
-            vec_.finish_ = uninit_copy(other.vec_.start_, other.vec_.finish_,
-                                       vec_.start_);
-    }
-};
-
-
-
-} // namespace mySTL
-
-#endif // mySTL_VECTOR_HPP
diff --git a/extra/yassl/taocrypt/src/aes.cpp b/extra/yassl/taocrypt/src/aes.cpp
deleted file mode 100644
index 4e4ea849c21..00000000000
--- a/extra/yassl/taocrypt/src/aes.cpp
+++ /dev/null
@@ -1,1885 +0,0 @@
-/*
-   Copyright (c) 2005, 2012, Oracle and/or its affiliates
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* C++ based on Wei Dai's aes.cpp from CryptoPP */
-/* x86 asm original */
-
-#if defined(TAOCRYPT_KERNEL_MODE)
-    #define DO_TAOCRYPT_KERNEL_MODE
-#endif                                  // only some modules now support this
-
-#include "runtime.hpp"
-#include "aes.hpp"
-
-
-namespace TaoCrypt {
-
-
-#if defined(DO_AES_ASM)
-
-// ia32 optimized version
-void AES::Process(byte* out, const byte* in, word32 sz)
-{
-    if (!isMMX) {
-        Mode_BASE::Process(out, in, sz);
-        return;
-    }
-
-    word32 blocks = sz / BLOCK_SIZE;
-
-    if (mode_ == ECB)
-        while (blocks--) {
-            if (dir_ == ENCRYPTION)
-                AsmEncrypt(in, out, (void*)Te0);
-            else
-                AsmDecrypt(in, out, (void*)Td0);               
-            out += BLOCK_SIZE;
-            in  += BLOCK_SIZE;
-        }
-    else if (mode_ == CBC) {
-        if (dir_ == ENCRYPTION) {
-            while (blocks--) {
-                r_[0] ^= *(word32*)in;
-                r_[1] ^= *(word32*)(in +  4);
-                r_[2] ^= *(word32*)(in +  8);
-                r_[3] ^= *(word32*)(in + 12);
-
-                AsmEncrypt((byte*)r_, (byte*)r_, (void*)Te0);
-
-                memcpy(out, r_, BLOCK_SIZE);
-                out += BLOCK_SIZE;
-                in  += BLOCK_SIZE;
-            }
-        }
-        else {
-            while (blocks--) {
-                AsmDecrypt(in, out, (void*)Td0);
-                
-                *(word32*)out        ^= r_[0];
-                *(word32*)(out +  4) ^= r_[1];
-                *(word32*)(out +  8) ^= r_[2];
-                *(word32*)(out + 12) ^= r_[3];
-
-                memcpy(r_, in, BLOCK_SIZE);
-                out += BLOCK_SIZE;
-                in  += BLOCK_SIZE;
-            }
-        }
-    }
-}
-
-#endif // DO_AES_ASM
-
-
-void AES::SetKey(const byte* userKey, word32 keylen, CipherDir /*dummy*/)
-{
-    if (keylen <= 16)
-        keylen = 16;
-    else if (keylen >= 32)
-        keylen = 32;
-    else if (keylen != 24)
-        keylen = 24;
-    
-    rounds_ = keylen/4 + 6;
-
-    word32 temp, *rk = key_;
-    unsigned int i=0;
-
-    GetUserKey(BigEndianOrder, rk, keylen/4, userKey, keylen);
-
-    switch(keylen)
-    {
-    case 16:
-        while (true)
-        {
-            temp  = rk[3];
-            rk[4] = rk[0] ^
-                (Te2[GETBYTE(temp, 2)] & 0xff000000) ^
-                (Te3[GETBYTE(temp, 1)] & 0x00ff0000) ^
-                (Te0[GETBYTE(temp, 0)] & 0x0000ff00) ^
-                (Te1[GETBYTE(temp, 3)] & 0x000000ff) ^
-                rcon_[i];
-            rk[5] = rk[1] ^ rk[4];
-            rk[6] = rk[2] ^ rk[5];
-            rk[7] = rk[3] ^ rk[6];
-            if (++i == 10)
-                break;
-            rk += 4;
-        }
-        break;
-
-    case 24:
-        while (true)    // for (;;) here triggers a bug in VC60 SP4 w/ Pro Pack
-        {
-            temp = rk[ 5];
-            rk[ 6] = rk[ 0] ^
-                (Te2[GETBYTE(temp, 2)] & 0xff000000) ^
-                (Te3[GETBYTE(temp, 1)] & 0x00ff0000) ^
-                (Te0[GETBYTE(temp, 0)] & 0x0000ff00) ^
-                (Te1[GETBYTE(temp, 3)] & 0x000000ff) ^
-                rcon_[i];
-            rk[ 7] = rk[ 1] ^ rk[ 6];
-            rk[ 8] = rk[ 2] ^ rk[ 7];
-            rk[ 9] = rk[ 3] ^ rk[ 8];
-            if (++i == 8)
-                break;
-            rk[10] = rk[ 4] ^ rk[ 9];
-            rk[11] = rk[ 5] ^ rk[10];
-            rk += 6;
-        }
-        break;
-
-    case 32:
-        while (true)
-        {
-            temp = rk[ 7];
-            rk[ 8] = rk[ 0] ^
-                (Te2[GETBYTE(temp, 2)] & 0xff000000) ^
-                (Te3[GETBYTE(temp, 1)] & 0x00ff0000) ^
-                (Te0[GETBYTE(temp, 0)] & 0x0000ff00) ^
-                (Te1[GETBYTE(temp, 3)] & 0x000000ff) ^
-                rcon_[i];
-            rk[ 9] = rk[ 1] ^ rk[ 8];
-            rk[10] = rk[ 2] ^ rk[ 9];
-            rk[11] = rk[ 3] ^ rk[10];
-            if (++i == 7)
-                break;
-            temp = rk[11];
-            rk[12] = rk[ 4] ^
-                (Te2[GETBYTE(temp, 3)] & 0xff000000) ^
-                (Te3[GETBYTE(temp, 2)] & 0x00ff0000) ^
-                (Te0[GETBYTE(temp, 1)] & 0x0000ff00) ^
-                (Te1[GETBYTE(temp, 0)] & 0x000000ff);
-            rk[13] = rk[ 5] ^ rk[12];
-            rk[14] = rk[ 6] ^ rk[13];
-            rk[15] = rk[ 7] ^ rk[14];
-
-            rk += 8;
-        }
-        break;
-    }
-
-    if (dir_ == DECRYPTION)
-    {
-        unsigned int i, j;
-        rk = key_;
-
-        /* invert the order of the round keys: */
-        for (i = 0, j = 4*rounds_; i < j; i += 4, j -= 4) {
-            temp = rk[i    ]; rk[i    ] = rk[j    ]; rk[j    ] = temp;
-            temp = rk[i + 1]; rk[i + 1] = rk[j + 1]; rk[j + 1] = temp;
-            temp = rk[i + 2]; rk[i + 2] = rk[j + 2]; rk[j + 2] = temp;
-            temp = rk[i + 3]; rk[i + 3] = rk[j + 3]; rk[j + 3] = temp;
-        }
-        // apply the inverse MixColumn transform to all round keys but the
-        // first and the last:
-        for (i = 1; i < rounds_; i++) {
-            rk += 4;
-            rk[0] =
-                Td0[Te1[GETBYTE(rk[0], 3)] & 0xff] ^
-                Td1[Te1[GETBYTE(rk[0], 2)] & 0xff] ^
-                Td2[Te1[GETBYTE(rk[0], 1)] & 0xff] ^
-                Td3[Te1[GETBYTE(rk[0], 0)] & 0xff];
-            rk[1] =
-                Td0[Te1[GETBYTE(rk[1], 3)] & 0xff] ^
-                Td1[Te1[GETBYTE(rk[1], 2)] & 0xff] ^
-                Td2[Te1[GETBYTE(rk[1], 1)] & 0xff] ^
-                Td3[Te1[GETBYTE(rk[1], 0)] & 0xff];
-            rk[2] =
-                Td0[Te1[GETBYTE(rk[2], 3)] & 0xff] ^
-                Td1[Te1[GETBYTE(rk[2], 2)] & 0xff] ^
-                Td2[Te1[GETBYTE(rk[2], 1)] & 0xff] ^
-                Td3[Te1[GETBYTE(rk[2], 0)] & 0xff];
-            rk[3] =
-                Td0[Te1[GETBYTE(rk[3], 3)] & 0xff] ^
-                Td1[Te1[GETBYTE(rk[3], 2)] & 0xff] ^
-                Td2[Te1[GETBYTE(rk[3], 1)] & 0xff] ^
-                Td3[Te1[GETBYTE(rk[3], 0)] & 0xff];
-        }
-    }
-}
-
-
-void AES::ProcessAndXorBlock(const byte* in, const byte* xOr, byte* out) const
-{
-    if (dir_ == ENCRYPTION)
-        encrypt(in, xOr, out);
-    else
-        decrypt(in, xOr, out);
-}
-
-
-typedef BlockGetAndPut gpBlock;
-
-	
-void AES::encrypt(const byte* inBlock, const byte* xorBlock,
-                  byte* outBlock) const
-{
-    word32 s0, s1, s2, s3;
-    word32 t0, t1, t2, t3;
-
-    const word32 *rk = key_;
-    /*
-     * map byte array block to cipher state
-     * and add initial round key:
-     */
-    gpBlock::Get(inBlock)(s0)(s1)(s2)(s3);
-    s0 ^= rk[0];
-    s1 ^= rk[1];
-    s2 ^= rk[2];
-    s3 ^= rk[3];
-   
-    s0 |= PreFetchTe();
-    /*
-     * Nr - 1 full rounds:
-     */
-
-    unsigned int r = rounds_ >> 1;
-    for (;;) {
-        t0 =
-            Te0[GETBYTE(s0, 3)] ^
-            Te1[GETBYTE(s1, 2)]  ^
-            Te2[GETBYTE(s2, 1)]  ^
-            Te3[GETBYTE(s3, 0)]  ^
-            rk[4];
-        t1 =
-            Te0[GETBYTE(s1, 3)] ^
-            Te1[GETBYTE(s2, 2)]  ^
-            Te2[GETBYTE(s3, 1)]  ^
-            Te3[GETBYTE(s0, 0)]  ^
-            rk[5];
-        t2 =
-            Te0[GETBYTE(s2, 3)] ^
-            Te1[GETBYTE(s3, 2)]  ^
-            Te2[GETBYTE(s0, 1)]  ^
-            Te3[GETBYTE(s1, 0)]  ^
-            rk[6];
-        t3 =
-            Te0[GETBYTE(s3, 3)] ^
-            Te1[GETBYTE(s0, 2)]  ^
-            Te2[GETBYTE(s1, 1)]  ^
-            Te3[GETBYTE(s2, 0)]  ^
-            rk[7];
-
-        rk += 8;
-        if (--r == 0) {
-            break;
-        }
-        
-        s0 =
-            Te0[GETBYTE(t0, 3)] ^
-            Te1[GETBYTE(t1, 2)] ^
-            Te2[GETBYTE(t2, 1)] ^
-            Te3[GETBYTE(t3, 0)] ^
-            rk[0];
-        s1 =
-            Te0[GETBYTE(t1, 3)] ^
-            Te1[GETBYTE(t2, 2)] ^
-            Te2[GETBYTE(t3, 1)] ^
-            Te3[GETBYTE(t0, 0)] ^
-            rk[1];
-        s2 =
-            Te0[GETBYTE(t2, 3)] ^
-            Te1[GETBYTE(t3, 2)] ^
-            Te2[GETBYTE(t0, 1)] ^
-            Te3[GETBYTE(t1, 0)] ^
-            rk[2];
-        s3 =
-            Te0[GETBYTE(t3, 3)] ^
-            Te1[GETBYTE(t0, 2)] ^
-            Te2[GETBYTE(t1, 1)] ^
-            Te3[GETBYTE(t2, 0)] ^
-            rk[3];
-    }
-
-    /*
-     * apply last round and
-     * map cipher state to byte array block:
-     */
-
-    s0 =
-        (Te2[GETBYTE(t0, 3)] & 0xff000000) ^
-        (Te3[GETBYTE(t1, 2)] & 0x00ff0000) ^
-        (Te0[GETBYTE(t2, 1)] & 0x0000ff00) ^
-        (Te1[GETBYTE(t3, 0)] & 0x000000ff) ^
-        rk[0];
-    s1 =
-        (Te2[GETBYTE(t1, 3)] & 0xff000000) ^
-        (Te3[GETBYTE(t2, 2)] & 0x00ff0000) ^
-        (Te0[GETBYTE(t3, 1)] & 0x0000ff00) ^
-        (Te1[GETBYTE(t0, 0)] & 0x000000ff) ^
-        rk[1];
-    s2 =
-        (Te2[GETBYTE(t2, 3)] & 0xff000000) ^
-        (Te3[GETBYTE(t3, 2)] & 0x00ff0000) ^
-        (Te0[GETBYTE(t0, 1)] & 0x0000ff00) ^
-        (Te1[GETBYTE(t1, 0)] & 0x000000ff) ^
-        rk[2];
-    s3 =
-        (Te2[GETBYTE(t3, 3)] & 0xff000000) ^
-        (Te3[GETBYTE(t0, 2)] & 0x00ff0000) ^
-        (Te0[GETBYTE(t1, 1)] & 0x0000ff00) ^
-        (Te1[GETBYTE(t2, 0)] & 0x000000ff) ^
-        rk[3];
-
-
-    gpBlock::Put(xorBlock, outBlock)(s0)(s1)(s2)(s3);
-}
-
-
-void AES::decrypt(const byte* inBlock, const byte* xorBlock,
-                  byte* outBlock) const
-{
-    word32 s0, s1, s2, s3;
-    word32 t0, t1, t2, t3;
-    const word32* rk = key_;
-
-    /*
-     * map byte array block to cipher state
-     * and add initial round key:
-     */
-    gpBlock::Get(inBlock)(s0)(s1)(s2)(s3);
-    s0 ^= rk[0];
-    s1 ^= rk[1];
-    s2 ^= rk[2];
-    s3 ^= rk[3];
-
-    s0 |= PreFetchTd();
-
-    /*
-     * Nr - 1 full rounds:
-     */
-
-    unsigned int r = rounds_ >> 1;
-    for (;;) {
-        t0 =
-            Td0[GETBYTE(s0, 3)] ^
-            Td1[GETBYTE(s3, 2)] ^
-            Td2[GETBYTE(s2, 1)] ^
-            Td3[GETBYTE(s1, 0)] ^
-            rk[4];
-        t1 =
-            Td0[GETBYTE(s1, 3)] ^
-            Td1[GETBYTE(s0, 2)] ^
-            Td2[GETBYTE(s3, 1)] ^
-            Td3[GETBYTE(s2, 0)] ^
-            rk[5];
-        t2 =
-            Td0[GETBYTE(s2, 3)] ^
-            Td1[GETBYTE(s1, 2)] ^
-            Td2[GETBYTE(s0, 1)] ^
-            Td3[GETBYTE(s3, 0)] ^
-            rk[6];
-        t3 =
-            Td0[GETBYTE(s3, 3)] ^
-            Td1[GETBYTE(s2, 2)] ^
-            Td2[GETBYTE(s1, 1)] ^
-            Td3[GETBYTE(s0, 0)] ^
-            rk[7];
-
-        rk += 8;
-        if (--r == 0) {
-            break;
-        }
-
-        s0 =
-            Td0[GETBYTE(t0, 3)] ^
-            Td1[GETBYTE(t3, 2)] ^
-            Td2[GETBYTE(t2, 1)] ^
-            Td3[GETBYTE(t1, 0)] ^
-            rk[0];
-        s1 =
-            Td0[GETBYTE(t1, 3)] ^
-            Td1[GETBYTE(t0, 2)] ^
-            Td2[GETBYTE(t3, 1)] ^
-            Td3[GETBYTE(t2, 0)] ^
-            rk[1];
-        s2 =
-            Td0[GETBYTE(t2, 3)] ^
-            Td1[GETBYTE(t1, 2)] ^
-            Td2[GETBYTE(t0, 1)] ^
-            Td3[GETBYTE(t3, 0)] ^
-            rk[2];
-        s3 =
-            Td0[GETBYTE(t3, 3)] ^
-            Td1[GETBYTE(t2, 2)] ^
-            Td2[GETBYTE(t1, 1)] ^
-            Td3[GETBYTE(t0, 0)] ^
-            rk[3];
-    }
-    /*
-     * apply last round and
-     * map cipher state to byte array block:
-     */
-
-    t0 |= PreFetchCTd4();
-
-    s0 =
-        ((word32)CTd4[GETBYTE(t0, 3)] << 24) ^
-        ((word32)CTd4[GETBYTE(t3, 2)] << 16) ^
-        ((word32)CTd4[GETBYTE(t2, 1)] <<  8) ^
-        ((word32)CTd4[GETBYTE(t1, 0)]) ^
-        rk[0];
-    s1 =
-        ((word32)CTd4[GETBYTE(t1, 3)]  << 24) ^
-        ((word32)CTd4[GETBYTE(t0, 2)]  << 16) ^
-        ((word32)CTd4[GETBYTE(t3, 1)]  <<  8) ^
-        ((word32)CTd4[GETBYTE(t2, 0)]) ^
-        rk[1];
-    s2 =
-        ((word32)CTd4[GETBYTE(t2, 3)] << 24  ) ^
-        ((word32)CTd4[GETBYTE(t1, 2)] << 16 ) ^
-        ((word32)CTd4[GETBYTE(t0, 1)] <<  8 ) ^
-        ((word32)CTd4[GETBYTE(t3, 0)]) ^
-        rk[2];
-    s3 =
-        ((word32)CTd4[GETBYTE(t3, 3)] << 24) ^
-        ((word32)CTd4[GETBYTE(t2, 2)] << 16) ^
-        ((word32)CTd4[GETBYTE(t1, 1)] <<  8) ^
-        ((word32)CTd4[GETBYTE(t0, 0)]) ^
-        rk[3];
-
-    gpBlock::Put(xorBlock, outBlock)(s0)(s1)(s2)(s3);
-}
-
-
-#if defined(DO_AES_ASM)
-    #ifdef __GNUC__
-        #define AS1(x)    #x ";"
-        #define AS2(x, y) #x ", " #y ";"
-
-        #define PROLOG()  \
-        __asm__ __volatile__ \
-        ( \
-            ".intel_syntax noprefix;" \
-            "push ebx;" \
-            "push ebp;" \
-            "movd mm7, ebp;" \
-            "movd mm4, eax;" \
-            "mov  ebp, edx;"  \
-            "sub  esp, 4;" 
-        #define EPILOG()  \
-            "add esp, 4;" \
-            "pop ebp;" \
-            "pop ebx;" \
-       	    "emms;" \
-       	    ".att_syntax;" \
-                : \
-                : "c" (this), "S" (inBlock), "d" (boxes), "a" (outBlock) \
-                : "%edi", "memory", "cc" \
-        );
-
-    #else
-        #define AS1(x)    __asm x
-        #define AS2(x, y) __asm x, y
-
-        #define PROLOG() \
-            AS1(    push  ebp                           )   \
-            AS2(    mov   ebp, esp                      )   \
-            AS2(    movd  mm3, edi                      )   \
-            AS2(    movd  mm4, ebx                      )   \
-            AS2(    sub   esp, 4                        )   \
-            AS2(    movd  mm7, ebp                      )   \
-            AS2(    mov   [ebp - 4], esi                )   \
-            AS2(    mov   esi, DWORD PTR [ebp +  8]     )   \
-            AS2(    mov   ebp, DWORD PTR [ebp + 16]     )
-
-        // ebp is restored at end
-        #define EPILOG()  \
-            AS2(    mov   esi, [ebp - 4]                )   \
-            AS2(    movd  ebx, mm4                      )   \
-            AS2(    movd  edi, mm3                      )   \
-            AS2(    mov   esp, ebp                      )   \
-            AS1(    pop   ebp                           )   \
-            AS1(    emms                                )   \
-            AS1(    ret   12                            )
-            
-            
-    #endif
-
-
-#ifdef _MSC_VER
-    __declspec(naked) 
-#else
-    __attribute__ ((noinline))
-#endif
-void AES::AsmEncrypt(const byte* inBlock, byte* outBlock, void* boxes) const
-{
-
-    PROLOG()
-
-    #ifdef OLD_GCC_OFFSET
-        AS2(    mov   edx, DWORD PTR [ecx + 60]     )   // rounds
-        AS2(    lea   edi, [ecx + 64]               )   // rk
-    #else
-        AS2(    mov   edx, DWORD PTR [ecx + 56]     )   // rounds
-        AS2(    lea   edi, [ecx + 60]               )   // rk
-    #endif
-
-    AS1(    dec   edx                           )
-    AS2(    movd  mm6, edi                      )   // save rk
-    AS2(    movd  mm5, edx                      )   // save rounds
-  
-    AS2(    mov   eax, DWORD PTR [esi]                                  )
-    AS2(    mov   ebx, DWORD PTR [esi + 4]                              )
-    AS2(    mov   ecx, DWORD PTR [esi + 8]                              )
-    AS2(    mov   edx, DWORD PTR [esi + 12]                             )
-
-    AS1(    bswap eax                                                   )
-    AS1(    bswap ebx                                                   )
-    AS1(    bswap ecx                                                   )
-    AS1(    bswap edx                                                   )
-
-    AS2(    xor   eax, DWORD PTR [edi]               )   // s0
-    AS2(    xor   ebx, DWORD PTR [edi +  4]          )   // s1
-    AS2(    xor   ecx, DWORD PTR [edi +  8]          )   // s2
-    AS2(    xor   edx, DWORD PTR [edi + 12]          )   // s3
-
-#ifdef _MSC_VER
-    AS1( loop1: )  // loop1
-#else
-    AS1(1:  )      // loop1
-#endif
-            /* Put0 (mm0) =  
-                Te0[get0,rs 24] ^
-                Te1[get1,rs 16] ^
-                Te2[get2,rs  8] ^
-                Te3[get3,rs  0]
-            */
-       
-    AS2(    mov   esi, eax                                              )
-    AS2(    shr   esi, 24                                               )
-    AS2(    mov   esi, DWORD PTR [ebp + esi*4]                          )
-                                                    
-    AS2(    mov   edi, ebx                                              )
-    AS2(    shr   edi, 16                                               )
-    AS2(    and   edi, 255                                              )
-    AS2(    xor   esi, DWORD PTR [ebp + 1024 + edi*4]                   )
-
-    AS2(    movzx edi, ch                                               )
-    AS2(    xor   esi, DWORD PTR [ebp + 2048 + edi*4]                   )
-
-    AS2(    movzx edi, dl                                               )
-    AS2(    xor   esi, DWORD PTR [ebp + 3072 + edi*4]                   )
-
-    AS2(    movd  mm0, esi                                              )
-
-             /* Put1 (mm1) =  
-                Te0[get1,rs 24] ^
-                Te1[get2,rs 16] ^
-                Te2[get3,rs  8] ^
-                Te3[get0,rs  0]
-            */
-
-    AS2(    mov   esi, ebx                                              )
-    AS2(    shr   esi, 24                                               )
-    AS2(    mov   esi, DWORD PTR [ebp + esi*4]                          )
-
-    AS2(    mov   edi, ecx                                              )
-    AS2(    shr   edi, 16                                               )
-    AS2(    and   edi, 255                                              )
-    AS2(    xor   esi, DWORD PTR [ebp + 1024 + edi*4]                   )
-
-    AS2(    movzx edi, dh                                               )
-    AS2(    xor   esi, DWORD PTR [ebp + 2048 + edi*4]                   )
-
-    AS2(    movzx edi, al                                               )
-    AS2(    xor   esi, DWORD PTR [ebp + 3072 + edi*4]                   )
-
-    AS2(    movd  mm1, esi                                              )
-
-
-             /* Put2 (mm2) =  
-                Te0[get2,rs 24] ^
-                Te1[get3,rs 16] ^
-                Te2[get0,rs  8] ^
-                Te3[get1,rs  0] 
-            */
-
-    AS2(    mov   esi, ecx                                              )
-    AS2(    shr   esi, 24                                               )
-    AS2(    mov   esi, DWORD PTR [ebp + esi*4]                          )
-
-    AS2(    mov   edi, edx                                              )
-    AS2(    shr   edi, 16                                               )
-    AS2(    and   edi, 255                                              )
-    AS2(    xor   esi, DWORD PTR [ebp + 1024 + edi*4]                   )
-
-    AS2(    movzx edi, ah                                               )
-    AS2(    xor   esi, DWORD PTR [ebp + 2048 + edi*4]                   )
-
-    AS2(    movzx edi, bl                                               )
-    AS2(    xor   esi, DWORD PTR [ebp + 3072 + edi*4]                   )
-
-    AS2(    movd  mm2, esi                                              )
-
-             /* Put3 (edx) =  
-                Te0[get3,rs 24] ^
-                Te1[get0,rs 16] ^
-                Te2[get1,rs  8] ^
-                Te3[get2,rs  0] 
-            */
-
-    AS2(    mov   esi, edx                                              )
-    AS2(    shr   esi, 24                                               )
-    AS2(    mov   edx, DWORD PTR [ebp + esi*4]                          )
-
-    AS2(    mov   edi, eax                                              )
-    AS2(    shr   edi, 16                                               )
-    AS2(    and   edi, 255                                              )
-    AS2(    xor   edx, DWORD PTR [ebp + 1024 + edi*4]                   )
-
-    AS2(    movzx esi, bh                                               )
-    AS2(    xor   edx, DWORD PTR [ebp + 2048 + esi*4]                   )
-
-    AS2(    movzx edi, cl                                               )
-    AS2(    xor   edx, DWORD PTR [ebp + 3072 + edi*4]                   )
-
-            // xOr
-
-    AS2(    movd   esi, mm6                      )   //  rk
-
-    AS2(    movd   eax, mm0                                             )
-    AS2(    add    esi, 16                                              )
-    AS2(    movd   ebx, mm1                                             )
-    AS2(    movd   mm6, esi                      )   //  save back
-    AS2(    movd   ecx, mm2                                             )
-
-    AS2(    xor   eax, DWORD PTR [esi]                                  )
-    AS2(    xor   ebx, DWORD PTR [esi +  4]                             )
-    AS2(    movd  edi, mm5                                              )
-    AS2(    xor   ecx, DWORD PTR [esi +  8]                             )
-    AS2(    xor   edx, DWORD PTR [esi + 12]                             )
-
-    AS1(    dec   edi                                                   )
-    AS2(    movd  mm5, edi                                              )
-
-#ifdef _MSC_VER
-    AS1(    jnz   loop1)  // loop1
-#else
-    AS1(    jnz   1b )    // loop1
-#endif
-
-            // last round
-            /*
-            Put0 (mm0) =
-                (Te4[get0, rs24] & 0xff000000) ^  h = 4278190080
-                (Te4[get1, rs16] & 0x00ff0000) ^  h =   16711680
-                (Te4[get2, rs 8] & 0x0000ff00) ^  h =      65280
-                (Te4[get3, rs 0] & 0x000000ff)    h =        255
-            */
-    AS2(    mov   esi, eax                                              )
-    AS2(    shr   esi, 24                                               )
-    AS2(    mov   esi, DWORD PTR [ebp + 4096 + esi*4]                   )
-    AS2(    and   esi, 4278190080                                       )
-
-    AS2(    mov   edi, ebx                                              )
-    AS2(    shr   edi, 16                                               )
-    AS2(    and   edi, 255                                              )
-    AS2(    mov   edi, DWORD PTR [ebp + 4096 + edi*4]                   )
-    AS2(    and   edi, 16711680                                         )
-    AS2(    xor   esi, edi                                              )
-
-    AS2(    movzx edi, ch                                               )
-    AS2(    mov   edi, DWORD PTR [ebp + 4096 + edi*4]                   )
-    AS2(    and   edi, 65280                                            )
-    AS2(    xor   esi, edi                                              )
-
-    AS2(    movzx edi, dl                                               )
-    AS2(    mov   edi, DWORD PTR [ebp + 4096 + edi*4]                   )
-    AS2(    and   edi, 255                                              )
-    AS2(    xor   esi, edi                                              )
-
-    AS2(    movd  mm0, esi                                              )
-
-            /*
-            Put1 (mm1) =
-                (Te4[get1, rs24] & 0xff000000) ^  h = 4278190080
-                (Te4[get2, rs16] & 0x00ff0000) ^  h =   16711680
-                (Te4[get3, rs 8] & 0x0000ff00) ^  h =      65280
-                (Te4[get0, rs 0] & 0x000000ff)    h =        255
-            */
-    AS2(    mov   esi, ebx                                              )
-    AS2(    shr   esi, 24                                               )
-    AS2(    mov   esi, DWORD PTR [ebp + 4096 + esi*4]                   )
-    AS2(    and   esi, 4278190080                                       )
-
-    AS2(    mov   edi, ecx                                              )
-    AS2(    shr   edi, 16                                               )
-    AS2(    and   edi, 255                                              )
-    AS2(    mov   edi, DWORD PTR [ebp + 4096 + edi*4]                   )
-    AS2(    and   edi, 16711680                                         )
-    AS2(    xor   esi, edi                                              )
-
-    AS2(    movzx edi, dh                                               )
-    AS2(    mov   edi, DWORD PTR [ebp + 4096 + edi*4]                   )
-    AS2(    and   edi, 65280                                            )
-    AS2(    xor   esi, edi                                              )
-
-    AS2(    movzx edi, al                                               )
-    AS2(    mov   edi, DWORD PTR [ebp + 4096 + edi*4]                   )
-    AS2(    and   edi, 255                                              )
-    AS2(    xor   esi, edi                                              )
-
-    AS2(    movd  mm1, esi                                              )
-
-            /*
-            Put2 (mm2) =
-                (Te4[get2, rs24] & 0xff000000) ^  h = 4278190080
-                (Te4[get3, rs16] & 0x00ff0000) ^  h =   16711680
-                (Te4[get0, rs 8] & 0x0000ff00) ^  h =      65280
-                (Te4[get1, rs 0] & 0x000000ff)    h =        255
-            */
-    AS2(    mov   esi, ecx                                              )
-    AS2(    shr   esi, 24                                               )
-    AS2(    mov   esi, DWORD PTR [ebp + 4096 + esi*4]                   )
-    AS2(    and   esi, 4278190080                                       )
-
-    AS2(    mov   edi, edx                                              )
-    AS2(    shr   edi, 16                                               )
-    AS2(    and   edi, 255                                              )
-    AS2(    mov   edi, DWORD PTR [ebp + 4096 + edi*4]                   )
-    AS2(    and   edi, 16711680                                         )
-    AS2(    xor   esi, edi                                              )
-
-    AS2(    movzx edi, ah                                               )
-    AS2(    mov   edi, DWORD PTR [ebp + 4096 + edi*4]                   )
-    AS2(    and   edi, 65280                                            )
-    AS2(    xor   esi, edi                                              )
-
-    AS2(    movzx edi, bl                                               )
-    AS2(    mov   edi, DWORD PTR [ebp + 4096 + edi*4]                   )
-    AS2(    and   edi, 255                                              )
-    AS2(    xor   esi, edi                                              )
-
-    AS2(    movd  mm2, esi                                              )
-
-            /*
-            Put3 (edx) =
-                (Te4[get3, rs24] & 0xff000000) ^  h = 4278190080
-                (Te4[get0, rs16] & 0x00ff0000) ^  h =   16711680
-                (Te4[get1, rs 8] & 0x0000ff00) ^  h =      65280
-                (Te4[get2, rs 0] & 0x000000ff)    h =        255
-            */
-    AS2(    mov   esi, edx                                              )
-    AS2(    shr   esi, 24                                               )
-    AS2(    mov   edx, DWORD PTR [ebp + 4096 + esi*4]                   )
-    AS2(    and   edx, 4278190080                                       )
-
-    AS2(    mov   edi, eax                                              )
-    AS2(    shr   edi, 16                                               )
-    AS2(    and   edi, 255                                              )
-    AS2(    mov   esi, DWORD PTR [ebp + 4096 + edi*4]                   )
-    AS2(    and   esi, 16711680                                         )
-    AS2(    xor   edx, esi                                              )
-
-    AS2(    movzx esi, bh                                               )
-    AS2(    mov   edi, DWORD PTR [ebp + 4096 + esi*4]                   )
-    AS2(    and   edi, 65280                                            )
-    AS2(    xor   edx, edi                                              )
-
-    AS2(    movzx edi, cl                                               )
-    AS2(    mov   esi, DWORD PTR [ebp + 4096 + edi*4]                   )
-    AS2(    and   esi, 255                                              )
-    AS2(    xor   edx, esi                                              )
-
-    
-            // xOr
-    AS2(    movd   eax, mm0                                             )
-    AS2(    movd   esi, mm6                      )   //  rk
-    AS2(    movd   ebx, mm1                                             )
-    AS2(    add    esi, 16                                               )
-    AS2(    movd   ecx, mm2                                             )
-
-    AS2(    xor   eax, DWORD PTR [esi]                                  )
-    AS2(    xor   ebx, DWORD PTR [esi +  4]                             )
-    AS2(    xor   ecx, DWORD PTR [esi +  8]                             )
-    AS2(    xor   edx, DWORD PTR [esi + 12]                             )
-
-    // end
-    AS2(    movd  ebp, mm7                                              )
-
-            // swap
-    AS1(    bswap eax                                                   )
-    AS1(    bswap ebx                                                   )
-
-            // store
-    #ifdef __GNUC__
-        AS2(    movd esi, mm4                       )   //  outBlock
-    #else
-        AS2(    mov  esi, DWORD PTR [ebp + 12]      )   //  outBlock
-    #endif
-
-    AS1(    bswap ecx                                                   )
-    AS1(    bswap edx                                                   )
-
-    AS2(    mov DWORD PTR [esi],      eax                               )
-    AS2(    mov DWORD PTR [esi +  4], ebx                               )
-    AS2(    mov DWORD PTR [esi +  8], ecx                               )
-    AS2(    mov DWORD PTR [esi + 12], edx                               )
-
-
-    EPILOG()
-}
-
-
-#ifdef _MSC_VER
-    __declspec(naked) 
-#else
-    __attribute__ ((noinline))
-#endif
-void AES::AsmDecrypt(const byte* inBlock, byte* outBlock, void* boxes) const
-{
-
-    PROLOG()
-
-    #ifdef OLD_GCC_OFFSET
-        AS2(    mov   edx, DWORD PTR [ecx + 60]     )   // rounds
-        AS2(    lea   edi, [ecx + 64]               )   // rk 
-    #else
-        AS2(    mov   edx, DWORD PTR [ecx + 56]     )   // rounds
-        AS2(    lea   edi, [ecx + 60]               )   // rk 
-    #endif
-   
-    AS1(    dec   edx                           )
-    AS2(    movd  mm6, edi                      )   // save rk
-    AS2(    movd  mm5, edx                      )   // save rounds
-
-    AS2(    mov   eax, DWORD PTR [esi]                                  )
-    AS2(    mov   ebx, DWORD PTR [esi + 4]                              )
-    AS2(    mov   ecx, DWORD PTR [esi + 8]                              )
-    AS2(    mov   edx, DWORD PTR [esi + 12]                             )
-
-    AS1(    bswap eax                                                   )
-    AS1(    bswap ebx                                                   )
-    AS1(    bswap ecx                                                   )
-    AS1(    bswap edx                                                   )
-
-    AS2(    xor   eax, DWORD PTR [edi]               )   // s0
-    AS2(    xor   ebx, DWORD PTR [edi +  4]          )   // s1
-    AS2(    xor   ecx, DWORD PTR [edi +  8]          )   // s2
-    AS2(    xor   edx, DWORD PTR [edi + 12]          )   // s3
-
-
-#ifdef _MSC_VER
-    AS1( loop2: )  // loop2
-#else
-    AS1(2:  )      // loop2
-#endif
-       /*   Put0 (mm0) =
-            Td0[GETBYTE(get0, rs24)] ^
-            Td1[GETBYTE(get3, rs16)] ^
-            Td2[GETBYTE(get2, rs 8)] ^
-            Td3[GETBYTE(tet1,     )]  
-        */
-    AS2(    mov   esi, eax                                              )
-    AS2(    shr   esi, 24                                               )
-    AS2(    mov   esi, DWORD PTR [ebp + esi*4]                          )
-                                                    
-    AS2(    mov   edi, edx                                              )
-    AS2(    shr   edi, 16                                               )
-    AS2(    and   edi, 255                                              )
-    AS2(    xor   esi, DWORD PTR [ebp + 1024 + edi*4]                   )
-
-    AS2(    movzx edi, ch                                               )
-    AS2(    xor   esi, DWORD PTR [ebp + 2048 + edi*4]                   )
-
-    AS2(    movzx edi, bl                                               )
-    AS2(    xor   esi, DWORD PTR [ebp + 3072 + edi*4]                   )
-
-    AS2(    movd  mm0, esi                                              )
-
-      /*    Put1 (mm1) =
-            Td0[GETBYTE(get1, rs24)] ^
-            Td1[GETBYTE(get0, rs16)] ^
-            Td2[GETBYTE(get3, rs 8)] ^
-            Td3[GETBYTE(tet2,     )]  
-        */
-    AS2(    mov   esi, ebx                                              )
-    AS2(    shr   esi, 24                                               )
-    AS2(    mov   esi, DWORD PTR [ebp + esi*4]                          )
-                                                    
-    AS2(    mov   edi, eax                                              )
-    AS2(    shr   edi, 16                                               )
-    AS2(    and   edi, 255                                              )
-    AS2(    xor   esi, DWORD PTR [ebp + 1024 + edi*4]                   )
-
-    AS2(    movzx edi, dh                                               )
-    AS2(    xor   esi, DWORD PTR [ebp + 2048 + edi*4]                   )
-
-    AS2(    movzx edi, cl                                               )
-    AS2(    xor   esi, DWORD PTR [ebp + 3072 + edi*4]                   )
-
-    AS2(    movd  mm1, esi                                              )
-
-      /*    Put2 (mm2) =
-            Td0[GETBYTE(get2, rs24)] ^
-            Td1[GETBYTE(get1, rs16)] ^
-            Td2[GETBYTE(get0, rs 8)] ^
-            Td3[GETBYTE(tet3,     )]  
-      */
-    AS2(    mov   esi, ecx                                              )
-    AS2(    shr   esi, 24                                               )
-    AS2(    mov   esi, DWORD PTR [ebp + esi*4]                          )
-                                                    
-    AS2(    mov   edi, ebx                                              )
-    AS2(    shr   edi, 16                                               )
-    AS2(    and   edi, 255                                              )
-    AS2(    xor   esi, DWORD PTR [ebp + 1024 + edi*4]                   )
-
-    AS2(    movzx edi, ah                                               )
-    AS2(    xor   esi, DWORD PTR [ebp + 2048 + edi*4]                   )
-
-    AS2(    movzx edi, dl                                               )
-    AS2(    xor   esi, DWORD PTR [ebp + 3072 + edi*4]                   )
-
-    AS2(    movd  mm2, esi                                              )
-
-      /*    Put3 (edx) =
-            Td0[GETBYTE(get3, rs24)] ^
-            Td1[GETBYTE(get2, rs16)] ^
-            Td2[GETBYTE(get1, rs 8)] ^
-            Td3[GETBYTE(tet0,     )]  
-      */
-    AS2(    mov   esi, edx                                              )
-    AS2(    shr   esi, 24                                               )
-    AS2(    mov   edx, DWORD PTR [ebp + esi*4]                          )
-                                                    
-    AS2(    mov   edi, ecx                                              )
-    AS2(    shr   edi, 16                                               )
-    AS2(    and   edi, 255                                              )
-    AS2(    xor   edx, DWORD PTR [ebp + 1024 + edi*4]                   )
-
-    AS2(    movzx esi, bh                                               )
-    AS2(    xor   edx, DWORD PTR [ebp + 2048 + esi*4]                   )
-
-    AS2(    movzx edi, al                                               )
-    AS2(    xor   edx, DWORD PTR [ebp + 3072 + edi*4]                   )
-
-
-            // xOr
-
-    AS2(    movd  esi, mm6                      )   //  rk
-    AS2(    add   esi, 16                                               )
-    AS2(    movd  mm6, esi                      )   //  save back
-
-    AS2(    movd  eax, mm0                                              )
-    AS2(    movd  ebx, mm1                                              )
-    AS2(    movd  ecx, mm2                                              )
-
-    AS2(    xor   eax, DWORD PTR [esi]                                  )
-    AS2(    xor   ebx, DWORD PTR [esi +  4]                             )
-    AS2(    xor   ecx, DWORD PTR [esi +  8]                             )
-    AS2(    xor   edx, DWORD PTR [esi + 12]                             )
-
-    AS2(    movd  edi, mm5                                              )
-    AS1(    dec   edi                                                   )
-    AS2(    movd  mm5, edi                                              )
-
-#ifdef _MSC_VER
-    AS1(    jnz   loop2)  // loop2
-#else
-    AS1(    jnz   2b )    // loop2
-#endif
-
-            // last round
-            /*
-            Put0 (mm0) =
-                (Td4[get0, rs24] & 0xff000000) ^  h = 4278190080
-                (Td4[get3, rs16] & 0x00ff0000) ^  h =   16711680
-                (Td4[get2, rs 8] & 0x0000ff00) ^  h =      65280
-                (Td4[get1, rs 0] & 0x000000ff)    h =        255
-            */
-    AS2(    mov   esi, eax                                              )
-    AS2(    shr   esi, 24                                               )
-    AS2(    mov   esi, DWORD PTR [ebp + 4096 + esi*4]                   )
-    AS2(    and   esi, 4278190080                                       )
-
-    AS2(    mov   edi, edx                                              )
-    AS2(    shr   edi, 16                                               )
-    AS2(    and   edi, 255                                              )
-    AS2(    mov   edi, DWORD PTR [ebp + 4096 + edi*4]                   )
-    AS2(    and   edi, 16711680                                         )
-    AS2(    xor   esi, edi                                              )
-
-    AS2(    movzx edi, ch                                               )
-    AS2(    mov   edi, DWORD PTR [ebp + 4096 + edi*4]                   )
-    AS2(    and   edi, 65280                                            )
-    AS2(    xor   esi, edi                                              )
-
-    AS2(    movzx edi, bl                                               )
-    AS2(    mov   edi, DWORD PTR [ebp + 4096 + edi*4]                   )
-    AS2(    and   edi, 255                                              )
-    AS2(    xor   esi, edi                                              )
-
-    AS2(    movd  mm0, esi                                              )
-
-            /*
-            Put1 (mm1) =
-                (Td4[get1, rs24] & 0xff000000) ^  h = 4278190080
-                (Td4[get0, rs16] & 0x00ff0000) ^  h =   16711680
-                (Td4[get3, rs 8] & 0x0000ff00) ^  h =      65280
-                (Td4[get2, rs 0] & 0x000000ff)    h =        255
-            */
-    AS2(    mov   esi, ebx                                              )
-    AS2(    shr   esi, 24                                               )
-    AS2(    mov   esi, DWORD PTR [ebp + 4096 + esi*4]                   )
-    AS2(    and   esi, 4278190080                                       )
-
-    AS2(    mov   edi, eax                                              )
-    AS2(    shr   edi, 16                                               )
-    AS2(    and   edi, 255                                              )
-    AS2(    mov   edi, DWORD PTR [ebp + 4096 + edi*4]                   )
-    AS2(    and   edi, 16711680                                         )
-    AS2(    xor   esi, edi                                              )
-
-    AS2(    movzx edi, dh                                               )
-    AS2(    mov   edi, DWORD PTR [ebp + 4096 + edi*4]                   )
-    AS2(    and   edi, 65280                                            )
-    AS2(    xor   esi, edi                                              )
-
-    AS2(    movzx edi, cl                                               )
-    AS2(    mov   edi, DWORD PTR [ebp + 4096 + edi*4]                   )
-    AS2(    and   edi, 255                                              )
-    AS2(    xor   esi, edi                                              )
-
-    AS2(    movd  mm1, esi                                              )
-
-            /*
-            Put2 (mm2) =
-                (Td4[get2, rs24] & 0xff000000) ^  h = 4278190080
-                (Td4[get1, rs16] & 0x00ff0000) ^  h =   16711680
-                (Td4[get0, rs 8] & 0x0000ff00) ^  h =      65280
-                (Td4[get3, rs 0] & 0x000000ff)    h =        255
-            */
-    AS2(    mov   esi, ecx                                              )
-    AS2(    shr   esi, 24                                               )
-    AS2(    mov   esi, DWORD PTR [ebp + 4096 + esi*4]                   )
-    AS2(    and   esi, 4278190080                                       )
-
-    AS2(    mov   edi, ebx                                              )
-    AS2(    shr   edi, 16                                               )
-    AS2(    and   edi, 255                                              )
-    AS2(    mov   edi, DWORD PTR [ebp + 4096 + edi*4]                   )
-    AS2(    and   edi, 16711680                                         )
-    AS2(    xor   esi, edi                                              )
-
-    AS2(    movzx edi, ah                                               )
-    AS2(    mov   edi, DWORD PTR [ebp + 4096 + edi*4]                   )
-    AS2(    and   edi, 65280                                            )
-    AS2(    xor   esi, edi                                              )
-
-    AS2(    movzx edi, dl                                               )
-    AS2(    mov   edi, DWORD PTR [ebp + 4096 + edi*4]                   )
-    AS2(    and   edi, 255                                              )
-    AS2(    xor   esi, edi                                              )
-
-    AS2(    movd  mm2, esi                                              )
-
-            /*
-            Put3 (edx) =
-                (Td4[get3, rs24] & 0xff000000) ^  h = 4278190080
-                (Td4[get2, rs16] & 0x00ff0000) ^  h =   16711680
-                (Td4[get1, rs 8] & 0x0000ff00) ^  h =      65280
-                (Td4[get0, rs 0] & 0x000000ff)    h =        255
-            */
-    AS2(    mov   esi, edx                                              )
-    AS2(    shr   esi, 24                                               )
-    AS2(    mov   edx, DWORD PTR [ebp + 4096 + esi*4]                   )
-    AS2(    and   edx, 4278190080                                       )
-
-    AS2(    mov   edi, ecx                                              )
-    AS2(    shr   edi, 16                                               )
-    AS2(    and   edi, 255                                              )
-    AS2(    mov   esi, DWORD PTR [ebp + 4096 + edi*4]                   )
-    AS2(    and   esi, 16711680                                         )
-    AS2(    xor   edx, esi                                              )
-
-    AS2(    movzx esi, bh                                               )
-    AS2(    mov   edi, DWORD PTR [ebp + 4096 + esi*4]                   )
-    AS2(    and   edi, 65280                                            )
-    AS2(    xor   edx, edi                                              )
-
-    AS2(    movzx edi, al                                               )
-    AS2(    mov   esi, DWORD PTR [ebp + 4096 + edi*4]                   )
-    AS2(    and   esi, 255                                              )
-    AS2(    xor   edx, esi                                              )
-
-
-            // xOr
-    AS2(    movd  esi, mm6                      )   //  rk
-    AS2(    add   esi, 16                                               )
-
-    AS2(    movd   eax, mm0                                             )
-    AS2(    movd   ebx, mm1                                             )
-    AS2(    movd   ecx, mm2                                             )
-
-    AS2(    xor   eax, DWORD PTR [esi]                                  )
-    AS2(    xor   ebx, DWORD PTR [esi +  4]                             )
-    AS2(    xor   ecx, DWORD PTR [esi +  8]                             )
-    AS2(    xor   edx, DWORD PTR [esi + 12]                             )
-
-    // end
-    AS2(    movd  ebp, mm7                                              )
-
-            // swap
-    AS1(    bswap eax                                                   )
-    AS1(    bswap ebx                                                   )
-    AS1(    bswap ecx                                                   )
-    AS1(    bswap edx                                                   )
-
-            // store
-    #ifdef __GNUC__
-        AS2(    movd esi, mm4                        )   //  outBlock
-    #else
-        AS2(    mov esi,  DWORD PTR [ebp + 12]       )   //  outBlock
-    #endif
-    AS2(    mov DWORD PTR [esi],      eax                               )
-    AS2(    mov DWORD PTR [esi +  4], ebx                               )
-    AS2(    mov DWORD PTR [esi +  8], ecx                               )
-    AS2(    mov DWORD PTR [esi + 12], edx                               )
-
-
-    EPILOG()
-}
-
-
-
-#endif // defined(DO_AES_ASM)
-
-
-
-const word32 AES::Te[5][256] = {
-{
-    0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU,
-    0xfff2f20dU, 0xd66b6bbdU, 0xde6f6fb1U, 0x91c5c554U,
-    0x60303050U, 0x02010103U, 0xce6767a9U, 0x562b2b7dU,
-    0xe7fefe19U, 0xb5d7d762U, 0x4dababe6U, 0xec76769aU,
-    0x8fcaca45U, 0x1f82829dU, 0x89c9c940U, 0xfa7d7d87U,
-    0xeffafa15U, 0xb25959ebU, 0x8e4747c9U, 0xfbf0f00bU,
-    0x41adadecU, 0xb3d4d467U, 0x5fa2a2fdU, 0x45afafeaU,
-    0x239c9cbfU, 0x53a4a4f7U, 0xe4727296U, 0x9bc0c05bU,
-    0x75b7b7c2U, 0xe1fdfd1cU, 0x3d9393aeU, 0x4c26266aU,
-    0x6c36365aU, 0x7e3f3f41U, 0xf5f7f702U, 0x83cccc4fU,
-    0x6834345cU, 0x51a5a5f4U, 0xd1e5e534U, 0xf9f1f108U,
-    0xe2717193U, 0xabd8d873U, 0x62313153U, 0x2a15153fU,
-    0x0804040cU, 0x95c7c752U, 0x46232365U, 0x9dc3c35eU,
-    0x30181828U, 0x379696a1U, 0x0a05050fU, 0x2f9a9ab5U,
-    0x0e070709U, 0x24121236U, 0x1b80809bU, 0xdfe2e23dU,
-    0xcdebeb26U, 0x4e272769U, 0x7fb2b2cdU, 0xea75759fU,
-    0x1209091bU, 0x1d83839eU, 0x582c2c74U, 0x341a1a2eU,
-    0x361b1b2dU, 0xdc6e6eb2U, 0xb45a5aeeU, 0x5ba0a0fbU,
-    0xa45252f6U, 0x763b3b4dU, 0xb7d6d661U, 0x7db3b3ceU,
-    0x5229297bU, 0xdde3e33eU, 0x5e2f2f71U, 0x13848497U,
-    0xa65353f5U, 0xb9d1d168U, 0x00000000U, 0xc1eded2cU,
-    0x40202060U, 0xe3fcfc1fU, 0x79b1b1c8U, 0xb65b5bedU,
-    0xd46a6abeU, 0x8dcbcb46U, 0x67bebed9U, 0x7239394bU,
-    0x944a4adeU, 0x984c4cd4U, 0xb05858e8U, 0x85cfcf4aU,
-    0xbbd0d06bU, 0xc5efef2aU, 0x4faaaae5U, 0xedfbfb16U,
-    0x864343c5U, 0x9a4d4dd7U, 0x66333355U, 0x11858594U,
-    0x8a4545cfU, 0xe9f9f910U, 0x04020206U, 0xfe7f7f81U,
-    0xa05050f0U, 0x783c3c44U, 0x259f9fbaU, 0x4ba8a8e3U,
-    0xa25151f3U, 0x5da3a3feU, 0x804040c0U, 0x058f8f8aU,
-    0x3f9292adU, 0x219d9dbcU, 0x70383848U, 0xf1f5f504U,
-    0x63bcbcdfU, 0x77b6b6c1U, 0xafdada75U, 0x42212163U,
-    0x20101030U, 0xe5ffff1aU, 0xfdf3f30eU, 0xbfd2d26dU,
-    0x81cdcd4cU, 0x180c0c14U, 0x26131335U, 0xc3ecec2fU,
-    0xbe5f5fe1U, 0x359797a2U, 0x884444ccU, 0x2e171739U,
-    0x93c4c457U, 0x55a7a7f2U, 0xfc7e7e82U, 0x7a3d3d47U,
-    0xc86464acU, 0xba5d5de7U, 0x3219192bU, 0xe6737395U,
-    0xc06060a0U, 0x19818198U, 0x9e4f4fd1U, 0xa3dcdc7fU,
-    0x44222266U, 0x542a2a7eU, 0x3b9090abU, 0x0b888883U,
-    0x8c4646caU, 0xc7eeee29U, 0x6bb8b8d3U, 0x2814143cU,
-    0xa7dede79U, 0xbc5e5ee2U, 0x160b0b1dU, 0xaddbdb76U,
-    0xdbe0e03bU, 0x64323256U, 0x743a3a4eU, 0x140a0a1eU,
-    0x924949dbU, 0x0c06060aU, 0x4824246cU, 0xb85c5ce4U,
-    0x9fc2c25dU, 0xbdd3d36eU, 0x43acacefU, 0xc46262a6U,
-    0x399191a8U, 0x319595a4U, 0xd3e4e437U, 0xf279798bU,
-    0xd5e7e732U, 0x8bc8c843U, 0x6e373759U, 0xda6d6db7U,
-    0x018d8d8cU, 0xb1d5d564U, 0x9c4e4ed2U, 0x49a9a9e0U,
-    0xd86c6cb4U, 0xac5656faU, 0xf3f4f407U, 0xcfeaea25U,
-    0xca6565afU, 0xf47a7a8eU, 0x47aeaee9U, 0x10080818U,
-    0x6fbabad5U, 0xf0787888U, 0x4a25256fU, 0x5c2e2e72U,
-    0x381c1c24U, 0x57a6a6f1U, 0x73b4b4c7U, 0x97c6c651U,
-    0xcbe8e823U, 0xa1dddd7cU, 0xe874749cU, 0x3e1f1f21U,
-    0x964b4bddU, 0x61bdbddcU, 0x0d8b8b86U, 0x0f8a8a85U,
-    0xe0707090U, 0x7c3e3e42U, 0x71b5b5c4U, 0xcc6666aaU,
-    0x904848d8U, 0x06030305U, 0xf7f6f601U, 0x1c0e0e12U,
-    0xc26161a3U, 0x6a35355fU, 0xae5757f9U, 0x69b9b9d0U,
-    0x17868691U, 0x99c1c158U, 0x3a1d1d27U, 0x279e9eb9U,
-    0xd9e1e138U, 0xebf8f813U, 0x2b9898b3U, 0x22111133U,
-    0xd26969bbU, 0xa9d9d970U, 0x078e8e89U, 0x339494a7U,
-    0x2d9b9bb6U, 0x3c1e1e22U, 0x15878792U, 0xc9e9e920U,
-    0x87cece49U, 0xaa5555ffU, 0x50282878U, 0xa5dfdf7aU,
-    0x038c8c8fU, 0x59a1a1f8U, 0x09898980U, 0x1a0d0d17U,
-    0x65bfbfdaU, 0xd7e6e631U, 0x844242c6U, 0xd06868b8U,
-    0x824141c3U, 0x299999b0U, 0x5a2d2d77U, 0x1e0f0f11U,
-    0x7bb0b0cbU, 0xa85454fcU, 0x6dbbbbd6U, 0x2c16163aU,
-},
-{
-    0xa5c66363U, 0x84f87c7cU, 0x99ee7777U, 0x8df67b7bU,
-    0x0dfff2f2U, 0xbdd66b6bU, 0xb1de6f6fU, 0x5491c5c5U,
-    0x50603030U, 0x03020101U, 0xa9ce6767U, 0x7d562b2bU,
-    0x19e7fefeU, 0x62b5d7d7U, 0xe64dababU, 0x9aec7676U,
-    0x458fcacaU, 0x9d1f8282U, 0x4089c9c9U, 0x87fa7d7dU,
-    0x15effafaU, 0xebb25959U, 0xc98e4747U, 0x0bfbf0f0U,
-    0xec41adadU, 0x67b3d4d4U, 0xfd5fa2a2U, 0xea45afafU,
-    0xbf239c9cU, 0xf753a4a4U, 0x96e47272U, 0x5b9bc0c0U,
-    0xc275b7b7U, 0x1ce1fdfdU, 0xae3d9393U, 0x6a4c2626U,
-    0x5a6c3636U, 0x417e3f3fU, 0x02f5f7f7U, 0x4f83ccccU,
-    0x5c683434U, 0xf451a5a5U, 0x34d1e5e5U, 0x08f9f1f1U,
-    0x93e27171U, 0x73abd8d8U, 0x53623131U, 0x3f2a1515U,
-    0x0c080404U, 0x5295c7c7U, 0x65462323U, 0x5e9dc3c3U,
-    0x28301818U, 0xa1379696U, 0x0f0a0505U, 0xb52f9a9aU,
-    0x090e0707U, 0x36241212U, 0x9b1b8080U, 0x3ddfe2e2U,
-    0x26cdebebU, 0x694e2727U, 0xcd7fb2b2U, 0x9fea7575U,
-    0x1b120909U, 0x9e1d8383U, 0x74582c2cU, 0x2e341a1aU,
-    0x2d361b1bU, 0xb2dc6e6eU, 0xeeb45a5aU, 0xfb5ba0a0U,
-    0xf6a45252U, 0x4d763b3bU, 0x61b7d6d6U, 0xce7db3b3U,
-    0x7b522929U, 0x3edde3e3U, 0x715e2f2fU, 0x97138484U,
-    0xf5a65353U, 0x68b9d1d1U, 0x00000000U, 0x2cc1ededU,
-    0x60402020U, 0x1fe3fcfcU, 0xc879b1b1U, 0xedb65b5bU,
-    0xbed46a6aU, 0x468dcbcbU, 0xd967bebeU, 0x4b723939U,
-    0xde944a4aU, 0xd4984c4cU, 0xe8b05858U, 0x4a85cfcfU,
-    0x6bbbd0d0U, 0x2ac5efefU, 0xe54faaaaU, 0x16edfbfbU,
-    0xc5864343U, 0xd79a4d4dU, 0x55663333U, 0x94118585U,
-    0xcf8a4545U, 0x10e9f9f9U, 0x06040202U, 0x81fe7f7fU,
-    0xf0a05050U, 0x44783c3cU, 0xba259f9fU, 0xe34ba8a8U,
-    0xf3a25151U, 0xfe5da3a3U, 0xc0804040U, 0x8a058f8fU,
-    0xad3f9292U, 0xbc219d9dU, 0x48703838U, 0x04f1f5f5U,
-    0xdf63bcbcU, 0xc177b6b6U, 0x75afdadaU, 0x63422121U,
-    0x30201010U, 0x1ae5ffffU, 0x0efdf3f3U, 0x6dbfd2d2U,
-    0x4c81cdcdU, 0x14180c0cU, 0x35261313U, 0x2fc3ececU,
-    0xe1be5f5fU, 0xa2359797U, 0xcc884444U, 0x392e1717U,
-    0x5793c4c4U, 0xf255a7a7U, 0x82fc7e7eU, 0x477a3d3dU,
-    0xacc86464U, 0xe7ba5d5dU, 0x2b321919U, 0x95e67373U,
-    0xa0c06060U, 0x98198181U, 0xd19e4f4fU, 0x7fa3dcdcU,
-    0x66442222U, 0x7e542a2aU, 0xab3b9090U, 0x830b8888U,
-    0xca8c4646U, 0x29c7eeeeU, 0xd36bb8b8U, 0x3c281414U,
-    0x79a7dedeU, 0xe2bc5e5eU, 0x1d160b0bU, 0x76addbdbU,
-    0x3bdbe0e0U, 0x56643232U, 0x4e743a3aU, 0x1e140a0aU,
-    0xdb924949U, 0x0a0c0606U, 0x6c482424U, 0xe4b85c5cU,
-    0x5d9fc2c2U, 0x6ebdd3d3U, 0xef43acacU, 0xa6c46262U,
-    0xa8399191U, 0xa4319595U, 0x37d3e4e4U, 0x8bf27979U,
-    0x32d5e7e7U, 0x438bc8c8U, 0x596e3737U, 0xb7da6d6dU,
-    0x8c018d8dU, 0x64b1d5d5U, 0xd29c4e4eU, 0xe049a9a9U,
-    0xb4d86c6cU, 0xfaac5656U, 0x07f3f4f4U, 0x25cfeaeaU,
-    0xafca6565U, 0x8ef47a7aU, 0xe947aeaeU, 0x18100808U,
-    0xd56fbabaU, 0x88f07878U, 0x6f4a2525U, 0x725c2e2eU,
-    0x24381c1cU, 0xf157a6a6U, 0xc773b4b4U, 0x5197c6c6U,
-    0x23cbe8e8U, 0x7ca1ddddU, 0x9ce87474U, 0x213e1f1fU,
-    0xdd964b4bU, 0xdc61bdbdU, 0x860d8b8bU, 0x850f8a8aU,
-    0x90e07070U, 0x427c3e3eU, 0xc471b5b5U, 0xaacc6666U,
-    0xd8904848U, 0x05060303U, 0x01f7f6f6U, 0x121c0e0eU,
-    0xa3c26161U, 0x5f6a3535U, 0xf9ae5757U, 0xd069b9b9U,
-    0x91178686U, 0x5899c1c1U, 0x273a1d1dU, 0xb9279e9eU,
-    0x38d9e1e1U, 0x13ebf8f8U, 0xb32b9898U, 0x33221111U,
-    0xbbd26969U, 0x70a9d9d9U, 0x89078e8eU, 0xa7339494U,
-    0xb62d9b9bU, 0x223c1e1eU, 0x92158787U, 0x20c9e9e9U,
-    0x4987ceceU, 0xffaa5555U, 0x78502828U, 0x7aa5dfdfU,
-    0x8f038c8cU, 0xf859a1a1U, 0x80098989U, 0x171a0d0dU,
-    0xda65bfbfU, 0x31d7e6e6U, 0xc6844242U, 0xb8d06868U,
-    0xc3824141U, 0xb0299999U, 0x775a2d2dU, 0x111e0f0fU,
-    0xcb7bb0b0U, 0xfca85454U, 0xd66dbbbbU, 0x3a2c1616U,
-},
-{
-    0x63a5c663U, 0x7c84f87cU, 0x7799ee77U, 0x7b8df67bU,
-    0xf20dfff2U, 0x6bbdd66bU, 0x6fb1de6fU, 0xc55491c5U,
-    0x30506030U, 0x01030201U, 0x67a9ce67U, 0x2b7d562bU,
-    0xfe19e7feU, 0xd762b5d7U, 0xabe64dabU, 0x769aec76U,
-    0xca458fcaU, 0x829d1f82U, 0xc94089c9U, 0x7d87fa7dU,
-    0xfa15effaU, 0x59ebb259U, 0x47c98e47U, 0xf00bfbf0U,
-    0xadec41adU, 0xd467b3d4U, 0xa2fd5fa2U, 0xafea45afU,
-    0x9cbf239cU, 0xa4f753a4U, 0x7296e472U, 0xc05b9bc0U,
-    0xb7c275b7U, 0xfd1ce1fdU, 0x93ae3d93U, 0x266a4c26U,
-    0x365a6c36U, 0x3f417e3fU, 0xf702f5f7U, 0xcc4f83ccU,
-    0x345c6834U, 0xa5f451a5U, 0xe534d1e5U, 0xf108f9f1U,
-    0x7193e271U, 0xd873abd8U, 0x31536231U, 0x153f2a15U,
-    0x040c0804U, 0xc75295c7U, 0x23654623U, 0xc35e9dc3U,
-    0x18283018U, 0x96a13796U, 0x050f0a05U, 0x9ab52f9aU,
-    0x07090e07U, 0x12362412U, 0x809b1b80U, 0xe23ddfe2U,
-    0xeb26cdebU, 0x27694e27U, 0xb2cd7fb2U, 0x759fea75U,
-    0x091b1209U, 0x839e1d83U, 0x2c74582cU, 0x1a2e341aU,
-    0x1b2d361bU, 0x6eb2dc6eU, 0x5aeeb45aU, 0xa0fb5ba0U,
-    0x52f6a452U, 0x3b4d763bU, 0xd661b7d6U, 0xb3ce7db3U,
-    0x297b5229U, 0xe33edde3U, 0x2f715e2fU, 0x84971384U,
-    0x53f5a653U, 0xd168b9d1U, 0x00000000U, 0xed2cc1edU,
-    0x20604020U, 0xfc1fe3fcU, 0xb1c879b1U, 0x5bedb65bU,
-    0x6abed46aU, 0xcb468dcbU, 0xbed967beU, 0x394b7239U,
-    0x4ade944aU, 0x4cd4984cU, 0x58e8b058U, 0xcf4a85cfU,
-    0xd06bbbd0U, 0xef2ac5efU, 0xaae54faaU, 0xfb16edfbU,
-    0x43c58643U, 0x4dd79a4dU, 0x33556633U, 0x85941185U,
-    0x45cf8a45U, 0xf910e9f9U, 0x02060402U, 0x7f81fe7fU,
-    0x50f0a050U, 0x3c44783cU, 0x9fba259fU, 0xa8e34ba8U,
-    0x51f3a251U, 0xa3fe5da3U, 0x40c08040U, 0x8f8a058fU,
-    0x92ad3f92U, 0x9dbc219dU, 0x38487038U, 0xf504f1f5U,
-    0xbcdf63bcU, 0xb6c177b6U, 0xda75afdaU, 0x21634221U,
-    0x10302010U, 0xff1ae5ffU, 0xf30efdf3U, 0xd26dbfd2U,
-    0xcd4c81cdU, 0x0c14180cU, 0x13352613U, 0xec2fc3ecU,
-    0x5fe1be5fU, 0x97a23597U, 0x44cc8844U, 0x17392e17U,
-    0xc45793c4U, 0xa7f255a7U, 0x7e82fc7eU, 0x3d477a3dU,
-    0x64acc864U, 0x5de7ba5dU, 0x192b3219U, 0x7395e673U,
-    0x60a0c060U, 0x81981981U, 0x4fd19e4fU, 0xdc7fa3dcU,
-    0x22664422U, 0x2a7e542aU, 0x90ab3b90U, 0x88830b88U,
-    0x46ca8c46U, 0xee29c7eeU, 0xb8d36bb8U, 0x143c2814U,
-    0xde79a7deU, 0x5ee2bc5eU, 0x0b1d160bU, 0xdb76addbU,
-    0xe03bdbe0U, 0x32566432U, 0x3a4e743aU, 0x0a1e140aU,
-    0x49db9249U, 0x060a0c06U, 0x246c4824U, 0x5ce4b85cU,
-    0xc25d9fc2U, 0xd36ebdd3U, 0xacef43acU, 0x62a6c462U,
-    0x91a83991U, 0x95a43195U, 0xe437d3e4U, 0x798bf279U,
-    0xe732d5e7U, 0xc8438bc8U, 0x37596e37U, 0x6db7da6dU,
-    0x8d8c018dU, 0xd564b1d5U, 0x4ed29c4eU, 0xa9e049a9U,
-    0x6cb4d86cU, 0x56faac56U, 0xf407f3f4U, 0xea25cfeaU,
-    0x65afca65U, 0x7a8ef47aU, 0xaee947aeU, 0x08181008U,
-    0xbad56fbaU, 0x7888f078U, 0x256f4a25U, 0x2e725c2eU,
-    0x1c24381cU, 0xa6f157a6U, 0xb4c773b4U, 0xc65197c6U,
-    0xe823cbe8U, 0xdd7ca1ddU, 0x749ce874U, 0x1f213e1fU,
-    0x4bdd964bU, 0xbddc61bdU, 0x8b860d8bU, 0x8a850f8aU,
-    0x7090e070U, 0x3e427c3eU, 0xb5c471b5U, 0x66aacc66U,
-    0x48d89048U, 0x03050603U, 0xf601f7f6U, 0x0e121c0eU,
-    0x61a3c261U, 0x355f6a35U, 0x57f9ae57U, 0xb9d069b9U,
-    0x86911786U, 0xc15899c1U, 0x1d273a1dU, 0x9eb9279eU,
-    0xe138d9e1U, 0xf813ebf8U, 0x98b32b98U, 0x11332211U,
-    0x69bbd269U, 0xd970a9d9U, 0x8e89078eU, 0x94a73394U,
-    0x9bb62d9bU, 0x1e223c1eU, 0x87921587U, 0xe920c9e9U,
-    0xce4987ceU, 0x55ffaa55U, 0x28785028U, 0xdf7aa5dfU,
-    0x8c8f038cU, 0xa1f859a1U, 0x89800989U, 0x0d171a0dU,
-    0xbfda65bfU, 0xe631d7e6U, 0x42c68442U, 0x68b8d068U,
-    0x41c38241U, 0x99b02999U, 0x2d775a2dU, 0x0f111e0fU,
-    0xb0cb7bb0U, 0x54fca854U, 0xbbd66dbbU, 0x163a2c16U,
-},
-{
-    0x6363a5c6U, 0x7c7c84f8U, 0x777799eeU, 0x7b7b8df6U,
-    0xf2f20dffU, 0x6b6bbdd6U, 0x6f6fb1deU, 0xc5c55491U,
-    0x30305060U, 0x01010302U, 0x6767a9ceU, 0x2b2b7d56U,
-    0xfefe19e7U, 0xd7d762b5U, 0xababe64dU, 0x76769aecU,
-    0xcaca458fU, 0x82829d1fU, 0xc9c94089U, 0x7d7d87faU,
-    0xfafa15efU, 0x5959ebb2U, 0x4747c98eU, 0xf0f00bfbU,
-    0xadadec41U, 0xd4d467b3U, 0xa2a2fd5fU, 0xafafea45U,
-    0x9c9cbf23U, 0xa4a4f753U, 0x727296e4U, 0xc0c05b9bU,
-    0xb7b7c275U, 0xfdfd1ce1U, 0x9393ae3dU, 0x26266a4cU,
-    0x36365a6cU, 0x3f3f417eU, 0xf7f702f5U, 0xcccc4f83U,
-    0x34345c68U, 0xa5a5f451U, 0xe5e534d1U, 0xf1f108f9U,
-    0x717193e2U, 0xd8d873abU, 0x31315362U, 0x15153f2aU,
-    0x04040c08U, 0xc7c75295U, 0x23236546U, 0xc3c35e9dU,
-    0x18182830U, 0x9696a137U, 0x05050f0aU, 0x9a9ab52fU,
-    0x0707090eU, 0x12123624U, 0x80809b1bU, 0xe2e23ddfU,
-    0xebeb26cdU, 0x2727694eU, 0xb2b2cd7fU, 0x75759feaU,
-    0x09091b12U, 0x83839e1dU, 0x2c2c7458U, 0x1a1a2e34U,
-    0x1b1b2d36U, 0x6e6eb2dcU, 0x5a5aeeb4U, 0xa0a0fb5bU,
-    0x5252f6a4U, 0x3b3b4d76U, 0xd6d661b7U, 0xb3b3ce7dU,
-    0x29297b52U, 0xe3e33eddU, 0x2f2f715eU, 0x84849713U,
-    0x5353f5a6U, 0xd1d168b9U, 0x00000000U, 0xeded2cc1U,
-    0x20206040U, 0xfcfc1fe3U, 0xb1b1c879U, 0x5b5bedb6U,
-    0x6a6abed4U, 0xcbcb468dU, 0xbebed967U, 0x39394b72U,
-    0x4a4ade94U, 0x4c4cd498U, 0x5858e8b0U, 0xcfcf4a85U,
-    0xd0d06bbbU, 0xefef2ac5U, 0xaaaae54fU, 0xfbfb16edU,
-    0x4343c586U, 0x4d4dd79aU, 0x33335566U, 0x85859411U,
-    0x4545cf8aU, 0xf9f910e9U, 0x02020604U, 0x7f7f81feU,
-    0x5050f0a0U, 0x3c3c4478U, 0x9f9fba25U, 0xa8a8e34bU,
-    0x5151f3a2U, 0xa3a3fe5dU, 0x4040c080U, 0x8f8f8a05U,
-    0x9292ad3fU, 0x9d9dbc21U, 0x38384870U, 0xf5f504f1U,
-    0xbcbcdf63U, 0xb6b6c177U, 0xdada75afU, 0x21216342U,
-    0x10103020U, 0xffff1ae5U, 0xf3f30efdU, 0xd2d26dbfU,
-    0xcdcd4c81U, 0x0c0c1418U, 0x13133526U, 0xecec2fc3U,
-    0x5f5fe1beU, 0x9797a235U, 0x4444cc88U, 0x1717392eU,
-    0xc4c45793U, 0xa7a7f255U, 0x7e7e82fcU, 0x3d3d477aU,
-    0x6464acc8U, 0x5d5de7baU, 0x19192b32U, 0x737395e6U,
-    0x6060a0c0U, 0x81819819U, 0x4f4fd19eU, 0xdcdc7fa3U,
-    0x22226644U, 0x2a2a7e54U, 0x9090ab3bU, 0x8888830bU,
-    0x4646ca8cU, 0xeeee29c7U, 0xb8b8d36bU, 0x14143c28U,
-    0xdede79a7U, 0x5e5ee2bcU, 0x0b0b1d16U, 0xdbdb76adU,
-    0xe0e03bdbU, 0x32325664U, 0x3a3a4e74U, 0x0a0a1e14U,
-    0x4949db92U, 0x06060a0cU, 0x24246c48U, 0x5c5ce4b8U,
-    0xc2c25d9fU, 0xd3d36ebdU, 0xacacef43U, 0x6262a6c4U,
-    0x9191a839U, 0x9595a431U, 0xe4e437d3U, 0x79798bf2U,
-    0xe7e732d5U, 0xc8c8438bU, 0x3737596eU, 0x6d6db7daU,
-    0x8d8d8c01U, 0xd5d564b1U, 0x4e4ed29cU, 0xa9a9e049U,
-    0x6c6cb4d8U, 0x5656faacU, 0xf4f407f3U, 0xeaea25cfU,
-    0x6565afcaU, 0x7a7a8ef4U, 0xaeaee947U, 0x08081810U,
-    0xbabad56fU, 0x787888f0U, 0x25256f4aU, 0x2e2e725cU,
-    0x1c1c2438U, 0xa6a6f157U, 0xb4b4c773U, 0xc6c65197U,
-    0xe8e823cbU, 0xdddd7ca1U, 0x74749ce8U, 0x1f1f213eU,
-    0x4b4bdd96U, 0xbdbddc61U, 0x8b8b860dU, 0x8a8a850fU,
-    0x707090e0U, 0x3e3e427cU, 0xb5b5c471U, 0x6666aaccU,
-    0x4848d890U, 0x03030506U, 0xf6f601f7U, 0x0e0e121cU,
-    0x6161a3c2U, 0x35355f6aU, 0x5757f9aeU, 0xb9b9d069U,
-    0x86869117U, 0xc1c15899U, 0x1d1d273aU, 0x9e9eb927U,
-    0xe1e138d9U, 0xf8f813ebU, 0x9898b32bU, 0x11113322U,
-    0x6969bbd2U, 0xd9d970a9U, 0x8e8e8907U, 0x9494a733U,
-    0x9b9bb62dU, 0x1e1e223cU, 0x87879215U, 0xe9e920c9U,
-    0xcece4987U, 0x5555ffaaU, 0x28287850U, 0xdfdf7aa5U,
-    0x8c8c8f03U, 0xa1a1f859U, 0x89898009U, 0x0d0d171aU,
-    0xbfbfda65U, 0xe6e631d7U, 0x4242c684U, 0x6868b8d0U,
-    0x4141c382U, 0x9999b029U, 0x2d2d775aU, 0x0f0f111eU,
-    0xb0b0cb7bU, 0x5454fca8U, 0xbbbbd66dU, 0x16163a2cU,
-},
-{
-    0x63636363U, 0x7c7c7c7cU, 0x77777777U, 0x7b7b7b7bU,
-    0xf2f2f2f2U, 0x6b6b6b6bU, 0x6f6f6f6fU, 0xc5c5c5c5U,
-    0x30303030U, 0x01010101U, 0x67676767U, 0x2b2b2b2bU,
-    0xfefefefeU, 0xd7d7d7d7U, 0xababababU, 0x76767676U,
-    0xcacacacaU, 0x82828282U, 0xc9c9c9c9U, 0x7d7d7d7dU,
-    0xfafafafaU, 0x59595959U, 0x47474747U, 0xf0f0f0f0U,
-    0xadadadadU, 0xd4d4d4d4U, 0xa2a2a2a2U, 0xafafafafU,
-    0x9c9c9c9cU, 0xa4a4a4a4U, 0x72727272U, 0xc0c0c0c0U,
-    0xb7b7b7b7U, 0xfdfdfdfdU, 0x93939393U, 0x26262626U,
-    0x36363636U, 0x3f3f3f3fU, 0xf7f7f7f7U, 0xccccccccU,
-    0x34343434U, 0xa5a5a5a5U, 0xe5e5e5e5U, 0xf1f1f1f1U,
-    0x71717171U, 0xd8d8d8d8U, 0x31313131U, 0x15151515U,
-    0x04040404U, 0xc7c7c7c7U, 0x23232323U, 0xc3c3c3c3U,
-    0x18181818U, 0x96969696U, 0x05050505U, 0x9a9a9a9aU,
-    0x07070707U, 0x12121212U, 0x80808080U, 0xe2e2e2e2U,
-    0xebebebebU, 0x27272727U, 0xb2b2b2b2U, 0x75757575U,
-    0x09090909U, 0x83838383U, 0x2c2c2c2cU, 0x1a1a1a1aU,
-    0x1b1b1b1bU, 0x6e6e6e6eU, 0x5a5a5a5aU, 0xa0a0a0a0U,
-    0x52525252U, 0x3b3b3b3bU, 0xd6d6d6d6U, 0xb3b3b3b3U,
-    0x29292929U, 0xe3e3e3e3U, 0x2f2f2f2fU, 0x84848484U,
-    0x53535353U, 0xd1d1d1d1U, 0x00000000U, 0xededededU,
-    0x20202020U, 0xfcfcfcfcU, 0xb1b1b1b1U, 0x5b5b5b5bU,
-    0x6a6a6a6aU, 0xcbcbcbcbU, 0xbebebebeU, 0x39393939U,
-    0x4a4a4a4aU, 0x4c4c4c4cU, 0x58585858U, 0xcfcfcfcfU,
-    0xd0d0d0d0U, 0xefefefefU, 0xaaaaaaaaU, 0xfbfbfbfbU,
-    0x43434343U, 0x4d4d4d4dU, 0x33333333U, 0x85858585U,
-    0x45454545U, 0xf9f9f9f9U, 0x02020202U, 0x7f7f7f7fU,
-    0x50505050U, 0x3c3c3c3cU, 0x9f9f9f9fU, 0xa8a8a8a8U,
-    0x51515151U, 0xa3a3a3a3U, 0x40404040U, 0x8f8f8f8fU,
-    0x92929292U, 0x9d9d9d9dU, 0x38383838U, 0xf5f5f5f5U,
-    0xbcbcbcbcU, 0xb6b6b6b6U, 0xdadadadaU, 0x21212121U,
-    0x10101010U, 0xffffffffU, 0xf3f3f3f3U, 0xd2d2d2d2U,
-    0xcdcdcdcdU, 0x0c0c0c0cU, 0x13131313U, 0xececececU,
-    0x5f5f5f5fU, 0x97979797U, 0x44444444U, 0x17171717U,
-    0xc4c4c4c4U, 0xa7a7a7a7U, 0x7e7e7e7eU, 0x3d3d3d3dU,
-    0x64646464U, 0x5d5d5d5dU, 0x19191919U, 0x73737373U,
-    0x60606060U, 0x81818181U, 0x4f4f4f4fU, 0xdcdcdcdcU,
-    0x22222222U, 0x2a2a2a2aU, 0x90909090U, 0x88888888U,
-    0x46464646U, 0xeeeeeeeeU, 0xb8b8b8b8U, 0x14141414U,
-    0xdedededeU, 0x5e5e5e5eU, 0x0b0b0b0bU, 0xdbdbdbdbU,
-    0xe0e0e0e0U, 0x32323232U, 0x3a3a3a3aU, 0x0a0a0a0aU,
-    0x49494949U, 0x06060606U, 0x24242424U, 0x5c5c5c5cU,
-    0xc2c2c2c2U, 0xd3d3d3d3U, 0xacacacacU, 0x62626262U,
-    0x91919191U, 0x95959595U, 0xe4e4e4e4U, 0x79797979U,
-    0xe7e7e7e7U, 0xc8c8c8c8U, 0x37373737U, 0x6d6d6d6dU,
-    0x8d8d8d8dU, 0xd5d5d5d5U, 0x4e4e4e4eU, 0xa9a9a9a9U,
-    0x6c6c6c6cU, 0x56565656U, 0xf4f4f4f4U, 0xeaeaeaeaU,
-    0x65656565U, 0x7a7a7a7aU, 0xaeaeaeaeU, 0x08080808U,
-    0xbabababaU, 0x78787878U, 0x25252525U, 0x2e2e2e2eU,
-    0x1c1c1c1cU, 0xa6a6a6a6U, 0xb4b4b4b4U, 0xc6c6c6c6U,
-    0xe8e8e8e8U, 0xddddddddU, 0x74747474U, 0x1f1f1f1fU,
-    0x4b4b4b4bU, 0xbdbdbdbdU, 0x8b8b8b8bU, 0x8a8a8a8aU,
-    0x70707070U, 0x3e3e3e3eU, 0xb5b5b5b5U, 0x66666666U,
-    0x48484848U, 0x03030303U, 0xf6f6f6f6U, 0x0e0e0e0eU,
-    0x61616161U, 0x35353535U, 0x57575757U, 0xb9b9b9b9U,
-    0x86868686U, 0xc1c1c1c1U, 0x1d1d1d1dU, 0x9e9e9e9eU,
-    0xe1e1e1e1U, 0xf8f8f8f8U, 0x98989898U, 0x11111111U,
-    0x69696969U, 0xd9d9d9d9U, 0x8e8e8e8eU, 0x94949494U,
-    0x9b9b9b9bU, 0x1e1e1e1eU, 0x87878787U, 0xe9e9e9e9U,
-    0xcecececeU, 0x55555555U, 0x28282828U, 0xdfdfdfdfU,
-    0x8c8c8c8cU, 0xa1a1a1a1U, 0x89898989U, 0x0d0d0d0dU,
-    0xbfbfbfbfU, 0xe6e6e6e6U, 0x42424242U, 0x68686868U,
-    0x41414141U, 0x99999999U, 0x2d2d2d2dU, 0x0f0f0f0fU,
-    0xb0b0b0b0U, 0x54545454U, 0xbbbbbbbbU, 0x16161616U,
-}
-};
-
-
-const word32 AES::Td[5][256] = {
-{
-    0x51f4a750U, 0x7e416553U, 0x1a17a4c3U, 0x3a275e96U,
-    0x3bab6bcbU, 0x1f9d45f1U, 0xacfa58abU, 0x4be30393U,
-    0x2030fa55U, 0xad766df6U, 0x88cc7691U, 0xf5024c25U,
-    0x4fe5d7fcU, 0xc52acbd7U, 0x26354480U, 0xb562a38fU,
-    0xdeb15a49U, 0x25ba1b67U, 0x45ea0e98U, 0x5dfec0e1U,
-    0xc32f7502U, 0x814cf012U, 0x8d4697a3U, 0x6bd3f9c6U,
-    0x038f5fe7U, 0x15929c95U, 0xbf6d7aebU, 0x955259daU,
-    0xd4be832dU, 0x587421d3U, 0x49e06929U, 0x8ec9c844U,
-    0x75c2896aU, 0xf48e7978U, 0x99583e6bU, 0x27b971ddU,
-    0xbee14fb6U, 0xf088ad17U, 0xc920ac66U, 0x7dce3ab4U,
-    0x63df4a18U, 0xe51a3182U, 0x97513360U, 0x62537f45U,
-    0xb16477e0U, 0xbb6bae84U, 0xfe81a01cU, 0xf9082b94U,
-    0x70486858U, 0x8f45fd19U, 0x94de6c87U, 0x527bf8b7U,
-    0xab73d323U, 0x724b02e2U, 0xe31f8f57U, 0x6655ab2aU,
-    0xb2eb2807U, 0x2fb5c203U, 0x86c57b9aU, 0xd33708a5U,
-    0x302887f2U, 0x23bfa5b2U, 0x02036abaU, 0xed16825cU,
-    0x8acf1c2bU, 0xa779b492U, 0xf307f2f0U, 0x4e69e2a1U,
-    0x65daf4cdU, 0x0605bed5U, 0xd134621fU, 0xc4a6fe8aU,
-    0x342e539dU, 0xa2f355a0U, 0x058ae132U, 0xa4f6eb75U,
-    0x0b83ec39U, 0x4060efaaU, 0x5e719f06U, 0xbd6e1051U,
-    0x3e218af9U, 0x96dd063dU, 0xdd3e05aeU, 0x4de6bd46U,
-    0x91548db5U, 0x71c45d05U, 0x0406d46fU, 0x605015ffU,
-    0x1998fb24U, 0xd6bde997U, 0x894043ccU, 0x67d99e77U,
-    0xb0e842bdU, 0x07898b88U, 0xe7195b38U, 0x79c8eedbU,
-    0xa17c0a47U, 0x7c420fe9U, 0xf8841ec9U, 0x00000000U,
-    0x09808683U, 0x322bed48U, 0x1e1170acU, 0x6c5a724eU,
-    0xfd0efffbU, 0x0f853856U, 0x3daed51eU, 0x362d3927U,
-    0x0a0fd964U, 0x685ca621U, 0x9b5b54d1U, 0x24362e3aU,
-    0x0c0a67b1U, 0x9357e70fU, 0xb4ee96d2U, 0x1b9b919eU,
-    0x80c0c54fU, 0x61dc20a2U, 0x5a774b69U, 0x1c121a16U,
-    0xe293ba0aU, 0xc0a02ae5U, 0x3c22e043U, 0x121b171dU,
-    0x0e090d0bU, 0xf28bc7adU, 0x2db6a8b9U, 0x141ea9c8U,
-    0x57f11985U, 0xaf75074cU, 0xee99ddbbU, 0xa37f60fdU,
-    0xf701269fU, 0x5c72f5bcU, 0x44663bc5U, 0x5bfb7e34U,
-    0x8b432976U, 0xcb23c6dcU, 0xb6edfc68U, 0xb8e4f163U,
-    0xd731dccaU, 0x42638510U, 0x13972240U, 0x84c61120U,
-    0x854a247dU, 0xd2bb3df8U, 0xaef93211U, 0xc729a16dU,
-    0x1d9e2f4bU, 0xdcb230f3U, 0x0d8652ecU, 0x77c1e3d0U,
-    0x2bb3166cU, 0xa970b999U, 0x119448faU, 0x47e96422U,
-    0xa8fc8cc4U, 0xa0f03f1aU, 0x567d2cd8U, 0x223390efU,
-    0x87494ec7U, 0xd938d1c1U, 0x8ccaa2feU, 0x98d40b36U,
-    0xa6f581cfU, 0xa57ade28U, 0xdab78e26U, 0x3fadbfa4U,
-    0x2c3a9de4U, 0x5078920dU, 0x6a5fcc9bU, 0x547e4662U,
-    0xf68d13c2U, 0x90d8b8e8U, 0x2e39f75eU, 0x82c3aff5U,
-    0x9f5d80beU, 0x69d0937cU, 0x6fd52da9U, 0xcf2512b3U,
-    0xc8ac993bU, 0x10187da7U, 0xe89c636eU, 0xdb3bbb7bU,
-    0xcd267809U, 0x6e5918f4U, 0xec9ab701U, 0x834f9aa8U,
-    0xe6956e65U, 0xaaffe67eU, 0x21bccf08U, 0xef15e8e6U,
-    0xbae79bd9U, 0x4a6f36ceU, 0xea9f09d4U, 0x29b07cd6U,
-    0x31a4b2afU, 0x2a3f2331U, 0xc6a59430U, 0x35a266c0U,
-    0x744ebc37U, 0xfc82caa6U, 0xe090d0b0U, 0x33a7d815U,
-    0xf104984aU, 0x41ecdaf7U, 0x7fcd500eU, 0x1791f62fU,
-    0x764dd68dU, 0x43efb04dU, 0xccaa4d54U, 0xe49604dfU,
-    0x9ed1b5e3U, 0x4c6a881bU, 0xc12c1fb8U, 0x4665517fU,
-    0x9d5eea04U, 0x018c355dU, 0xfa877473U, 0xfb0b412eU,
-    0xb3671d5aU, 0x92dbd252U, 0xe9105633U, 0x6dd64713U,
-    0x9ad7618cU, 0x37a10c7aU, 0x59f8148eU, 0xeb133c89U,
-    0xcea927eeU, 0xb761c935U, 0xe11ce5edU, 0x7a47b13cU,
-    0x9cd2df59U, 0x55f2733fU, 0x1814ce79U, 0x73c737bfU,
-    0x53f7cdeaU, 0x5ffdaa5bU, 0xdf3d6f14U, 0x7844db86U,
-    0xcaaff381U, 0xb968c43eU, 0x3824342cU, 0xc2a3405fU,
-    0x161dc372U, 0xbce2250cU, 0x283c498bU, 0xff0d9541U,
-    0x39a80171U, 0x080cb3deU, 0xd8b4e49cU, 0x6456c190U,
-    0x7bcb8461U, 0xd532b670U, 0x486c5c74U, 0xd0b85742U,
-},
-{
-    0x5051f4a7U, 0x537e4165U, 0xc31a17a4U, 0x963a275eU,
-    0xcb3bab6bU, 0xf11f9d45U, 0xabacfa58U, 0x934be303U,
-    0x552030faU, 0xf6ad766dU, 0x9188cc76U, 0x25f5024cU,
-    0xfc4fe5d7U, 0xd7c52acbU, 0x80263544U, 0x8fb562a3U,
-    0x49deb15aU, 0x6725ba1bU, 0x9845ea0eU, 0xe15dfec0U,
-    0x02c32f75U, 0x12814cf0U, 0xa38d4697U, 0xc66bd3f9U,
-    0xe7038f5fU, 0x9515929cU, 0xebbf6d7aU, 0xda955259U,
-    0x2dd4be83U, 0xd3587421U, 0x2949e069U, 0x448ec9c8U,
-    0x6a75c289U, 0x78f48e79U, 0x6b99583eU, 0xdd27b971U,
-    0xb6bee14fU, 0x17f088adU, 0x66c920acU, 0xb47dce3aU,
-    0x1863df4aU, 0x82e51a31U, 0x60975133U, 0x4562537fU,
-    0xe0b16477U, 0x84bb6baeU, 0x1cfe81a0U, 0x94f9082bU,
-    0x58704868U, 0x198f45fdU, 0x8794de6cU, 0xb7527bf8U,
-    0x23ab73d3U, 0xe2724b02U, 0x57e31f8fU, 0x2a6655abU,
-    0x07b2eb28U, 0x032fb5c2U, 0x9a86c57bU, 0xa5d33708U,
-    0xf2302887U, 0xb223bfa5U, 0xba02036aU, 0x5ced1682U,
-    0x2b8acf1cU, 0x92a779b4U, 0xf0f307f2U, 0xa14e69e2U,
-    0xcd65daf4U, 0xd50605beU, 0x1fd13462U, 0x8ac4a6feU,
-    0x9d342e53U, 0xa0a2f355U, 0x32058ae1U, 0x75a4f6ebU,
-    0x390b83ecU, 0xaa4060efU, 0x065e719fU, 0x51bd6e10U,
-    0xf93e218aU, 0x3d96dd06U, 0xaedd3e05U, 0x464de6bdU,
-    0xb591548dU, 0x0571c45dU, 0x6f0406d4U, 0xff605015U,
-    0x241998fbU, 0x97d6bde9U, 0xcc894043U, 0x7767d99eU,
-    0xbdb0e842U, 0x8807898bU, 0x38e7195bU, 0xdb79c8eeU,
-    0x47a17c0aU, 0xe97c420fU, 0xc9f8841eU, 0x00000000U,
-    0x83098086U, 0x48322bedU, 0xac1e1170U, 0x4e6c5a72U,
-    0xfbfd0effU, 0x560f8538U, 0x1e3daed5U, 0x27362d39U,
-    0x640a0fd9U, 0x21685ca6U, 0xd19b5b54U, 0x3a24362eU,
-    0xb10c0a67U, 0x0f9357e7U, 0xd2b4ee96U, 0x9e1b9b91U,
-    0x4f80c0c5U, 0xa261dc20U, 0x695a774bU, 0x161c121aU,
-    0x0ae293baU, 0xe5c0a02aU, 0x433c22e0U, 0x1d121b17U,
-    0x0b0e090dU, 0xadf28bc7U, 0xb92db6a8U, 0xc8141ea9U,
-    0x8557f119U, 0x4caf7507U, 0xbbee99ddU, 0xfda37f60U,
-    0x9ff70126U, 0xbc5c72f5U, 0xc544663bU, 0x345bfb7eU,
-    0x768b4329U, 0xdccb23c6U, 0x68b6edfcU, 0x63b8e4f1U,
-    0xcad731dcU, 0x10426385U, 0x40139722U, 0x2084c611U,
-    0x7d854a24U, 0xf8d2bb3dU, 0x11aef932U, 0x6dc729a1U,
-    0x4b1d9e2fU, 0xf3dcb230U, 0xec0d8652U, 0xd077c1e3U,
-    0x6c2bb316U, 0x99a970b9U, 0xfa119448U, 0x2247e964U,
-    0xc4a8fc8cU, 0x1aa0f03fU, 0xd8567d2cU, 0xef223390U,
-    0xc787494eU, 0xc1d938d1U, 0xfe8ccaa2U, 0x3698d40bU,
-    0xcfa6f581U, 0x28a57adeU, 0x26dab78eU, 0xa43fadbfU,
-    0xe42c3a9dU, 0x0d507892U, 0x9b6a5fccU, 0x62547e46U,
-    0xc2f68d13U, 0xe890d8b8U, 0x5e2e39f7U, 0xf582c3afU,
-    0xbe9f5d80U, 0x7c69d093U, 0xa96fd52dU, 0xb3cf2512U,
-    0x3bc8ac99U, 0xa710187dU, 0x6ee89c63U, 0x7bdb3bbbU,
-    0x09cd2678U, 0xf46e5918U, 0x01ec9ab7U, 0xa8834f9aU,
-    0x65e6956eU, 0x7eaaffe6U, 0x0821bccfU, 0xe6ef15e8U,
-    0xd9bae79bU, 0xce4a6f36U, 0xd4ea9f09U, 0xd629b07cU,
-    0xaf31a4b2U, 0x312a3f23U, 0x30c6a594U, 0xc035a266U,
-    0x37744ebcU, 0xa6fc82caU, 0xb0e090d0U, 0x1533a7d8U,
-    0x4af10498U, 0xf741ecdaU, 0x0e7fcd50U, 0x2f1791f6U,
-    0x8d764dd6U, 0x4d43efb0U, 0x54ccaa4dU, 0xdfe49604U,
-    0xe39ed1b5U, 0x1b4c6a88U, 0xb8c12c1fU, 0x7f466551U,
-    0x049d5eeaU, 0x5d018c35U, 0x73fa8774U, 0x2efb0b41U,
-    0x5ab3671dU, 0x5292dbd2U, 0x33e91056U, 0x136dd647U,
-    0x8c9ad761U, 0x7a37a10cU, 0x8e59f814U, 0x89eb133cU,
-    0xeecea927U, 0x35b761c9U, 0xede11ce5U, 0x3c7a47b1U,
-    0x599cd2dfU, 0x3f55f273U, 0x791814ceU, 0xbf73c737U,
-    0xea53f7cdU, 0x5b5ffdaaU, 0x14df3d6fU, 0x867844dbU,
-    0x81caaff3U, 0x3eb968c4U, 0x2c382434U, 0x5fc2a340U,
-    0x72161dc3U, 0x0cbce225U, 0x8b283c49U, 0x41ff0d95U,
-    0x7139a801U, 0xde080cb3U, 0x9cd8b4e4U, 0x906456c1U,
-    0x617bcb84U, 0x70d532b6U, 0x74486c5cU, 0x42d0b857U,
-},
-{
-    0xa75051f4U, 0x65537e41U, 0xa4c31a17U, 0x5e963a27U,
-    0x6bcb3babU, 0x45f11f9dU, 0x58abacfaU, 0x03934be3U,
-    0xfa552030U, 0x6df6ad76U, 0x769188ccU, 0x4c25f502U,
-    0xd7fc4fe5U, 0xcbd7c52aU, 0x44802635U, 0xa38fb562U,
-    0x5a49deb1U, 0x1b6725baU, 0x0e9845eaU, 0xc0e15dfeU,
-    0x7502c32fU, 0xf012814cU, 0x97a38d46U, 0xf9c66bd3U,
-    0x5fe7038fU, 0x9c951592U, 0x7aebbf6dU, 0x59da9552U,
-    0x832dd4beU, 0x21d35874U, 0x692949e0U, 0xc8448ec9U,
-    0x896a75c2U, 0x7978f48eU, 0x3e6b9958U, 0x71dd27b9U,
-    0x4fb6bee1U, 0xad17f088U, 0xac66c920U, 0x3ab47dceU,
-    0x4a1863dfU, 0x3182e51aU, 0x33609751U, 0x7f456253U,
-    0x77e0b164U, 0xae84bb6bU, 0xa01cfe81U, 0x2b94f908U,
-    0x68587048U, 0xfd198f45U, 0x6c8794deU, 0xf8b7527bU,
-    0xd323ab73U, 0x02e2724bU, 0x8f57e31fU, 0xab2a6655U,
-    0x2807b2ebU, 0xc2032fb5U, 0x7b9a86c5U, 0x08a5d337U,
-    0x87f23028U, 0xa5b223bfU, 0x6aba0203U, 0x825ced16U,
-    0x1c2b8acfU, 0xb492a779U, 0xf2f0f307U, 0xe2a14e69U,
-    0xf4cd65daU, 0xbed50605U, 0x621fd134U, 0xfe8ac4a6U,
-    0x539d342eU, 0x55a0a2f3U, 0xe132058aU, 0xeb75a4f6U,
-    0xec390b83U, 0xefaa4060U, 0x9f065e71U, 0x1051bd6eU,
-
-    0x8af93e21U, 0x063d96ddU, 0x05aedd3eU, 0xbd464de6U,
-    0x8db59154U, 0x5d0571c4U, 0xd46f0406U, 0x15ff6050U,
-    0xfb241998U, 0xe997d6bdU, 0x43cc8940U, 0x9e7767d9U,
-    0x42bdb0e8U, 0x8b880789U, 0x5b38e719U, 0xeedb79c8U,
-    0x0a47a17cU, 0x0fe97c42U, 0x1ec9f884U, 0x00000000U,
-    0x86830980U, 0xed48322bU, 0x70ac1e11U, 0x724e6c5aU,
-    0xfffbfd0eU, 0x38560f85U, 0xd51e3daeU, 0x3927362dU,
-    0xd9640a0fU, 0xa621685cU, 0x54d19b5bU, 0x2e3a2436U,
-    0x67b10c0aU, 0xe70f9357U, 0x96d2b4eeU, 0x919e1b9bU,
-    0xc54f80c0U, 0x20a261dcU, 0x4b695a77U, 0x1a161c12U,
-    0xba0ae293U, 0x2ae5c0a0U, 0xe0433c22U, 0x171d121bU,
-    0x0d0b0e09U, 0xc7adf28bU, 0xa8b92db6U, 0xa9c8141eU,
-    0x198557f1U, 0x074caf75U, 0xddbbee99U, 0x60fda37fU,
-    0x269ff701U, 0xf5bc5c72U, 0x3bc54466U, 0x7e345bfbU,
-    0x29768b43U, 0xc6dccb23U, 0xfc68b6edU, 0xf163b8e4U,
-    0xdccad731U, 0x85104263U, 0x22401397U, 0x112084c6U,
-    0x247d854aU, 0x3df8d2bbU, 0x3211aef9U, 0xa16dc729U,
-    0x2f4b1d9eU, 0x30f3dcb2U, 0x52ec0d86U, 0xe3d077c1U,
-    0x166c2bb3U, 0xb999a970U, 0x48fa1194U, 0x642247e9U,
-    0x8cc4a8fcU, 0x3f1aa0f0U, 0x2cd8567dU, 0x90ef2233U,
-    0x4ec78749U, 0xd1c1d938U, 0xa2fe8ccaU, 0x0b3698d4U,
-    0x81cfa6f5U, 0xde28a57aU, 0x8e26dab7U, 0xbfa43fadU,
-    0x9de42c3aU, 0x920d5078U, 0xcc9b6a5fU, 0x4662547eU,
-    0x13c2f68dU, 0xb8e890d8U, 0xf75e2e39U, 0xaff582c3U,
-    0x80be9f5dU, 0x937c69d0U, 0x2da96fd5U, 0x12b3cf25U,
-    0x993bc8acU, 0x7da71018U, 0x636ee89cU, 0xbb7bdb3bU,
-    0x7809cd26U, 0x18f46e59U, 0xb701ec9aU, 0x9aa8834fU,
-    0x6e65e695U, 0xe67eaaffU, 0xcf0821bcU, 0xe8e6ef15U,
-    0x9bd9bae7U, 0x36ce4a6fU, 0x09d4ea9fU, 0x7cd629b0U,
-    0xb2af31a4U, 0x23312a3fU, 0x9430c6a5U, 0x66c035a2U,
-    0xbc37744eU, 0xcaa6fc82U, 0xd0b0e090U, 0xd81533a7U,
-    0x984af104U, 0xdaf741ecU, 0x500e7fcdU, 0xf62f1791U,
-    0xd68d764dU, 0xb04d43efU, 0x4d54ccaaU, 0x04dfe496U,
-    0xb5e39ed1U, 0x881b4c6aU, 0x1fb8c12cU, 0x517f4665U,
-    0xea049d5eU, 0x355d018cU, 0x7473fa87U, 0x412efb0bU,
-    0x1d5ab367U, 0xd25292dbU, 0x5633e910U, 0x47136dd6U,
-    0x618c9ad7U, 0x0c7a37a1U, 0x148e59f8U, 0x3c89eb13U,
-    0x27eecea9U, 0xc935b761U, 0xe5ede11cU, 0xb13c7a47U,
-    0xdf599cd2U, 0x733f55f2U, 0xce791814U, 0x37bf73c7U,
-    0xcdea53f7U, 0xaa5b5ffdU, 0x6f14df3dU, 0xdb867844U,
-    0xf381caafU, 0xc43eb968U, 0x342c3824U, 0x405fc2a3U,
-    0xc372161dU, 0x250cbce2U, 0x498b283cU, 0x9541ff0dU,
-    0x017139a8U, 0xb3de080cU, 0xe49cd8b4U, 0xc1906456U,
-    0x84617bcbU, 0xb670d532U, 0x5c74486cU, 0x5742d0b8U,
-},
-{
-    0xf4a75051U, 0x4165537eU, 0x17a4c31aU, 0x275e963aU,
-    0xab6bcb3bU, 0x9d45f11fU, 0xfa58abacU, 0xe303934bU,
-    0x30fa5520U, 0x766df6adU, 0xcc769188U, 0x024c25f5U,
-    0xe5d7fc4fU, 0x2acbd7c5U, 0x35448026U, 0x62a38fb5U,
-    0xb15a49deU, 0xba1b6725U, 0xea0e9845U, 0xfec0e15dU,
-    0x2f7502c3U, 0x4cf01281U, 0x4697a38dU, 0xd3f9c66bU,
-    0x8f5fe703U, 0x929c9515U, 0x6d7aebbfU, 0x5259da95U,
-    0xbe832dd4U, 0x7421d358U, 0xe0692949U, 0xc9c8448eU,
-    0xc2896a75U, 0x8e7978f4U, 0x583e6b99U, 0xb971dd27U,
-    0xe14fb6beU, 0x88ad17f0U, 0x20ac66c9U, 0xce3ab47dU,
-    0xdf4a1863U, 0x1a3182e5U, 0x51336097U, 0x537f4562U,
-    0x6477e0b1U, 0x6bae84bbU, 0x81a01cfeU, 0x082b94f9U,
-    0x48685870U, 0x45fd198fU, 0xde6c8794U, 0x7bf8b752U,
-    0x73d323abU, 0x4b02e272U, 0x1f8f57e3U, 0x55ab2a66U,
-    0xeb2807b2U, 0xb5c2032fU, 0xc57b9a86U, 0x3708a5d3U,
-    0x2887f230U, 0xbfa5b223U, 0x036aba02U, 0x16825cedU,
-    0xcf1c2b8aU, 0x79b492a7U, 0x07f2f0f3U, 0x69e2a14eU,
-    0xdaf4cd65U, 0x05bed506U, 0x34621fd1U, 0xa6fe8ac4U,
-    0x2e539d34U, 0xf355a0a2U, 0x8ae13205U, 0xf6eb75a4U,
-    0x83ec390bU, 0x60efaa40U, 0x719f065eU, 0x6e1051bdU,
-    0x218af93eU, 0xdd063d96U, 0x3e05aeddU, 0xe6bd464dU,
-    0x548db591U, 0xc45d0571U, 0x06d46f04U, 0x5015ff60U,
-    0x98fb2419U, 0xbde997d6U, 0x4043cc89U, 0xd99e7767U,
-    0xe842bdb0U, 0x898b8807U, 0x195b38e7U, 0xc8eedb79U,
-    0x7c0a47a1U, 0x420fe97cU, 0x841ec9f8U, 0x00000000U,
-    0x80868309U, 0x2bed4832U, 0x1170ac1eU, 0x5a724e6cU,
-    0x0efffbfdU, 0x8538560fU, 0xaed51e3dU, 0x2d392736U,
-    0x0fd9640aU, 0x5ca62168U, 0x5b54d19bU, 0x362e3a24U,
-    0x0a67b10cU, 0x57e70f93U, 0xee96d2b4U, 0x9b919e1bU,
-    0xc0c54f80U, 0xdc20a261U, 0x774b695aU, 0x121a161cU,
-    0x93ba0ae2U, 0xa02ae5c0U, 0x22e0433cU, 0x1b171d12U,
-    0x090d0b0eU, 0x8bc7adf2U, 0xb6a8b92dU, 0x1ea9c814U,
-    0xf1198557U, 0x75074cafU, 0x99ddbbeeU, 0x7f60fda3U,
-    0x01269ff7U, 0x72f5bc5cU, 0x663bc544U, 0xfb7e345bU,
-    0x4329768bU, 0x23c6dccbU, 0xedfc68b6U, 0xe4f163b8U,
-    0x31dccad7U, 0x63851042U, 0x97224013U, 0xc6112084U,
-    0x4a247d85U, 0xbb3df8d2U, 0xf93211aeU, 0x29a16dc7U,
-    0x9e2f4b1dU, 0xb230f3dcU, 0x8652ec0dU, 0xc1e3d077U,
-    0xb3166c2bU, 0x70b999a9U, 0x9448fa11U, 0xe9642247U,
-    0xfc8cc4a8U, 0xf03f1aa0U, 0x7d2cd856U, 0x3390ef22U,
-    0x494ec787U, 0x38d1c1d9U, 0xcaa2fe8cU, 0xd40b3698U,
-    0xf581cfa6U, 0x7ade28a5U, 0xb78e26daU, 0xadbfa43fU,
-    0x3a9de42cU, 0x78920d50U, 0x5fcc9b6aU, 0x7e466254U,
-    0x8d13c2f6U, 0xd8b8e890U, 0x39f75e2eU, 0xc3aff582U,
-    0x5d80be9fU, 0xd0937c69U, 0xd52da96fU, 0x2512b3cfU,
-    0xac993bc8U, 0x187da710U, 0x9c636ee8U, 0x3bbb7bdbU,
-    0x267809cdU, 0x5918f46eU, 0x9ab701ecU, 0x4f9aa883U,
-    0x956e65e6U, 0xffe67eaaU, 0xbccf0821U, 0x15e8e6efU,
-    0xe79bd9baU, 0x6f36ce4aU, 0x9f09d4eaU, 0xb07cd629U,
-    0xa4b2af31U, 0x3f23312aU, 0xa59430c6U, 0xa266c035U,
-    0x4ebc3774U, 0x82caa6fcU, 0x90d0b0e0U, 0xa7d81533U,
-    0x04984af1U, 0xecdaf741U, 0xcd500e7fU, 0x91f62f17U,
-    0x4dd68d76U, 0xefb04d43U, 0xaa4d54ccU, 0x9604dfe4U,
-    0xd1b5e39eU, 0x6a881b4cU, 0x2c1fb8c1U, 0x65517f46U,
-    0x5eea049dU, 0x8c355d01U, 0x877473faU, 0x0b412efbU,
-    0x671d5ab3U, 0xdbd25292U, 0x105633e9U, 0xd647136dU,
-    0xd7618c9aU, 0xa10c7a37U, 0xf8148e59U, 0x133c89ebU,
-    0xa927eeceU, 0x61c935b7U, 0x1ce5ede1U, 0x47b13c7aU,
-    0xd2df599cU, 0xf2733f55U, 0x14ce7918U, 0xc737bf73U,
-    0xf7cdea53U, 0xfdaa5b5fU, 0x3d6f14dfU, 0x44db8678U,
-    0xaff381caU, 0x68c43eb9U, 0x24342c38U, 0xa3405fc2U,
-    0x1dc37216U, 0xe2250cbcU, 0x3c498b28U, 0x0d9541ffU,
-    0xa8017139U, 0x0cb3de08U, 0xb4e49cd8U, 0x56c19064U,
-    0xcb84617bU, 0x32b670d5U, 0x6c5c7448U, 0xb85742d0U,
-},
-{
-    0x52525252U, 0x09090909U, 0x6a6a6a6aU, 0xd5d5d5d5U,
-    0x30303030U, 0x36363636U, 0xa5a5a5a5U, 0x38383838U,
-    0xbfbfbfbfU, 0x40404040U, 0xa3a3a3a3U, 0x9e9e9e9eU,
-    0x81818181U, 0xf3f3f3f3U, 0xd7d7d7d7U, 0xfbfbfbfbU,
-    0x7c7c7c7cU, 0xe3e3e3e3U, 0x39393939U, 0x82828282U,
-    0x9b9b9b9bU, 0x2f2f2f2fU, 0xffffffffU, 0x87878787U,
-    0x34343434U, 0x8e8e8e8eU, 0x43434343U, 0x44444444U,
-    0xc4c4c4c4U, 0xdedededeU, 0xe9e9e9e9U, 0xcbcbcbcbU,
-    0x54545454U, 0x7b7b7b7bU, 0x94949494U, 0x32323232U,
-    0xa6a6a6a6U, 0xc2c2c2c2U, 0x23232323U, 0x3d3d3d3dU,
-    0xeeeeeeeeU, 0x4c4c4c4cU, 0x95959595U, 0x0b0b0b0bU,
-    0x42424242U, 0xfafafafaU, 0xc3c3c3c3U, 0x4e4e4e4eU,
-    0x08080808U, 0x2e2e2e2eU, 0xa1a1a1a1U, 0x66666666U,
-    0x28282828U, 0xd9d9d9d9U, 0x24242424U, 0xb2b2b2b2U,
-    0x76767676U, 0x5b5b5b5bU, 0xa2a2a2a2U, 0x49494949U,
-    0x6d6d6d6dU, 0x8b8b8b8bU, 0xd1d1d1d1U, 0x25252525U,
-    0x72727272U, 0xf8f8f8f8U, 0xf6f6f6f6U, 0x64646464U,
-    0x86868686U, 0x68686868U, 0x98989898U, 0x16161616U,
-    0xd4d4d4d4U, 0xa4a4a4a4U, 0x5c5c5c5cU, 0xccccccccU,
-    0x5d5d5d5dU, 0x65656565U, 0xb6b6b6b6U, 0x92929292U,
-    0x6c6c6c6cU, 0x70707070U, 0x48484848U, 0x50505050U,
-    0xfdfdfdfdU, 0xededededU, 0xb9b9b9b9U, 0xdadadadaU,
-    0x5e5e5e5eU, 0x15151515U, 0x46464646U, 0x57575757U,
-    0xa7a7a7a7U, 0x8d8d8d8dU, 0x9d9d9d9dU, 0x84848484U,
-    0x90909090U, 0xd8d8d8d8U, 0xababababU, 0x00000000U,
-    0x8c8c8c8cU, 0xbcbcbcbcU, 0xd3d3d3d3U, 0x0a0a0a0aU,
-    0xf7f7f7f7U, 0xe4e4e4e4U, 0x58585858U, 0x05050505U,
-    0xb8b8b8b8U, 0xb3b3b3b3U, 0x45454545U, 0x06060606U,
-    0xd0d0d0d0U, 0x2c2c2c2cU, 0x1e1e1e1eU, 0x8f8f8f8fU,
-    0xcacacacaU, 0x3f3f3f3fU, 0x0f0f0f0fU, 0x02020202U,
-    0xc1c1c1c1U, 0xafafafafU, 0xbdbdbdbdU, 0x03030303U,
-    0x01010101U, 0x13131313U, 0x8a8a8a8aU, 0x6b6b6b6bU,
-    0x3a3a3a3aU, 0x91919191U, 0x11111111U, 0x41414141U,
-    0x4f4f4f4fU, 0x67676767U, 0xdcdcdcdcU, 0xeaeaeaeaU,
-    0x97979797U, 0xf2f2f2f2U, 0xcfcfcfcfU, 0xcecececeU,
-    0xf0f0f0f0U, 0xb4b4b4b4U, 0xe6e6e6e6U, 0x73737373U,
-    0x96969696U, 0xacacacacU, 0x74747474U, 0x22222222U,
-    0xe7e7e7e7U, 0xadadadadU, 0x35353535U, 0x85858585U,
-    0xe2e2e2e2U, 0xf9f9f9f9U, 0x37373737U, 0xe8e8e8e8U,
-    0x1c1c1c1cU, 0x75757575U, 0xdfdfdfdfU, 0x6e6e6e6eU,
-    0x47474747U, 0xf1f1f1f1U, 0x1a1a1a1aU, 0x71717171U,
-    0x1d1d1d1dU, 0x29292929U, 0xc5c5c5c5U, 0x89898989U,
-    0x6f6f6f6fU, 0xb7b7b7b7U, 0x62626262U, 0x0e0e0e0eU,
-    0xaaaaaaaaU, 0x18181818U, 0xbebebebeU, 0x1b1b1b1bU,
-    0xfcfcfcfcU, 0x56565656U, 0x3e3e3e3eU, 0x4b4b4b4bU,
-    0xc6c6c6c6U, 0xd2d2d2d2U, 0x79797979U, 0x20202020U,
-    0x9a9a9a9aU, 0xdbdbdbdbU, 0xc0c0c0c0U, 0xfefefefeU,
-    0x78787878U, 0xcdcdcdcdU, 0x5a5a5a5aU, 0xf4f4f4f4U,
-    0x1f1f1f1fU, 0xddddddddU, 0xa8a8a8a8U, 0x33333333U,
-    0x88888888U, 0x07070707U, 0xc7c7c7c7U, 0x31313131U,
-    0xb1b1b1b1U, 0x12121212U, 0x10101010U, 0x59595959U,
-    0x27272727U, 0x80808080U, 0xececececU, 0x5f5f5f5fU,
-    0x60606060U, 0x51515151U, 0x7f7f7f7fU, 0xa9a9a9a9U,
-    0x19191919U, 0xb5b5b5b5U, 0x4a4a4a4aU, 0x0d0d0d0dU,
-    0x2d2d2d2dU, 0xe5e5e5e5U, 0x7a7a7a7aU, 0x9f9f9f9fU,
-    0x93939393U, 0xc9c9c9c9U, 0x9c9c9c9cU, 0xefefefefU,
-    0xa0a0a0a0U, 0xe0e0e0e0U, 0x3b3b3b3bU, 0x4d4d4d4dU,
-    0xaeaeaeaeU, 0x2a2a2a2aU, 0xf5f5f5f5U, 0xb0b0b0b0U,
-    0xc8c8c8c8U, 0xebebebebU, 0xbbbbbbbbU, 0x3c3c3c3cU,
-    0x83838383U, 0x53535353U, 0x99999999U, 0x61616161U,
-    0x17171717U, 0x2b2b2b2bU, 0x04040404U, 0x7e7e7e7eU,
-    0xbabababaU, 0x77777777U, 0xd6d6d6d6U, 0x26262626U,
-    0xe1e1e1e1U, 0x69696969U, 0x14141414U, 0x63636363U,
-    0x55555555U, 0x21212121U, 0x0c0c0c0cU, 0x7d7d7d7dU,
-}
-};
-
-const byte AES::CTd4[256] =
-{
-    0x52U, 0x09U, 0x6aU, 0xd5U, 0x30U, 0x36U, 0xa5U, 0x38U,
-    0xbfU, 0x40U, 0xa3U, 0x9eU, 0x81U, 0xf3U, 0xd7U, 0xfbU,
-    0x7cU, 0xe3U, 0x39U, 0x82U, 0x9bU, 0x2fU, 0xffU, 0x87U,
-    0x34U, 0x8eU, 0x43U, 0x44U, 0xc4U, 0xdeU, 0xe9U, 0xcbU,
-    0x54U, 0x7bU, 0x94U, 0x32U, 0xa6U, 0xc2U, 0x23U, 0x3dU,
-    0xeeU, 0x4cU, 0x95U, 0x0bU, 0x42U, 0xfaU, 0xc3U, 0x4eU,
-    0x08U, 0x2eU, 0xa1U, 0x66U, 0x28U, 0xd9U, 0x24U, 0xb2U,
-    0x76U, 0x5bU, 0xa2U, 0x49U, 0x6dU, 0x8bU, 0xd1U, 0x25U,
-    0x72U, 0xf8U, 0xf6U, 0x64U, 0x86U, 0x68U, 0x98U, 0x16U,
-    0xd4U, 0xa4U, 0x5cU, 0xccU, 0x5dU, 0x65U, 0xb6U, 0x92U,
-    0x6cU, 0x70U, 0x48U, 0x50U, 0xfdU, 0xedU, 0xb9U, 0xdaU,
-    0x5eU, 0x15U, 0x46U, 0x57U, 0xa7U, 0x8dU, 0x9dU, 0x84U,
-    0x90U, 0xd8U, 0xabU, 0x00U, 0x8cU, 0xbcU, 0xd3U, 0x0aU,
-    0xf7U, 0xe4U, 0x58U, 0x05U, 0xb8U, 0xb3U, 0x45U, 0x06U,
-    0xd0U, 0x2cU, 0x1eU, 0x8fU, 0xcaU, 0x3fU, 0x0fU, 0x02U,
-    0xc1U, 0xafU, 0xbdU, 0x03U, 0x01U, 0x13U, 0x8aU, 0x6bU,
-    0x3aU, 0x91U, 0x11U, 0x41U, 0x4fU, 0x67U, 0xdcU, 0xeaU,
-    0x97U, 0xf2U, 0xcfU, 0xceU, 0xf0U, 0xb4U, 0xe6U, 0x73U,
-    0x96U, 0xacU, 0x74U, 0x22U, 0xe7U, 0xadU, 0x35U, 0x85U,
-    0xe2U, 0xf9U, 0x37U, 0xe8U, 0x1cU, 0x75U, 0xdfU, 0x6eU,
-    0x47U, 0xf1U, 0x1aU, 0x71U, 0x1dU, 0x29U, 0xc5U, 0x89U,
-    0x6fU, 0xb7U, 0x62U, 0x0eU, 0xaaU, 0x18U, 0xbeU, 0x1bU,
-    0xfcU, 0x56U, 0x3eU, 0x4bU, 0xc6U, 0xd2U, 0x79U, 0x20U,
-    0x9aU, 0xdbU, 0xc0U, 0xfeU, 0x78U, 0xcdU, 0x5aU, 0xf4U,
-    0x1fU, 0xddU, 0xa8U, 0x33U, 0x88U, 0x07U, 0xc7U, 0x31U,
-    0xb1U, 0x12U, 0x10U, 0x59U, 0x27U, 0x80U, 0xecU, 0x5fU,
-    0x60U, 0x51U, 0x7fU, 0xa9U, 0x19U, 0xb5U, 0x4aU, 0x0dU,
-    0x2dU, 0xe5U, 0x7aU, 0x9fU, 0x93U, 0xc9U, 0x9cU, 0xefU,
-    0xa0U, 0xe0U, 0x3bU, 0x4dU, 0xaeU, 0x2aU, 0xf5U, 0xb0U,
-    0xc8U, 0xebU, 0xbbU, 0x3cU, 0x83U, 0x53U, 0x99U, 0x61U,
-    0x17U, 0x2bU, 0x04U, 0x7eU, 0xbaU, 0x77U, 0xd6U, 0x26U,
-    0xe1U, 0x69U, 0x14U, 0x63U, 0x55U, 0x21U, 0x0cU, 0x7dU,
-};
-
-
-const word32* AES::Te0 = AES::Te[0];
-const word32* AES::Te1 = AES::Te[1];
-const word32* AES::Te2 = AES::Te[2];
-const word32* AES::Te3 = AES::Te[3];
-
-const word32* AES::Td0 = AES::Td[0];
-const word32* AES::Td1 = AES::Td[1];
-const word32* AES::Td2 = AES::Td[2];
-const word32* AES::Td3 = AES::Td[3];
-
-
-
-} // namespace
-
diff --git a/extra/yassl/taocrypt/src/aestables.cpp b/extra/yassl/taocrypt/src/aestables.cpp
deleted file mode 100644
index 7c6a53bdcd5..00000000000
--- a/extra/yassl/taocrypt/src/aestables.cpp
+++ /dev/null
@@ -1,36 +0,0 @@
-/*
-   Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* based on Wei Dai's aestables.cpp from CryptoPP */
-
-#include "runtime.hpp"
-#include "aes.hpp"
-
-
-namespace TaoCrypt {
-
-
-const word32 AES::rcon_[] = {
-    0x01000000, 0x02000000, 0x04000000, 0x08000000,
-    0x10000000, 0x20000000, 0x40000000, 0x80000000,
-    0x1B000000, 0x36000000, 
-    /* for 128-bit blocks, Rijndael never uses more than 10 rcon values */
-};
-
-
-} // namespace
diff --git a/extra/yassl/taocrypt/src/algebra.cpp b/extra/yassl/taocrypt/src/algebra.cpp
deleted file mode 100644
index f12947a71c4..00000000000
--- a/extra/yassl/taocrypt/src/algebra.cpp
+++ /dev/null
@@ -1,327 +0,0 @@
-/*
-   Copyright (c) 2005, 2012, Oracle and/or its affiliates
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* based on Wei Dai's algebra.cpp from CryptoPP */
-#undef  NDEBUG
-
-#include "runtime.hpp"
-#include "algebra.hpp"
-#ifdef USE_SYS_STL
-    #include 
-#else
-    #include "vector.hpp"
-#endif
-
-
-namespace STL = STL_NAMESPACE;
-
-
-namespace TaoCrypt {
-
-
-const Integer& AbstractGroup::Double(const Element &a) const
-{
-    return Add(a, a);
-}
-
-const Integer& AbstractGroup::Subtract(const Element &a, const Element &b) const
-{
-    // make copy of a in case Inverse() overwrites it
-    Element a1(a);
-    return Add(a1, Inverse(b));
-}
-
-Integer& AbstractGroup::Accumulate(Element &a, const Element &b) const
-{
-    return a = Add(a, b);
-}
-
-Integer& AbstractGroup::Reduce(Element &a, const Element &b) const
-{
-    return a = Subtract(a, b);
-}
-
-const Integer& AbstractRing::Square(const Element &a) const
-{
-    return Multiply(a, a);
-}
-
-
-const Integer& AbstractRing::Divide(const Element &a, const Element &b) const
-{
-    // make copy of a in case MultiplicativeInverse() overwrites it
-    Element a1(a);
-    return Multiply(a1, MultiplicativeInverse(b));
-}
-
-
-const Integer& AbstractEuclideanDomain::Mod(const Element &a,
-                                            const Element &b) const
-{
-    Element q;
-    DivisionAlgorithm(result, q, a, b);
-    return result;
-}
-
-const Integer& AbstractEuclideanDomain::Gcd(const Element &a,
-                                            const Element &b) const
-{
-    STL::vector g(3);
-    g[0]= b;
-    g[1]= a;
-    unsigned int i0=0, i1=1, i2=2;
-
-    while (!Equal(g[i1], this->Identity()))
-    {
-        g[i2] = Mod(g[i0], g[i1]);
-        unsigned int t = i0; i0 = i1; i1 = i2; i2 = t;
-    }
-
-    return result = g[i0];
-}
-
-
-Integer AbstractGroup::ScalarMultiply(const Element &base,
-                                      const Integer &exponent) const
-{
-    Element result;
-    SimultaneousMultiply(&result, base, &exponent, 1);
-    return result;
-}
-
-
-Integer AbstractGroup::CascadeScalarMultiply(const Element &x,
-                  const Integer &e1, const Element &y, const Integer &e2) const
-{
-    const unsigned expLen = max(e1.BitCount(), e2.BitCount());
-    if (expLen==0)
-        return Identity();
-
-    const unsigned w = (expLen <= 46 ? 1 : (expLen <= 260 ? 2 : 3));
-    const unsigned tableSize = 1< powerTable(tableSize << w);
-
-    powerTable[1] = x;
-    powerTable[tableSize] = y;
-    if (w==1)
-        powerTable[3] = Add(x,y);
-    else
-    {
-        powerTable[2] = Double(x);
-        powerTable[2*tableSize] = Double(y);
-
-        unsigned i, j;
-
-        for (i=3; i=0; i--)
-    {
-        power1 = 2*power1 + e1.GetBit(i);
-        power2 = 2*power2 + e2.GetBit(i);
-
-        if (i==0 || 2*power1 >= tableSize || 2*power2 >= tableSize)
-        {
-            unsigned squaresBefore = prevPosition-i;
-            unsigned squaresAfter = 0;
-            prevPosition = i;
-            while ((power1 || power2) && power1%2 == 0 && power2%2==0)
-            {
-                power1 /= 2;
-                power2 /= 2;
-                squaresBefore--;
-                squaresAfter++;
-            }
-            if (firstTime)
-            {
-                result = powerTable[(power2<= expLen)
-            {
-                finished = true;
-                return;
-            }
-            skipCount++;
-        }
-
-        exp >>= skipCount;
-        windowBegin += skipCount;
-        expWindow = (unsigned int)(exp % (1LL << windowSize));
-
-        if (fastNegate && exp.GetBit(windowSize))
-        {
-            negateNext = true;
-            expWindow = (1 << windowSize) - expWindow;
-            exp += windowModulus;
-        }
-        else
-            negateNext = false;
-    }
-
-    Integer exp, windowModulus;
-    unsigned int windowSize, windowBegin, expWindow;
-    bool fastNegate, negateNext, firstTime, finished;
-};
-
-
-void AbstractGroup::SimultaneousMultiply(Integer *results, const Integer &base,
-                          const Integer *expBegin, unsigned int expCount) const
-{
-    STL::vector > buckets(expCount);
-    STL::vector exponents;
-    exponents.reserve(expCount);
-    unsigned int i;
-
-    for (i=0; i 1)
-        {
-            for (size_t j = buckets[i].size()-2; j >= 1; j--)
-            {
-                Accumulate(buckets[i][j], buckets[i][j+1]);
-                Accumulate(r, buckets[i][j]);
-            }
-            Accumulate(buckets[i][0], buckets[i][1]);
-            r = Add(Double(r), buckets[i][0]);
-        }
-    }
-}
-
-Integer AbstractRing::Exponentiate(const Element &base,
-                                   const Integer &exponent) const
-{
-    Element result;
-    SimultaneousExponentiate(&result, base, &exponent, 1);
-    return result;
-}
-
-
-Integer AbstractRing::CascadeExponentiate(const Element &x,
-                  const Integer &e1, const Element &y, const Integer &e2) const
-{
-    return MultiplicativeGroup().AbstractGroup::CascadeScalarMultiply(
-                x, e1, y, e2);
-}
-
-
-void AbstractRing::SimultaneousExponentiate(Integer *results,
-                                            const Integer &base,
-                         const Integer *exponents, unsigned int expCount) const
-{
-    MultiplicativeGroup().AbstractGroup::SimultaneousMultiply(results, base,
-                                                          exponents, expCount);
-}
-
-
-} // namespace
-
diff --git a/extra/yassl/taocrypt/src/arc4.cpp b/extra/yassl/taocrypt/src/arc4.cpp
deleted file mode 100644
index 6d11f5c113a..00000000000
--- a/extra/yassl/taocrypt/src/arc4.cpp
+++ /dev/null
@@ -1,243 +0,0 @@
-/*
-   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* based on Wei Dai's arc4.cpp from CryptoPP */
-
-#include "runtime.hpp"
-#include "arc4.hpp"
-
-
-#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM)
-    #define DO_ARC4_ASM
-#endif
-
-
-namespace TaoCrypt {
-
-void ARC4::SetKey(const byte* key, word32 length)
-{
-    x_ = 1;
-    y_ = 0;
-
-    word32 i;
-
-    for (i = 0; i < STATE_SIZE; i++)
-        state_[i] = i;
-
-    word32 keyIndex = 0, stateIndex = 0;
-
-    for (i = 0; i < STATE_SIZE; i++) {
-        word32 a = state_[i];
-        stateIndex += key[keyIndex] + a;
-        stateIndex &= 0xFF;
-        state_[i] = state_[stateIndex];
-        state_[stateIndex] = a;
-
-        if (++keyIndex >= length)
-            keyIndex = 0;
-    }
-}
-
-
-// local
-namespace {
-
-inline unsigned int MakeByte(word32& x, word32& y, byte* s)
-{
-    word32 a = s[x];
-    y = (y+a) & 0xff;
-
-    word32 b = s[y];
-    s[x] = b;
-    s[y] = a;
-    x = (x+1) & 0xff;
-
-    return s[(a+b) & 0xff];
-}
-
-} // namespace
-
-
-
-void ARC4::Process(byte* out, const byte* in, word32 length)
-{
-    if (length == 0) return;
-
-#ifdef DO_ARC4_ASM
-    if (isMMX) {
-        AsmProcess(out, in, length);
-        return;
-    } 
-#endif
-
-    byte *const s = state_;
-    word32 x = x_;
-    word32 y = y_;
-
-    if (in == out)
-        while (length--)
-            *out++ ^= MakeByte(x, y, s);
-    else
-        while(length--)
-            *out++ = *in++ ^ MakeByte(x, y, s);
-    x_ = x;
-    y_ = y;
-}
-
-
-
-#ifdef DO_ARC4_ASM
-
-#ifdef _MSC_VER
-    __declspec(naked)
-#else
-    __attribute__ ((noinline))
-#endif
-void ARC4::AsmProcess(byte* out, const byte* in, word32 length)
-{
-#ifdef __GNUC__
-    #define AS1(x)    #x ";"
-    #define AS2(x, y) #x ", " #y ";"
-
-    #define PROLOG()  \
-    __asm__ __volatile__ \
-    ( \
-        ".intel_syntax noprefix;" \
-        "push ebx;" \
-        "push ebp;" \
-        "mov ebp, eax;"
-    #define EPILOG()  \
-        "pop ebp;" \
-        "pop ebx;" \
-       	"emms;" \
-       	".att_syntax;" \
-            : \
-            : "c" (this), "D" (out), "S" (in), "a" (length) \
-            : "%edx", "memory", "cc" \
-    );
-
-#else
-    #define AS1(x)    __asm x
-    #define AS2(x, y) __asm x, y
-
-    #define PROLOG() \
-        AS1(    push  ebp                       )   \
-        AS2(    mov   ebp, esp                  )   \
-        AS2(    movd  mm3, edi                  )   \
-        AS2(    movd  mm4, ebx                  )   \
-        AS2(    movd  mm5, esi                  )   \
-        AS2(    movd  mm6, ebp                  )   \
-        AS2(    mov   edi, DWORD PTR [ebp +  8] )   \
-        AS2(    mov   esi, DWORD PTR [ebp + 12] )   \
-        AS2(    mov   ebp, DWORD PTR [ebp + 16] )
-
-    #define EPILOG() \
-        AS2(    movd  ebp, mm6                  )   \
-        AS2(    movd  esi, mm5                  )   \
-        AS2(    movd  ebx, mm4                  )   \
-        AS2(    movd  edi, mm3                  )   \
-        AS2(    mov   esp, ebp                  )   \
-        AS1(    pop   ebp                       )   \
-        AS1(    emms                            )   \
-        AS1(    ret 12                          )
-        
-#endif
-
-    PROLOG()
-
-    AS2(    sub    esp, 4                   )   // make room 
-
-    AS2(    cmp    ebp, 0                   )
-    AS1(    jz     nothing                  )
-
-    AS2(    mov    [esp], ebp               )   // length
-
-    AS2(    movzx  edx, BYTE PTR [ecx + 1]  )   // y
-    AS2(    lea    ebp, [ecx + 2]           )   // state_
-    AS2(    movzx  ecx, BYTE PTR [ecx]      )   // x
-
-    // setup loop
-    // a = s[x];
-    AS2(    movzx  eax, BYTE PTR [ebp + ecx]    )
-
-
-#ifdef _MSC_VER
-    AS1( loopStart: )  // loopStart
-#else
-    AS1( 0: )          // loopStart for some gas (need numeric for jump back 
-#endif
-
-    // y = (y+a) & 0xff;
-    AS2(    add    edx, eax                     )
-    AS2(    and    edx, 255                     )
-
-    // b = s[y];
-    AS2(    movzx  ebx, BYTE PTR [ebp + edx]    )
-
-    // s[x] = b;
-    AS2(    mov    [ebp + ecx], bl              )
-
-    // s[y] = a;
-    AS2(    mov    [ebp + edx], al              )
-
-    // x = (x+1) & 0xff;
-    AS1(    inc    ecx                          )
-    AS2(    and    ecx, 255                     )
-
-    //return s[(a+b) & 0xff];
-    AS2(    add    eax, ebx                     )
-    AS2(    and    eax, 255                     )
-    
-    AS2(    movzx  ebx, BYTE PTR [ebp + eax]    )
-
-    // a = s[x];   for next round
-    AS2(    movzx  eax, BYTE PTR [ebp + ecx]    )
-
-    // xOr w/ inByte
-    AS2(    xor    bl,  BYTE PTR [esi]          )
-    AS1(    inc    esi                          )
-
-    // write to outByte
-    AS2(    mov    [edi], bl                    )
-    AS1(    inc    edi                          )
-
-    AS1(    dec    DWORD PTR [esp]              )
-#ifdef _MSC_VER
-    AS1(    jnz   loopStart )  // loopStart
-#else
-    AS1(    jnz   0b )         // loopStart
-#endif
-
-
-    // write back to x_ and y_
-    AS2(    mov    [ebp - 2], cl            )
-    AS2(    mov    [ebp - 1], dl            )
-
-
-AS1( nothing:                           )
-
-    // inline adjust 
-    AS2(    add   esp, 4               )   // fix room on stack
-
-    EPILOG()
-}
-
-#endif // DO_ARC4_ASM
-
-
-}  // namespace
diff --git a/extra/yassl/taocrypt/src/asn.cpp b/extra/yassl/taocrypt/src/asn.cpp
deleted file mode 100644
index 0a677c4b0f8..00000000000
--- a/extra/yassl/taocrypt/src/asn.cpp
+++ /dev/null
@@ -1,1344 +0,0 @@
-/*
-   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* asn.cpp implements ASN1 BER, PublicKey, and x509v3 decoding 
-*/
-
-#include "runtime.hpp"
-#include "asn.hpp"
-#include "file.hpp"
-#include "integer.hpp"
-#include "rsa.hpp"
-#include "dsa.hpp"
-#include "dh.hpp"
-#include "md5.hpp"
-#include "md2.hpp"
-#include "sha.hpp"
-#include "coding.hpp"
-#include      // gmtime();
-#include "memory.hpp" // some auto_ptr don't have reset, also need auto_array
-#include 
-
-namespace TaoCrypt {
-
-// like atoi but only use first byte
-word32 btoi(byte b)
-{
-    return b - 0x30;
-}
-
-
-// two byte date/time, add to value
-void GetTime(int *value, const byte* date, int& i)
-{
-    *value += btoi(date[i++]) * 10;
-    *value += btoi(date[i++]);
-}
-
-
-void ASN1_TIME_extract(const unsigned char* date, unsigned char format,
-                       tm *t)
-{
-  int i = 0;
-  memset(t, 0, sizeof (tm));
-
-  assert(format == UTC_TIME || format == GENERALIZED_TIME);
-
-  if (format == UTC_TIME) {
-    if (btoi(date[0]) >= 5)
-      t->tm_year = 1900;
-    else
-      t->tm_year = 2000;
-  }
-  else  { // format == GENERALIZED_TIME
-    t->tm_year += btoi(date[i++]) * 1000;
-    t->tm_year += btoi(date[i++]) * 100;
-  }
-
-  GetTime(&t->tm_year, date, i);     t->tm_year -= 1900; // adjust
-  GetTime(&t->tm_mon,  date, i);     t->tm_mon  -= 1;    // adjust
-  GetTime(&t->tm_mday, date, i);
-  GetTime(&t->tm_hour, date, i);
-  GetTime(&t->tm_min,  date, i);
-  GetTime(&t->tm_sec,  date, i);
-
-  assert(date[i] == 'Z');     // only Zulu supported for this profile
-}
-
-
-namespace { // locals
-
-
-// to the second
-bool operator>(tm& a, tm& b)
-{
-    if (a.tm_year > b.tm_year)
-        return true;
-
-    if (a.tm_year == b.tm_year && a.tm_mon > b.tm_mon)
-        return true;
-    
-    if (a.tm_year == b.tm_year && a.tm_mon == b.tm_mon && a.tm_mday >b.tm_mday)
-        return true;
-
-    if (a.tm_year == b.tm_year && a.tm_mon == b.tm_mon &&
-        a.tm_mday == b.tm_mday && a.tm_hour > b.tm_hour)
-        return true;
-
-    if (a.tm_year == b.tm_year && a.tm_mon == b.tm_mon &&
-        a.tm_mday == b.tm_mday && a.tm_hour == b.tm_hour &&
-        a.tm_min > b.tm_min)
-        return true;
-
-    if (a.tm_year == b.tm_year && a.tm_mon == b.tm_mon &&
-        a.tm_mday == b.tm_mday && a.tm_hour == b.tm_hour &&
-        a.tm_min  == b.tm_min  && a.tm_sec > b.tm_sec)
-        return true;
-
-    return false;
-}
-
-
-bool operator<(tm& a, tm&b)
-{
-    return (b>a);
-}
-
-
-// Make sure before and after dates are valid
-bool ValidateDate(const byte* date, byte format, CertDecoder::DateType dt)
-{
-    tm certTime;
-    time_t ltime = time(0);
-    tm* localTime = gmtime(<ime);
-
-    ASN1_TIME_extract(date, format, &certTime);
-
-    if (dt == CertDecoder::BEFORE) {
-        if (*localTime < certTime)
-            return false;
-    }
-    else
-        if (*localTime > certTime)
-            return false;
-
-    return true;
-}
-
-
-class BadCertificate {};
-
-} // local namespace
-
-
-
-// used by Integer as well
-word32 GetLength(Source& source)
-{
-    word32 length = 0;
-
-    byte b = source.next();
-    if (b >= LONG_LENGTH) {        
-        word32 bytes = b & 0x7F;
-
-        if (source.IsLeft(bytes) == false) return 0;
-
-        while (bytes--) {
-            b = source.next();
-            length = (length << 8) | b;
-        }
-    }
-    else
-        length = b;
-
-    if (source.IsLeft(length) == false) return 0;
-
-    return length;
-}
-
-
-word32 SetLength(word32 length, byte* output)
-{
-    word32 i = 0;
-
-    if (length < LONG_LENGTH)
-        output[i++] = length;
-    else {
-        output[i++] = BytePrecision(length) | 0x80;
-      
-        for (int j = BytePrecision(length); j; --j) {
-            output[i] = length >> (j - 1) * 8;
-            i++;
-        }
-    }
-    return i;
-}
-
-
-PublicKey::PublicKey(const byte* k, word32 s) : key_(0), sz_(0)
-{
-    if (s) {
-        SetSize(s);
-        SetKey(k);
-    }
-}
-
-
-void PublicKey::SetSize(word32 s)
-{
-    sz_ = s;
-    key_ = NEW_TC byte[sz_];
-}
-
-
-void PublicKey::SetKey(const byte* k)
-{
-    memcpy(key_, k, sz_);
-}
-
-
-void PublicKey::AddToEnd(const byte* data, word32 len)
-{
-    mySTL::auto_array tmp(NEW_TC byte[sz_ + len]);
-
-    memcpy(tmp.get(), key_, sz_);
-    memcpy(tmp.get() + sz_, data, len);
-
-    byte* del = 0;
-    STL::swap(del, key_);
-    tcArrayDelete(del);
-
-    key_ = tmp.release();
-    sz_ += len;
-}
-
-
-Signer::Signer(const byte* k, word32 kSz, const char* n, const byte* h)
-    : key_(k, kSz)
-{
-    size_t sz = strlen(n);
-    memcpy(name_, n, sz);
-    name_[sz] = 0;
-
-    memcpy(hash_, h, SHA::DIGEST_SIZE);
-}
-
-Signer::~Signer()
-{
-}
-
-
-Error BER_Decoder::GetError()
-{ 
-    return source_.GetError(); 
-}
-
-
-Integer& BER_Decoder::GetInteger(Integer& integer)
-{
-    if (!source_.GetError().What())
-        integer.Decode(source_);
-    return integer;
-}
-
-  
-// Read a Sequence, return length
-word32 BER_Decoder::GetSequence()
-{
-    if (source_.GetError().What()) return 0;
-
-    byte b = source_.next();
-    if (b != (SEQUENCE | CONSTRUCTED)) {
-        source_.SetError(SEQUENCE_E);
-        return 0;
-    }
-
-    return GetLength(source_);
-}
-
-
-// Read a Sequence, return length
-word32 BER_Decoder::GetSet()
-{
-    if (source_.GetError().What()) return 0;
-
-    byte b = source_.next();
-    if (b != (SET | CONSTRUCTED)) {
-        source_.SetError(SET_E);
-        return 0;
-    }
-
-    return GetLength(source_);
-}
-
-
-// Read Version, return it
-word32 BER_Decoder::GetVersion()
-{
-    if (source_.GetError().What()) return 0;
-
-    byte b = source_.next();
-    if (b != INTEGER) {
-        source_.SetError(INTEGER_E);
-        return 0;
-    }
-
-    b = source_.next();
-    if (b != 0x01) {
-        source_.SetError(VERSION_E);
-        return 0;
-    }
-
-    return source_.next();
-}
-
-
-// Read ExplicitVersion, return it or 0 if not there (not an error)
-word32 BER_Decoder::GetExplicitVersion()
-{
-    if (source_.GetError().What()) return 0;
-
-    byte b = source_.next();
-
-    if (b == (CONTEXT_SPECIFIC | CONSTRUCTED)) { // not an error if not here
-        source_.next();
-        return GetVersion();
-    }
-    else 
-        source_.prev(); // put back
-  
-    return 0;
-}
-
-
-// Decode a BER encoded RSA Private Key
-void RSA_Private_Decoder::Decode(RSA_PrivateKey& key)
-{
-    ReadHeader();
-    if (source_.GetError().What()) return;
-    // public
-    key.SetModulus(GetInteger(Integer().Ref()));
-    key.SetPublicExponent(GetInteger(Integer().Ref()));
-
-    // private
-    key.SetPrivateExponent(GetInteger(Integer().Ref()));
-    key.SetPrime1(GetInteger(Integer().Ref()));
-    key.SetPrime2(GetInteger(Integer().Ref()));
-    key.SetModPrime1PrivateExponent(GetInteger(Integer().Ref()));
-    key.SetModPrime2PrivateExponent(GetInteger(Integer().Ref()));
-    key.SetMultiplicativeInverseOfPrime2ModPrime1(GetInteger(Integer().Ref()));
-}
-
-
-void RSA_Private_Decoder::ReadHeader()
-{
-    GetSequence();
-    GetVersion();
-}
-
-
-// Decode a BER encoded DSA Private Key
-void DSA_Private_Decoder::Decode(DSA_PrivateKey& key)
-{
-    ReadHeader();
-    if (source_.GetError().What()) return;
-    // group parameters
-    key.SetModulus(GetInteger(Integer().Ref()));
-    key.SetSubGroupOrder(GetInteger(Integer().Ref()));
-    key.SetSubGroupGenerator(GetInteger(Integer().Ref()));
-
-    // key
-    key.SetPublicPart(GetInteger(Integer().Ref()));
-    key.SetPrivatePart(GetInteger(Integer().Ref()));   
-}
-
-
-void DSA_Private_Decoder::ReadHeader()
-{
-    GetSequence();
-    GetVersion();
-}
-
-
-// Decode a BER encoded RSA Public Key
-void RSA_Public_Decoder::Decode(RSA_PublicKey& key)
-{
-    ReadHeader();
-    if (source_.GetError().What()) return;
-
-    ReadHeaderOpenSSL();   // may or may not be
-    if (source_.GetError().What()) return;
-
-    // public key
-    key.SetModulus(GetInteger(Integer().Ref()));
-    key.SetPublicExponent(GetInteger(Integer().Ref()));
-}
-
-
-// Read OpenSSL format public header
-void RSA_Public_Decoder::ReadHeaderOpenSSL()
-{
-    byte b = source_.next();  // peek
-    source_.prev();
-
-    if (b != INTEGER) { // have OpenSSL public format
-        GetSequence();
-        b = source_.next();
-        if (b != OBJECT_IDENTIFIER) {
-            source_.SetError(OBJECT_ID_E);
-            return;
-        }
-
-        word32 len = GetLength(source_);
-        source_.advance(len);
-
-        b = source_.next();
-        if (b == TAG_NULL) {   // could have NULL tag and 0 terminator, may not 
-            b = source_.next();
-            if (b != 0) {
-                source_.SetError(EXPECT_0_E);
-                return; 
-            }
-        }
-        else
-            source_.prev();   // put back
-
-        b = source_.next();
-        if (b != BIT_STRING) {   
-            source_.SetError(BIT_STR_E);
-            return; 
-        }
-
-        len = GetLength(source_); 
-        b = source_.next();
-        if (b != 0)           // could have 0
-            source_.prev();   // put back
-        
-        GetSequence();
-    }
-}
-
-
-void RSA_Public_Decoder::ReadHeader()
-{
-    GetSequence();
-}
-
-
-// Decode a BER encoded DSA Public Key
-void DSA_Public_Decoder::Decode(DSA_PublicKey& key)
-{
-    ReadHeader();
-    if (source_.GetError().What()) return;
-
-    // group parameters
-    key.SetModulus(GetInteger(Integer().Ref()));
-    key.SetSubGroupOrder(GetInteger(Integer().Ref()));
-    key.SetSubGroupGenerator(GetInteger(Integer().Ref()));
-
-    // key
-    key.SetPublicPart(GetInteger(Integer().Ref()));
-}
-
-
-void DSA_Public_Decoder::ReadHeader()
-{
-    GetSequence();
-}
-
-
-void DH_Decoder::ReadHeader()
-{
-    GetSequence();
-}
-
-
-// Decode a BER encoded Diffie-Hellman Key
-void DH_Decoder::Decode(DH& key)
-{
-    ReadHeader();
-    if (source_.GetError().What()) return;
-
-    // group parms
-    key.SetP(GetInteger(Integer().Ref()));
-    key.SetG(GetInteger(Integer().Ref()));
-}
-
-
-CertDecoder::CertDecoder(Source& s, bool decode, SignerList* signers,
-                         bool noVerify, CertType ct)
-    : BER_Decoder(s), certBegin_(0), sigIndex_(0), sigLength_(0), subCnPos_(-1),
-      subCnLen_(0), issCnPos_(-1), issCnLen_(0), signature_(0),
-      verify_(!noVerify)
-{
-    issuer_[0] = 0;
-    subject_[0] = 0;
-
-    if (decode)
-        Decode(signers, ct);
-
-}
-
-
-CertDecoder::~CertDecoder()
-{
-    tcArrayDelete(signature_);
-}
-
-
-// process certificate header, set signature offset
-void CertDecoder::ReadHeader()
-{
-    if (source_.GetError().What()) return;
-
-    GetSequence();  // total
-    certBegin_ = source_.get_index();
-
-    sigIndex_ = GetSequence();  // this cert
-    sigIndex_ += source_.get_index();
-
-    GetExplicitVersion(); // version
-    GetInteger(Integer().Ref());  // serial number
-}
-
-
-// Decode a x509v3 Certificate
-void CertDecoder::Decode(SignerList* signers, CertType ct)
-{
-    if (source_.GetError().What()) return;
-    DecodeToKey();
-    if (source_.GetError().What()) return;
-
-    if (source_.get_index() != sigIndex_)
-        source_.set_index(sigIndex_);
-
-    word32 confirmOID = GetAlgoId();
-    GetSignature();
-    if (source_.GetError().What()) return;
-
-    if ( confirmOID != signatureOID_ ) {
-        source_.SetError(SIG_OID_E);
-        return;
-    }
-    
-    if (ct != CA && verify_ && !ValidateSignature(signers))
-        source_.SetError(SIG_OTHER_E);
-}
-
-
-void CertDecoder::DecodeToKey()
-{
-    ReadHeader();
-    signatureOID_ = GetAlgoId();
-    GetName(ISSUER);   
-    GetValidity();
-    GetName(SUBJECT);   
-    GetKey();
-}
-
-
-// Read public key
-void CertDecoder::GetKey()
-{
-    if (source_.GetError().What()) return;
-
-    GetSequence();    
-    keyOID_ = GetAlgoId();
-
-    if (keyOID_ == RSAk) {
-        byte b = source_.next();
-        if (b != BIT_STRING) {
-            source_.SetError(BIT_STR_E);
-            return;
-        }
-        b = source_.next();      // length, future
-        b = source_.next(); 
-        while(b != 0)
-            b = source_.next();
-    }
-    else if (keyOID_ == DSAk)
-        ;   // do nothing
-    else {
-        source_.SetError(UNKNOWN_OID_E);
-        return;
-    }
-
-    StoreKey();
-    if (keyOID_ == DSAk)
-        AddDSA();
-}
-
-
-// Save public key
-void CertDecoder::StoreKey()
-{
-    if (source_.GetError().What()) return;
-
-    word32 read = source_.get_index();
-    word32 length = GetSequence();
-
-    read = source_.get_index() - read;
-    length += read;
-
-    if (source_.GetError().What()) return;
-    while (read--) source_.prev();
-
-    if (source_.IsLeft(length) == false) return;
-    key_.SetSize(length);
-    key_.SetKey(source_.get_current());
-    source_.advance(length);
-}
-
-
-// DSA has public key after group
-void CertDecoder::AddDSA()
-{
-    if (source_.GetError().What()) return;
-
-    byte b = source_.next();
-    if (b != BIT_STRING) {
-        source_.SetError(BIT_STR_E);
-        return;
-    }
-    b = source_.next();      // length, future
-    b = source_.next(); 
-    while(b != 0)
-        b = source_.next();
-
-    word32 idx = source_.get_index();
-    b = source_.next();
-    if (b != INTEGER) {
-        source_.SetError(INTEGER_E);
-        return;
-    }
-
-    word32 length = GetLength(source_);
-    length += source_.get_index() - idx;
-
-    if (source_.IsLeft(length) == false) return;
-
-    key_.AddToEnd(source_.get_buffer() + idx, length);    
-}
-
-
-// process algo OID by summing, return it
-word32 CertDecoder::GetAlgoId()
-{
-    if (source_.GetError().What()) return 0;
-    word32 length = GetSequence();
-
-    if (source_.GetError().What()) return 0;
-    
-    byte b = source_.next();
-    if (b != OBJECT_IDENTIFIER) {
-        source_.SetError(OBJECT_ID_E);
-        return 0;
-    }
-
-    length = GetLength(source_);
-    if (source_.IsLeft(length) == false) return 0;
-
-    word32 oid = 0;
-    while(length--)
-        oid += source_.next();        // just sum it up for now
-
-    // could have NULL tag and 0 terminator, but may not
-    b = source_.next();
-    if (b == TAG_NULL) {
-        b = source_.next();
-        if (b != 0) {
-            source_.SetError(EXPECT_0_E);
-            return 0;
-        }
-    }
-    else
-        // go back, didn't have it
-        b = source_.prev();
-
-    return oid;
-}
-
-
-// read cert signature, store in signature_
-word32 CertDecoder::GetSignature()
-{
-    if (source_.GetError().What()) return 0;
-    byte b = source_.next();
-
-    if (b != BIT_STRING) {
-        source_.SetError(BIT_STR_E);
-        return 0;
-    }
-
-    sigLength_ = GetLength(source_);
-    if (sigLength_ <= 1 || source_.IsLeft(sigLength_) == false) {
-        source_.SetError(CONTENT_E);
-        return 0;
-    }
-  
-    b = source_.next();
-    if (b != 0) {
-        source_.SetError(EXPECT_0_E);
-        return 0;
-    }
-    sigLength_--;
-
-    signature_ = NEW_TC byte[sigLength_];
-    memcpy(signature_, source_.get_current(), sigLength_);
-    source_.advance(sigLength_);
-
-    return sigLength_;
-}
-
-
-// read cert digest, store in signature_
-word32 CertDecoder::GetDigest()
-{
-    if (source_.GetError().What()) return 0;
-    byte b = source_.next();
-
-    if (b != OCTET_STRING) {
-        source_.SetError(OCTET_STR_E);
-        return 0;
-    }
-
-    sigLength_ = GetLength(source_);
-
-    signature_ = NEW_TC byte[sigLength_];
-    memcpy(signature_, source_.get_current(), sigLength_);
-    source_.advance(sigLength_);
-
-    return sigLength_;
-}
-
-
-// memory length checked add tag to buffer
-char* CertDecoder::AddTag(char* ptr, const char* buf_end, const char* tag_name,
-                          word32 tag_name_length, word32 tag_value_length)
-{
-    if (ptr + tag_name_length + tag_value_length > buf_end) {
-        source_.SetError(CONTENT_E);
-        return 0;
-    }
-
-    memcpy(ptr, tag_name, tag_name_length);
-    ptr += tag_name_length;
-
-    memcpy(ptr, source_.get_current(), tag_value_length);
-    ptr += tag_value_length;
-
-    return ptr;
-}
-
-
-// process NAME, either issuer or subject
-void CertDecoder::GetName(NameType nt)
-{
-    if (source_.GetError().What()) return;
-
-    SHA    sha;
-    word32 length = GetSequence();  // length of all distinguished names
-
-    if (length >= ASN_NAME_MAX)
-        return;
-    if (source_.IsLeft(length) == false) return;
-    length += source_.get_index();
-    
-    char* ptr;
-    char* buf_end;
-
-    if (nt == ISSUER) {
-        ptr = issuer_;
-        buf_end = ptr + sizeof(issuer_) - 1;   // 1 byte for trailing 0
-    }
-    else {
-        ptr = subject_;
-        buf_end = ptr + sizeof(subject_) - 1;  // 1 byte for trailing 0
-    }
-
-    while (source_.get_index() < length) {
-        GetSet();
-        if (source_.GetError().What() == SET_E) {
-            source_.SetError(NO_ERROR_E);  // extensions may only have sequence 
-            source_.prev();
-        }
-        GetSequence();
-
-        byte b = source_.next();
-        if (b != OBJECT_IDENTIFIER) {
-            source_.SetError(OBJECT_ID_E);
-            return;
-        }
-
-        word32 oidSz = GetLength(source_);
-        if (source_.IsLeft(oidSz) == false) return;
-
-        byte joint[2];
-        if (source_.IsLeft(sizeof(joint)) == false) return;
-        memcpy(joint, source_.get_current(), sizeof(joint));
-
-        // v1 name types
-        if (joint[0] == 0x55 && joint[1] == 0x04) {
-            source_.advance(2);
-            byte   id      = source_.next();  
-            b              = source_.next();    // strType
-            word32 strLen  = GetLength(source_);
-
-            if (source_.IsLeft(strLen) == false) return;
-
-            switch (id) {
-            case COMMON_NAME:
-                if (!(ptr = AddTag(ptr, buf_end, "/CN=", 4, strLen)))
-                    return;
-                if (nt == ISSUER) {
-                    issCnPos_ = (int)(ptr - strLen - issuer_);
-                    issCnLen_ = (int)strLen;
-                } else {
-                    subCnPos_ = (int)(ptr - strLen - subject_);
-                    subCnLen_ = (int)strLen;
-                }
-                break;
-            case SUR_NAME:
-                if (!(ptr = AddTag(ptr, buf_end, "/SN=", 4, strLen)))
-                    return;
-                break;
-            case COUNTRY_NAME:
-                if (!(ptr = AddTag(ptr, buf_end, "/C=", 3, strLen)))
-                    return;
-                break;
-            case LOCALITY_NAME:
-                if (!(ptr = AddTag(ptr, buf_end, "/L=", 3, strLen)))
-                    return;
-                break;
-            case STATE_NAME:
-                if (!(ptr = AddTag(ptr, buf_end, "/ST=", 4, strLen)))
-                    return;
-                break;
-            case ORG_NAME:
-                if (!(ptr = AddTag(ptr, buf_end, "/O=", 3, strLen)))
-                    return;
-                break;
-            case ORGUNIT_NAME:
-                if (!(ptr = AddTag(ptr, buf_end, "/OU=", 4, strLen)))
-                    return;
-                break;
-            }
-
-            sha.Update(source_.get_current(), strLen);
-            source_.advance(strLen);
-        }
-        else { 
-            bool email = false;
-            if (joint[0] == 0x2a && joint[1] == 0x86)  // email id hdr
-                email = true;
-
-            source_.advance(oidSz + 1);
-            word32 length = GetLength(source_);
-            if (source_.IsLeft(length) == false) return;
-
-            if (email) {
-                if (!(ptr = AddTag(ptr, buf_end, "/emailAddress=", 14, length)))
-                    return; 
-            }
-
-            source_.advance(length);
-        }
-    }
-
-    *ptr = 0;
-
-    if (nt == ISSUER)
-        sha.Final(issuerHash_);
-    else
-        sha.Final(subjectHash_);
-}
-
-
-// process a Date, either BEFORE or AFTER
-void CertDecoder::GetDate(DateType dt)
-{
-    if (source_.GetError().What()) return;
-
-    byte b = source_.next();
-    if (b != UTC_TIME && b != GENERALIZED_TIME) {
-        source_.SetError(TIME_E);
-        return;
-    }
-
-    word32 length = GetLength(source_);
-    if (source_.IsLeft(length) == false) return;
-
-    byte date[MAX_DATE_SZ];
-    if (length > MAX_DATE_SZ || length < MIN_DATE_SZ) {
-        source_.SetError(DATE_SZ_E);
-        return;
-    }
-
-    memcpy(date, source_.get_current(), length);
-    source_.advance(length);
-
-    if (!ValidateDate(date, b, dt) && verify_) {
-        if (dt == BEFORE)
-            source_.SetError(BEFORE_DATE_E);
-        else
-            source_.SetError(AFTER_DATE_E);
-    }
-
-    // save for later use
-    if (dt == BEFORE) {
-        memcpy(beforeDate_, date, length);
-        beforeDate_[length] = 0;
-        beforeDateType_= b;
-    }
-    else {  // after
-        memcpy(afterDate_, date, length);
-        afterDate_[length] = 0;
-        afterDateType_= b;
-    }       
-}
-
-
-void CertDecoder::GetValidity()
-{
-    if (source_.GetError().What()) return;
-
-    GetSequence();
-    GetDate(BEFORE);
-    GetDate(AFTER);
-}
-
-
-bool CertDecoder::ValidateSelfSignature()
-{
-    Source pub(key_.GetKey(), key_.size());
-    return ConfirmSignature(pub);
-}
-
-
-// extract compare signature hash from plain and place into digest
-void CertDecoder::GetCompareHash(const byte* plain, word32 sz, byte* digest,
-                                 word32 digSz)
-{
-    if (source_.GetError().What()) return;
-
-    Source s(plain, sz);
-    CertDecoder dec(s, false);
-
-    dec.GetSequence();
-    dec.GetAlgoId();
-    dec.GetDigest();
-
-    if (dec.sigLength_ > digSz) {
-        source_.SetError(SIG_LEN_E);
-        return;
-    }
-
-    memcpy(digest, dec.signature_, dec.sigLength_);
-}
-
-
-// validate signature signed by someone else
-bool CertDecoder::ValidateSignature(SignerList* signers)
-{
-    if (!signers)
-        return false;
-
-    SignerList::iterator first = signers->begin();
-    SignerList::iterator last  = signers->end();
-
-    while (first != last) {
-        if ( memcmp(issuerHash_, (*first)->GetHash(), SHA::DIGEST_SIZE) == 0) {
-      
-            const PublicKey& iKey = (*first)->GetPublicKey();
-            Source pub(iKey.GetKey(), iKey.size());
-            return ConfirmSignature(pub);
-        }   
-        ++first;
-    }
-    return false;
-}
-
-
-// confirm certificate signature
-bool CertDecoder::ConfirmSignature(Source& pub)
-{
-    HashType ht;
-    mySTL::auto_ptr hasher;
-
-    if (signatureOID_ == MD5wRSA) {
-        hasher.reset(NEW_TC MD5);
-        ht = MD5h;
-    }
-    else if (signatureOID_ == MD2wRSA) {
-        hasher.reset(NEW_TC MD2);
-        ht = MD2h;
-    }
-    else if (signatureOID_ == SHAwRSA || signatureOID_ == SHAwDSA) {
-        hasher.reset(NEW_TC SHA);
-        ht = SHAh;
-    }
-    else if (signatureOID_ == SHA256wRSA || signatureOID_ == SHA256wDSA) {
-        hasher.reset(NEW_TC SHA256);
-        ht = SHA256h;
-    }
-#ifdef WORD64_AVAILABLE
-    else if (signatureOID_ == SHA384wRSA) {
-        hasher.reset(NEW_TC SHA384);
-        ht = SHA384h;
-    }
-    else if (signatureOID_ == SHA512wRSA) {
-        hasher.reset(NEW_TC SHA512);
-        ht = SHA512h;
-    }
-#endif
-    else {
-        source_.SetError(UNKOWN_SIG_E);
-        return false;
-    }
-
-    byte digest[MAX_SHA2_DIGEST_SIZE];      // largest size
-
-    hasher->Update(source_.get_buffer() + certBegin_, sigIndex_ - certBegin_);
-    hasher->Final(digest);
-
-    if (keyOID_ == RSAk) {
-        // put in ASN.1 signature format
-        Source build;
-        Signature_Encoder(digest, hasher->getDigestSize(), ht, build);
-
-        RSA_PublicKey pubKey(pub);
-        RSAES_Encryptor enc(pubKey);
-
-        if (pubKey.FixedCiphertextLength() != sigLength_) {
-            source_.SetError(SIG_LEN_E);
-            return false;
-        }
-
-        return enc.SSL_Verify(build.get_buffer(), build.size(), signature_);
-    }
-    else  { // DSA
-        // extract r and s from sequence
-        byte seqDecoded[DSA_SIG_SZ];
-        memset(seqDecoded, 0, sizeof(seqDecoded));
-        DecodeDSA_Signature(seqDecoded, signature_, sigLength_);
-
-        DSA_PublicKey pubKey(pub);
-        DSA_Verifier  ver(pubKey);
-
-        return ver.Verify(digest, seqDecoded);
-    }
-}
-
-
-Signature_Encoder::Signature_Encoder(const byte* dig, word32 digSz,
-                                     HashType digOID, Source& source)
-{
-    // build bottom up
-
-    // Digest
-    byte digArray[MAX_DIGEST_SZ];
-    word32 digestSz = SetDigest(dig, digSz, digArray);
-
-    // AlgoID
-    byte algoArray[MAX_ALGO_SZ];
-    word32 algoSz = SetAlgoID(digOID, algoArray);
-
-    // Sequence
-    byte seqArray[MAX_SEQ_SZ];
-    word32 seqSz = SetSequence(digestSz + algoSz, seqArray);
-
-    source.grow(seqSz + algoSz + digestSz);  // make sure enough room
-    source.add(seqArray,  seqSz);
-    source.add(algoArray, algoSz);
-    source.add(digArray,  digestSz);
-}
-
-
-
-word32 Signature_Encoder::SetDigest(const byte* d, word32 dSz, byte* output)
-{
-    output[0] = OCTET_STRING;
-    output[1] = dSz;
-    memcpy(&output[2], d, dSz);
-    
-    return dSz + 2;
-}
-
-
-
-word32 DER_Encoder::SetAlgoID(HashType aOID, byte* output)
-{
-    // adding TAG_NULL and 0 to end
-    static const byte shaAlgoID[] = { 0x2b, 0x0e, 0x03, 0x02, 0x1a,
-                                      0x05, 0x00 };
-    static const byte md5AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
-                                      0x02, 0x05, 0x05, 0x00  };
-    static const byte md2AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
-                                      0x02, 0x02, 0x05, 0x00};
-    static const byte sha256AlgoID[] = { 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
-                                         0x04, 0x02, 0x01, 0x05, 0x00 };
-    static const byte sha384AlgoID[] = { 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
-                                         0x04, 0x02, 0x02, 0x05, 0x00 };
-    static const byte sha512AlgoID[] = { 0x60, 0x86, 0x48, 0x01, 0x65, 0x03,
-                                         0x04, 0x02, 0x03, 0x05, 0x00 };
-
-    int algoSz = 0;
-    const byte* algoName = 0;
-
-    switch (aOID) {
-    case SHAh:
-        algoSz = sizeof(shaAlgoID);
-        algoName = shaAlgoID;
-        break;
-
-    case SHA256h:
-        algoSz = sizeof(sha256AlgoID);
-        algoName = sha256AlgoID;
-        break;
-
-    case SHA384h:
-        algoSz = sizeof(sha384AlgoID);
-        algoName = sha384AlgoID;
-        break;
-
-    case SHA512h:
-        algoSz = sizeof(sha512AlgoID);
-        algoName = sha512AlgoID;
-        break;
-
-    case MD2h:
-        algoSz = sizeof(md2AlgoID);
-        algoName = md2AlgoID;
-        break;
-
-    case MD5h:
-        algoSz = sizeof(md5AlgoID);
-        algoName = md5AlgoID;
-        break;
-
-    default:
-        error_.SetError(UNKOWN_HASH_E);
-        return 0;
-    }
-
-
-    byte ID_Length[MAX_LENGTH_SZ];
-    word32 idSz = SetLength(algoSz - 2, ID_Length); // don't include TAG_NULL/0
-
-    byte seqArray[MAX_SEQ_SZ + 1];  // add object_id to end
-    word32 seqSz = SetSequence(idSz + algoSz + 1, seqArray);
-    seqArray[seqSz++] = OBJECT_IDENTIFIER;
-
-    memcpy(output, seqArray, seqSz);
-    memcpy(output + seqSz, ID_Length, idSz);
-    memcpy(output + seqSz + idSz, algoName, algoSz);
-
-    return seqSz + idSz + algoSz;
-}
-
-
-word32 SetSequence(word32 len, byte* output)
-{
-  
-    output[0] = SEQUENCE | CONSTRUCTED;
-    return SetLength(len, output + 1) + 1;
-}
-
-
-word32 EncodeDSA_Signature(const byte* signature, byte* output)
-{
-    Integer r(signature, 20);
-    Integer s(signature + 20, 20);
-
-    return EncodeDSA_Signature(r, s, output);
-}
-
-
-word32 EncodeDSA_Signature(const Integer& r, const Integer& s, byte* output)
-{
-    word32 rSz = r.ByteCount();
-    word32 sSz = s.ByteCount();
-
-    byte rLen[MAX_LENGTH_SZ + 1];
-    byte sLen[MAX_LENGTH_SZ + 1];
-
-    rLen[0] = INTEGER;
-    sLen[0] = INTEGER;
-
-    word32 rLenSz = SetLength(rSz, &rLen[1]) + 1;
-    word32 sLenSz = SetLength(sSz, &sLen[1]) + 1;
-
-    byte seqArray[MAX_SEQ_SZ];
-
-    word32 seqSz = SetSequence(rLenSz + rSz + sLenSz + sSz, seqArray);
-    
-    // seq
-    memcpy(output, seqArray, seqSz);
-    // r
-    memcpy(output + seqSz, rLen, rLenSz);
-    r.Encode(output + seqSz + rLenSz, rSz);
-    // s
-    memcpy(output + seqSz + rLenSz + rSz, sLen, sLenSz);
-    s.Encode(output + seqSz + rLenSz + rSz + sLenSz, sSz);
-
-    return seqSz + rLenSz + rSz + sLenSz + sSz;
-}
-
-
-// put sequence encoded dsa signature into decoded in 2 20 byte integers
-word32 DecodeDSA_Signature(byte* decoded, const byte* encoded, word32 sz)
-{
-    Source source(encoded, sz);
-
-    if (source.next() != (SEQUENCE | CONSTRUCTED)) {
-        source.SetError(SEQUENCE_E);
-        return 0;
-    }
-
-    GetLength(source);  // total
-
-    // r
-    if (source.next() != INTEGER) {
-        source.SetError(INTEGER_E);
-        return 0;
-    }
-    word32 rLen = GetLength(source);
-    if (rLen != 20) {
-        while (rLen > 20 && source.remaining() > 0) {  // zero's at front, eat
-            source.next();
-            --rLen;
-        }
-        if (rLen < 20) { // add zero's to front so 20 bytes
-            word32 tmpLen = rLen;
-            while (tmpLen < 20) {
-            decoded[0] = 0;
-            decoded++;
-                tmpLen++;
-        }
-        }
-    }
-    memcpy(decoded, source.get_buffer() + source.get_index(), rLen);
-    source.advance(rLen);
-
-    // s
-    if (source.next() != INTEGER) {
-        source.SetError(INTEGER_E);
-        return 0;
-    }
-    word32 sLen = GetLength(source);
-    if (sLen != 20) {
-        while (sLen > 20 && source.remaining() > 0) {
-            source.next();          // zero's at front, eat
-            --sLen;
-        }
-        if (sLen < 20) { // add zero's to front so 20 bytes
-            word32 tmpLen = sLen;
-            while (tmpLen < 20) {
-                decoded[rLen] = 0;
-            decoded++;
-                tmpLen++;
-        }
-        }
-    }
-    memcpy(decoded + rLen, source.get_buffer() + source.get_index(), sLen);
-    source.advance(sLen);
-
-    return 40;
-}
-
-
-/*
-// Get Cert in PEM format from BEGIN to END
-int GetCert(Source& source)
-{
-    char header[] = "-----BEGIN CERTIFICATE-----";
-    char footer[] = "-----END CERTIFICATE-----";
-
-    char* begin = strstr((char*)source.get_buffer(), header);
-    char* end   = strstr((char*)source.get_buffer(), footer);
-
-    if (!begin || !end || begin >= end) return -1;
-
-    end += strlen(footer); 
-    if (*end == '\r') end++;
-
-    Source tmp((byte*)begin, end - begin + 1);
-    source.Swap(tmp);
-
-    return 0;
-}
-
-
-
-// Decode a BER encoded PKCS12 structure
-void PKCS12_Decoder::Decode()
-{
-    ReadHeader();
-    if (source_.GetError().What()) return;
-
-    // Get AuthSafe
-
-    GetSequence();
-    
-        // get object id
-    byte obj_id = source_.next();
-    if (obj_id != OBJECT_IDENTIFIER) {
-        source_.SetError(OBJECT_ID_E);
-        return;
-    }
-
-    word32 length = GetLength(source_);
-
-    word32 algo_sum = 0;
-    while (length--)
-        algo_sum += source_.next();
-
-    
-       
-
-
-
-    // Get MacData optional
-    // mac     digestInfo  like certdecoder::getdigest?
-    // macsalt octet string
-    // iter    integer
-    
-}
-
-
-void PKCS12_Decoder::ReadHeader()
-{
-    // Gets Version
-    GetSequence();
-    GetVersion();
-}
-
-
-// Get Cert in PEM format from pkcs12 file
-int GetPKCS_Cert(const char* password, Source& source)
-{
-    PKCS12_Decoder pkcs12(source);
-    pkcs12.Decode();
-
-    return 0;
-}
-*/
-
-
-
-} // namespace
diff --git a/extra/yassl/taocrypt/src/bftables.cpp b/extra/yassl/taocrypt/src/bftables.cpp
deleted file mode 100644
index 088f9778da1..00000000000
--- a/extra/yassl/taocrypt/src/bftables.cpp
+++ /dev/null
@@ -1,304 +0,0 @@
-/*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* based on Wei Dai's bfinit.cpp from CryptoPP */
-
-#include "runtime.hpp"
-#include "blowfish.hpp"
-
-
-namespace TaoCrypt {
-
-const word32 Blowfish::p_init_[Blowfish::ROUNDS+2] =
-{
-  608135816U, 2242054355U,  320440878U,   57701188U,
- 2752067618U,  698298832U,  137296536U, 3964562569U,
- 1160258022U,  953160567U, 3193202383U,  887688300U,
- 3232508343U, 3380367581U, 1065670069U, 3041331479U,
- 2450970073U, 2306472731U
-} ;
-
-
-const word32 Blowfish::s_init_[4*256] = {
- 3509652390U, 2564797868U,  805139163U, 3491422135U,
- 3101798381U, 1780907670U, 3128725573U, 4046225305U,
-  614570311U, 3012652279U,  134345442U, 2240740374U,
- 1667834072U, 1901547113U, 2757295779U, 4103290238U,
-  227898511U, 1921955416U, 1904987480U, 2182433518U,
- 2069144605U, 3260701109U, 2620446009U,  720527379U,
- 3318853667U,  677414384U, 3393288472U, 3101374703U,
- 2390351024U, 1614419982U, 1822297739U, 2954791486U,
- 3608508353U, 3174124327U, 2024746970U, 1432378464U,
- 3864339955U, 2857741204U, 1464375394U, 1676153920U,
- 1439316330U,  715854006U, 3033291828U,  289532110U,
- 2706671279U, 2087905683U, 3018724369U, 1668267050U,
-  732546397U, 1947742710U, 3462151702U, 2609353502U,
- 2950085171U, 1814351708U, 2050118529U,  680887927U,
-  999245976U, 1800124847U, 3300911131U, 1713906067U,
- 1641548236U, 4213287313U, 1216130144U, 1575780402U,
- 4018429277U, 3917837745U, 3693486850U, 3949271944U,
-  596196993U, 3549867205U,  258830323U, 2213823033U,
-  772490370U, 2760122372U, 1774776394U, 2652871518U,
-  566650946U, 4142492826U, 1728879713U, 2882767088U,
- 1783734482U, 3629395816U, 2517608232U, 2874225571U,
- 1861159788U,  326777828U, 3124490320U, 2130389656U,
- 2716951837U,  967770486U, 1724537150U, 2185432712U,
- 2364442137U, 1164943284U, 2105845187U,  998989502U,
- 3765401048U, 2244026483U, 1075463327U, 1455516326U,
- 1322494562U,  910128902U,  469688178U, 1117454909U,
-  936433444U, 3490320968U, 3675253459U, 1240580251U,
-  122909385U, 2157517691U,  634681816U, 4142456567U,
- 3825094682U, 3061402683U, 2540495037U,   79693498U,
- 3249098678U, 1084186820U, 1583128258U,  426386531U,
- 1761308591U, 1047286709U,  322548459U,  995290223U,
- 1845252383U, 2603652396U, 3431023940U, 2942221577U,
- 3202600964U, 3727903485U, 1712269319U,  422464435U,
- 3234572375U, 1170764815U, 3523960633U, 3117677531U,
- 1434042557U,  442511882U, 3600875718U, 1076654713U,
- 1738483198U, 4213154764U, 2393238008U, 3677496056U,
- 1014306527U, 4251020053U,  793779912U, 2902807211U,
-  842905082U, 4246964064U, 1395751752U, 1040244610U,
- 2656851899U, 3396308128U,  445077038U, 3742853595U,
- 3577915638U,  679411651U, 2892444358U, 2354009459U,
- 1767581616U, 3150600392U, 3791627101U, 3102740896U,
-  284835224U, 4246832056U, 1258075500U,  768725851U,
- 2589189241U, 3069724005U, 3532540348U, 1274779536U,
- 3789419226U, 2764799539U, 1660621633U, 3471099624U,
- 4011903706U,  913787905U, 3497959166U,  737222580U,
- 2514213453U, 2928710040U, 3937242737U, 1804850592U,
- 3499020752U, 2949064160U, 2386320175U, 2390070455U,
- 2415321851U, 4061277028U, 2290661394U, 2416832540U,
- 1336762016U, 1754252060U, 3520065937U, 3014181293U,
-  791618072U, 3188594551U, 3933548030U, 2332172193U,
- 3852520463U, 3043980520U,  413987798U, 3465142937U,
- 3030929376U, 4245938359U, 2093235073U, 3534596313U,
-  375366246U, 2157278981U, 2479649556U,  555357303U,
- 3870105701U, 2008414854U, 3344188149U, 4221384143U,
- 3956125452U, 2067696032U, 3594591187U, 2921233993U,
-	2428461U,  544322398U,  577241275U, 1471733935U,
-  610547355U, 4027169054U, 1432588573U, 1507829418U,
- 2025931657U, 3646575487U,  545086370U,   48609733U,
- 2200306550U, 1653985193U,  298326376U, 1316178497U,
- 3007786442U, 2064951626U,  458293330U, 2589141269U,
- 3591329599U, 3164325604U,  727753846U, 2179363840U,
-  146436021U, 1461446943U, 4069977195U,  705550613U,
- 3059967265U, 3887724982U, 4281599278U, 3313849956U,
- 1404054877U, 2845806497U,  146425753U, 1854211946U,
-
- 1266315497U, 3048417604U, 3681880366U, 3289982499U,
- 2909710000U, 1235738493U, 2632868024U, 2414719590U,
- 3970600049U, 1771706367U, 1449415276U, 3266420449U,
-  422970021U, 1963543593U, 2690192192U, 3826793022U,
- 1062508698U, 1531092325U, 1804592342U, 2583117782U,
- 2714934279U, 4024971509U, 1294809318U, 4028980673U,
- 1289560198U, 2221992742U, 1669523910U,   35572830U,
-  157838143U, 1052438473U, 1016535060U, 1802137761U,
- 1753167236U, 1386275462U, 3080475397U, 2857371447U,
- 1040679964U, 2145300060U, 2390574316U, 1461121720U,
- 2956646967U, 4031777805U, 4028374788U,   33600511U,
- 2920084762U, 1018524850U,  629373528U, 3691585981U,
- 3515945977U, 2091462646U, 2486323059U,  586499841U,
-  988145025U,  935516892U, 3367335476U, 2599673255U,
- 2839830854U,  265290510U, 3972581182U, 2759138881U,
- 3795373465U, 1005194799U,  847297441U,  406762289U,
- 1314163512U, 1332590856U, 1866599683U, 4127851711U,
-  750260880U,  613907577U, 1450815602U, 3165620655U,
- 3734664991U, 3650291728U, 3012275730U, 3704569646U,
- 1427272223U,  778793252U, 1343938022U, 2676280711U,
- 2052605720U, 1946737175U, 3164576444U, 3914038668U,
- 3967478842U, 3682934266U, 1661551462U, 3294938066U,
- 4011595847U,  840292616U, 3712170807U,  616741398U,
-  312560963U,  711312465U, 1351876610U,  322626781U,
- 1910503582U,  271666773U, 2175563734U, 1594956187U,
-   70604529U, 3617834859U, 1007753275U, 1495573769U,
- 4069517037U, 2549218298U, 2663038764U,  504708206U,
- 2263041392U, 3941167025U, 2249088522U, 1514023603U,
- 1998579484U, 1312622330U,  694541497U, 2582060303U,
- 2151582166U, 1382467621U,  776784248U, 2618340202U,
- 3323268794U, 2497899128U, 2784771155U,  503983604U,
- 4076293799U,  907881277U,  423175695U,  432175456U,
- 1378068232U, 4145222326U, 3954048622U, 3938656102U,
- 3820766613U, 2793130115U, 2977904593U,   26017576U,
- 3274890735U, 3194772133U, 1700274565U, 1756076034U,
- 4006520079U, 3677328699U,  720338349U, 1533947780U,
-  354530856U,  688349552U, 3973924725U, 1637815568U,
-  332179504U, 3949051286U,   53804574U, 2852348879U,
- 3044236432U, 1282449977U, 3583942155U, 3416972820U,
- 4006381244U, 1617046695U, 2628476075U, 3002303598U,
- 1686838959U,  431878346U, 2686675385U, 1700445008U,
- 1080580658U, 1009431731U,  832498133U, 3223435511U,
- 2605976345U, 2271191193U, 2516031870U, 1648197032U,
- 4164389018U, 2548247927U,  300782431U,  375919233U,
-  238389289U, 3353747414U, 2531188641U, 2019080857U,
- 1475708069U,  455242339U, 2609103871U,  448939670U,
- 3451063019U, 1395535956U, 2413381860U, 1841049896U,
- 1491858159U,  885456874U, 4264095073U, 4001119347U,
- 1565136089U, 3898914787U, 1108368660U,  540939232U,
- 1173283510U, 2745871338U, 3681308437U, 4207628240U,
- 3343053890U, 4016749493U, 1699691293U, 1103962373U,
- 3625875870U, 2256883143U, 3830138730U, 1031889488U,
- 3479347698U, 1535977030U, 4236805024U, 3251091107U,
- 2132092099U, 1774941330U, 1199868427U, 1452454533U,
-  157007616U, 2904115357U,  342012276U,  595725824U,
- 1480756522U,  206960106U,  497939518U,  591360097U,
-  863170706U, 2375253569U, 3596610801U, 1814182875U,
- 2094937945U, 3421402208U, 1082520231U, 3463918190U,
- 2785509508U,  435703966U, 3908032597U, 1641649973U,
- 2842273706U, 3305899714U, 1510255612U, 2148256476U,
- 2655287854U, 3276092548U, 4258621189U,  236887753U,
- 3681803219U,  274041037U, 1734335097U, 3815195456U,
- 3317970021U, 1899903192U, 1026095262U, 4050517792U,
-  356393447U, 2410691914U, 3873677099U, 3682840055U,
-
- 3913112168U, 2491498743U, 4132185628U, 2489919796U,
- 1091903735U, 1979897079U, 3170134830U, 3567386728U,
- 3557303409U,  857797738U, 1136121015U, 1342202287U,
-  507115054U, 2535736646U,  337727348U, 3213592640U,
- 1301675037U, 2528481711U, 1895095763U, 1721773893U,
- 3216771564U,   62756741U, 2142006736U,  835421444U,
- 2531993523U, 1442658625U, 3659876326U, 2882144922U,
-  676362277U, 1392781812U,  170690266U, 3921047035U,
- 1759253602U, 3611846912U, 1745797284U,  664899054U,
- 1329594018U, 3901205900U, 3045908486U, 2062866102U,
- 2865634940U, 3543621612U, 3464012697U, 1080764994U,
-  553557557U, 3656615353U, 3996768171U,  991055499U,
-  499776247U, 1265440854U,  648242737U, 3940784050U,
-  980351604U, 3713745714U, 1749149687U, 3396870395U,
- 4211799374U, 3640570775U, 1161844396U, 3125318951U,
- 1431517754U,  545492359U, 4268468663U, 3499529547U,
- 1437099964U, 2702547544U, 3433638243U, 2581715763U,
- 2787789398U, 1060185593U, 1593081372U, 2418618748U,
- 4260947970U,   69676912U, 2159744348U,   86519011U,
- 2512459080U, 3838209314U, 1220612927U, 3339683548U,
-  133810670U, 1090789135U, 1078426020U, 1569222167U,
-  845107691U, 3583754449U, 4072456591U, 1091646820U,
-  628848692U, 1613405280U, 3757631651U,  526609435U,
-  236106946U,   48312990U, 2942717905U, 3402727701U,
- 1797494240U,  859738849U,  992217954U, 4005476642U,
- 2243076622U, 3870952857U, 3732016268U,  765654824U,
- 3490871365U, 2511836413U, 1685915746U, 3888969200U,
- 1414112111U, 2273134842U, 3281911079U, 4080962846U,
-  172450625U, 2569994100U,  980381355U, 4109958455U,
- 2819808352U, 2716589560U, 2568741196U, 3681446669U,
- 3329971472U, 1835478071U,  660984891U, 3704678404U,
- 4045999559U, 3422617507U, 3040415634U, 1762651403U,
- 1719377915U, 3470491036U, 2693910283U, 3642056355U,
- 3138596744U, 1364962596U, 2073328063U, 1983633131U,
-  926494387U, 3423689081U, 2150032023U, 4096667949U,
- 1749200295U, 3328846651U,  309677260U, 2016342300U,
- 1779581495U, 3079819751U,  111262694U, 1274766160U,
-  443224088U,  298511866U, 1025883608U, 3806446537U,
- 1145181785U,  168956806U, 3641502830U, 3584813610U,
- 1689216846U, 3666258015U, 3200248200U, 1692713982U,
- 2646376535U, 4042768518U, 1618508792U, 1610833997U,
- 3523052358U, 4130873264U, 2001055236U, 3610705100U,
- 2202168115U, 4028541809U, 2961195399U, 1006657119U,
- 2006996926U, 3186142756U, 1430667929U, 3210227297U,
- 1314452623U, 4074634658U, 4101304120U, 2273951170U,
- 1399257539U, 3367210612U, 3027628629U, 1190975929U,
- 2062231137U, 2333990788U, 2221543033U, 2438960610U,
- 1181637006U,  548689776U, 2362791313U, 3372408396U,
- 3104550113U, 3145860560U,  296247880U, 1970579870U,
- 3078560182U, 3769228297U, 1714227617U, 3291629107U,
- 3898220290U,  166772364U, 1251581989U,  493813264U,
-  448347421U,  195405023U, 2709975567U,  677966185U,
- 3703036547U, 1463355134U, 2715995803U, 1338867538U,
- 1343315457U, 2802222074U, 2684532164U,  233230375U,
- 2599980071U, 2000651841U, 3277868038U, 1638401717U,
- 4028070440U, 3237316320U,    6314154U,  819756386U,
-  300326615U,  590932579U, 1405279636U, 3267499572U,
- 3150704214U, 2428286686U, 3959192993U, 3461946742U,
- 1862657033U, 1266418056U,  963775037U, 2089974820U,
- 2263052895U, 1917689273U,  448879540U, 3550394620U,
- 3981727096U,  150775221U, 3627908307U, 1303187396U,
-  508620638U, 2975983352U, 2726630617U, 1817252668U,
- 1876281319U, 1457606340U,  908771278U, 3720792119U,
- 3617206836U, 2455994898U, 1729034894U, 1080033504U,
-
-  976866871U, 3556439503U, 2881648439U, 1522871579U,
- 1555064734U, 1336096578U, 3548522304U, 2579274686U,
- 3574697629U, 3205460757U, 3593280638U, 3338716283U,
- 3079412587U,  564236357U, 2993598910U, 1781952180U,
- 1464380207U, 3163844217U, 3332601554U, 1699332808U,
- 1393555694U, 1183702653U, 3581086237U, 1288719814U,
-  691649499U, 2847557200U, 2895455976U, 3193889540U,
- 2717570544U, 1781354906U, 1676643554U, 2592534050U,
- 3230253752U, 1126444790U, 2770207658U, 2633158820U,
- 2210423226U, 2615765581U, 2414155088U, 3127139286U,
-  673620729U, 2805611233U, 1269405062U, 4015350505U,
- 3341807571U, 4149409754U, 1057255273U, 2012875353U,
- 2162469141U, 2276492801U, 2601117357U,  993977747U,
- 3918593370U, 2654263191U,  753973209U,   36408145U,
- 2530585658U,   25011837U, 3520020182U, 2088578344U,
-  530523599U, 2918365339U, 1524020338U, 1518925132U,
- 3760827505U, 3759777254U, 1202760957U, 3985898139U,
- 3906192525U,  674977740U, 4174734889U, 2031300136U,
- 2019492241U, 3983892565U, 4153806404U, 3822280332U,
-  352677332U, 2297720250U,   60907813U,   90501309U,
- 3286998549U, 1016092578U, 2535922412U, 2839152426U,
-  457141659U,  509813237U, 4120667899U,  652014361U,
- 1966332200U, 2975202805U,   55981186U, 2327461051U,
-  676427537U, 3255491064U, 2882294119U, 3433927263U,
- 1307055953U,  942726286U,  933058658U, 2468411793U,
- 3933900994U, 4215176142U, 1361170020U, 2001714738U,
- 2830558078U, 3274259782U, 1222529897U, 1679025792U,
- 2729314320U, 3714953764U, 1770335741U,  151462246U,
- 3013232138U, 1682292957U, 1483529935U,  471910574U,
- 1539241949U,  458788160U, 3436315007U, 1807016891U,
- 3718408830U,  978976581U, 1043663428U, 3165965781U,
- 1927990952U, 4200891579U, 2372276910U, 3208408903U,
- 3533431907U, 1412390302U, 2931980059U, 4132332400U,
- 1947078029U, 3881505623U, 4168226417U, 2941484381U,
- 1077988104U, 1320477388U,  886195818U,   18198404U,
- 3786409000U, 2509781533U,  112762804U, 3463356488U,
- 1866414978U,  891333506U,   18488651U,  661792760U,
- 1628790961U, 3885187036U, 3141171499U,  876946877U,
- 2693282273U, 1372485963U,  791857591U, 2686433993U,
- 3759982718U, 3167212022U, 3472953795U, 2716379847U,
-  445679433U, 3561995674U, 3504004811U, 3574258232U,
-   54117162U, 3331405415U, 2381918588U, 3769707343U,
- 4154350007U, 1140177722U, 4074052095U,  668550556U,
- 3214352940U,  367459370U,  261225585U, 2610173221U,
- 4209349473U, 3468074219U, 3265815641U,  314222801U,
- 3066103646U, 3808782860U,  282218597U, 3406013506U,
- 3773591054U,  379116347U, 1285071038U,  846784868U,
- 2669647154U, 3771962079U, 3550491691U, 2305946142U,
-  453669953U, 1268987020U, 3317592352U, 3279303384U,
- 3744833421U, 2610507566U, 3859509063U,  266596637U,
- 3847019092U,  517658769U, 3462560207U, 3443424879U,
-  370717030U, 4247526661U, 2224018117U, 4143653529U,
- 4112773975U, 2788324899U, 2477274417U, 1456262402U,
- 2901442914U, 1517677493U, 1846949527U, 2295493580U,
- 3734397586U, 2176403920U, 1280348187U, 1908823572U,
- 3871786941U,  846861322U, 1172426758U, 3287448474U,
- 3383383037U, 1655181056U, 3139813346U,  901632758U,
- 1897031941U, 2986607138U, 3066810236U, 3447102507U,
- 1393639104U,  373351379U,  950779232U,  625454576U,
- 3124240540U, 4148612726U, 2007998917U,  544563296U,
- 2244738638U, 2330496472U, 2058025392U, 1291430526U,
-  424198748U,   50039436U,   29584100U, 3605783033U,
- 2429876329U, 2791104160U, 1057563949U, 3255363231U,
- 3075367218U, 3463963227U, 1469046755U,  985887462U
-};
-
-
-
-
-} // namespace
-
diff --git a/extra/yassl/taocrypt/src/blowfish.cpp b/extra/yassl/taocrypt/src/blowfish.cpp
deleted file mode 100644
index 45f6fb793f8..00000000000
--- a/extra/yassl/taocrypt/src/blowfish.cpp
+++ /dev/null
@@ -1,364 +0,0 @@
-/*
-   Copyright (c) 2006, 2012, Oracle and/or its affiliates
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* C++ code based on Wei Dai's blowfish.cpp from CryptoPP */
-/* x86 asm is original */
-
-
-#if defined(TAOCRYPT_KERNEL_MODE)
-    #define DO_TAOCRYPT_KERNEL_MODE
-#endif                                  // only some modules now support this
-
-
-#include "runtime.hpp"
-#include "blowfish.hpp"
-
-
-
-
-
-namespace TaoCrypt {
-
-
-#if defined(DO_BLOWFISH_ASM)
-
-// ia32 optimized version
-void Blowfish::Process(byte* out, const byte* in, word32 sz)
-{
-    if (!isMMX) {
-        Mode_BASE::Process(out, in, sz);
-        return;
-    }
-
-    word32 blocks = sz / BLOCK_SIZE;
-
-    if (mode_ == ECB)
-        while (blocks--) {
-            AsmProcess(in, out);
-            out += BLOCK_SIZE;
-            in  += BLOCK_SIZE;
-        }
-    else if (mode_ == CBC) {
-        if (dir_ == ENCRYPTION) {
-            while (blocks--) {
-                r_[0] ^= *(word32*)in;
-                r_[1] ^= *(word32*)(in + 4);
-
-                AsmProcess((byte*)r_, (byte*)r_);
-                
-                memcpy(out, r_, BLOCK_SIZE);
-
-                out += BLOCK_SIZE;
-                in  += BLOCK_SIZE;
-            }
-        }
-        else {
-            while (blocks--) {
-                AsmProcess(in, out);
-                
-                *(word32*)out       ^= r_[0];
-                *(word32*)(out + 4) ^= r_[1];
-
-                memcpy(r_, in, BLOCK_SIZE);
-
-                out += BLOCK_SIZE;
-                in  += BLOCK_SIZE;
-            }
-        }
-    }
-}
-
-#endif // DO_BLOWFISH_ASM
-
-
-void Blowfish::SetKey(const byte* key_string, word32 keylength, CipherDir dir)
-{
-    if (keylength < 4)
-        keylength = 4;
-    else if (keylength > 56)
-        keylength = 56;
-
-	unsigned i, j=0, k;
-	word32 data, dspace[2] = {0, 0};
-
-	memcpy(pbox_, p_init_, sizeof(p_init_));
-	memcpy(sbox_, s_init_, sizeof(s_init_));
-
-	// Xor key string into encryption key vector
-	for (i=0 ; i> 8)&0xFF)
-#define BFBYTE_2(x) ((x>>16)&0xFF)
-#define BFBYTE_3(x) ( x>>24)
-
-
-#define BF_S(Put, Get, I) (\
-        Put ^= p[I], \
-		tmp =  p[18 + BFBYTE_3(Get)],  \
-        tmp += p[274+ BFBYTE_2(Get)],  \
-        tmp ^= p[530+ BFBYTE_1(Get)],  \
-        tmp += p[786+ BFBYTE_0(Get)],  \
-        Put ^= tmp \
-    )
-
-
-#define BF_ROUNDS           \
-    BF_S(right, left,  1);  \
-    BF_S(left,  right, 2);  \
-    BF_S(right, left,  3);  \
-    BF_S(left,  right, 4);  \
-    BF_S(right, left,  5);  \
-    BF_S(left,  right, 6);  \
-    BF_S(right, left,  7);  \
-    BF_S(left,  right, 8);  \
-    BF_S(right, left,  9);  \
-    BF_S(left,  right, 10); \
-    BF_S(right, left,  11); \
-    BF_S(left,  right, 12); \
-    BF_S(right, left,  13); \
-    BF_S(left,  right, 14); \
-    BF_S(right, left,  15); \
-    BF_S(left,  right, 16); 
-
-#define BF_EXTRA_ROUNDS     \
-    BF_S(right, left,  17); \
-    BF_S(left,  right, 18); \
-    BF_S(right, left,  19); \
-    BF_S(left,  right, 20);
-
-
-// Used by key setup, no byte swapping
-void Blowfish::crypt_block(const word32 in[2], word32 out[2]) const
-{
-	word32 left  = in[0];
-	word32 right = in[1];
-
-	const word32  *const s = sbox_;
-	const word32* p = pbox_;
-
-	left ^= p[0];
-
-    // roll back up and use s and p index instead of just p
-    for (unsigned i = 0; i < ROUNDS / 2; i++) {
-        right ^= (((s[GETBYTE(left,3)] + s[256+GETBYTE(left,2)])
-            ^ s[2*256+GETBYTE(left,1)]) + s[3*256+GETBYTE(left,0)])
-            ^ p[2*i+1];
-
-        left ^= (((s[GETBYTE(right,3)] + s[256+GETBYTE(right,2)])
-            ^ s[2*256+GETBYTE(right,1)]) + s[3*256+GETBYTE(right,0)])
-            ^ p[2*i+2];
-    }
-
-	right ^= p[ROUNDS + 1];
-
-	out[0] = right;
-	out[1] = left;
-}
-
-
-typedef BlockGetAndPut gpBlock;
-
-void Blowfish::ProcessAndXorBlock(const byte* in, const byte* xOr, byte* out)
-    const
-{
-    word32 left, right;
-	const word32  *const s = sbox_;
-    const word32* p = pbox_;
-    
-    gpBlock::Get(in)(left)(right);
-	left ^= p[0];
-
-    // roll back up and use s and p index instead of just p
-    for (unsigned i = 0; i < ROUNDS / 2; i++) {
-        right ^= (((s[GETBYTE(left,3)] + s[256+GETBYTE(left,2)])
-            ^ s[2*256+GETBYTE(left,1)]) + s[3*256+GETBYTE(left,0)])
-            ^ p[2*i+1];
-
-        left ^= (((s[GETBYTE(right,3)] + s[256+GETBYTE(right,2)])
-            ^ s[2*256+GETBYTE(right,1)]) + s[3*256+GETBYTE(right,0)])
-            ^ p[2*i+2];
-    }
-
-	right ^= p[ROUNDS + 1];
-
-    gpBlock::Put(xOr, out)(right)(left);
-}
-
-
-#if defined(DO_BLOWFISH_ASM)
-    #ifdef __GNUC__
-        #define AS1(x)    #x ";"
-        #define AS2(x, y) #x ", " #y ";"
-
-        #define PROLOG()  \
-        __asm__ __volatile__ \
-        ( \
-            ".intel_syntax noprefix;" \
-            "push ebx;" \
-            "push ebp;" \
-            "movd mm3, eax;"
-        #define EPILOG()  \
-            "pop ebp;" \
-            "pop ebx;" \
-       	    "emms;" \
-       	    ".att_syntax;" \
-                : \
-                : "c" (this), "S" (inBlock), "a" (outBlock) \
-                : "%edi", "%edx", "memory", "cc" \
-        );
-
-    #else
-        #define AS1(x)    __asm x
-        #define AS2(x, y) __asm x, y
-
-        #define PROLOG() \
-            AS1(    push  ebp                           )   \
-            AS2(    mov   ebp, esp                      )   \
-            AS2(    movd  mm3, edi                      )   \
-            AS2(    movd  mm4, ebx                      )   \
-            AS2(    movd  mm5, esi                      )   \
-            AS2(    mov   esi, DWORD PTR [ebp +  8]     )
-
-        #define EPILOG()  \
-            AS2(    movd esi, mm5                       )   \
-            AS2(    movd ebx, mm4                       )   \
-            AS2(    movd edi, mm3                       )   \
-            AS2(    mov  esp, ebp                       )   \
-            AS1(    pop  ebp                            )   \
-            AS1(    emms                                )   \
-            AS1(    ret 8                               )
-            
-    #endif
-
-
-#define BF_ROUND(P, G, I)   \
-    /* Put ^= p[I]  */                              \
-    AS2(    xor   P,   [edi + I*4]              )   \
-    /* tmp =  p[18 + BFBYTE_3(Get)] */              \
-    AS2(    mov   ecx, G                        )   \
-    AS2(    shr   ecx, 16                       )   \
-    AS2(    movzx edx, ch                       )   \
-    AS2(    mov   esi, [edi + edx*4 +   72]     )   \
-    /* tmp += p[274+ BFBYTE_2(Get)] */              \
-    AS2(    movzx ecx, cl                       )   \
-    AS2(    add   esi, [edi + ecx*4 + 1096]     )   \
-    /* tmp ^= p[530+ BFBYTE_1(Get)] */              \
-    AS2(    mov   ecx, G                        )   \
-    AS2(    movzx edx, ch                       )   \
-    AS2(    xor   esi, [edi + edx*4 + 2120]     )   \
-    /* tmp += p[786+ BFBYTE_0(Get)] */              \
-    AS2(    movzx ecx, cl                       )   \
-    AS2(    add   esi, [edi + ecx*4 + 3144]     )   \
-    /* Put ^= tmp */                                \
-    AS2(    xor   P,   esi                      )
-
-
-#ifdef _MSC_VER
-    __declspec(naked) 
-#else
-    __attribute__ ((noinline))
-#endif
-void Blowfish::AsmProcess(const byte* inBlock, byte* outBlock) const
-{
-    PROLOG()
-
-    #ifdef OLD_GCC_OFFSET
-        AS2(    lea   edi, [ecx + 60]                       )   // pbox
-    #else
-        AS2(    lea   edi, [ecx + 56]                       )   // pbox
-    #endif
-
-    AS2(    mov   eax, DWORD PTR [esi]                                  )
-    AS2(    mov   edx, DWORD PTR [edi]                                  )
-    AS1(    bswap eax                                                   )
-
-    AS2(    mov   ebx, DWORD PTR [esi + 4]                              )
-    AS2(    xor   eax, edx                      )   // left
-    AS1(    bswap ebx                           )   // right
-
-
-    BF_ROUND(ebx, eax, 1)
-    BF_ROUND(eax, ebx, 2)
-    BF_ROUND(ebx, eax, 3)
-    BF_ROUND(eax, ebx, 4)
-    BF_ROUND(ebx, eax, 5)
-    BF_ROUND(eax, ebx, 6)
-    BF_ROUND(ebx, eax, 7)
-    BF_ROUND(eax, ebx, 8)
-    BF_ROUND(ebx, eax, 9)
-    BF_ROUND(eax, ebx, 10)
-    BF_ROUND(ebx, eax, 11)
-    BF_ROUND(eax, ebx, 12)
-    BF_ROUND(ebx, eax, 13)
-    BF_ROUND(eax, ebx, 14)
-    BF_ROUND(ebx, eax, 15)
-    BF_ROUND(eax, ebx, 16)
-    #if ROUNDS == 20
-        BF_ROUND(ebx, eax, 17)
-        BF_ROUND(eax, ebx, 18)
-        BF_ROUND(ebx, eax, 19)
-        BF_ROUND(eax, ebx, 20)
-
-        AS2(    xor   ebx, [edi + 84]           )   // 20 + 1 (x4)
-    #else
-        AS2(    xor   ebx, [edi + 68]           )   // 16 + 1 (x4)
-    #endif
-
-    #ifdef __GNUC__
-        AS2(    movd  edi, mm3                  ) // outBlock
-    #else
-        AS2(    mov   edi, [ebp + 12]           ) // outBlock
-    #endif
-
-    AS1(    bswap ebx                           )
-    AS1(    bswap eax                           )
-
-    AS2(    mov   [edi]    , ebx                )
-    AS2(    mov   [edi + 4], eax                )
-
-    EPILOG()
-}
-
-
-#endif  // DO_BLOWFISH_ASM
-
-
-} // namespace
-
diff --git a/extra/yassl/taocrypt/src/coding.cpp b/extra/yassl/taocrypt/src/coding.cpp
deleted file mode 100644
index 85d657c352d..00000000000
--- a/extra/yassl/taocrypt/src/coding.cpp
+++ /dev/null
@@ -1,266 +0,0 @@
-/*
-   Copyright (c) 2005, 2012, Oracle and/or its affiliates
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* coding.cpp implements hex and base64 encoding/decoing
-*/
-
-#include "runtime.hpp"
-#include "coding.hpp"
-#include "file.hpp"
-
-
-namespace TaoCrypt {
-
-
-namespace { // locals
-
-const byte bad = 0xFF;  // invalid encoding
-
-const byte hexEncode[] = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9',
-                           'A', 'B', 'C', 'D', 'E', 'F'
-                         };
-
-const byte hexDecode[] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9,
-                           bad, bad, bad, bad, bad, bad, bad,
-                           10, 11, 12, 13, 14, 15 
-                         };  // A starts at 0x41 not 0x3A
-
-
-const byte base64Encode[] = { 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J',
-                              'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T',
-                              'U', 'V', 'W', 'X', 'Y', 'Z',
-                              'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j',
-                              'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't',
-                              'u', 'v', 'w', 'x', 'y', 'z',
-                              '0', '1', '2', '3', '4', '5', '6', '7', '8', '9',
-                              '+', '/'
-                            };
-
-const byte base64Decode[] = { 62, bad, bad, bad, 63,   // + starts at 0x2B
-                              52, 53, 54, 55, 56, 57, 58, 59, 60, 61,
-                              bad, bad, bad, bad, bad, bad, bad,
-                              0, 1, 2, 3, 4, 5, 6, 7, 8, 9,
-                              10, 11, 12, 13, 14, 15, 16, 17, 18, 19,
-                              20, 21, 22, 23, 24, 25,
-                              bad, bad, bad, bad, bad, bad,
-                              26, 27, 28, 29, 30, 31, 32, 33, 34, 35,
-                              36, 37, 38, 39, 40, 41, 42, 43, 44, 45,
-                              46, 47, 48, 49, 50, 51
-                            };
-
-const byte pad = '=';
-const int pemLineSz = 64;
-
-}  // local namespace
-
-
-// Hex Encode
-void HexEncoder::Encode()
-{
-    word32 bytes = plain_.size();
-    encoded_.New(bytes * 2);
-
-    word32 i = 0;
-
-    while (bytes--) {
-        byte p = plain_.next();
-
-        byte b  = p >> 4;
-        byte b2 = p & 0xF;
-
-        encoded_[i++] = hexEncode[b];
-        encoded_[i++] = hexEncode[b2];
-    }
-
-    plain_.reset(encoded_);
-}
-
-
-// Hex Decode
-void HexDecoder::Decode()
-{
-    word32 bytes = coded_.size();
-    decoded_.New(bytes / 2);
-
-    word32 i(0);
-
-    while (bytes) {
-        byte b  = coded_.next() - 0x30;  // 0 starts at 0x30
-        byte b2 = coded_.next() - 0x30;
-
-        // sanity checks
-        if (b >= sizeof(hexDecode)/sizeof(hexDecode[0])) {
-            coded_.SetError(PEM_E);
-            return;
-        }
-        if (b2 >= sizeof(hexDecode)/sizeof(hexDecode[0])) {
-            coded_.SetError(PEM_E);
-            return;
-        }
-
-        b  = hexDecode[b];
-        b2 = hexDecode[b2];
-
-        decoded_[i++] = (b << 4) | b2;
-        bytes -= 2;
-    }
-
-    coded_.reset(decoded_);
-}
-
-
-// Base 64 Encode
-void Base64Encoder::Encode()
-{
-    word32 bytes = plain_.size();
-    word32 outSz = (bytes + 3 - 1) / 3 * 4;
-
-    outSz += (outSz + pemLineSz - 1) / pemLineSz;  // new lines
-    encoded_.New(outSz);
-
-    word32 i = 0;
-    word32 j = 0;
-    
-    while (bytes > 2) {
-        byte b1 = plain_.next();
-        byte b2 = plain_.next();
-        byte b3 = plain_.next();
-
-        // encoded idx
-        byte e1 = b1 >> 2;
-        byte e2 = ((b1 & 0x3) << 4) | (b2 >> 4);
-        byte e3 = ((b2 & 0xF) << 2) | (b3 >> 6);
-        byte e4 = b3 & 0x3F;
-
-        // store
-        encoded_[i++] = base64Encode[e1];
-        encoded_[i++] = base64Encode[e2];
-        encoded_[i++] = base64Encode[e3];
-        encoded_[i++] = base64Encode[e4];
-
-        bytes -= 3;
-
-        if ((++j % 16) == 0 && bytes)
-            encoded_[i++] = '\n';
-    }
-
-    // last integral
-    if (bytes) {
-        bool twoBytes = (bytes == 2);
-
-        byte b1 = plain_.next();
-        byte b2 = (twoBytes) ? plain_.next() : 0;
-
-        byte e1 = b1 >> 2;
-        byte e2 = ((b1 & 0x3) << 4) | (b2 >> 4);
-        byte e3 =  (b2 & 0xF) << 2;
-
-        encoded_[i++] = base64Encode[e1];
-        encoded_[i++] = base64Encode[e2];
-        encoded_[i++] = (twoBytes) ? base64Encode[e3] : pad;
-        encoded_[i++] = pad;
-    } 
-
-    encoded_[i++] = '\n';
-    
-    if (i == outSz)
-        plain_.reset(encoded_);
-}
-
-
-// Base 64 Decode
-void Base64Decoder::Decode()
-{
-    word32 bytes = coded_.size();
-    word32 plainSz = bytes - ((bytes + (pemLineSz - 1)) / pemLineSz); 
-    const  byte maxIdx = (byte)sizeof(base64Decode) + 0x2B - 1;
-    plainSz = ((plainSz * 3) / 4) + 3;
-    decoded_.New(plainSz);
-
-    word32 i = 0;
-    word32 j = 0;
-
-    while (bytes > 3) {
-        byte e1 = coded_.next();
-        byte e2 = coded_.next();
-        byte e3 = coded_.next();
-        byte e4 = coded_.next();
-
-        if (e1 == 0)            // end file 0's
-            break;
-
-        bool pad3 = false;
-        bool pad4 = false;
-        if (e3 == pad)
-            pad3 = true;
-        if (e4 == pad)
-            pad4 = true;
-
-        if (e1 < 0x2B || e2 < 0x2B || e3 < 0x2B || e4 < 0x2B) {
-            coded_.SetError(PEM_E);
-            return;
-        }
-
-        if (e1 > maxIdx || e2 > maxIdx || e3 > maxIdx || e4 > maxIdx) {
-            coded_.SetError(PEM_E);
-            return;
-        }
-
-        e1 = base64Decode[e1 - 0x2B];
-        e2 = base64Decode[e2 - 0x2B];
-        e3 = (e3 == pad) ? 0 : base64Decode[e3 - 0x2B];
-        e4 = (e4 == pad) ? 0 : base64Decode[e4 - 0x2B];
-
-        byte b1 = (e1 << 2) | (e2 >> 4);
-        byte b2 = ((e2 & 0xF) << 4) | (e3 >> 2);
-        byte b3 = ((e3 & 0x3) << 6) | e4;
-
-        decoded_[i++] = b1;
-        if (!pad3)
-            decoded_[i++] = b2;
-        if (!pad4)
-            decoded_[i++] = b3;
-        else
-            break;
-        
-        bytes -= 4;
-        if ((++j % 16) == 0) {
-            byte endLine = coded_.next();
-            bytes--;
-            while (endLine == ' ') {        // remove possible whitespace
-                endLine = coded_.next();
-                bytes--;
-            }
-            if (endLine == '\r') {
-                endLine = coded_.next();
-                bytes--;
-            }
-            if (endLine != '\n') {
-                coded_.SetError(PEM_E); 
-                return;
-            }
-        }
-    }
-
-    if (i != decoded_.size())
-        decoded_.resize(i);
-    coded_.reset(decoded_);
-}
-
-
-} // namespace
diff --git a/extra/yassl/taocrypt/src/des.cpp b/extra/yassl/taocrypt/src/des.cpp
deleted file mode 100644
index 5b6fd9aa05b..00000000000
--- a/extra/yassl/taocrypt/src/des.cpp
+++ /dev/null
@@ -1,778 +0,0 @@
-/*
-   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* C++ part based on Wei Dai's des.cpp from CryptoPP */
-/* x86 asm is original */
-
-
-#if defined(TAOCRYPT_KERNEL_MODE)
-    #define DO_TAOCRYPT_KERNEL_MODE
-#endif                                  // only some modules now support this
-
-
-#include "runtime.hpp"
-#include "des.hpp"
-#ifdef USE_SYS_STL
-    #include 
-#else
-    #include "algorithm.hpp"
-#endif
-
-
-namespace STL = STL_NAMESPACE;
-
-
-
-namespace TaoCrypt {
-
-
-/* permuted choice table (key) */
-static const byte pc1[] = {
-       57, 49, 41, 33, 25, 17,  9,
-        1, 58, 50, 42, 34, 26, 18,
-       10,  2, 59, 51, 43, 35, 27,
-       19, 11,  3, 60, 52, 44, 36,
-
-       63, 55, 47, 39, 31, 23, 15,
-        7, 62, 54, 46, 38, 30, 22,
-       14,  6, 61, 53, 45, 37, 29,
-       21, 13,  5, 28, 20, 12,  4
-};
-
-/* number left rotations of pc1 */
-static const byte totrot[] = {
-       1,2,4,6,8,10,12,14,15,17,19,21,23,25,27,28
-};
-
-/* permuted choice key (table) */
-static const byte pc2[] = {
-       14, 17, 11, 24,  1,  5,
-        3, 28, 15,  6, 21, 10,
-       23, 19, 12,  4, 26,  8,
-       16,  7, 27, 20, 13,  2,
-       41, 52, 31, 37, 47, 55,
-       30, 40, 51, 45, 33, 48,
-       44, 49, 39, 56, 34, 53,
-       46, 42, 50, 36, 29, 32
-};
-
-/* End of DES-defined tables */
-
-/* bit 0 is left-most in byte */
-static const int bytebit[] = {
-       0200,0100,040,020,010,04,02,01
-};
-
-const word32 Spbox[8][64] = {
-{
-0x01010400,0x00000000,0x00010000,0x01010404,
-0x01010004,0x00010404,0x00000004,0x00010000,
-0x00000400,0x01010400,0x01010404,0x00000400,
-0x01000404,0x01010004,0x01000000,0x00000004,
-0x00000404,0x01000400,0x01000400,0x00010400,
-0x00010400,0x01010000,0x01010000,0x01000404,
-0x00010004,0x01000004,0x01000004,0x00010004,
-0x00000000,0x00000404,0x00010404,0x01000000,
-0x00010000,0x01010404,0x00000004,0x01010000,
-0x01010400,0x01000000,0x01000000,0x00000400,
-0x01010004,0x00010000,0x00010400,0x01000004,
-0x00000400,0x00000004,0x01000404,0x00010404,
-0x01010404,0x00010004,0x01010000,0x01000404,
-0x01000004,0x00000404,0x00010404,0x01010400,
-0x00000404,0x01000400,0x01000400,0x00000000,
-0x00010004,0x00010400,0x00000000,0x01010004},
-{
-0x80108020,0x80008000,0x00008000,0x00108020,
-0x00100000,0x00000020,0x80100020,0x80008020,
-0x80000020,0x80108020,0x80108000,0x80000000,
-0x80008000,0x00100000,0x00000020,0x80100020,
-0x00108000,0x00100020,0x80008020,0x00000000,
-0x80000000,0x00008000,0x00108020,0x80100000,
-0x00100020,0x80000020,0x00000000,0x00108000,
-0x00008020,0x80108000,0x80100000,0x00008020,
-0x00000000,0x00108020,0x80100020,0x00100000,
-0x80008020,0x80100000,0x80108000,0x00008000,
-0x80100000,0x80008000,0x00000020,0x80108020,
-0x00108020,0x00000020,0x00008000,0x80000000,
-0x00008020,0x80108000,0x00100000,0x80000020,
-0x00100020,0x80008020,0x80000020,0x00100020,
-0x00108000,0x00000000,0x80008000,0x00008020,
-0x80000000,0x80100020,0x80108020,0x00108000},
-{
-0x00000208,0x08020200,0x00000000,0x08020008,
-0x08000200,0x00000000,0x00020208,0x08000200,
-0x00020008,0x08000008,0x08000008,0x00020000,
-0x08020208,0x00020008,0x08020000,0x00000208,
-0x08000000,0x00000008,0x08020200,0x00000200,
-0x00020200,0x08020000,0x08020008,0x00020208,
-0x08000208,0x00020200,0x00020000,0x08000208,
-0x00000008,0x08020208,0x00000200,0x08000000,
-0x08020200,0x08000000,0x00020008,0x00000208,
-0x00020000,0x08020200,0x08000200,0x00000000,
-0x00000200,0x00020008,0x08020208,0x08000200,
-0x08000008,0x00000200,0x00000000,0x08020008,
-0x08000208,0x00020000,0x08000000,0x08020208,
-0x00000008,0x00020208,0x00020200,0x08000008,
-0x08020000,0x08000208,0x00000208,0x08020000,
-0x00020208,0x00000008,0x08020008,0x00020200},
-{
-0x00802001,0x00002081,0x00002081,0x00000080,
-0x00802080,0x00800081,0x00800001,0x00002001,
-0x00000000,0x00802000,0x00802000,0x00802081,
-0x00000081,0x00000000,0x00800080,0x00800001,
-0x00000001,0x00002000,0x00800000,0x00802001,
-0x00000080,0x00800000,0x00002001,0x00002080,
-0x00800081,0x00000001,0x00002080,0x00800080,
-0x00002000,0x00802080,0x00802081,0x00000081,
-0x00800080,0x00800001,0x00802000,0x00802081,
-0x00000081,0x00000000,0x00000000,0x00802000,
-0x00002080,0x00800080,0x00800081,0x00000001,
-0x00802001,0x00002081,0x00002081,0x00000080,
-0x00802081,0x00000081,0x00000001,0x00002000,
-0x00800001,0x00002001,0x00802080,0x00800081,
-0x00002001,0x00002080,0x00800000,0x00802001,
-0x00000080,0x00800000,0x00002000,0x00802080},
-{
-0x00000100,0x02080100,0x02080000,0x42000100,
-0x00080000,0x00000100,0x40000000,0x02080000,
-0x40080100,0x00080000,0x02000100,0x40080100,
-0x42000100,0x42080000,0x00080100,0x40000000,
-0x02000000,0x40080000,0x40080000,0x00000000,
-0x40000100,0x42080100,0x42080100,0x02000100,
-0x42080000,0x40000100,0x00000000,0x42000000,
-0x02080100,0x02000000,0x42000000,0x00080100,
-0x00080000,0x42000100,0x00000100,0x02000000,
-0x40000000,0x02080000,0x42000100,0x40080100,
-0x02000100,0x40000000,0x42080000,0x02080100,
-0x40080100,0x00000100,0x02000000,0x42080000,
-0x42080100,0x00080100,0x42000000,0x42080100,
-0x02080000,0x00000000,0x40080000,0x42000000,
-0x00080100,0x02000100,0x40000100,0x00080000,
-0x00000000,0x40080000,0x02080100,0x40000100},
-{
-0x20000010,0x20400000,0x00004000,0x20404010,
-0x20400000,0x00000010,0x20404010,0x00400000,
-0x20004000,0x00404010,0x00400000,0x20000010,
-0x00400010,0x20004000,0x20000000,0x00004010,
-0x00000000,0x00400010,0x20004010,0x00004000,
-0x00404000,0x20004010,0x00000010,0x20400010,
-0x20400010,0x00000000,0x00404010,0x20404000,
-0x00004010,0x00404000,0x20404000,0x20000000,
-0x20004000,0x00000010,0x20400010,0x00404000,
-0x20404010,0x00400000,0x00004010,0x20000010,
-0x00400000,0x20004000,0x20000000,0x00004010,
-0x20000010,0x20404010,0x00404000,0x20400000,
-0x00404010,0x20404000,0x00000000,0x20400010,
-0x00000010,0x00004000,0x20400000,0x00404010,
-0x00004000,0x00400010,0x20004010,0x00000000,
-0x20404000,0x20000000,0x00400010,0x20004010},
-{
-0x00200000,0x04200002,0x04000802,0x00000000,
-0x00000800,0x04000802,0x00200802,0x04200800,
-0x04200802,0x00200000,0x00000000,0x04000002,
-0x00000002,0x04000000,0x04200002,0x00000802,
-0x04000800,0x00200802,0x00200002,0x04000800,
-0x04000002,0x04200000,0x04200800,0x00200002,
-0x04200000,0x00000800,0x00000802,0x04200802,
-0x00200800,0x00000002,0x04000000,0x00200800,
-0x04000000,0x00200800,0x00200000,0x04000802,
-0x04000802,0x04200002,0x04200002,0x00000002,
-0x00200002,0x04000000,0x04000800,0x00200000,
-0x04200800,0x00000802,0x00200802,0x04200800,
-0x00000802,0x04000002,0x04200802,0x04200000,
-0x00200800,0x00000000,0x00000002,0x04200802,
-0x00000000,0x00200802,0x04200000,0x00000800,
-0x04000002,0x04000800,0x00000800,0x00200002},
-{
-0x10001040,0x00001000,0x00040000,0x10041040,
-0x10000000,0x10001040,0x00000040,0x10000000,
-0x00040040,0x10040000,0x10041040,0x00041000,
-0x10041000,0x00041040,0x00001000,0x00000040,
-0x10040000,0x10000040,0x10001000,0x00001040,
-0x00041000,0x00040040,0x10040040,0x10041000,
-0x00001040,0x00000000,0x00000000,0x10040040,
-0x10000040,0x10001000,0x00041040,0x00040000,
-0x00041040,0x00040000,0x10041000,0x00001000,
-0x00000040,0x10040040,0x00001000,0x00041040,
-0x10001000,0x00000040,0x10000040,0x10040000,
-0x10040040,0x10000000,0x00040000,0x10001040,
-0x00000000,0x10041040,0x00040040,0x10000040,
-0x10040000,0x10001000,0x10001040,0x00000000,
-0x10041040,0x00041000,0x00041000,0x00001040,
-0x00001040,0x00040040,0x10000000,0x10041000}
-};
-
-
-void BasicDES::SetKey(const byte* key, word32 /*length*/, CipherDir dir)
-{
-    byte buffer[56+56+8];
-    byte *const pc1m = buffer;                 /* place to modify pc1 into */
-    byte *const pcr = pc1m + 56;               /* place to rotate pc1 into */
-    byte *const ks = pcr + 56;
-    register int i,j,l;
-    int m;
-
-    for (j = 0; j < 56; j++) {          /* convert pc1 to bits of key */
-        l = pc1[j] - 1;                 /* integer bit location  */
-        m = l & 07;                     /* find bit              */
-        pc1m[j] = (key[l >> 3] &        /* find which key byte l is in */
-            bytebit[m])                 /* and which bit of that byte */
-            ? 1 : 0;                    /* and store 1-bit result */
-    }
-    for (i = 0; i < 16; i++) {          /* key chunk for each iteration */
-        memset(ks, 0, 8);               /* Clear key schedule */
-        for (j = 0; j < 56; j++)        /* rotate pc1 the right amount */
-            pcr[j] = pc1m[(l = j + totrot[i]) < (j < 28 ? 28 : 56) ? l: l-28];
-        /* rotate left and right halves independently */
-        for (j = 0; j < 48; j++){   /* select bits individually */
-            /* check bit that goes to ks[j] */
-            if (pcr[pc2[j] - 1]){
-                /* mask it in if it's there */
-                l= j % 6;
-                ks[j/6] |= bytebit[l] >> 2;
-            }
-        }
-        /* Now convert to odd/even interleaved form for use in F */
-        k_[2*i] = ((word32)ks[0] << 24)
-            | ((word32)ks[2] << 16)
-            | ((word32)ks[4] << 8)
-            | ((word32)ks[6]);
-        k_[2*i + 1] = ((word32)ks[1] << 24)
-            | ((word32)ks[3] << 16)
-            | ((word32)ks[5] << 8)
-            | ((word32)ks[7]);
-    }
-    
-    // reverse key schedule order
-    if (dir == DECRYPTION)
-        for (i = 0; i < 16; i += 2) {
-            STL::swap(k_[i],   k_[32 - 2 - i]);
-            STL::swap(k_[i+1], k_[32 - 1 - i]);
-        }
-   
-}
-
-static inline void IPERM(word32& left, word32& right)
-{
-    word32 work;
-
-    right = rotlFixed(right, 4U);
-    work = (left ^ right) & 0xf0f0f0f0;
-    left ^= work;
-
-    right = rotrFixed(right^work, 20U);
-    work = (left ^ right) & 0xffff0000;
-    left ^= work;
-
-    right = rotrFixed(right^work, 18U);
-    work = (left ^ right) & 0x33333333;
-    left ^= work;
-
-    right = rotrFixed(right^work, 6U);
-    work = (left ^ right) & 0x00ff00ff;
-    left ^= work;
-
-    right = rotlFixed(right^work, 9U);
-    work = (left ^ right) & 0xaaaaaaaa;
-    left = rotlFixed(left^work, 1U);
-    right ^= work;
-}
-
-static inline void FPERM(word32& left, word32& right)
-{
-    word32 work;
-
-    right = rotrFixed(right, 1U);
-    work = (left ^ right) & 0xaaaaaaaa;
-    right ^= work;
-    left = rotrFixed(left^work, 9U);
-    work = (left ^ right) & 0x00ff00ff;
-    right ^= work;
-    left = rotlFixed(left^work, 6U);
-    work = (left ^ right) & 0x33333333;
-    right ^= work;
-    left = rotlFixed(left^work, 18U);
-    work = (left ^ right) & 0xffff0000;
-    right ^= work;
-    left = rotlFixed(left^work, 20U);
-    work = (left ^ right) & 0xf0f0f0f0;
-    right ^= work;
-    left = rotrFixed(left^work, 4U);
-}
-
-
-void BasicDES::RawProcessBlock(word32& lIn, word32& rIn) const
-{
-    word32 l = lIn, r = rIn;
-    const word32* kptr = k_;
-
-    for (unsigned i=0; i<8; i++)
-    {
-        word32 work = rotrFixed(r, 4U) ^ kptr[4*i+0];
-        l ^= Spbox[6][(work) & 0x3f]
-          ^  Spbox[4][(work >> 8) & 0x3f]
-          ^  Spbox[2][(work >> 16) & 0x3f]
-          ^  Spbox[0][(work >> 24) & 0x3f];
-        work = r ^ kptr[4*i+1];
-        l ^= Spbox[7][(work) & 0x3f]
-          ^  Spbox[5][(work >> 8) & 0x3f]
-          ^  Spbox[3][(work >> 16) & 0x3f]
-          ^  Spbox[1][(work >> 24) & 0x3f];
-
-        work = rotrFixed(l, 4U) ^ kptr[4*i+2];
-        r ^= Spbox[6][(work) & 0x3f]
-          ^  Spbox[4][(work >> 8) & 0x3f]
-          ^  Spbox[2][(work >> 16) & 0x3f]
-          ^  Spbox[0][(work >> 24) & 0x3f];
-        work = l ^ kptr[4*i+3];
-        r ^= Spbox[7][(work) & 0x3f]
-          ^  Spbox[5][(work >> 8) & 0x3f]
-          ^  Spbox[3][(work >> 16) & 0x3f]
-          ^  Spbox[1][(work >> 24) & 0x3f];
-    }
-
-    lIn = l; rIn = r;
-}
-
-
-
-typedef BlockGetAndPut Block;
-
-
-void DES::ProcessAndXorBlock(const byte* in, const byte* xOr, byte* out) const
-{
-    word32 l,r;
-    Block::Get(in)(l)(r);
-    IPERM(l,r);
-
-    RawProcessBlock(l, r);
-
-    FPERM(l,r);
-    Block::Put(xOr, out)(r)(l);
-}
-
-
-void DES_EDE2::SetKey(const byte* key, word32 sz, CipherDir dir)
-{
-    des1_.SetKey(key, sz, dir);
-    des2_.SetKey(key + 8, sz, ReverseDir(dir));
-}
-
-
-void DES_EDE2::ProcessAndXorBlock(const byte* in, const byte* xOr,
-                                  byte* out) const
-{
-    word32 l,r;
-    Block::Get(in)(l)(r);
-    IPERM(l,r);
-
-    des1_.RawProcessBlock(l, r);
-    des2_.RawProcessBlock(r, l);
-    des1_.RawProcessBlock(l, r);
-
-    FPERM(l,r);
-    Block::Put(xOr, out)(r)(l);
-}
-
-
-void DES_EDE3::SetKey(const byte* key, word32 sz, CipherDir dir)
-{
-    des1_.SetKey(key+(dir==ENCRYPTION?0:2*8), sz, dir);
-    des2_.SetKey(key+8, sz, ReverseDir(dir));
-    des3_.SetKey(key+(dir==DECRYPTION?0:2*8), sz, dir);
-}
-
-
-
-#if defined(DO_DES_ASM)
-
-// ia32 optimized version
-void DES_EDE3::Process(byte* out, const byte* in, word32 sz)
-{
-    if (!isMMX) {
-        Mode_BASE::Process(out, in, sz);
-        return;
-    }
-
-    word32 blocks = sz / DES_BLOCK_SIZE;
-
-    if (mode_ == CBC)    
-        if (dir_ == ENCRYPTION)
-            while (blocks--) {
-                r_[0] ^= *(word32*)in;
-                r_[1] ^= *(word32*)(in + 4);
-
-                AsmProcess((byte*)r_, (byte*)r_, (void*)Spbox);
-                
-                memcpy(out, r_, DES_BLOCK_SIZE);
-
-                in  += DES_BLOCK_SIZE;
-                out += DES_BLOCK_SIZE;
-            }
-        else
-            while (blocks--) {
-                AsmProcess(in, out, (void*)Spbox);
-               
-                *(word32*)out       ^= r_[0];
-                *(word32*)(out + 4) ^= r_[1];
-
-                memcpy(r_, in, DES_BLOCK_SIZE);
-
-                out += DES_BLOCK_SIZE;
-                in  += DES_BLOCK_SIZE;
-            }
-    else
-        while (blocks--) {
-            AsmProcess(in, out, (void*)Spbox);
-           
-            out += DES_BLOCK_SIZE;
-            in  += DES_BLOCK_SIZE;
-        }
-}
-
-#endif // DO_DES_ASM
-
-
-void DES_EDE3::ProcessAndXorBlock(const byte* in, const byte* xOr,
-                                  byte* out) const
-{
-    word32 l,r;
-    Block::Get(in)(l)(r);
-    IPERM(l,r);
-
-    des1_.RawProcessBlock(l, r);
-    des2_.RawProcessBlock(r, l);
-    des3_.RawProcessBlock(l, r);
-
-    FPERM(l,r);
-    Block::Put(xOr, out)(r)(l);
-}
-
-
-#if defined(DO_DES_ASM)
-
-/* Uses IPERM algorithm from above
-
-   left  is in eax
-   right is in ebx
-
-   uses ecx
-*/
-#define AsmIPERM() \
-    AS2(    rol   ebx, 4                        )   \
-    AS2(    mov   ecx, eax                      )   \
-    AS2(    xor   ecx, ebx                      )   \
-    AS2(    and   ecx, 0xf0f0f0f0               )   \
-    AS2(    xor   ebx, ecx                      )   \
-    AS2(    xor   eax, ecx                      )   \
-    AS2(    ror   ebx, 20                       )   \
-    AS2(    mov   ecx, eax                      )   \
-    AS2(    xor   ecx, ebx                      )   \
-    AS2(    and   ecx, 0xffff0000               )   \
-    AS2(    xor   ebx, ecx                      )   \
-    AS2(    xor   eax, ecx                      )   \
-    AS2(    ror   ebx, 18                       )   \
-    AS2(    mov   ecx, eax                      )   \
-    AS2(    xor   ecx, ebx                      )   \
-    AS2(    and   ecx, 0x33333333               )   \
-    AS2(    xor   ebx, ecx                      )   \
-    AS2(    xor   eax, ecx                      )   \
-    AS2(    ror   ebx, 6                        )   \
-    AS2(    mov   ecx, eax                      )   \
-    AS2(    xor   ecx, ebx                      )   \
-    AS2(    and   ecx, 0x00ff00ff               )   \
-    AS2(    xor   ebx, ecx                      )   \
-    AS2(    xor   eax, ecx                      )   \
-    AS2(    rol   ebx, 9                        )   \
-    AS2(    mov   ecx, eax                      )   \
-    AS2(    xor   ecx, ebx                      )   \
-    AS2(    and   ecx, 0xaaaaaaaa               )   \
-    AS2(    xor   eax, ecx                      )   \
-    AS2(    rol   eax, 1                        )   \
-    AS2(    xor   ebx, ecx                      )
-
-
-/* Uses FPERM algorithm from above
-
-   left  is in eax
-   right is in ebx
-
-   uses ecx
-*/
-#define AsmFPERM()    \
-    AS2(    ror  ebx, 1                     )    \
-    AS2(    mov  ecx, eax                   )    \
-    AS2(    xor  ecx, ebx                   )    \
-    AS2(    and  ecx, 0xaaaaaaaa            )    \
-    AS2(    xor  eax, ecx                   )    \
-    AS2(    xor  ebx, ecx                   )    \
-    AS2(    ror  eax, 9                     )    \
-    AS2(    mov  ecx, ebx                   )    \
-    AS2(    xor  ecx, eax                   )    \
-    AS2(    and  ecx, 0x00ff00ff            )    \
-    AS2(    xor  eax, ecx                   )    \
-    AS2(    xor  ebx, ecx                   )    \
-    AS2(    rol  eax, 6                     )    \
-    AS2(    mov  ecx, ebx                   )    \
-    AS2(    xor  ecx, eax                   )    \
-    AS2(    and  ecx, 0x33333333            )    \
-    AS2(    xor  eax, ecx                   )    \
-    AS2(    xor  ebx, ecx                   )    \
-    AS2(    rol  eax, 18                    )    \
-    AS2(    mov  ecx, ebx                   )    \
-    AS2(    xor  ecx, eax                   )    \
-    AS2(    and  ecx, 0xffff0000            )    \
-    AS2(    xor  eax, ecx                   )    \
-    AS2(    xor  ebx, ecx                   )    \
-    AS2(    rol  eax, 20                    )    \
-    AS2(    mov  ecx, ebx                   )    \
-    AS2(    xor  ecx, eax                   )    \
-    AS2(    and  ecx, 0xf0f0f0f0            )    \
-    AS2(    xor  eax, ecx                   )    \
-    AS2(    xor  ebx, ecx                   )    \
-    AS2(    ror  eax, 4                     )
-
-
-
-
-/* DesRound implements this algorithm:
-
-        word32 work = rotrFixed(r, 4U) ^ key[0];
-        l ^= Spbox[6][(work) & 0x3f]
-          ^  Spbox[4][(work >> 8) & 0x3f]
-          ^  Spbox[2][(work >> 16) & 0x3f]
-          ^  Spbox[0][(work >> 24) & 0x3f];
-        work = r ^ key[1];
-        l ^= Spbox[7][(work) & 0x3f]
-          ^  Spbox[5][(work >> 8) & 0x3f]
-          ^  Spbox[3][(work >> 16) & 0x3f]
-          ^  Spbox[1][(work >> 24) & 0x3f];
-
-        work = rotrFixed(l, 4U) ^ key[2];
-        r ^= Spbox[6][(work) & 0x3f]
-          ^  Spbox[4][(work >> 8) & 0x3f]
-          ^  Spbox[2][(work >> 16) & 0x3f]
-          ^  Spbox[0][(work >> 24) & 0x3f];
-        work = l ^ key[3];
-        r ^= Spbox[7][(work) & 0x3f]
-          ^  Spbox[5][(work >> 8) & 0x3f]
-          ^  Spbox[3][(work >> 16) & 0x3f]
-          ^  Spbox[1][(work >> 24) & 0x3f];
-
-   left  is in aex
-   right is in ebx
-   key   is in edx
-
-   edvances key for next round
-
-   uses ecx, esi, and edi
-*/
-#define DesRound() \
-    AS2(    mov   ecx,  ebx                     )\
-    AS2(    mov   esi,  DWORD PTR [edx]         )\
-    AS2(    ror   ecx,  4                       )\
-    AS2(    xor   ecx,  esi                     )\
-    AS2(    and   ecx,  0x3f3f3f3f              )\
-    AS2(    movzx esi,  cl                      )\
-    AS2(    movzx edi,  ch                      )\
-    AS2(    xor   eax,  [ebp + esi*4 + 6*256]   )\
-    AS2(    shr   ecx,  16                      )\
-    AS2(    xor   eax,  [ebp + edi*4 + 4*256]   )\
-    AS2(    movzx esi,  cl                      )\
-    AS2(    movzx edi,  ch                      )\
-    AS2(    xor   eax,  [ebp + esi*4 + 2*256]   )\
-    AS2(    mov   esi,  DWORD PTR [edx + 4]     )\
-    AS2(    xor   eax,  [ebp + edi*4]           )\
-    AS2(    mov   ecx,  ebx                     )\
-    AS2(    xor   ecx,  esi                     )\
-    AS2(    and   ecx,  0x3f3f3f3f              )\
-    AS2(    movzx esi,  cl                      )\
-    AS2(    movzx edi,  ch                      )\
-    AS2(    xor   eax,  [ebp + esi*4 + 7*256]   )\
-    AS2(    shr   ecx,  16                      )\
-    AS2(    xor   eax,  [ebp + edi*4 + 5*256]   )\
-    AS2(    movzx esi,  cl                      )\
-    AS2(    movzx edi,  ch                      )\
-    AS2(    xor   eax,  [ebp + esi*4 + 3*256]   )\
-    AS2(    mov   esi,  DWORD PTR [edx + 8]     )\
-    AS2(    xor   eax,  [ebp + edi*4 + 1*256]   )\
-    AS2(    mov   ecx,  eax                     )\
-    AS2(    ror   ecx,  4                       )\
-    AS2(    xor   ecx,  esi                     )\
-    AS2(    and   ecx,  0x3f3f3f3f              )\
-    AS2(    movzx esi,  cl                      )\
-    AS2(    movzx edi,  ch                      )\
-    AS2(    xor   ebx,  [ebp + esi*4 + 6*256]   )\
-    AS2(    shr   ecx,  16                      )\
-    AS2(    xor   ebx,  [ebp + edi*4 + 4*256]   )\
-    AS2(    movzx esi,  cl                      )\
-    AS2(    movzx edi,  ch                      )\
-    AS2(    xor   ebx,  [ebp + esi*4 + 2*256]   )\
-    AS2(    mov   esi,  DWORD PTR [edx + 12]    )\
-    AS2(    xor   ebx,  [ebp + edi*4]           )\
-    AS2(    mov   ecx,  eax                     )\
-    AS2(    xor   ecx,  esi                     )\
-    AS2(    and   ecx,  0x3f3f3f3f              )\
-    AS2(    movzx esi,  cl                      )\
-    AS2(    movzx edi,  ch                      )\
-    AS2(    xor   ebx,  [ebp + esi*4 + 7*256]   )\
-    AS2(    shr   ecx,  16                      )\
-    AS2(    xor   ebx,  [ebp + edi*4 + 5*256]   )\
-    AS2(    movzx esi,  cl                      )\
-    AS2(    movzx edi,  ch                      )\
-    AS2(    xor   ebx,  [ebp + esi*4 + 3*256]   )\
-    AS2(    add   edx,  16                      )\
-    AS2(    xor   ebx,  [ebp + edi*4 + 1*256]   )
-
-
-#ifdef _MSC_VER
-    __declspec(naked) 
-#else
-    __attribute__ ((noinline))
-#endif
-void DES_EDE3::AsmProcess(const byte* in, byte* out, void* box) const
-{
-#ifdef __GNUC__
-    #define AS1(x)    #x ";"
-    #define AS2(x, y) #x ", " #y ";"
-
-    #define PROLOG()  \
-    __asm__ __volatile__ \
-    ( \
-        ".intel_syntax noprefix;" \
-        "push ebx;" \
-        "push ebp;" \
-        "movd mm6, ebp;" \
-        "movd mm7, ecx;" \
-        "mov  ebp, eax;"
-    #define EPILOG()  \
-        "pop ebp;" \
-        "pop ebx;" \
-       	"emms;" \
-       	".att_syntax;" \
-            :  \
-            : "d" (this), "S" (in), "a" (box), "c" (out) \
-            : "%edi", "memory", "cc" \
-    );
-
-#else
-    #define AS1(x)      __asm x
-    #define AS2(x, y)   __asm x, y
-
-    #define PROLOG()  \
-        AS1(    push  ebp                           )   \
-        AS2(    mov   ebp, esp                      )   \
-        AS2(    movd  mm3, edi                      )   \
-        AS2(    movd  mm4, ebx                      )   \
-        AS2(    movd  mm5, esi                      )   \
-        AS2(    movd  mm6, ebp                      )   \
-        AS2(    mov   esi, DWORD PTR [ebp +  8]     )   \
-        AS2(    mov   edx, ecx                      )   \
-        AS2(    mov   ebp, DWORD PTR [ebp + 16]     )
-
-    // ebp restored at end
-    #define EPILOG() \
-        AS2(    movd  edi, mm3                      )   \
-        AS2(    movd  ebx, mm4                      )   \
-        AS2(    movd  esi, mm5                      )   \
-        AS2(    mov   esp, ebp                      )   \
-        AS1(    pop   ebp                           )   \
-        AS1(    emms                                )   \
-        AS1(    ret 12                              )
-
-#endif
-
-
-    PROLOG()
-
-    AS2(    movd  mm2, edx                      )
-
-    #ifdef OLD_GCC_OFFSET
-        AS2(    add   edx, 60                       )   // des1 = des1 key
-    #else
-        AS2(    add   edx, 56                       )   // des1 = des1 key
-    #endif
-
-    AS2(    mov   eax, DWORD PTR [esi]          )
-    AS2(    mov   ebx, DWORD PTR [esi + 4]      )
-    AS1(    bswap eax                           )    // left
-    AS1(    bswap ebx                           )    // right
-
-    AsmIPERM()
-
-    DesRound() // 1
-    DesRound() // 2
-    DesRound() // 3
-    DesRound() // 4
-    DesRound() // 5
-    DesRound() // 6
-    DesRound() // 7
-    DesRound() // 8
-
-    // swap left and right 
-    AS2(    xchg  eax, ebx                      )
-
-    DesRound() // 1
-    DesRound() // 2
-    DesRound() // 3
-    DesRound() // 4
-    DesRound() // 5
-    DesRound() // 6
-    DesRound() // 7
-    DesRound() // 8
-
-    // swap left and right
-    AS2(    xchg  eax, ebx                      )
-
-    DesRound() // 1
-    DesRound() // 2
-    DesRound() // 3
-    DesRound() // 4
-    DesRound() // 5
-    DesRound() // 6
-    DesRound() // 7
-    DesRound() // 8
-
-    AsmFPERM()
-
-    //end
-    AS2(    movd  ebp, mm6                      )
-
-    // swap and write out
-    AS1(    bswap ebx                           )
-    AS1(    bswap eax                           )
-
-#ifdef __GNUC__
-    AS2(    movd  esi, mm7   )   // outBlock
-#else
-    AS2(    mov   esi, DWORD PTR [ebp +  12]    )   // outBlock
-#endif
-
-    AS2(    mov   DWORD PTR [esi],     ebx      )   // right first
-    AS2(    mov   DWORD PTR [esi + 4], eax      )
-    
-
-    EPILOG()
-}
-
-
-
-#endif // defined(DO_DES_ASM)
-
-
-}  // namespace
diff --git a/extra/yassl/taocrypt/src/dh.cpp b/extra/yassl/taocrypt/src/dh.cpp
deleted file mode 100644
index cc677cba458..00000000000
--- a/extra/yassl/taocrypt/src/dh.cpp
+++ /dev/null
@@ -1,104 +0,0 @@
-/*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-
-/* dh.cpp implements Diffie-Hellman support
-*/
-
-#include "runtime.hpp"
-#include "dh.hpp"
-#include "asn.hpp"
-#include 
-
-namespace TaoCrypt {
-
-
-namespace {  // locals
-
-unsigned int DiscreteLogWorkFactor(unsigned int n)
-{
-    // assuming discrete log takes about the same time as factoring
-    if (n<5)
-        return 0;
-    else
-        return (unsigned int)(2.4 * pow((double)n, 1.0/3.0) *
-                pow(log(double(n)), 2.0/3.0) - 5);
-}
-
-} // namespace locals
-
-
-// Generate a DH Key Pair
-void DH::GenerateKeyPair(RandomNumberGenerator& rng, byte* priv, byte* pub)
-{
-    GeneratePrivate(rng, priv);
-    GeneratePublic(priv, pub);
-}
-
-
-// Generate private value
-void DH::GeneratePrivate(RandomNumberGenerator& rng, byte* priv)
-{
-    Integer x(rng, Integer::One(), min(p_ - 1,
-        Integer::Power2(2*DiscreteLogWorkFactor(p_.BitCount())) ) );
-    x.Encode(priv, p_.ByteCount());
-}
-
-
-// Generate public value
-void DH::GeneratePublic(const byte* priv, byte* pub)
-{
-    const word32 bc(p_.ByteCount());
-    Integer x(priv, bc);
-    Integer y(a_exp_b_mod_c(g_, x, p_));
-    y.Encode(pub, bc);
-}
-
-
-// Generate Agreement
-void DH::Agree(byte* agree, const byte* priv, const byte* otherPub, word32
-               otherSz)
-{
-    const word32 bc(p_.ByteCount());
-    Integer x(priv, bc);
-    Integer y;
-    if (otherSz)
-        y.Decode(otherPub, otherSz);
-    else
-        y.Decode(otherPub, bc);
-
-    Integer z(a_exp_b_mod_c(y, x, p_));
-    z.Encode(agree, bc);
-}
-
-
-DH::DH(Source& source)
-{
-    Initialize(source);
-}
-
-
-void DH::Initialize(Source& source)
-{
-    DH_Decoder decoder(source);
-    decoder.Decode(*this);
-}
-
-
-} // namespace
diff --git a/extra/yassl/taocrypt/src/dsa.cpp b/extra/yassl/taocrypt/src/dsa.cpp
deleted file mode 100644
index ccdefa46025..00000000000
--- a/extra/yassl/taocrypt/src/dsa.cpp
+++ /dev/null
@@ -1,274 +0,0 @@
-/*
-   Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-
-#include "runtime.hpp"
-#include "dsa.hpp"
-#include "sha.hpp"
-#include "asn.hpp"
-#include "modarith.hpp"
-
-
-namespace TaoCrypt {
-
-
-void DSA_PublicKey::Swap(DSA_PublicKey& other)
-{
-    p_.Swap(other.p_);
-    q_.Swap(other.q_);
-    g_.Swap(other.g_);
-    y_.Swap(other.y_);
-}
-
-
-DSA_PublicKey::DSA_PublicKey(const DSA_PublicKey& other)
-    : p_(other.p_), q_(other.q_), g_(other.g_), y_(other.y_)
-{}
-
-
-DSA_PublicKey& DSA_PublicKey::operator=(const DSA_PublicKey& that)
-{
-    DSA_PublicKey tmp(that);
-    Swap(tmp);
-    return *this;
-}
-
-
-DSA_PublicKey::DSA_PublicKey(Source& source)
-{
-    Initialize(source);
-}
-
-
-void DSA_PublicKey::Initialize(Source& source)
-{
-    DSA_Public_Decoder decoder(source);
-    decoder.Decode(*this);
-}
-
-
-void DSA_PublicKey::Initialize(const Integer& p, const Integer& q,
-                               const Integer& g, const Integer& y)
-{
-    p_ = p;
-    q_ = q;
-    g_ = g;
-    y_ = y;
-}
-   
-
-const Integer& DSA_PublicKey::GetModulus() const
-{
-    return p_;
-}
-
-const Integer& DSA_PublicKey::GetSubGroupOrder() const
-{
-    return q_;
-}
-
-
-const Integer& DSA_PublicKey::GetSubGroupGenerator() const
-{
-    return g_;
-}
-
-
-const Integer& DSA_PublicKey::GetPublicPart() const
-{
-    return y_;
-}
-
-
-void DSA_PublicKey::SetModulus(const Integer& p)
-{
-    p_ = p;
-}
-
-
-void DSA_PublicKey::SetSubGroupOrder(const Integer& q)
-{
-    q_ = q;
-}
-
-
-void DSA_PublicKey::SetSubGroupGenerator(const Integer& g)
-{
-    g_ = g;
-}
-
-
-void DSA_PublicKey::SetPublicPart(const Integer& y)
-{
-    y_ = y;
-}
-
-
-word32 DSA_PublicKey::SignatureLength() const
-{
-    return GetSubGroupOrder().ByteCount() * 2;  // r and s
-}
-
-
-
-DSA_PrivateKey::DSA_PrivateKey(Source& source)
-{
-    Initialize(source);
-}
-
-
-void DSA_PrivateKey::Initialize(Source& source)
-{
-    DSA_Private_Decoder decoder(source);
-    decoder.Decode(*this);
-}
-
-
-void DSA_PrivateKey::Initialize(const Integer& p, const Integer& q,
-                                const Integer& g, const Integer& y,
-                                const Integer& x)
-{
-    DSA_PublicKey::Initialize(p, q, g, y);
-    x_ = x;
-}
-
-
-const Integer& DSA_PrivateKey::GetPrivatePart() const
-{
-    return x_;
-}
-
-
-void DSA_PrivateKey::SetPrivatePart(const Integer& x)
-{
-    x_ = x;
-}
-
-
-DSA_Signer::DSA_Signer(const DSA_PrivateKey& key)
-    : key_(key)
-{}
-
-
-word32 DSA_Signer::Sign(const byte* sha_digest, byte* sig,
-                        RandomNumberGenerator& rng)
-{
-    const Integer& p = key_.GetModulus();
-    const Integer& q = key_.GetSubGroupOrder();
-    const Integer& g = key_.GetSubGroupGenerator();
-    const Integer& x = key_.GetPrivatePart();
-    byte* tmpPtr = sig;  // initial signature output
-
-    Integer k(rng, 1, q - 1);
-
-    r_ =  a_exp_b_mod_c(g, k, p);
-    r_ %= q;
-
-    Integer H(sha_digest, SHA::DIGEST_SIZE);  // sha Hash(m)
-
-    Integer kInv = k.InverseMod(q);
-    s_ = (kInv * (H + x*r_)) % q;
-
-    if (!(!!r_ && !!s_))
-      return (word32) -1;
-
-    int rSz = r_.ByteCount();
-    int tmpSz = rSz;
-
-    while (tmpSz++ < SHA::DIGEST_SIZE) {
-        *sig++ = 0;
-    }
-    
-    r_.Encode(sig,  rSz);
-
-    sig = tmpPtr + SHA::DIGEST_SIZE;  // advance sig output to s
-    int sSz = s_.ByteCount();
-    tmpSz = sSz;
-
-    while (tmpSz++ < SHA::DIGEST_SIZE) {
-        *sig++ = 0;
-    }
-
-    s_.Encode(sig, sSz);
-
-    return 40;
-}
-
-
-DSA_Verifier::DSA_Verifier(const DSA_PublicKey& key)
-    : key_(key)
-{}
-
-
-bool DSA_Verifier::Verify(const byte* sha_digest, const byte* sig)
-{
-    const Integer& p = key_.GetModulus();
-    const Integer& q = key_.GetSubGroupOrder();
-    const Integer& g = key_.GetSubGroupGenerator();
-    const Integer& y = key_.GetPublicPart();
-
-    int sz = q.ByteCount();
-
-    r_.Decode(sig, sz);
-    s_.Decode(sig + sz, sz);
-
-    if (r_ >= q || r_ < 1 || s_ >= q || s_ < 1)
-        return false;
-
-    Integer H(sha_digest, SHA::DIGEST_SIZE);  // sha Hash(m)
-
-    Integer w = s_.InverseMod(q);
-    Integer u1 = (H  * w) % q;
-    Integer u2 = (r_ * w) % q;
-
-    // verify r == ((g^u1 * y^u2) mod p) mod q
-    ModularArithmetic ma(p);
-    Integer v = ma.CascadeExponentiate(g, u1, y, u2);
-    v %= q;
-
-    return r_ == v;
-}
-
-
-
-
-const Integer& DSA_Signer::GetR() const
-{
-    return r_;
-}
-
-
-const Integer& DSA_Signer::GetS() const
-{
-    return s_;
-}
-
-
-const Integer& DSA_Verifier::GetR() const
-{
-    return r_;
-}
-
-
-const Integer& DSA_Verifier::GetS() const
-{
-    return s_;
-}
-
-
-} // namespace
diff --git a/extra/yassl/taocrypt/src/file.cpp b/extra/yassl/taocrypt/src/file.cpp
deleted file mode 100644
index 5dfc19ca7bd..00000000000
--- a/extra/yassl/taocrypt/src/file.cpp
+++ /dev/null
@@ -1,116 +0,0 @@
-/*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* file.cpp implements File Sources and Sinks
-*/
-
-#include "runtime.hpp"
-#include "file.hpp"
-
-
-namespace TaoCrypt {
-
-
-FileSource::FileSource(const char* fname, Source& source)
-{
-    file_ = fopen(fname, "rb");
-    if (file_) get(source);
-}
-
-
-FileSource::~FileSource()
-{
-    if (file_)
-        fclose(file_);
-}
-
-
-
-// return size of source from beginning or current position
-word32 FileSource::size(bool use_current)
-{
-    long current = ftell(file_);
-    long begin   = current;
-
-    if (!use_current) {
-        fseek(file_, 0, SEEK_SET);
-        begin = ftell(file_);
-    }
-
-    fseek(file_, 0, SEEK_END);
-    long end = ftell(file_);
-
-    fseek(file_, current, SEEK_SET);
-
-    return end - begin;
-}
-
-
-word32 FileSource::size_left()
-{
-    return size(true);
-}
-
-
-// fill file source from source
-word32 FileSource::get(Source& source)
-{
-    word32 sz(size());
-    if (source.size() < sz)
-        source.grow(sz);
-
-    size_t bytes = fread(source.buffer_.get_buffer(), 1, sz, file_);
-
-    if (bytes == 1)
-        return sz;
-    else
-        return 0;
-}
-
-
-FileSink::FileSink(const char* fname, Source& source)
-{
-    file_ = fopen(fname, "wb");
-    if (file_) put(source);
-}
-
-
-FileSink::~FileSink()
-{
-    if (file_)
-        fclose(file_);
-}
-
-
-// fill source from file sink
-size_t FileSink::put(Source& source)
-{
-    return fwrite(source.get_buffer(), 1, source.size(), file_);
-}
-
-
-// swap with other and reset to beginning
-void Source::reset(ByteBlock& otherBlock)
-{
-    buffer_.Swap(otherBlock);   
-    current_ = 0;
-}
-
-
-}  // namespace
diff --git a/extra/yassl/taocrypt/src/hash.cpp b/extra/yassl/taocrypt/src/hash.cpp
deleted file mode 100644
index 9fa65a36074..00000000000
--- a/extra/yassl/taocrypt/src/hash.cpp
+++ /dev/null
@@ -1,191 +0,0 @@
-/*
-   Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* hash.cpp implements a base for digest types
-*/
-
-#include "runtime.hpp"
-#include 
-
-#include "hash.hpp"
-
-
-namespace TaoCrypt {
-
-
-HASHwithTransform::HASHwithTransform(word32 digSz, word32 buffSz)
-{
-}
-
-
-void HASHwithTransform::AddLength(word32 len)
-{
-    HashLengthType tmp = loLen_;
-    if ( (loLen_ += len) < tmp)
-        hiLen_++;                       // carry low to high
-    hiLen_ += SafeRightShift<8*sizeof(HashLengthType)>(len);
-}
-
-
-// Update digest with data of size len, do in blocks
-void HASHwithTransform::Update(const byte* data, word32 len)
-{
-    // do block size increments
-    word32 blockSz = getBlockSize();
-    byte*  local   = reinterpret_cast(buffer_);
-
-    while (len) {
-        word32 add = min(len, blockSz - buffLen_);
-        memcpy(&local[buffLen_], data, add);
-
-        buffLen_ += add;
-        data     += add;
-        len      -= add;
-
-        if (buffLen_ == blockSz) {
-            ByteReverseIf(local, local, blockSz, getByteOrder());
-            Transform();
-            AddLength(blockSz);
-            buffLen_ = 0;
-        }
-    }
-}
-
-
-// Final process, place digest in hash
-void HASHwithTransform::Final(byte* hash)
-{
-    word32    blockSz  = getBlockSize();
-    word32    digestSz = getDigestSize();
-    word32    padSz    = getPadSize();
-    ByteOrder order    = getByteOrder();
-
-    AddLength(buffLen_);                        // before adding pads
-    HashLengthType preLoLen = GetBitCountLo();
-    HashLengthType preHiLen = GetBitCountHi();
-    byte*     local         = reinterpret_cast(buffer_);
-
-    local[buffLen_++] = 0x80;  // add 1
-
-    // pad with zeros
-    if (buffLen_ > padSz) {
-        memset(&local[buffLen_], 0, blockSz - buffLen_);
-        buffLen_ += blockSz - buffLen_;
-
-        ByteReverseIf(local, local, blockSz, order);
-        Transform();
-        buffLen_ = 0;
-    }
-    memset(&local[buffLen_], 0, padSz - buffLen_);
-   
-    ByteReverseIf(local, local, blockSz, order);
-    
-    memcpy(&local[padSz],   order ? &preHiLen : &preLoLen, sizeof(preLoLen));
-    memcpy(&local[padSz+4], order ? &preLoLen : &preHiLen, sizeof(preLoLen));
-
-    Transform();
-    ByteReverseIf(digest_, digest_, digestSz, order);
-    memcpy(hash, digest_, digestSz);
-
-    Init();  // reset state
-}
-
-
-#ifdef WORD64_AVAILABLE
-
-HASH64withTransform::HASH64withTransform(word32 digSz, word32 buffSz)
-{
-}
-
-
-void HASH64withTransform::AddLength(word32 len)
-{
-    HashLengthType tmp = loLen_;
-    if ( (loLen_ += len) < tmp)
-        hiLen_++;                       // carry low to high
-    hiLen_ += SafeRightShift<8*sizeof(HashLengthType)>(len);
-}
-
-
-// Update digest with data of size len, do in blocks
-void HASH64withTransform::Update(const byte* data, word32 len)
-{
-    // do block size increments
-    word32 blockSz = getBlockSize();
-    byte*  local   = reinterpret_cast(buffer_);
-
-    while (len) {
-        word32 add = min(len, blockSz - buffLen_);
-        memcpy(&local[buffLen_], data, add);
-
-        buffLen_ += add;
-        data     += add;
-        len      -= add;
-
-        if (buffLen_ == blockSz) {
-            ByteReverseIf(buffer_, buffer_, blockSz, getByteOrder());
-            Transform();
-            AddLength(blockSz);
-            buffLen_ = 0;
-        }
-    }
-}
-
-
-// Final process, place digest in hash
-void HASH64withTransform::Final(byte* hash)
-{
-    word32    blockSz  = getBlockSize();
-    word32    digestSz = getDigestSize();
-    word32    padSz    = getPadSize();
-    ByteOrder order    = getByteOrder();
-
-    AddLength(buffLen_);                        // before adding pads
-    HashLengthType preLoLen = GetBitCountLo();
-    HashLengthType preHiLen = GetBitCountHi();
-    byte*     local         = reinterpret_cast(buffer_);
-
-    local[buffLen_++] = 0x80;  // add 1
-
-    // pad with zeros
-    if (buffLen_ > padSz) {
-        memset(&local[buffLen_], 0, blockSz - buffLen_);
-        buffLen_ += blockSz - buffLen_;
-
-        ByteReverseIf(buffer_, buffer_, blockSz, order);
-        Transform();
-        buffLen_ = 0;
-    }
-    memset(&local[buffLen_], 0, padSz - buffLen_);
-   
-    ByteReverseIf(buffer_, buffer_, padSz, order);
-    
-    buffer_[blockSz / sizeof(word64) - 2] = order ? preHiLen : preLoLen;
-    buffer_[blockSz / sizeof(word64) - 1] = order ? preLoLen : preHiLen;
-
-    Transform();
-    ByteReverseIf(digest_, digest_, digestSz, order);
-    memcpy(hash, digest_, digestSz);
-
-    Init();  // reset state
-}
-
-#endif // WORD64_AVAILABLE
-
-
-} // namespace
diff --git a/extra/yassl/taocrypt/src/hc128.cpp b/extra/yassl/taocrypt/src/hc128.cpp
deleted file mode 100644
index 4e1542097d0..00000000000
--- a/extra/yassl/taocrypt/src/hc128.cpp
+++ /dev/null
@@ -1,317 +0,0 @@
-/*
-   Copyright (c) 2005, 2012, Oracle and/or its affiliates. All rights reserved.
- 
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
- 
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
- 
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-
-#include "runtime.hpp"
-#include "hc128.hpp"
-
-
-
-namespace TaoCrypt {
-
-
-
-
-#ifdef BIG_ENDIAN_ORDER
-    #define LITTLE32(x) ByteReverse((word32)x)
-#else
-    #define LITTLE32(x) (x)
-#endif
-
-
-/*h1 function*/
-#define h1(x, y) {                              \
-     byte a,c;                                  \
-     a = (byte) (x);                            \
-     c = (byte) ((x) >> 16);                    \
-     y = (T_[512+a])+(T_[512+256+c]);           \
-}
-
-/*h2 function*/
-#define h2(x, y) {                              \
-     byte a,c;                                  \
-     a = (byte) (x);                            \
-     c = (byte) ((x) >> 16);                    \
-     y = (T_[a])+(T_[256+c]);                   \
-}
-
-/*one step of HC-128, update P and generate 32 bits keystream*/
-#define step_P(u,v,a,b,c,d,n){                  \
-     word32 tem0,tem1,tem2,tem3;                \
-     h1((X_[(d)]),tem3);                        \
-     tem0 = rotrFixed((T_[(v)]),23);            \
-     tem1 = rotrFixed((X_[(c)]),10);            \
-     tem2 = rotrFixed((X_[(b)]),8);             \
-     (T_[(u)]) += tem2+(tem0 ^ tem1);           \
-     (X_[(a)]) = (T_[(u)]);                     \
-     (n) = tem3 ^ (T_[(u)]) ;                   \
-}       
-
-/*one step of HC-128, update Q and generate 32 bits keystream*/
-#define step_Q(u,v,a,b,c,d,n){                  \
-     word32 tem0,tem1,tem2,tem3;                \
-     h2((Y_[(d)]),tem3);                        \
-     tem0 = rotrFixed((T_[(v)]),(32-23));       \
-     tem1 = rotrFixed((Y_[(c)]),(32-10));       \
-     tem2 = rotrFixed((Y_[(b)]),(32-8));        \
-     (T_[(u)]) += tem2 + (tem0 ^ tem1);         \
-     (Y_[(a)]) = (T_[(u)]);                     \
-     (n) = tem3 ^ (T_[(u)]) ;                   \
-}   
-
-
-/*16 steps of HC-128, generate 512 bits keystream*/
-void HC128::GenerateKeystream(word32* keystream)  
-{
-   word32 cc,dd;
-   cc = counter1024_ & 0x1ff;
-   dd = (cc+16)&0x1ff;
-
-   if (counter1024_ < 512)	
-   {   		
-      counter1024_ = (counter1024_ + 16) & 0x3ff;
-      step_P(cc+0, cc+1, 0, 6, 13,4, keystream[0]);
-      step_P(cc+1, cc+2, 1, 7, 14,5, keystream[1]);
-      step_P(cc+2, cc+3, 2, 8, 15,6, keystream[2]);
-      step_P(cc+3, cc+4, 3, 9, 0, 7, keystream[3]);
-      step_P(cc+4, cc+5, 4, 10,1, 8, keystream[4]);
-      step_P(cc+5, cc+6, 5, 11,2, 9, keystream[5]);
-      step_P(cc+6, cc+7, 6, 12,3, 10,keystream[6]);
-      step_P(cc+7, cc+8, 7, 13,4, 11,keystream[7]);
-      step_P(cc+8, cc+9, 8, 14,5, 12,keystream[8]);
-      step_P(cc+9, cc+10,9, 15,6, 13,keystream[9]);
-      step_P(cc+10,cc+11,10,0, 7, 14,keystream[10]);
-      step_P(cc+11,cc+12,11,1, 8, 15,keystream[11]);
-      step_P(cc+12,cc+13,12,2, 9, 0, keystream[12]);
-      step_P(cc+13,cc+14,13,3, 10,1, keystream[13]);
-      step_P(cc+14,cc+15,14,4, 11,2, keystream[14]);
-      step_P(cc+15,dd+0, 15,5, 12,3, keystream[15]);
-   }
-   else				    
-   {
-	  counter1024_ = (counter1024_ + 16) & 0x3ff;
-      step_Q(512+cc+0, 512+cc+1, 0, 6, 13,4, keystream[0]);
-      step_Q(512+cc+1, 512+cc+2, 1, 7, 14,5, keystream[1]);
-      step_Q(512+cc+2, 512+cc+3, 2, 8, 15,6, keystream[2]);
-      step_Q(512+cc+3, 512+cc+4, 3, 9, 0, 7, keystream[3]);
-      step_Q(512+cc+4, 512+cc+5, 4, 10,1, 8, keystream[4]);
-      step_Q(512+cc+5, 512+cc+6, 5, 11,2, 9, keystream[5]);
-      step_Q(512+cc+6, 512+cc+7, 6, 12,3, 10,keystream[6]);
-      step_Q(512+cc+7, 512+cc+8, 7, 13,4, 11,keystream[7]);
-      step_Q(512+cc+8, 512+cc+9, 8, 14,5, 12,keystream[8]);
-      step_Q(512+cc+9, 512+cc+10,9, 15,6, 13,keystream[9]);
-      step_Q(512+cc+10,512+cc+11,10,0, 7, 14,keystream[10]);
-      step_Q(512+cc+11,512+cc+12,11,1, 8, 15,keystream[11]);
-      step_Q(512+cc+12,512+cc+13,12,2, 9, 0, keystream[12]);
-      step_Q(512+cc+13,512+cc+14,13,3, 10,1, keystream[13]);
-      step_Q(512+cc+14,512+cc+15,14,4, 11,2, keystream[14]);
-      step_Q(512+cc+15,512+dd+0, 15,5, 12,3, keystream[15]);
-   }
-}
-
-
-/* The following defines the initialization functions */
-#define f1(x)  (rotrFixed((x),7)  ^ rotrFixed((x),18) ^ ((x) >> 3))
-#define f2(x)  (rotrFixed((x),17) ^ rotrFixed((x),19) ^ ((x) >> 10))
-
-/*update table P*/
-#define update_P(u,v,a,b,c,d){                      \
-     word32 tem0,tem1,tem2,tem3;                    \
-     tem0 = rotrFixed((T_[(v)]),23);                \
-     tem1 = rotrFixed((X_[(c)]),10);                \
-     tem2 = rotrFixed((X_[(b)]),8);                 \
-     h1((X_[(d)]),tem3);                            \
-     (T_[(u)]) = ((T_[(u)]) + tem2+(tem0^tem1)) ^ tem3;     \
-     (X_[(a)]) = (T_[(u)]);                         \
-}  
-
-/*update table Q*/
-#define update_Q(u,v,a,b,c,d){                      \
-     word32 tem0,tem1,tem2,tem3;                    \
-     tem0 = rotrFixed((T_[(v)]),(32-23));           \
-     tem1 = rotrFixed((Y_[(c)]),(32-10));           \
-     tem2 = rotrFixed((Y_[(b)]),(32-8));            \
-     h2((Y_[(d)]),tem3);                            \
-     (T_[(u)]) = ((T_[(u)]) + tem2+(tem0^tem1)) ^ tem3;     \
-     (Y_[(a)]) = (T_[(u)]);                         \
-}     
-
-/*16 steps of HC-128, without generating keystream, */
-/*but use the outputs to update P and Q*/
-void HC128::SetupUpdate()  /*each time 16 steps*/
-{
-   word32 cc,dd;
-   cc = counter1024_ & 0x1ff;
-   dd = (cc+16)&0x1ff;
-
-   if (counter1024_ < 512)	
-   {   		
-      counter1024_ = (counter1024_ + 16) & 0x3ff;
-      update_P(cc+0, cc+1, 0, 6, 13, 4);
-      update_P(cc+1, cc+2, 1, 7, 14, 5);
-      update_P(cc+2, cc+3, 2, 8, 15, 6);
-      update_P(cc+3, cc+4, 3, 9, 0,  7);
-      update_P(cc+4, cc+5, 4, 10,1,  8);
-      update_P(cc+5, cc+6, 5, 11,2,  9);
-      update_P(cc+6, cc+7, 6, 12,3,  10);
-      update_P(cc+7, cc+8, 7, 13,4,  11);
-      update_P(cc+8, cc+9, 8, 14,5,  12);
-      update_P(cc+9, cc+10,9, 15,6,  13);
-      update_P(cc+10,cc+11,10,0, 7,  14);
-      update_P(cc+11,cc+12,11,1, 8,  15);
-      update_P(cc+12,cc+13,12,2, 9,  0);
-      update_P(cc+13,cc+14,13,3, 10, 1);
-      update_P(cc+14,cc+15,14,4, 11, 2);
-      update_P(cc+15,dd+0, 15,5, 12, 3);   
-   }
-   else				    
-   {
-      counter1024_ = (counter1024_ + 16) & 0x3ff;
-      update_Q(512+cc+0, 512+cc+1, 0, 6, 13, 4);
-      update_Q(512+cc+1, 512+cc+2, 1, 7, 14, 5);
-      update_Q(512+cc+2, 512+cc+3, 2, 8, 15, 6);
-      update_Q(512+cc+3, 512+cc+4, 3, 9, 0,  7);
-      update_Q(512+cc+4, 512+cc+5, 4, 10,1,  8);
-      update_Q(512+cc+5, 512+cc+6, 5, 11,2,  9);
-      update_Q(512+cc+6, 512+cc+7, 6, 12,3,  10);
-      update_Q(512+cc+7, 512+cc+8, 7, 13,4,  11);
-      update_Q(512+cc+8, 512+cc+9, 8, 14,5,  12);
-      update_Q(512+cc+9, 512+cc+10,9, 15,6,  13);
-      update_Q(512+cc+10,512+cc+11,10,0, 7,  14);
-      update_Q(512+cc+11,512+cc+12,11,1, 8,  15);
-      update_Q(512+cc+12,512+cc+13,12,2, 9,  0);
-      update_Q(512+cc+13,512+cc+14,13,3, 10, 1);
-      update_Q(512+cc+14,512+cc+15,14,4, 11, 2);
-      update_Q(512+cc+15,512+dd+0, 15,5, 12, 3); 
-   }       
-}
-
-
-/* for the 128-bit key:  key[0]...key[15]
-*  key[0] is the least significant byte of ctx->key[0] (K_0);
-*  key[3] is the most significant byte of ctx->key[0]  (K_0);
-*  ...
-*  key[12] is the least significant byte of ctx->key[3] (K_3)
-*  key[15] is the most significant byte of ctx->key[3]  (K_3)
-*
-*  for the 128-bit iv:  iv[0]...iv[15]
-*  iv[0] is the least significant byte of ctx->iv[0] (IV_0);
-*  iv[3] is the most significant byte of ctx->iv[0]  (IV_0);
-*  ...
-*  iv[12] is the least significant byte of ctx->iv[3] (IV_3)
-*  iv[15] is the most significant byte of ctx->iv[3]  (IV_3)
-*/
-
-
-
-void HC128::SetIV(const byte* iv)
-{ 
-    word32 i;
-	
-	for (i = 0; i < (128 >> 5); i++)
-        iv_[i] = LITTLE32(((word32*)iv)[i]);
-	
-    for (; i < 8; i++) iv_[i] = iv_[i-4];
-  
-    /* expand the key and IV into the table T */ 
-    /* (expand the key and IV into the table P and Q) */ 
-	
-	for (i = 0; i < 8;  i++)   T_[i] = key_[i];
-	for (i = 8; i < 16; i++)   T_[i] = iv_[i-8];
-
-    for (i = 16; i < (256+16); i++) 
-		T_[i] = f2(T_[i-2]) + T_[i-7] + f1(T_[i-15]) + T_[i-16]+i;
-    
-	for (i = 0; i < 16;  i++)  T_[i] = T_[256+i];
-
-	for (i = 16; i < 1024; i++) 
-		T_[i] = f2(T_[i-2]) + T_[i-7] + f1(T_[i-15]) + T_[i-16]+256+i;
-    
-    /* initialize counter1024, X and Y */
-	counter1024_ = 0;
-	for (i = 0; i < 16; i++) X_[i] = T_[512-16+i];
-    for (i = 0; i < 16; i++) Y_[i] = T_[512+512-16+i];
-    
-    /* run the cipher 1024 steps before generating the output */
-	for (i = 0; i < 64; i++)  SetupUpdate();  
-}
-
-
-void HC128::SetKey(const byte* key, const byte* iv)
-{ 
-  word32 i;  
-
-  /* Key size in bits 128 */ 
-  for (i = 0; i < (128 >> 5); i++)
-      key_[i] = LITTLE32(((word32*)key)[i]);
- 
-  for ( ; i < 8 ; i++) key_[i] = key_[i-4];
-
-  SetIV(iv);
-}
-
-
-/* The following defines the encryption of data stream */
-void HC128::Process(byte* output, const byte* input, word32 msglen)
-{
-  word32 i, keystream[16];
-
-  for ( ; msglen >= 64; msglen -= 64, input += 64, output += 64)
-  {
-	  GenerateKeystream(keystream);
-
-      /* unroll loop */
-	  ((word32*)output)[0]  = ((word32*)input)[0]  ^ LITTLE32(keystream[0]);
-	  ((word32*)output)[1]  = ((word32*)input)[1]  ^ LITTLE32(keystream[1]);
-	  ((word32*)output)[2]  = ((word32*)input)[2]  ^ LITTLE32(keystream[2]);
-	  ((word32*)output)[3]  = ((word32*)input)[3]  ^ LITTLE32(keystream[3]);
-	  ((word32*)output)[4]  = ((word32*)input)[4]  ^ LITTLE32(keystream[4]);
-	  ((word32*)output)[5]  = ((word32*)input)[5]  ^ LITTLE32(keystream[5]);
-	  ((word32*)output)[6]  = ((word32*)input)[6]  ^ LITTLE32(keystream[6]);
-	  ((word32*)output)[7]  = ((word32*)input)[7]  ^ LITTLE32(keystream[7]);
-	  ((word32*)output)[8]  = ((word32*)input)[8]  ^ LITTLE32(keystream[8]);
-	  ((word32*)output)[9]  = ((word32*)input)[9]  ^ LITTLE32(keystream[9]);
-	  ((word32*)output)[10] = ((word32*)input)[10] ^ LITTLE32(keystream[10]);
-	  ((word32*)output)[11] = ((word32*)input)[11] ^ LITTLE32(keystream[11]);
-	  ((word32*)output)[12] = ((word32*)input)[12] ^ LITTLE32(keystream[12]);
-	  ((word32*)output)[13] = ((word32*)input)[13] ^ LITTLE32(keystream[13]);
-	  ((word32*)output)[14] = ((word32*)input)[14] ^ LITTLE32(keystream[14]);
-	  ((word32*)output)[15] = ((word32*)input)[15] ^ LITTLE32(keystream[15]);
-  }
-
-  if (msglen > 0)
-  {
-      GenerateKeystream(keystream);
-
-#ifdef BIG_ENDIAN_ORDER
-      {
-          word32 wordsLeft = msglen / sizeof(word32);
-          if (msglen % sizeof(word32)) wordsLeft++;
-          
-          ByteReverse(keystream, keystream, wordsLeft * sizeof(word32));
-      }
-#endif
-
-      for (i = 0; i < msglen; i++)
-	      output[i] = input[i] ^ ((byte*)keystream)[i];
-  }
-
-}
-
-
-}  // namespace
diff --git a/extra/yassl/taocrypt/src/integer.cpp b/extra/yassl/taocrypt/src/integer.cpp
deleted file mode 100644
index 432a0ad20af..00000000000
--- a/extra/yassl/taocrypt/src/integer.cpp
+++ /dev/null
@@ -1,3892 +0,0 @@
-/*
-   Copyright (c) 2005, 2012, Oracle and/or its affiliates
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-
-
-/* based on Wei Dai's integer.cpp from CryptoPP */
-
-#include "runtime.hpp"
-#include "integer.hpp"
-#include "modarith.hpp"
-#include "asn.hpp"
-
-
-
-#ifdef __DECCXX
-    #include   // for asm overflow assembly
-#endif
-
-#if defined(_M_X64) || defined(_M_IA64)
-    #include  
-#pragma intrinsic(_umul128)
-#endif
-
-
-#ifdef __GNUC__
-    #include 
-    #include 
-#endif
-
-
-#ifdef SSE2_INTRINSICS_AVAILABLE
-    #ifdef __GNUC__
-        #include 
-        #ifdef TAOCRYPT_MEMALIGN_AVAILABLE
-            #include 
-        #else
-            #include 
-        #endif
-    #else
-        #include 
-    #endif
-#elif defined(_MSC_VER) && defined(_M_IX86)
-/*    #pragma message("You do not seem to have the Visual C++ Processor Pack ")
-    #pragma message("installed, so use of SSE2 intrinsics will be disabled.")
-*/
-#elif defined(__GNUC__) && defined(__i386__)
-/*   #warning You do not have GCC 3.3 or later, or did not specify the -msse2 \
-             compiler option. Use of SSE2 intrinsics will be disabled.
-*/
-#endif
-
-
-namespace TaoCrypt {
-
-
-#ifdef SSE2_INTRINSICS_AVAILABLE
-
-template 
-CPP_TYPENAME AlignedAllocator::pointer AlignedAllocator::allocate(
-                                           size_type n, const void *)
-{
-    if (n > this->max_size())
-        return 0;
-    if (n == 0)
-        return 0;
-    if (n >= 4)
-    {
-        void* p;
-    #ifdef TAOCRYPT_MM_MALLOC_AVAILABLE
-        p = _mm_malloc(sizeof(T)*n, 16);
-    #elif defined(TAOCRYPT_MEMALIGN_AVAILABLE)
-        p = memalign(16, sizeof(T)*n);
-    #elif defined(TAOCRYPT_MALLOC_ALIGNMENT_IS_16)
-        p = malloc(sizeof(T)*n);
-    #else
-        p = (byte *)malloc(sizeof(T)*n + 8);
-        // assume malloc alignment is at least 8
-    #endif
-
-    #ifdef TAOCRYPT_NO_ALIGNED_ALLOC
-        m_pBlock = p;
-        if (!IsAlignedOn(p, 16))
-        {
-            p = (byte *)p + 8;
-        }
-    #endif
-
-        return (T*)p;
-    }
-    return NEW_TC T[n];
-}
-
-
-template 
-void AlignedAllocator::deallocate(void* p, size_type n)
-{
-    memset(p, 0, n*sizeof(T));
-    if (n >= 4)
-    {
-        #ifdef TAOCRYPT_MM_MALLOC_AVAILABLE
-            _mm_free(p);
-        #elif defined(TAOCRYPT_NO_ALIGNED_ALLOC)
-            free(m_pBlock);
-            m_pBlock = 0;
-        #else
-            free(p);
-        #endif
-    }
-    else
-        tcArrayDelete((T *)p);
-}
-
-#endif  // SSE2
-
-
-// ********  start of integer needs
-
-// start 5.2.1 adds DWord and Word ********
-
-// ********************************************************
-
-class DWord {
-public:
-DWord() {}
-
-#ifdef TAOCRYPT_NATIVE_DWORD_AVAILABLE
-    explicit DWord(word low)
-    {
-        whole_ = low;
-    }
-#else
-    explicit DWord(word low)
-    {
-        halfs_.low = low;
-        halfs_.high = 0;
-    }
-#endif
-
-    DWord(word low, word high)
-    {
-        halfs_.low = low;
-        halfs_.high = high;
-    }
-
-    static DWord Multiply(word a, word b)
-    {
-        DWord r;
-
-        #ifdef TAOCRYPT_NATIVE_DWORD_AVAILABLE
-            r.whole_ = (dword)a * b;
-
-        #elif defined(_M_X64) || defined(_M_IA64)
-            r.halfs_.low = _umul128(a, b, &r.halfs_.high);
-
-        #elif defined(__alpha__)
-            r.halfs_.low = a*b;
-            #ifdef __GNUC__
-                __asm__("umulh %1,%2,%0" : "=r" (r.halfs_.high)
-                    : "r" (a), "r" (b));
-            #elif defined(__DECCXX)
-                r.halfs_.high = asm("umulh %a0, %a1, %v0", a, b);
-            #else
-                #error unknown alpha compiler
-            #endif
-
-        #elif defined(__ia64__)
-            r.halfs_.low = a*b;
-            __asm__("xmpy.hu %0=%1,%2" : "=f" (r.halfs_.high)
-                : "f" (a), "f" (b));
-
-        #elif defined(_ARCH_PPC64)
-            r.halfs_.low = a*b;
-            __asm__("mulhdu %0,%1,%2" : "=r" (r.halfs_.high)
-                : "r" (a), "r" (b) : "cc");
-
-        #elif defined(__x86_64__)
-            __asm__("mulq %3" : "=d" (r.halfs_.high), "=a" (r.halfs_.low) :
-                "a" (a), "rm" (b) : "cc");
-
-        #elif defined(__mips64)
-            unsigned __int128 t = (unsigned __int128) a * b;
-            r.halfs_.high = t >> 64;
-            r.halfs_.low = (word) t;
-
-        #elif defined(_M_IX86)
-            // for testing
-            word64 t = (word64)a * b;
-            r.halfs_.high = ((word32 *)(&t))[1];
-            r.halfs_.low = (word32)t;
-        #else
-            #error can not implement DWord
-        #endif
-
-        return r;
-    }
-
-    static DWord MultiplyAndAdd(word a, word b, word c)
-    {
-        DWord r = Multiply(a, b);
-        return r += c;
-    }
-
-    DWord & operator+=(word a)
-    {
-        #ifdef TAOCRYPT_NATIVE_DWORD_AVAILABLE
-            whole_ = whole_ + a;
-        #else
-            halfs_.low += a;
-            halfs_.high += (halfs_.low < a);
-        #endif
-        return *this;
-    }
-
-    DWord operator+(word a)
-    {
-        DWord r;
-        #ifdef TAOCRYPT_NATIVE_DWORD_AVAILABLE
-            r.whole_ = whole_ + a;
-        #else
-            r.halfs_.low = halfs_.low + a;
-            r.halfs_.high = halfs_.high + (r.halfs_.low < a);
-        #endif
-        return r;
-    }
-
-    DWord operator-(DWord a)
-    {
-        DWord r;
-        #ifdef TAOCRYPT_NATIVE_DWORD_AVAILABLE
-            r.whole_ = whole_ - a.whole_;
-        #else
-            r.halfs_.low = halfs_.low - a.halfs_.low;
-            r.halfs_.high = halfs_.high - a.halfs_.high -
-                             (r.halfs_.low > halfs_.low);
-        #endif
-        return r;
-    }
-
-    DWord operator-(word a)
-    {
-        DWord r;
-        #ifdef TAOCRYPT_NATIVE_DWORD_AVAILABLE
-            r.whole_ = whole_ - a;
-        #else
-            r.halfs_.low = halfs_.low - a;
-            r.halfs_.high = halfs_.high - (r.halfs_.low > halfs_.low);
-        #endif
-        return r;
-    }
-
-    // returns quotient, which must fit in a word
-    word operator/(word divisor);
-
-    word operator%(word a);
-
-    bool operator!() const
-    {
-    #ifdef TAOCRYPT_NATIVE_DWORD_AVAILABLE
-        return !whole_;
-    #else
-        return !halfs_.high && !halfs_.low;
-    #endif
-    }
-
-    word GetLowHalf() const {return halfs_.low;}
-    word GetHighHalf() const {return halfs_.high;}
-    word GetHighHalfAsBorrow() const {return 0-halfs_.high;}
-
-private:
-    union
-    {
-    #ifdef TAOCRYPT_NATIVE_DWORD_AVAILABLE
-        dword whole_;
-    #endif
-        struct
-        {
-        #ifdef LITTLE_ENDIAN_ORDER
-            word low;
-            word high;
-        #else
-            word high;
-            word low;
-        #endif
-        } halfs_;
-    };
-};
-
-
-class Word {
-public:
-    Word() {}
-
-    Word(word value)
-    {
-        whole_ = value;
-    }
-
-    Word(hword low, hword high)
-    {
-        whole_ = low | (word(high) << (WORD_BITS/2));
-    }
-
-    static Word Multiply(hword a, hword b)
-    {
-        Word r;
-        r.whole_ = (word)a * b;
-        return r;
-    }
-
-    Word operator-(Word a)
-    {
-        Word r;
-        r.whole_ = whole_ - a.whole_;
-        return r;
-    }
-
-    Word operator-(hword a)
-    {
-        Word r;
-        r.whole_ = whole_ - a;
-        return r;
-    }
-
-    // returns quotient, which must fit in a word
-    hword operator/(hword divisor)
-    {
-        return hword(whole_ / divisor);
-    }
-
-    bool operator!() const
-    {
-        return !whole_;
-    }
-
-    word GetWhole() const {return whole_;}
-    hword GetLowHalf() const {return hword(whole_);}
-    hword GetHighHalf() const {return hword(whole_>>(WORD_BITS/2));}
-    hword GetHighHalfAsBorrow() const {return 0-hword(whole_>>(WORD_BITS/2));}
-
-private:
-    word whole_;
-};
-
-
-// dummy is VC60 compiler bug workaround
-// do a 3 word by 2 word divide, returns quotient and leaves remainder in A
-template 
-S DivideThreeWordsByTwo(S* A, S B0, S B1, D* dummy_VC6_WorkAround = 0)
-{
-    // estimate the quotient: do a 2 S by 1 S divide
-    S Q;
-    if (S(B1+1) == 0)
-        Q = A[2];
-    else
-        Q = D(A[1], A[2]) / S(B1+1);
-
-    // now subtract Q*B from A
-    D p = D::Multiply(B0, Q);
-    D u = (D) A[0] - p.GetLowHalf();
-    A[0] = u.GetLowHalf();
-    u = (D) A[1] - p.GetHighHalf() - u.GetHighHalfAsBorrow() - 
-            D::Multiply(B1, Q);
-    A[1] = u.GetLowHalf();
-    A[2] += u.GetHighHalf();
-
-    // Q <= actual quotient, so fix it
-    while (A[2] || A[1] > B1 || (A[1]==B1 && A[0]>=B0))
-    {
-        u = (D) A[0] - B0;
-        A[0] = u.GetLowHalf();
-        u = (D) A[1] - B1 - u.GetHighHalfAsBorrow();
-        A[1] = u.GetLowHalf();
-        A[2] += u.GetHighHalf();
-        Q++;
-    }
-
-    return Q;
-}
-
-
-// do a 4 word by 2 word divide, returns 2 word quotient in Q0 and Q1
-template 
-inline D DivideFourWordsByTwo(S *T, const D &Al, const D &Ah, const D &B)
-{
-    if (!B) // if divisor is 0, we assume divisor==2**(2*WORD_BITS)
-        return D(Ah.GetLowHalf(), Ah.GetHighHalf());
-    else
-    {
-        S Q[2];
-        T[0] = Al.GetLowHalf();
-        T[1] = Al.GetHighHalf(); 
-        T[2] = Ah.GetLowHalf();
-        T[3] = Ah.GetHighHalf();
-        Q[1] = DivideThreeWordsByTwo(T+1, B.GetLowHalf(),
-                                                B.GetHighHalf());
-        Q[0] = DivideThreeWordsByTwo(T, B.GetLowHalf(), B.GetHighHalf());
-        return D(Q[0], Q[1]);
-    }
-}
-
-
-// returns quotient, which must fit in a word
-inline word DWord::operator/(word a)
-{
-    #ifdef TAOCRYPT_NATIVE_DWORD_AVAILABLE
-        return word(whole_ / a);
-    #else
-        hword r[4];
-        return DivideFourWordsByTwo(r, halfs_.low,
-                                                    halfs_.high, a).GetWhole();
-    #endif
-}
-
-inline word DWord::operator%(word a)
-{
-    #ifdef TAOCRYPT_NATIVE_DWORD_AVAILABLE
-        return word(whole_ % a);
-    #else
-        if (a < (word(1) << (WORD_BITS/2)))
-        {
-            hword h = hword(a);
-            word r = halfs_.high % h;
-            r = ((halfs_.low >> (WORD_BITS/2)) + (r << (WORD_BITS/2))) % h;
-            return hword((hword(halfs_.low) + (r << (WORD_BITS/2))) % h);
-        }
-        else
-        {
-            hword r[4];
-            DivideFourWordsByTwo(r, halfs_.low, halfs_.high, a);
-            return Word(r[0], r[1]).GetWhole();
-        }
-    #endif
-}
-
-
-
-// end 5.2.1 DWord and Word adds
-
-
-
-
-
-static const unsigned int RoundupSizeTable[] = {2, 2, 2, 4, 4, 8, 8, 8, 8};
-
-static inline unsigned int RoundupSize(unsigned int n)
-{
-    if (n<=8)
-        return RoundupSizeTable[n];
-    else if (n<=16)
-        return 16;
-    else if (n<=32)
-        return 32;
-    else if (n<=64)
-        return 64;
-    else return 1U << BitPrecision(n-1);
-}
-
-
-static int Compare(const word *A, const word *B, unsigned int N)
-{
-    while (N--)
-        if (A[N] > B[N])
-            return 1;
-        else if (A[N] < B[N])
-            return -1;
-
-    return 0;
-}
-
-static word Increment(word *A, unsigned int N, word B=1)
-{
-    word t = A[0];
-    A[0] = t+B;
-    if (A[0] >= t)
-        return 0;
-    for (unsigned i=1; i= A0)
-        if (B0 >= B1)
-        {
-            s = 0;
-            d = (dword)(A1-A0)*(B0-B1);
-        }
-        else
-        {
-            s = (A1-A0);
-            d = (dword)s*(word)(B0-B1);
-        }
-    else
-        if (B0 > B1)
-        {
-            s = (B0-B1);
-            d = (word)(A1-A0)*(dword)s;
-        }
-        else
-        {
-            s = 0;
-            d = (dword)(A0-A1)*(B1-B0);
-        }
-*/
-    // this segment is the branchless equivalent of above
-    word D[4] = {A[1]-A[0], A[0]-A[1], B[0]-B[1], B[1]-B[0]};
-    unsigned int ai = A[1] < A[0];
-    unsigned int bi = B[0] < B[1];
-    unsigned int di = ai & bi;
-    DWord d = DWord::Multiply(D[di], D[di+2]);
-    D[1] = D[3] = 0;
-    unsigned int si = ai + !bi;
-    word s = D[si];
-
-    DWord A0B0 = DWord::Multiply(A[0], B[0]);
-    C[0] = A0B0.GetLowHalf();
-
-    DWord A1B1 = DWord::Multiply(A[1], B[1]);
-    DWord t = (DWord) A0B0.GetHighHalf() + A0B0.GetLowHalf() + d.GetLowHalf()
-                       + A1B1.GetLowHalf();
-    C[1] = t.GetLowHalf();
-
-    t = A1B1 + t.GetHighHalf() + A0B0.GetHighHalf() + d.GetHighHalf()
-             + A1B1.GetHighHalf() - s;
-    C[2] = t.GetLowHalf();
-    C[3] = t.GetHighHalf();
-}
-
-void Portable::Multiply2Bottom(word *C, const word *A, const word *B)
-{
-    DWord t = DWord::Multiply(A[0], B[0]);
-    C[0] = t.GetLowHalf();
-    C[1] = t.GetHighHalf() + A[0]*B[1] + A[1]*B[0];
-}
-
-word Portable::Multiply2Add(word *C, const word *A, const word *B)
-{
-    word D[4] = {A[1]-A[0], A[0]-A[1], B[0]-B[1], B[1]-B[0]};
-    unsigned int ai = A[1] < A[0];
-    unsigned int bi = B[0] < B[1];
-    unsigned int di = ai & bi;
-    DWord d = DWord::Multiply(D[di], D[di+2]);
-    D[1] = D[3] = 0;
-    unsigned int si = ai + !bi;
-    word s = D[si];
-
-    DWord A0B0 = DWord::Multiply(A[0], B[0]);
-    DWord t = A0B0 + C[0];
-    C[0] = t.GetLowHalf();
-
-    DWord A1B1 = DWord::Multiply(A[1], B[1]);
-    t = (DWord) t.GetHighHalf() + A0B0.GetLowHalf() + d.GetLowHalf() +
-        A1B1.GetLowHalf() + C[1];
-    C[1] = t.GetLowHalf();
-
-    t = (DWord) t.GetHighHalf() + A1B1.GetLowHalf() + A0B0.GetHighHalf() +
-        d.GetHighHalf() + A1B1.GetHighHalf() - s + C[2];
-    C[2] = t.GetLowHalf();
-
-    t = (DWord) t.GetHighHalf() + A1B1.GetHighHalf() + C[3];
-    C[3] = t.GetLowHalf();
-    return t.GetHighHalf();
-}
-
-
-#define MulAcc(x, y)                                \
-    p = DWord::MultiplyAndAdd(A[x], B[y], c);       \
-    c = p.GetLowHalf();                             \
-    p = (DWord) d + p.GetHighHalf();                \
-    d = p.GetLowHalf();                             \
-    e += p.GetHighHalf();
-
-#define SaveMulAcc(s, x, y)                         \
-    R[s] = c;                                       \
-    p = DWord::MultiplyAndAdd(A[x], B[y], d);       \
-    c = p.GetLowHalf();                             \
-    p = (DWord) e + p.GetHighHalf();                \
-    d = p.GetLowHalf();                             \
-    e = p.GetHighHalf();
-
-#define SquAcc(x, y)                                \
-    q = DWord::Multiply(A[x], A[y]);                \
-    p = q + c;                                      \
-    c = p.GetLowHalf();                             \
-    p = (DWord) d + p.GetHighHalf();                \
-    d = p.GetLowHalf();                             \
-    e += p.GetHighHalf();                           \
-    p = q + c;                                      \
-    c = p.GetLowHalf();                             \
-    p = (DWord) d + p.GetHighHalf();                \
-    d = p.GetLowHalf();                             \
-    e += p.GetHighHalf();
-
-#define SaveSquAcc(s, x, y)                         \
-    R[s] = c;                                       \
-    q = DWord::Multiply(A[x], A[y]);                \
-    p = q + d;                                      \
-    c = p.GetLowHalf();                             \
-    p = (DWord) e + p.GetHighHalf();                \
-    d = p.GetLowHalf();                             \
-    e = p.GetHighHalf();                            \
-    p = q + c;                                      \
-    c = p.GetLowHalf();                             \
-    p = (DWord) d + p.GetHighHalf();                \
-    d = p.GetLowHalf();                             \
-    e += p.GetHighHalf();
-
-
-void Portable::Multiply4(word *R, const word *A, const word *B)
-{
-    DWord p;
-    word c, d, e;
-
-    p = DWord::Multiply(A[0], B[0]);
-    R[0] = p.GetLowHalf();
-    c = p.GetHighHalf();
-    d = e = 0;
-
-    MulAcc(0, 1);
-    MulAcc(1, 0);
-
-    SaveMulAcc(1, 2, 0);
-    MulAcc(1, 1);
-    MulAcc(0, 2);
-
-    SaveMulAcc(2, 0, 3);
-    MulAcc(1, 2);
-    MulAcc(2, 1);
-    MulAcc(3, 0);
-
-    SaveMulAcc(3, 3, 1);
-    MulAcc(2, 2);
-    MulAcc(1, 3);
-
-    SaveMulAcc(4, 2, 3);
-    MulAcc(3, 2);
-
-    R[5] = c;
-    p = DWord::MultiplyAndAdd(A[3], B[3], d);
-    R[6] = p.GetLowHalf();
-    R[7] = e + p.GetHighHalf();
-}
-
-void Portable::Square2(word *R, const word *A)
-{
-    DWord p, q;
-    word c, d, e;
-
-    p = DWord::Multiply(A[0], A[0]);
-    R[0] = p.GetLowHalf();
-    c = p.GetHighHalf();
-    d = e = 0;
-
-    SquAcc(0, 1);
-
-    R[1] = c;
-    p = DWord::MultiplyAndAdd(A[1], A[1], d);
-    R[2] = p.GetLowHalf();
-    R[3] = e + p.GetHighHalf();
-}
-
-void Portable::Square4(word *R, const word *A)
-{
-#ifdef _MSC_VER
-    // VC60 workaround: MSVC 6.0 has an optimization bug that makes
-    // (dword)A*B where either A or B has been cast to a dword before
-    // very expensive. Revisit this function when this
-    // bug is fixed.
-    Multiply4(R, A, A);
-#else
-    const word *B = A;
-    DWord p, q;
-    word c, d, e;
-
-    p = DWord::Multiply(A[0], A[0]);
-    R[0] = p.GetLowHalf();
-    c = p.GetHighHalf();
-    d = e = 0;
-
-    SquAcc(0, 1);
-
-    SaveSquAcc(1, 2, 0);
-    MulAcc(1, 1);
-
-    SaveSquAcc(2, 0, 3);
-    SquAcc(1, 2);
-
-    SaveSquAcc(3, 3, 1);
-    MulAcc(2, 2);
-
-    SaveSquAcc(4, 2, 3);
-
-    R[5] = c;
-    p = DWord::MultiplyAndAdd(A[3], A[3], d);
-    R[6] = p.GetLowHalf();
-    R[7] = e + p.GetHighHalf();
-#endif
-}
-
-void Portable::Multiply8(word *R, const word *A, const word *B)
-{
-    DWord p;
-    word c, d, e;
-
-    p = DWord::Multiply(A[0], B[0]);
-    R[0] = p.GetLowHalf();
-    c = p.GetHighHalf();
-    d = e = 0;
-
-    MulAcc(0, 1);
-    MulAcc(1, 0);
-
-    SaveMulAcc(1, 2, 0);
-    MulAcc(1, 1);
-    MulAcc(0, 2);
-
-    SaveMulAcc(2, 0, 3);
-    MulAcc(1, 2);
-    MulAcc(2, 1);
-    MulAcc(3, 0);
-
-    SaveMulAcc(3, 0, 4);
-    MulAcc(1, 3);
-    MulAcc(2, 2);
-    MulAcc(3, 1);
-    MulAcc(4, 0);
-
-    SaveMulAcc(4, 0, 5);
-    MulAcc(1, 4);
-    MulAcc(2, 3);
-    MulAcc(3, 2);
-    MulAcc(4, 1);
-    MulAcc(5, 0);
-
-    SaveMulAcc(5, 0, 6);
-    MulAcc(1, 5);
-    MulAcc(2, 4);
-    MulAcc(3, 3);
-    MulAcc(4, 2);
-    MulAcc(5, 1);
-    MulAcc(6, 0);
-
-    SaveMulAcc(6, 0, 7);
-    MulAcc(1, 6);
-    MulAcc(2, 5);
-    MulAcc(3, 4);
-    MulAcc(4, 3);
-    MulAcc(5, 2);
-    MulAcc(6, 1);
-    MulAcc(7, 0);
-
-    SaveMulAcc(7, 1, 7);
-    MulAcc(2, 6);
-    MulAcc(3, 5);
-    MulAcc(4, 4);
-    MulAcc(5, 3);
-    MulAcc(6, 2);
-    MulAcc(7, 1);
-
-    SaveMulAcc(8, 2, 7);
-    MulAcc(3, 6);
-    MulAcc(4, 5);
-    MulAcc(5, 4);
-    MulAcc(6, 3);
-    MulAcc(7, 2);
-
-    SaveMulAcc(9, 3, 7);
-    MulAcc(4, 6);
-    MulAcc(5, 5);
-    MulAcc(6, 4);
-    MulAcc(7, 3);
-
-    SaveMulAcc(10, 4, 7);
-    MulAcc(5, 6);
-    MulAcc(6, 5);
-    MulAcc(7, 4);
-
-    SaveMulAcc(11, 5, 7);
-    MulAcc(6, 6);
-    MulAcc(7, 5);
-
-    SaveMulAcc(12, 6, 7);
-    MulAcc(7, 6);
-
-    R[13] = c;
-    p = DWord::MultiplyAndAdd(A[7], B[7], d);
-    R[14] = p.GetLowHalf();
-    R[15] = e + p.GetHighHalf();
-}
-
-void Portable::Multiply4Bottom(word *R, const word *A, const word *B)
-{
-    DWord p;
-    word c, d, e;
-
-    p = DWord::Multiply(A[0], B[0]);
-    R[0] = p.GetLowHalf();
-    c = p.GetHighHalf();
-    d = e = 0;
-
-    MulAcc(0, 1);
-    MulAcc(1, 0);
-
-    SaveMulAcc(1, 2, 0);
-    MulAcc(1, 1);
-    MulAcc(0, 2);
-
-    R[2] = c;
-    R[3] = d + A[0] * B[3] + A[1] * B[2] + A[2] * B[1] + A[3] * B[0];
-}
-
-void Portable::Multiply8Bottom(word *R, const word *A, const word *B)
-{
-    DWord p;
-    word c, d, e;
-
-    p = DWord::Multiply(A[0], B[0]);
-    R[0] = p.GetLowHalf();
-    c = p.GetHighHalf();
-    d = e = 0;
-
-    MulAcc(0, 1);
-    MulAcc(1, 0);
-
-    SaveMulAcc(1, 2, 0);
-    MulAcc(1, 1);
-    MulAcc(0, 2);
-
-    SaveMulAcc(2, 0, 3);
-    MulAcc(1, 2);
-    MulAcc(2, 1);
-    MulAcc(3, 0);
-
-    SaveMulAcc(3, 0, 4);
-    MulAcc(1, 3);
-    MulAcc(2, 2);
-    MulAcc(3, 1);
-    MulAcc(4, 0);
-
-    SaveMulAcc(4, 0, 5);
-    MulAcc(1, 4);
-    MulAcc(2, 3);
-    MulAcc(3, 2);
-    MulAcc(4, 1);
-    MulAcc(5, 0);
-
-    SaveMulAcc(5, 0, 6);
-    MulAcc(1, 5);
-    MulAcc(2, 4);
-    MulAcc(3, 3);
-    MulAcc(4, 2);
-    MulAcc(5, 1);
-    MulAcc(6, 0);
-
-    R[6] = c;
-    R[7] = d + A[0] * B[7] + A[1] * B[6] + A[2] * B[5] + A[3] * B[4] +
-               A[4] * B[3] + A[5] * B[2] + A[6] * B[1] + A[7] * B[0];
-}
-
-
-#undef MulAcc
-#undef SaveMulAcc
-#undef SquAcc
-#undef SaveSquAcc
-
-// optimized
-
-#ifdef TAOCRYPT_X86ASM_AVAILABLE
-
-// ************** x86 feature detection ***************
-
-
-#ifdef SSE2_INTRINSICS_AVAILABLE
-
-#ifndef _MSC_VER
-    static jmp_buf s_env;
-    static void SigIllHandler(int)
-    {
-        longjmp(s_env, 1);
-    }
-#endif
-
-static bool HasSSE2()
-{
-    if (!IsPentium())
-        return false;
-
-    word32 cpuid[4];
-    CpuId(1, cpuid);
-    if ((cpuid[3] & (1 << 26)) == 0)
-        return false;
-
-#ifdef _MSC_VER
-    __try
-    {
-        __asm xorpd xmm0, xmm0        // executing SSE2 instruction
-    }
-    __except (1)
-    {
-        return false;
-    }
-    return true;
-#else
-    typedef void (*SigHandler)(int);
-
-    SigHandler oldHandler = signal(SIGILL, SigIllHandler);
-    if (oldHandler == SIG_ERR)
-        return false;
-
-    bool result = true;
-    if (setjmp(s_env))
-        result = false;
-    else
-        __asm __volatile ("xorpd %xmm0, %xmm0");
-
-    signal(SIGILL, oldHandler);
-    return result;
-#endif
-}
-#endif // SSE2_INTRINSICS_AVAILABLE
-
-
-static bool IsP4()
-{
-    if (!IsPentium())
-        return false;
-
-    word32 cpuid[4];
-
-    CpuId(1, cpuid);
-    return ((cpuid[0] >> 8) & 0xf) == 0xf;
-}
-
-// ************** Pentium/P4 optimizations ***************
-
-class PentiumOptimized : public Portable
-{
-public:
-    static word TAOCRYPT_CDECL Add(word *C, const word *A, const word *B,
-                                   unsigned int N);
-    static word TAOCRYPT_CDECL Subtract(word *C, const word *A, const word *B,
-                                        unsigned int N);
-    static void TAOCRYPT_CDECL Multiply4(word *C, const word *A,
-                                         const word *B);
-    static void TAOCRYPT_CDECL Multiply8(word *C, const word *A,
-                                         const word *B);
-    static void TAOCRYPT_CDECL Multiply8Bottom(word *C, const word *A,
-                                               const word *B);
-};
-
-class P4Optimized
-{
-public:
-    static word TAOCRYPT_CDECL Add(word *C, const word *A, const word *B,
-                                   unsigned int N);
-    static word TAOCRYPT_CDECL Subtract(word *C, const word *A, const word *B,
-                                        unsigned int N);
-#ifdef SSE2_INTRINSICS_AVAILABLE
-    static void TAOCRYPT_CDECL Multiply4(word *C, const word *A,
-                                         const word *B);
-    static void TAOCRYPT_CDECL Multiply8(word *C, const word *A,
-                                         const word *B);
-    static void TAOCRYPT_CDECL Multiply8Bottom(word *C, const word *A,
-                                               const word *B);
-#endif
-};
-
-typedef word (TAOCRYPT_CDECL * PAddSub)(word *C, const word *A, const word *B,
-                                        unsigned int N);
-typedef void (TAOCRYPT_CDECL * PMul)(word *C, const word *A, const word *B);
-
-static PAddSub s_pAdd, s_pSub;
-#ifdef SSE2_INTRINSICS_AVAILABLE
-static PMul s_pMul4, s_pMul8, s_pMul8B;
-#endif
-
-static void SetPentiumFunctionPointers()
-{
-    if (!IsPentium())
-    {   
-        s_pAdd = &Portable::Add;
-        s_pSub = &Portable::Subtract;
-    }
-    else if (IsP4())
-    {
-        s_pAdd = &P4Optimized::Add;
-        s_pSub = &P4Optimized::Subtract;
-    }
-    else
-    {
-        s_pAdd = &PentiumOptimized::Add;
-        s_pSub = &PentiumOptimized::Subtract;
-    }
-
-#ifdef SSE2_INTRINSICS_AVAILABLE
-    if (!IsPentium()) 
-    {
-        s_pMul4 = &Portable::Multiply4;
-        s_pMul8 = &Portable::Multiply8;
-        s_pMul8B = &Portable::Multiply8Bottom;
-    }
-    else if (HasSSE2())
-    {
-        s_pMul4 = &P4Optimized::Multiply4;
-        s_pMul8 = &P4Optimized::Multiply8;
-        s_pMul8B = &P4Optimized::Multiply8Bottom;
-    }
-    else
-    {
-        s_pMul4 = &PentiumOptimized::Multiply4;
-        s_pMul8 = &PentiumOptimized::Multiply8;
-        s_pMul8B = &PentiumOptimized::Multiply8Bottom;
-    }
-#endif
-}
-
-static const char s_RunAtStartupSetPentiumFunctionPointers =
-    (SetPentiumFunctionPointers(), 0);
-
-
-class LowLevel : public PentiumOptimized
-{
-public:
-    inline static word Add(word *C, const word *A, const word *B,
-                           unsigned int N)
-        {return s_pAdd(C, A, B, N);}
-    inline static word Subtract(word *C, const word *A, const word *B,
-                                unsigned int N)
-        {return s_pSub(C, A, B, N);}
-    inline static void Square4(word *R, const word *A)
-        {Multiply4(R, A, A);}
-#ifdef SSE2_INTRINSICS_AVAILABLE
-    inline static void Multiply4(word *C, const word *A, const word *B)
-        {s_pMul4(C, A, B);}
-    inline static void Multiply8(word *C, const word *A, const word *B)
-        {s_pMul8(C, A, B);}
-    inline static void Multiply8Bottom(word *C, const word *A, const word *B)
-        {s_pMul8B(C, A, B);}
-#endif
-};
-
-// use some tricks to share assembly code between MSVC and GCC
-#ifdef _MSC_VER
-    #define TAOCRYPT_NAKED __declspec(naked)
-    #define AS1(x) __asm x
-    #define AS2(x, y) __asm x, y
-    #define AddPrologue \
-        __asm	push ebp \
-        __asm	push ebx \
-        __asm	push esi \
-        __asm	push edi \
-        __asm	mov		ecx, [esp+20] \
-        __asm	mov		edx, [esp+24] \
-        __asm	mov		ebx, [esp+28] \
-        __asm	mov		esi, [esp+32]
-    #define AddEpilogue \
-        __asm	pop edi \
-        __asm	pop esi \
-        __asm	pop ebx \
-        __asm	pop ebp \
-        __asm	ret
-    #define MulPrologue \
-        __asm	push ebp \
-        __asm	push ebx \
-        __asm	push esi \
-        __asm	push edi \
-        __asm	mov ecx, [esp+28] \
-        __asm	mov esi, [esp+24] \
-        __asm	push [esp+20]
-    #define MulEpilogue \
-        __asm	add esp, 4 \
-        __asm	pop edi \
-        __asm	pop esi \
-        __asm	pop ebx \
-        __asm	pop ebp \
-        __asm	ret
-#else
-    #define TAOCRYPT_NAKED
-    #define AS1(x) #x ";"
-    #define AS2(x, y) #x ", " #y ";"
-    #define AddPrologue \
-        __asm__ __volatile__ \
-        ( \
-            "push %%ebx;"	/* save this manually, in case of -fPIC */ \
-            "mov %2, %%ebx;" \
-            ".intel_syntax noprefix;" \
-            "push ebp;"
-    #define AddEpilogue \
-            "pop ebp;" \
-            ".att_syntax prefix;" \
-            "pop %%ebx;" \
-                    : \
-                    : "c" (C), "d" (A), "m" (B), "S" (N) \
-                    : "%edi", "memory", "cc" \
-        );
-    #define MulPrologue \
-        __asm__ __volatile__ \
-        ( \
-            "push %%ebx;"	/* save this manually, in case of -fPIC */ \
-            "push %%ebp;" \
-            "push %0;" \
-            ".intel_syntax noprefix;"
-    #define MulEpilogue \
-            "add esp, 4;" \
-            "pop ebp;" \
-            "pop ebx;" \
-            ".att_syntax prefix;" \
-            : \
-            : "rm" (Z), "S" (X), "c" (Y) \
-            : "%eax", "%edx", "%edi", "memory", "cc" \
-        );
-#endif
-
-TAOCRYPT_NAKED word PentiumOptimized::Add(word *C, const word *A,
-                                          const word *B, unsigned int N)
-{
-    AddPrologue
-
-    // now: ebx = B, ecx = C, edx = A, esi = N
-    AS2(    sub ecx, edx)           // hold the distance between C & A so we
-                                    // can add this to A to get C
-    AS2(    xor eax, eax)           // clear eax
-
-    AS2(    sub eax, esi)           // eax is a negative index from end of B
-    AS2(    lea ebx, [ebx+4*esi])   // ebx is end of B
-
-    AS2(    sar eax, 1)             // unit of eax is now dwords; this also
-                                    // clears the carry flag
-    AS1(    jz  loopendAdd)         // if no dwords then nothing to do
-
-    AS1(loopstartAdd:)
-    AS2(    mov    esi,[edx])           // load lower word of A
-    AS2(    mov    ebp,[edx+4])         // load higher word of A
-
-    AS2(    mov    edi,[ebx+8*eax])     // load lower word of B
-    AS2(    lea    edx,[edx+8])         // advance A and C
-
-    AS2(    adc    esi,edi)             // add lower words
-    AS2(    mov    edi,[ebx+8*eax+4])   // load higher word of B
-
-    AS2(    adc    ebp,edi)             // add higher words
-    AS1(    inc    eax)                 // advance B
-
-    AS2(    mov    [edx+ecx-8],esi)     // store lower word result
-    AS2(    mov    [edx+ecx-4],ebp)     // store higher word result
-
-    AS1(    jnz    loopstartAdd)   // loop until eax overflows and becomes zero
-
-    AS1(loopendAdd:)
-    AS2(    adc eax, 0)     // store carry into eax (return result register)
-
-    AddEpilogue
-}
-
-TAOCRYPT_NAKED word PentiumOptimized::Subtract(word *C, const word *A,
-                                               const word *B, unsigned int N)
-{
-    AddPrologue
-
-    // now: ebx = B, ecx = C, edx = A, esi = N
-    AS2(    sub ecx, edx)           // hold the distance between C & A so we
-                                    // can add this to A to get C
-    AS2(    xor eax, eax)           // clear eax
-
-    AS2(    sub eax, esi)           // eax is a negative index from end of B
-    AS2(    lea ebx, [ebx+4*esi])   // ebx is end of B
-
-    AS2(    sar eax, 1)             // unit of eax is now dwords; this also
-                                    // clears the carry flag
-    AS1(    jz  loopendSub)         // if no dwords then nothing to do
-
-    AS1(loopstartSub:)
-    AS2(    mov    esi,[edx])           // load lower word of A
-    AS2(    mov    ebp,[edx+4])         // load higher word of A
-
-    AS2(    mov    edi,[ebx+8*eax])     // load lower word of B
-    AS2(    lea    edx,[edx+8])         // advance A and C
-
-    AS2(    sbb    esi,edi)             // subtract lower words
-    AS2(    mov    edi,[ebx+8*eax+4])   // load higher word of B
-
-    AS2(    sbb    ebp,edi)             // subtract higher words
-    AS1(    inc    eax)                 // advance B
-
-    AS2(    mov    [edx+ecx-8],esi)     // store lower word result
-    AS2(    mov    [edx+ecx-4],ebp)     // store higher word result
-
-    AS1(    jnz    loopstartSub)   // loop until eax overflows and becomes zero
-
-    AS1(loopendSub:)
-    AS2(    adc eax, 0)     // store carry into eax (return result register)
-
-    AddEpilogue
-}
-
-// On Pentium 4, the adc and sbb instructions are very expensive, so avoid them.
-
-TAOCRYPT_NAKED word P4Optimized::Add(word *C, const word *A, const word *B,
-                                     unsigned int N)
-{
-    AddPrologue
-
-    // now: ebx = B, ecx = C, edx = A, esi = N
-    AS2(    xor     eax, eax)
-    AS1(    neg     esi)
-    AS1(    jz      loopendAddP4)       // if no dwords then nothing to do
-
-    AS2(    mov     edi, [edx])
-    AS2(    mov     ebp, [ebx])
-    AS1(    jmp     carry1AddP4)
-
-    AS1(loopstartAddP4:)
-    AS2(    mov     edi, [edx+8])
-    AS2(    add     ecx, 8)
-    AS2(    add     edx, 8)
-    AS2(    mov     ebp, [ebx])
-    AS2(    add     edi, eax)
-    AS1(    jc      carry1AddP4)
-    AS2(    xor     eax, eax)
-
-    AS1(carry1AddP4:)
-    AS2(    add     edi, ebp)
-    AS2(    mov     ebp, 1)
-    AS2(    mov     [ecx], edi)
-    AS2(    mov     edi, [edx+4])
-    AS2(    cmovc   eax, ebp)
-    AS2(    mov     ebp, [ebx+4])
-    AS2(    add     ebx, 8)
-    AS2(    add     edi, eax)
-    AS1(    jc      carry2AddP4)
-    AS2(    xor     eax, eax)
-
-    AS1(carry2AddP4:)
-    AS2(    add     edi, ebp)
-    AS2(    mov     ebp, 1)
-    AS2(    cmovc   eax, ebp)
-    AS2(    mov     [ecx+4], edi)
-    AS2(    add     esi, 2)
-    AS1(    jnz     loopstartAddP4)
-
-    AS1(loopendAddP4:)
-
-    AddEpilogue
-}
-
-TAOCRYPT_NAKED word P4Optimized::Subtract(word *C, const word *A,
-                                          const word *B, unsigned int N)
-{
-    AddPrologue
-
-    // now: ebx = B, ecx = C, edx = A, esi = N
-    AS2(    xor     eax, eax)
-    AS1(    neg     esi)
-    AS1(    jz      loopendSubP4)       // if no dwords then nothing to do
-
-    AS2(    mov     edi, [edx])
-    AS2(    mov     ebp, [ebx])
-    AS1(    jmp     carry1SubP4)
-
-    AS1(loopstartSubP4:)
-    AS2(    mov     edi, [edx+8])
-    AS2(    add     edx, 8)
-    AS2(    add     ecx, 8)
-    AS2(    mov     ebp, [ebx])
-    AS2(    sub     edi, eax)
-    AS1(    jc      carry1SubP4)
-    AS2(    xor     eax, eax)
-
-    AS1(carry1SubP4:)
-    AS2(    sub     edi, ebp)
-    AS2(    mov     ebp, 1)
-    AS2(    mov     [ecx], edi)
-    AS2(    mov     edi, [edx+4])
-    AS2(    cmovc   eax, ebp)
-    AS2(    mov     ebp, [ebx+4])
-    AS2(    add     ebx, 8)
-    AS2(    sub     edi, eax)
-    AS1(    jc      carry2SubP4)
-    AS2(    xor     eax, eax)
-
-    AS1(carry2SubP4:)
-    AS2(    sub     edi, ebp)
-    AS2(    mov     ebp, 1)
-    AS2(    cmovc   eax, ebp)
-    AS2(    mov     [ecx+4], edi)
-    AS2(    add     esi, 2)
-    AS1(    jnz     loopstartSubP4)
-
-    AS1(loopendSubP4:)
-
-    AddEpilogue
-}
-
-// multiply assembly code originally contributed by Leonard Janke
-
-#define MulStartup \
-    AS2(xor ebp, ebp) \
-    AS2(xor edi, edi) \
-    AS2(xor ebx, ebx) 
-
-#define MulShiftCarry \
-    AS2(mov ebp, edx) \
-    AS2(mov edi, ebx) \
-    AS2(xor ebx, ebx)
-
-#define MulAccumulateBottom(i,j) \
-    AS2(mov eax, [ecx+4*j]) \
-    AS2(imul eax, dword ptr [esi+4*i]) \
-    AS2(add ebp, eax)
-
-#define MulAccumulate(i,j) \
-    AS2(mov eax, [ecx+4*j]) \
-    AS1(mul dword ptr [esi+4*i]) \
-    AS2(add ebp, eax) \
-    AS2(adc edi, edx) \
-    AS2(adc bl, bh)
-
-#define MulStoreDigit(i)  \
-    AS2(mov edx, edi) \
-    AS2(mov edi, [esp]) \
-    AS2(mov [edi+4*i], ebp)
-
-#define MulLastDiagonal(digits) \
-    AS2(mov eax, [ecx+4*(digits-1)]) \
-    AS1(mul dword ptr [esi+4*(digits-1)]) \
-    AS2(add ebp, eax) \
-    AS2(adc edx, edi) \
-    AS2(mov edi, [esp]) \
-    AS2(mov [edi+4*(2*digits-2)], ebp) \
-    AS2(mov [edi+4*(2*digits-1)], edx)
-
-TAOCRYPT_NAKED void PentiumOptimized::Multiply4(word* Z, const word* X,
-                                                const word* Y)
-{
-    MulPrologue
-    // now: [esp] = Z, esi = X, ecx = Y
-    MulStartup
-    MulAccumulate(0,0)
-    MulStoreDigit(0)
-    MulShiftCarry
-
-    MulAccumulate(1,0)
-    MulAccumulate(0,1)
-    MulStoreDigit(1)
-    MulShiftCarry
-
-    MulAccumulate(2,0)
-    MulAccumulate(1,1)
-    MulAccumulate(0,2)
-    MulStoreDigit(2)
-    MulShiftCarry
-
-    MulAccumulate(3,0)
-    MulAccumulate(2,1)
-    MulAccumulate(1,2)
-    MulAccumulate(0,3)
-    MulStoreDigit(3)
-    MulShiftCarry
-
-    MulAccumulate(3,1)
-    MulAccumulate(2,2)
-    MulAccumulate(1,3)
-    MulStoreDigit(4)
-    MulShiftCarry
-
-    MulAccumulate(3,2)
-    MulAccumulate(2,3)
-    MulStoreDigit(5)
-    MulShiftCarry
-
-    MulLastDiagonal(4)
-    MulEpilogue
-}
-
-TAOCRYPT_NAKED void PentiumOptimized::Multiply8(word* Z, const word* X,
-                                                const word* Y)
-{
-    MulPrologue
-    // now: [esp] = Z, esi = X, ecx = Y
-    MulStartup
-    MulAccumulate(0,0)
-    MulStoreDigit(0)
-    MulShiftCarry
-
-    MulAccumulate(1,0)
-    MulAccumulate(0,1)
-    MulStoreDigit(1)
-    MulShiftCarry
-
-    MulAccumulate(2,0)
-    MulAccumulate(1,1)
-    MulAccumulate(0,2)
-    MulStoreDigit(2)
-    MulShiftCarry
-
-    MulAccumulate(3,0)
-    MulAccumulate(2,1)
-    MulAccumulate(1,2)
-    MulAccumulate(0,3)
-    MulStoreDigit(3)
-    MulShiftCarry
-
-    MulAccumulate(4,0)
-    MulAccumulate(3,1)
-    MulAccumulate(2,2)
-    MulAccumulate(1,3)
-    MulAccumulate(0,4)
-    MulStoreDigit(4)
-    MulShiftCarry
-
-    MulAccumulate(5,0)
-    MulAccumulate(4,1)
-    MulAccumulate(3,2)
-    MulAccumulate(2,3)
-    MulAccumulate(1,4)
-    MulAccumulate(0,5)
-    MulStoreDigit(5)
-    MulShiftCarry
-
-    MulAccumulate(6,0)
-    MulAccumulate(5,1)
-    MulAccumulate(4,2)
-    MulAccumulate(3,3)
-    MulAccumulate(2,4)
-    MulAccumulate(1,5)
-    MulAccumulate(0,6)
-    MulStoreDigit(6)
-    MulShiftCarry
-
-    MulAccumulate(7,0)
-    MulAccumulate(6,1)
-    MulAccumulate(5,2)
-    MulAccumulate(4,3)
-    MulAccumulate(3,4)
-    MulAccumulate(2,5)
-    MulAccumulate(1,6)
-    MulAccumulate(0,7)
-    MulStoreDigit(7)
-    MulShiftCarry
-
-    MulAccumulate(7,1)
-    MulAccumulate(6,2)
-    MulAccumulate(5,3)
-    MulAccumulate(4,4)
-    MulAccumulate(3,5)
-    MulAccumulate(2,6)
-    MulAccumulate(1,7)
-    MulStoreDigit(8)
-    MulShiftCarry
-
-    MulAccumulate(7,2)
-    MulAccumulate(6,3)
-    MulAccumulate(5,4)
-    MulAccumulate(4,5)
-    MulAccumulate(3,6)
-    MulAccumulate(2,7)
-    MulStoreDigit(9)
-    MulShiftCarry
-
-    MulAccumulate(7,3)
-    MulAccumulate(6,4)
-    MulAccumulate(5,5)
-    MulAccumulate(4,6)
-    MulAccumulate(3,7)
-    MulStoreDigit(10)
-    MulShiftCarry
-
-    MulAccumulate(7,4)
-    MulAccumulate(6,5)
-    MulAccumulate(5,6)
-    MulAccumulate(4,7)
-    MulStoreDigit(11)
-    MulShiftCarry
-
-    MulAccumulate(7,5)
-    MulAccumulate(6,6)
-    MulAccumulate(5,7)
-    MulStoreDigit(12)
-    MulShiftCarry
-
-    MulAccumulate(7,6)
-    MulAccumulate(6,7)
-    MulStoreDigit(13)
-    MulShiftCarry
-
-    MulLastDiagonal(8)
-    MulEpilogue
-}
-
-TAOCRYPT_NAKED void PentiumOptimized::Multiply8Bottom(word* Z, const word* X,
-                                                      const word* Y)
-{
-    MulPrologue
-    // now: [esp] = Z, esi = X, ecx = Y
-    MulStartup
-    MulAccumulate(0,0)
-    MulStoreDigit(0)
-    MulShiftCarry
-
-    MulAccumulate(1,0)
-    MulAccumulate(0,1)
-    MulStoreDigit(1)
-    MulShiftCarry
-
-    MulAccumulate(2,0)
-    MulAccumulate(1,1)
-    MulAccumulate(0,2)
-    MulStoreDigit(2)
-    MulShiftCarry
-
-    MulAccumulate(3,0)
-    MulAccumulate(2,1)
-    MulAccumulate(1,2)
-    MulAccumulate(0,3)
-    MulStoreDigit(3)
-    MulShiftCarry
-
-    MulAccumulate(4,0)
-    MulAccumulate(3,1)
-    MulAccumulate(2,2)
-    MulAccumulate(1,3)
-    MulAccumulate(0,4)
-    MulStoreDigit(4)
-    MulShiftCarry
-
-    MulAccumulate(5,0)
-    MulAccumulate(4,1)
-    MulAccumulate(3,2)
-    MulAccumulate(2,3)
-    MulAccumulate(1,4)
-    MulAccumulate(0,5)
-    MulStoreDigit(5)
-    MulShiftCarry
-
-    MulAccumulate(6,0)
-    MulAccumulate(5,1)
-    MulAccumulate(4,2)
-    MulAccumulate(3,3)
-    MulAccumulate(2,4)
-    MulAccumulate(1,5)
-    MulAccumulate(0,6)
-    MulStoreDigit(6)
-    MulShiftCarry
-
-    MulAccumulateBottom(7,0)
-    MulAccumulateBottom(6,1)
-    MulAccumulateBottom(5,2)
-    MulAccumulateBottom(4,3)
-    MulAccumulateBottom(3,4)
-    MulAccumulateBottom(2,5)
-    MulAccumulateBottom(1,6)
-    MulAccumulateBottom(0,7)
-    MulStoreDigit(7)
-    MulEpilogue
-}
-
-#undef AS1
-#undef AS2
-
-#else	// not x86 - no processor specific code at this layer
-
-typedef Portable LowLevel;
-
-#endif
-
-#ifdef SSE2_INTRINSICS_AVAILABLE
-
-#ifdef __GNUC__
-#define TAOCRYPT_FASTCALL
-#else
-#define TAOCRYPT_FASTCALL __fastcall
-#endif
-
-static void TAOCRYPT_FASTCALL P4_Mul(__m128i *C, const __m128i *A,
-                                     const __m128i *B)
-{
-    __m128i a3210 = _mm_load_si128(A);
-    __m128i b3210 = _mm_load_si128(B);
-
-    __m128i sum;
-
-    __m128i z = _mm_setzero_si128();
-    __m128i a2b2_a0b0 = _mm_mul_epu32(a3210, b3210);
-    C[0] = a2b2_a0b0;
-
-    __m128i a3120 = _mm_shuffle_epi32(a3210, _MM_SHUFFLE(3, 1, 2, 0));
-    __m128i b3021 = _mm_shuffle_epi32(b3210, _MM_SHUFFLE(3, 0, 2, 1));
-    __m128i a1b0_a0b1 = _mm_mul_epu32(a3120, b3021);
-    __m128i a1b0 = _mm_unpackhi_epi32(a1b0_a0b1, z);
-    __m128i a0b1 = _mm_unpacklo_epi32(a1b0_a0b1, z);
-    C[1] = _mm_add_epi64(a1b0, a0b1);
-
-    __m128i a31 = _mm_srli_epi64(a3210, 32);
-    __m128i b31 = _mm_srli_epi64(b3210, 32);
-    __m128i a3b3_a1b1 = _mm_mul_epu32(a31, b31);
-    C[6] = a3b3_a1b1;
-
-    __m128i a1b1 = _mm_unpacklo_epi32(a3b3_a1b1, z);
-    __m128i b3012 = _mm_shuffle_epi32(b3210, _MM_SHUFFLE(3, 0, 1, 2));
-    __m128i a2b0_a0b2 = _mm_mul_epu32(a3210, b3012);
-    __m128i a0b2 = _mm_unpacklo_epi32(a2b0_a0b2, z);
-    __m128i a2b0 = _mm_unpackhi_epi32(a2b0_a0b2, z);
-    sum = _mm_add_epi64(a1b1, a0b2);
-    C[2] = _mm_add_epi64(sum, a2b0);
-
-    __m128i a2301 = _mm_shuffle_epi32(a3210, _MM_SHUFFLE(2, 3, 0, 1));
-    __m128i b2103 = _mm_shuffle_epi32(b3210, _MM_SHUFFLE(2, 1, 0, 3));
-    __m128i a3b0_a1b2 = _mm_mul_epu32(a2301, b3012);
-    __m128i a2b1_a0b3 = _mm_mul_epu32(a3210, b2103);
-    __m128i a3b0 = _mm_unpackhi_epi32(a3b0_a1b2, z);
-    __m128i a1b2 = _mm_unpacklo_epi32(a3b0_a1b2, z);
-    __m128i a2b1 = _mm_unpackhi_epi32(a2b1_a0b3, z);
-    __m128i a0b3 = _mm_unpacklo_epi32(a2b1_a0b3, z);
-    __m128i sum1 = _mm_add_epi64(a3b0, a1b2);
-    sum = _mm_add_epi64(a2b1, a0b3);
-    C[3] = _mm_add_epi64(sum, sum1);
-
-    __m128i	a3b1_a1b3 = _mm_mul_epu32(a2301, b2103);
-    __m128i a2b2 = _mm_unpackhi_epi32(a2b2_a0b0, z);
-    __m128i a3b1 = _mm_unpackhi_epi32(a3b1_a1b3, z);
-    __m128i a1b3 = _mm_unpacklo_epi32(a3b1_a1b3, z);
-    sum = _mm_add_epi64(a2b2, a3b1);
-    C[4] = _mm_add_epi64(sum, a1b3);
-
-    __m128i a1302 = _mm_shuffle_epi32(a3210, _MM_SHUFFLE(1, 3, 0, 2));
-    __m128i b1203 = _mm_shuffle_epi32(b3210, _MM_SHUFFLE(1, 2, 0, 3));
-    __m128i a3b2_a2b3 = _mm_mul_epu32(a1302, b1203);
-    __m128i a3b2 = _mm_unpackhi_epi32(a3b2_a2b3, z);
-    __m128i a2b3 = _mm_unpacklo_epi32(a3b2_a2b3, z);
-    C[5] = _mm_add_epi64(a3b2, a2b3);
-}
-
-void P4Optimized::Multiply4(word *C, const word *A, const word *B)
-{
-    __m128i temp[7];
-    const word *w = (word *)temp;
-    const __m64 *mw = (__m64 *)w;
-
-    P4_Mul(temp, (__m128i *)A, (__m128i *)B);
-
-    C[0] = w[0];
-
-    __m64 s1, s2;
-
-    __m64 w1 = _mm_cvtsi32_si64(w[1]);
-    __m64 w4 = mw[2];
-    __m64 w6 = mw[3];
-    __m64 w8 = mw[4];
-    __m64 w10 = mw[5];
-    __m64 w12 = mw[6];
-    __m64 w14 = mw[7];
-    __m64 w16 = mw[8];
-    __m64 w18 = mw[9];
-    __m64 w20 = mw[10];
-    __m64 w22 = mw[11];
-    __m64 w26 = _mm_cvtsi32_si64(w[26]);
-
-    s1 = _mm_add_si64(w1, w4);
-    C[1] = _mm_cvtsi64_si32(s1);
-    s1 = _mm_srli_si64(s1, 32);
-
-    s2 = _mm_add_si64(w6, w8);
-    s1 = _mm_add_si64(s1, s2);
-    C[2] = _mm_cvtsi64_si32(s1);
-    s1 = _mm_srli_si64(s1, 32);
-
-    s2 = _mm_add_si64(w10, w12);
-    s1 = _mm_add_si64(s1, s2);
-    C[3] = _mm_cvtsi64_si32(s1);
-    s1 = _mm_srli_si64(s1, 32);
-
-    s2 = _mm_add_si64(w14, w16);
-    s1 = _mm_add_si64(s1, s2);
-    C[4] = _mm_cvtsi64_si32(s1);
-    s1 = _mm_srli_si64(s1, 32);
-
-    s2 = _mm_add_si64(w18, w20);
-    s1 = _mm_add_si64(s1, s2);
-    C[5] = _mm_cvtsi64_si32(s1);
-    s1 = _mm_srli_si64(s1, 32);
-
-    s2 = _mm_add_si64(w22, w26);
-    s1 = _mm_add_si64(s1, s2);
-    C[6] = _mm_cvtsi64_si32(s1);
-    s1 = _mm_srli_si64(s1, 32);
-
-    C[7] = _mm_cvtsi64_si32(s1) + w[27];
-    _mm_empty();
-}
-
-void P4Optimized::Multiply8(word *C, const word *A, const word *B)
-{
-    __m128i temp[28];
-    const word *w = (word *)temp;
-    const __m64 *mw = (__m64 *)w;
-    const word *x = (word *)temp+7*4;
-    const __m64 *mx = (__m64 *)x;
-    const word *y = (word *)temp+7*4*2;
-    const __m64 *my = (__m64 *)y;
-    const word *z = (word *)temp+7*4*3;
-    const __m64 *mz = (__m64 *)z;
-
-    P4_Mul(temp, (__m128i *)A, (__m128i *)B);
-
-    P4_Mul(temp+7, (__m128i *)A+1, (__m128i *)B);
-
-    P4_Mul(temp+14, (__m128i *)A, (__m128i *)B+1);
-
-    P4_Mul(temp+21, (__m128i *)A+1, (__m128i *)B+1);
-
-    C[0] = w[0];
-
-    __m64 s1, s2, s3, s4;
-
-    __m64 w1 = _mm_cvtsi32_si64(w[1]);
-    __m64 w4 = mw[2];
-    __m64 w6 = mw[3];
-    __m64 w8 = mw[4];
-    __m64 w10 = mw[5];
-    __m64 w12 = mw[6];
-    __m64 w14 = mw[7];
-    __m64 w16 = mw[8];
-    __m64 w18 = mw[9];
-    __m64 w20 = mw[10];
-    __m64 w22 = mw[11];
-    __m64 w26 = _mm_cvtsi32_si64(w[26]);
-    __m64 w27 = _mm_cvtsi32_si64(w[27]);
-
-    __m64 x0 = _mm_cvtsi32_si64(x[0]);
-    __m64 x1 = _mm_cvtsi32_si64(x[1]);
-    __m64 x4 = mx[2];
-    __m64 x6 = mx[3];
-    __m64 x8 = mx[4];
-    __m64 x10 = mx[5];
-    __m64 x12 = mx[6];
-    __m64 x14 = mx[7];
-    __m64 x16 = mx[8];
-    __m64 x18 = mx[9];
-    __m64 x20 = mx[10];
-    __m64 x22 = mx[11];
-    __m64 x26 = _mm_cvtsi32_si64(x[26]);
-    __m64 x27 = _mm_cvtsi32_si64(x[27]);
-
-    __m64 y0 = _mm_cvtsi32_si64(y[0]);
-    __m64 y1 = _mm_cvtsi32_si64(y[1]);
-    __m64 y4 = my[2];
-    __m64 y6 = my[3];
-    __m64 y8 = my[4];
-    __m64 y10 = my[5];
-    __m64 y12 = my[6];
-    __m64 y14 = my[7];
-    __m64 y16 = my[8];
-    __m64 y18 = my[9];
-    __m64 y20 = my[10];
-    __m64 y22 = my[11];
-    __m64 y26 = _mm_cvtsi32_si64(y[26]);
-    __m64 y27 = _mm_cvtsi32_si64(y[27]);
-
-    __m64 z0 = _mm_cvtsi32_si64(z[0]);
-    __m64 z1 = _mm_cvtsi32_si64(z[1]);
-    __m64 z4 = mz[2];
-    __m64 z6 = mz[3];
-    __m64 z8 = mz[4];
-    __m64 z10 = mz[5];
-    __m64 z12 = mz[6];
-    __m64 z14 = mz[7];
-    __m64 z16 = mz[8];
-    __m64 z18 = mz[9];
-    __m64 z20 = mz[10];
-    __m64 z22 = mz[11];
-    __m64 z26 = _mm_cvtsi32_si64(z[26]);
-
-    s1 = _mm_add_si64(w1, w4);
-    C[1] = _mm_cvtsi64_si32(s1);
-    s1 = _mm_srli_si64(s1, 32);
-
-    s2 = _mm_add_si64(w6, w8);
-    s1 = _mm_add_si64(s1, s2);
-    C[2] = _mm_cvtsi64_si32(s1);
-    s1 = _mm_srli_si64(s1, 32);
-
-    s2 = _mm_add_si64(w10, w12);
-    s1 = _mm_add_si64(s1, s2);
-    C[3] = _mm_cvtsi64_si32(s1);
-    s1 = _mm_srli_si64(s1, 32);
-
-    s3 = _mm_add_si64(x0, y0);
-    s2 = _mm_add_si64(w14, w16);
-    s1 = _mm_add_si64(s1, s3);
-    s1 = _mm_add_si64(s1, s2);
-    C[4] = _mm_cvtsi64_si32(s1);
-    s1 = _mm_srli_si64(s1, 32);
-
-    s3 = _mm_add_si64(x1, y1);
-    s4 = _mm_add_si64(x4, y4);
-    s1 = _mm_add_si64(s1, w18);
-    s3 = _mm_add_si64(s3, s4);
-    s1 = _mm_add_si64(s1, w20);
-    s1 = _mm_add_si64(s1, s3);
-    C[5] = _mm_cvtsi64_si32(s1);
-    s1 = _mm_srli_si64(s1, 32);
-
-    s3 = _mm_add_si64(x6, y6);
-    s4 = _mm_add_si64(x8, y8);
-    s1 = _mm_add_si64(s1, w22);
-    s3 = _mm_add_si64(s3, s4);
-    s1 = _mm_add_si64(s1, w26);
-    s1 = _mm_add_si64(s1, s3);
-    C[6] = _mm_cvtsi64_si32(s1);
-    s1 = _mm_srli_si64(s1, 32);
-
-    s3 = _mm_add_si64(x10, y10);
-    s4 = _mm_add_si64(x12, y12);
-    s1 = _mm_add_si64(s1, w27);
-    s3 = _mm_add_si64(s3, s4);
-    s1 = _mm_add_si64(s1, s3);
-    C[7] = _mm_cvtsi64_si32(s1);
-    s1 = _mm_srli_si64(s1, 32);
-
-    s3 = _mm_add_si64(x14, y14);
-    s4 = _mm_add_si64(x16, y16);
-    s1 = _mm_add_si64(s1, z0);
-    s3 = _mm_add_si64(s3, s4);
-    s1 = _mm_add_si64(s1, s3);
-    C[8] = _mm_cvtsi64_si32(s1);
-    s1 = _mm_srli_si64(s1, 32);
-
-    s3 = _mm_add_si64(x18, y18);
-    s4 = _mm_add_si64(x20, y20);
-    s1 = _mm_add_si64(s1, z1);
-    s3 = _mm_add_si64(s3, s4);
-    s1 = _mm_add_si64(s1, z4);
-    s1 = _mm_add_si64(s1, s3);
-    C[9] = _mm_cvtsi64_si32(s1);
-    s1 = _mm_srli_si64(s1, 32);
-
-    s3 = _mm_add_si64(x22, y22);
-    s4 = _mm_add_si64(x26, y26);
-    s1 = _mm_add_si64(s1, z6);
-    s3 = _mm_add_si64(s3, s4);
-    s1 = _mm_add_si64(s1, z8);
-    s1 = _mm_add_si64(s1, s3);
-    C[10] = _mm_cvtsi64_si32(s1);
-    s1 = _mm_srli_si64(s1, 32);
-
-    s3 = _mm_add_si64(x27, y27);
-    s1 = _mm_add_si64(s1, z10);
-    s1 = _mm_add_si64(s1, z12);
-    s1 = _mm_add_si64(s1, s3);
-    C[11] = _mm_cvtsi64_si32(s1);
-    s1 = _mm_srli_si64(s1, 32);
-
-    s3 = _mm_add_si64(z14, z16);
-    s1 = _mm_add_si64(s1, s3);
-    C[12] = _mm_cvtsi64_si32(s1);
-    s1 = _mm_srli_si64(s1, 32);
-
-    s3 = _mm_add_si64(z18, z20);
-    s1 = _mm_add_si64(s1, s3);
-    C[13] = _mm_cvtsi64_si32(s1);
-    s1 = _mm_srli_si64(s1, 32);
-
-    s3 = _mm_add_si64(z22, z26);
-    s1 = _mm_add_si64(s1, s3);
-    C[14] = _mm_cvtsi64_si32(s1);
-    s1 = _mm_srli_si64(s1, 32);
-
-    C[15] = z[27] + _mm_cvtsi64_si32(s1);
-    _mm_empty();
-}
-
-void P4Optimized::Multiply8Bottom(word *C, const word *A, const word *B)
-{
-    __m128i temp[21];
-    const word *w = (word *)temp;
-    const __m64 *mw = (__m64 *)w;
-    const word *x = (word *)temp+7*4;
-    const __m64 *mx = (__m64 *)x;
-    const word *y = (word *)temp+7*4*2;
-    const __m64 *my = (__m64 *)y;
-
-    P4_Mul(temp, (__m128i *)A, (__m128i *)B);
-
-    P4_Mul(temp+7, (__m128i *)A+1, (__m128i *)B);
-
-    P4_Mul(temp+14, (__m128i *)A, (__m128i *)B+1);
-
-    C[0] = w[0];
-
-    __m64 s1, s2, s3, s4;
-
-    __m64 w1 = _mm_cvtsi32_si64(w[1]);
-    __m64 w4 = mw[2];
-    __m64 w6 = mw[3];
-    __m64 w8 = mw[4];
-    __m64 w10 = mw[5];
-    __m64 w12 = mw[6];
-    __m64 w14 = mw[7];
-    __m64 w16 = mw[8];
-    __m64 w18 = mw[9];
-    __m64 w20 = mw[10];
-    __m64 w22 = mw[11];
-    __m64 w26 = _mm_cvtsi32_si64(w[26]);
-
-    __m64 x0 = _mm_cvtsi32_si64(x[0]);
-    __m64 x1 = _mm_cvtsi32_si64(x[1]);
-    __m64 x4 = mx[2];
-    __m64 x6 = mx[3];
-    __m64 x8 = mx[4];
-
-    __m64 y0 = _mm_cvtsi32_si64(y[0]);
-    __m64 y1 = _mm_cvtsi32_si64(y[1]);
-    __m64 y4 = my[2];
-    __m64 y6 = my[3];
-    __m64 y8 = my[4];
-
-    s1 = _mm_add_si64(w1, w4);
-    C[1] = _mm_cvtsi64_si32(s1);
-    s1 = _mm_srli_si64(s1, 32);
-
-    s2 = _mm_add_si64(w6, w8);
-    s1 = _mm_add_si64(s1, s2);
-    C[2] = _mm_cvtsi64_si32(s1);
-    s1 = _mm_srli_si64(s1, 32);
-
-    s2 = _mm_add_si64(w10, w12);
-    s1 = _mm_add_si64(s1, s2);
-    C[3] = _mm_cvtsi64_si32(s1);
-    s1 = _mm_srli_si64(s1, 32);
-
-    s3 = _mm_add_si64(x0, y0);
-    s2 = _mm_add_si64(w14, w16);
-    s1 = _mm_add_si64(s1, s3);
-    s1 = _mm_add_si64(s1, s2);
-    C[4] = _mm_cvtsi64_si32(s1);
-    s1 = _mm_srli_si64(s1, 32);
-
-    s3 = _mm_add_si64(x1, y1);
-    s4 = _mm_add_si64(x4, y4);
-    s1 = _mm_add_si64(s1, w18);
-    s3 = _mm_add_si64(s3, s4);
-    s1 = _mm_add_si64(s1, w20);
-    s1 = _mm_add_si64(s1, s3);
-    C[5] = _mm_cvtsi64_si32(s1);
-    s1 = _mm_srli_si64(s1, 32);
-
-    s3 = _mm_add_si64(x6, y6);
-    s4 = _mm_add_si64(x8, y8);
-    s1 = _mm_add_si64(s1, w22);
-    s3 = _mm_add_si64(s3, s4);
-    s1 = _mm_add_si64(s1, w26);
-    s1 = _mm_add_si64(s1, s3);
-    C[6] = _mm_cvtsi64_si32(s1);
-    s1 = _mm_srli_si64(s1, 32);
-
-    C[7] = _mm_cvtsi64_si32(s1) + w[27] + x[10] + y[10] + x[12] + y[12];
-    _mm_empty();
-}
-
-#endif	// #ifdef SSE2_INTRINSICS_AVAILABLE
-
-// end optimized
-
-// ********************************************************
-
-#define A0      A
-#define A1      (A+N2)
-#define B0      B
-#define B1      (B+N2)
-
-#define T0      T
-#define T1      (T+N2)
-#define T2      (T+N)
-#define T3      (T+N+N2)
-
-#define R0      R
-#define R1      (R+N2)
-#define R2      (R+N)
-#define R3      (R+N+N2)
-
-//VC60 workaround: compiler bug triggered without the extra dummy parameters
-
-// R[2*N] - result = A*B
-// T[2*N] - temporary work space
-// A[N] --- multiplier
-// B[N] --- multiplicant
-
-
-void RecursiveMultiply(word *R, word *T, const word *A, const word *B,
-                       unsigned int N)
-{
-    if (LowLevel::MultiplyRecursionLimit() >= 8 && N==8)
-        LowLevel::Multiply8(R, A, B);
-    else if (LowLevel::MultiplyRecursionLimit() >= 4 && N==4)
-        LowLevel::Multiply4(R, A, B);
-    else if (N==2)
-        LowLevel::Multiply2(R, A, B);
-    else
-    {
-        const unsigned int N2 = N/2;
-        int carry;
-
-        int aComp = Compare(A0, A1, N2);
-        int bComp = Compare(B0, B1, N2);
-
-        switch (2*aComp + aComp + bComp)
-        {
-        case -4:
-            LowLevel::Subtract(R0, A1, A0, N2);
-            LowLevel::Subtract(R1, B0, B1, N2);
-            RecursiveMultiply(T0, T2, R0, R1, N2);
-            LowLevel::Subtract(T1, T1, R0, N2);
-            carry = -1;
-            break;
-        case -2:
-            LowLevel::Subtract(R0, A1, A0, N2);
-            LowLevel::Subtract(R1, B0, B1, N2);
-            RecursiveMultiply(T0, T2, R0, R1, N2);
-            carry = 0;
-            break;
-        case 2:
-            LowLevel::Subtract(R0, A0, A1, N2);
-            LowLevel::Subtract(R1, B1, B0, N2);
-            RecursiveMultiply(T0, T2, R0, R1, N2);
-            carry = 0;
-            break;
-        case 4:
-            LowLevel::Subtract(R0, A1, A0, N2);
-            LowLevel::Subtract(R1, B0, B1, N2);
-            RecursiveMultiply(T0, T2, R0, R1, N2);
-            LowLevel::Subtract(T1, T1, R1, N2);
-            carry = -1;
-            break;
-        default:
-            SetWords(T0, 0, N);
-            carry = 0;
-        }
-
-        RecursiveMultiply(R0, T2, A0, B0, N2);
-        RecursiveMultiply(R2, T2, A1, B1, N2);
-
-        // now T[01] holds (A1-A0)*(B0-B1),R[01] holds A0*B0, R[23] holds A1*B1
-
-        carry += LowLevel::Add(T0, T0, R0, N);
-        carry += LowLevel::Add(T0, T0, R2, N);
-        carry += LowLevel::Add(R1, R1, T0, N);
-
-        Increment(R3, N2, carry);
-    }
-}
-
-
-void RecursiveSquare(word *R, word *T, const word *A, unsigned int N)                     
-{
-    if (LowLevel::SquareRecursionLimit() >= 4 && N==4)
-        LowLevel::Square4(R, A);
-    else if (N==2)
-        LowLevel::Square2(R, A);
-    else
-    {
-        const unsigned int N2 = N/2;
-
-        RecursiveSquare(R0, T2, A0, N2);
-        RecursiveSquare(R2, T2, A1, N2);
-        RecursiveMultiply(T0, T2, A0, A1, N2);
-
-        word carry = LowLevel::Add(R1, R1, T0, N);
-        carry += LowLevel::Add(R1, R1, T0, N);
-        Increment(R3, N2, carry);
-    }
-}
-
-
-// R[N] - bottom half of A*B
-// T[N] - temporary work space
-// A[N] - multiplier
-// B[N] - multiplicant
-
-
-void RecursiveMultiplyBottom(word *R, word *T, const word *A, const word *B,
-                             unsigned int N)
-{
-    if (LowLevel::MultiplyBottomRecursionLimit() >= 8 && N==8)
-        LowLevel::Multiply8Bottom(R, A, B);
-    else if (LowLevel::MultiplyBottomRecursionLimit() >= 4 && N==4)
-        LowLevel::Multiply4Bottom(R, A, B);
-    else if (N==2)
-        LowLevel::Multiply2Bottom(R, A, B);
-    else
-    {
-        const unsigned int N2 = N/2;
-
-        RecursiveMultiply(R, T, A0, B0, N2);
-        RecursiveMultiplyBottom(T0, T1, A1, B0, N2);
-        LowLevel::Add(R1, R1, T0, N2);
-        RecursiveMultiplyBottom(T0, T1, A0, B1, N2);
-        LowLevel::Add(R1, R1, T0, N2);
-    }
-}
-
-
-void RecursiveMultiplyTop(word *R, word *T, const word *L, const word *A,
-                          const word *B, unsigned int N)
-{
-    if (N==4)
-    {
-        LowLevel::Multiply4(T, A, B);
-        memcpy(R, T+4, 4*WORD_SIZE);
-    }
-    else if (N==2)
-    {
-        LowLevel::Multiply2(T, A, B);
-        memcpy(R, T+2, 2*WORD_SIZE);
-    }
-    else
-    {
-        const unsigned int N2 = N/2;
-        int carry;
-
-        int aComp = Compare(A0, A1, N2);
-        int bComp = Compare(B0, B1, N2);
-
-        switch (2*aComp + aComp + bComp)
-        {
-        case -4:
-            LowLevel::Subtract(R0, A1, A0, N2);
-            LowLevel::Subtract(R1, B0, B1, N2);
-            RecursiveMultiply(T0, T2, R0, R1, N2);
-            LowLevel::Subtract(T1, T1, R0, N2);
-            carry = -1;
-            break;
-        case -2:
-            LowLevel::Subtract(R0, A1, A0, N2);
-            LowLevel::Subtract(R1, B0, B1, N2);
-            RecursiveMultiply(T0, T2, R0, R1, N2);
-            carry = 0;
-            break;
-        case 2:
-            LowLevel::Subtract(R0, A0, A1, N2);
-            LowLevel::Subtract(R1, B1, B0, N2);
-            RecursiveMultiply(T0, T2, R0, R1, N2);
-            carry = 0;
-            break;
-        case 4:
-            LowLevel::Subtract(R0, A1, A0, N2);
-            LowLevel::Subtract(R1, B0, B1, N2);
-            RecursiveMultiply(T0, T2, R0, R1, N2);
-            LowLevel::Subtract(T1, T1, R1, N2);
-            carry = -1;
-            break;
-        default:
-            SetWords(T0, 0, N);
-            carry = 0;
-        }
-
-        RecursiveMultiply(T2, R0, A1, B1, N2);
-
-        // now T[01] holds (A1-A0)*(B0-B1), T[23] holds A1*B1
-
-        word c2 = LowLevel::Subtract(R0, L+N2, L, N2);
-        c2 += LowLevel::Subtract(R0, R0, T0, N2);
-        word t = (Compare(R0, T2, N2) == -1);
-
-        carry += t;
-        carry += Increment(R0, N2, c2+t);
-        carry += LowLevel::Add(R0, R0, T1, N2);
-        carry += LowLevel::Add(R0, R0, T3, N2);
-
-        CopyWords(R1, T3, N2);
-        Increment(R1, N2, carry);
-    }
-}
-
-
-inline word Add(word *C, const word *A, const word *B, unsigned int N)
-{
-    return LowLevel::Add(C, A, B, N);
-}
-
-inline word Subtract(word *C, const word *A, const word *B, unsigned int N)
-{
-    return LowLevel::Subtract(C, A, B, N);
-}
-
-inline void Multiply(word *R, word *T, const word *A, const word *B,
-                     unsigned int N)
-{
-    RecursiveMultiply(R, T, A, B, N);
-}
-
-inline void Square(word *R, word *T, const word *A, unsigned int N)
-{
-    RecursiveSquare(R, T, A, N);
-}
-
-
-void AsymmetricMultiply(word *R, word *T, const word *A, unsigned int NA,
-                        const word *B, unsigned int NB)
-{
-    if (NA == NB)
-    {
-        if (A == B)
-            Square(R, T, A, NA);
-        else
-            Multiply(R, T, A, B, NA);
-
-        return;
-    }
-
-    if (NA > NB)
-    {
-        STL::swap(A, B);
-        STL::swap(NA, NB);
-    }
-
-    if (NA==2 && !A[1])
-    {
-        switch (A[0])
-        {
-        case 0:
-            SetWords(R, 0, NB+2);
-            return;
-        case 1:
-            CopyWords(R, B, NB);
-            R[NB] = R[NB+1] = 0;
-            return;
-        default:
-            R[NB] = LinearMultiply(R, B, A[0], NB);
-            R[NB+1] = 0;
-            return;
-        }
-    }
-
-    Multiply(R, T, A, B, NA);
-    CopyWords(T+2*NA, R+NA, NA);
-
-    unsigned i;
-
-    for (i=2*NA; i>=1;
-            i++;
-        }
-        k+=i;
-
-        if (t==1 && f[1]==0 && EvenWordCount(f, fgLen)==2)
-        {
-            if (s%2==0)
-                CopyWords(R, b, N);
-            else
-                Subtract(R, M, b, N);
-            return k;
-        }
-
-        ShiftWordsRightByBits(f, fgLen, i);
-        t=ShiftWordsLeftByBits(c, bcLen, i);
-        if (t)
-        {
-            c[bcLen] = t;
-            bcLen+=2;
-        }
-
-        if (f[fgLen-2]==0 && g[fgLen-2]==0 && f[fgLen-1]==0 && g[fgLen-1]==0)
-            fgLen-=2;
-
-        if (Compare(f, g, fgLen)==-1)
-        {
-            STL::swap(f, g);
-            STL::swap(b, c);
-            s++;
-        }
-
-        Subtract(f, f, g, fgLen);
-
-        if (Add(b, b, c, bcLen))
-        {
-            b[bcLen] = 1;
-            bcLen+=2;
-        }
-    }
-}
-
-// R[N] - result = A/(2^k) mod M
-// A[N] - input
-// M[N] - modulus
-
-void DivideByPower2Mod(word *R, const word *A, unsigned int k, const word *M,
-                       unsigned int N)
-{
-    CopyWords(R, A, N);
-
-    while (k--)
-    {
-        if (R[0]%2==0)
-            ShiftWordsRightByBits(R, N, 1);
-        else
-        {
-            word carry = Add(R, R, M, N);
-            ShiftWordsRightByBits(R, N, 1);
-            R[N-1] += carry<<(WORD_BITS-1);
-        }
-    }
-}
-
-// R[N] - result = A*(2^k) mod M
-// A[N] - input
-// M[N] - modulus
-
-void MultiplyByPower2Mod(word *R, const word *A, unsigned int k, const word *M,
-                         unsigned int N)
-{
-    CopyWords(R, A, N);
-
-    while (k--)
-        if (ShiftWordsLeftByBits(R, N, 1) || Compare(R, M, N)>=0)
-            Subtract(R, R, M, N);
-}
-
-
-// ********** end of integer needs
-
-
-Integer::Integer()
-    : reg_(2), sign_(POSITIVE)
-{
-    reg_[0] = reg_[1] = 0;
-}
-
-
-Integer::Integer(const Integer& t)
-    : reg_(RoundupSize(t.WordCount())), sign_(t.sign_)
-{
-    CopyWords(reg_.get_buffer(), t.reg_.get_buffer(), reg_.size());
-}
-
-
-Integer::Integer(signed long value)
-    : reg_(2)
-{
-    if (value >= 0)
-        sign_ = POSITIVE;
-    else
-    {
-        sign_ = NEGATIVE;
-        value = -value;
-    }
-    reg_[0] = word(value);
-    reg_[1] = word(SafeRightShift(value));
-}
-
-
-Integer::Integer(Sign s, word high, word low)
-    : reg_(2), sign_(s)
-{
-    reg_[0] = low;
-    reg_[1] = high;
-}
-
-
-Integer::Integer(word value, unsigned int length)
-    : reg_(RoundupSize(length)), sign_(POSITIVE)
-{
-    reg_[0] = value;
-    SetWords(reg_ + 1, 0, reg_.size() - 1);
-}
-
-
-Integer::Integer(const byte *encodedInteger, unsigned int byteCount,
-                 Signedness s)
-{
-    Decode(encodedInteger, byteCount, s);
-}
-
-class BadBER {};
-
-// BER Decode Source
-Integer::Integer(Source& source)
-    : reg_(2), sign_(POSITIVE)
-{
-    Decode(source);
-}
-
-void Integer::Decode(Source& source)
-{
-    byte b = source.next();
-    if (b != INTEGER) {
-        source.SetError(INTEGER_E);
-        return;
-    }
-
-    word32 length = GetLength(source);
-    if (length == 0 || source.GetError().What()) return;
-
-    if ( (b = source.next()) == 0x00)
-        length--;
-    else
-        source.prev();
-
-    if (source.IsLeft(length) == false) return;
- 
-    unsigned int words = (length + WORD_SIZE - 1) / WORD_SIZE;
-    words = RoundupSize(words);
-    if (words > reg_.size()) reg_.CleanNew(words);
-
-    for (int j = length; j > 0; j--) {
-        b = source.next();
-        reg_ [(j-1) / WORD_SIZE] |= (word)b << ((j-1) % WORD_SIZE) * 8;
-    }
-}
-
-
-void Integer::Decode(const byte* input, unsigned int inputLen, Signedness s)
-{
-    unsigned int idx(0);
-    byte b = 0; 
-    if (inputLen>0)
-        b = input[idx];   // peek
-    sign_  = ((s==SIGNED) && (b & 0x80)) ? NEGATIVE : POSITIVE;
-
-    while (inputLen>0 && (sign_==POSITIVE ? b==0 : b==0xff))
-    {
-        idx++;   // skip
-        if (--inputLen>0)
-            b = input[idx];  // peek
-    }
-
-    reg_.CleanNew(RoundupSize(BytesToWords(inputLen)));
-
-    for (unsigned int i=inputLen; i > 0; i--)
-    {
-        b = input[idx++];
-        reg_[(i-1)/WORD_SIZE] |= (word)b << ((i-1)%WORD_SIZE)*8;
-    }
-
-    if (sign_ == NEGATIVE)
-    {
-        for (unsigned i=inputLen; i 0; i--)
-            output[idx++] = GetByte(i-1);
-    }
-    else
-    {
-        // take two's complement of *this
-        Integer temp = Integer::Power2(8*max(ByteCount(), outputLen)) + *this;
-        for (unsigned i=0; i range);
-
-    *this += min;
-}
-
-
-Integer Integer::Power2(unsigned int e)
-{
-    Integer r((word)0, BitsToWords(e + 1));
-    r.SetBit(e);
-    return r;
-}
-
-
-void Integer::SetBit(unsigned int n, bool value)
-{
-    if (value)
-    {
-        reg_.CleanGrow(RoundupSize(BitsToWords(n + 1)));
-        reg_[n / WORD_BITS] |= (word(1) << (n % WORD_BITS));
-    }
-    else
-    {
-        if (n / WORD_BITS < reg_.size())
-            reg_[n / WORD_BITS] &= ~(word(1) << (n % WORD_BITS));
-    }
-}
-
-
-void Integer::SetByte(unsigned int n, byte value)
-{
-    reg_.CleanGrow(RoundupSize(BytesToWords(n+1)));
-    reg_[n/WORD_SIZE] &= ~(word(0xff) << 8*(n%WORD_SIZE));
-    reg_[n/WORD_SIZE] |= (word(value) << 8*(n%WORD_SIZE));
-}
-
-
-void Integer::Negate()
-{
-    if (!!(*this))	// don't flip sign if *this==0
-        sign_ = Sign(1 - sign_);
-}
-
-
-bool Integer::operator!() const
-{
-    return IsNegative() ? false : (reg_[0]==0 && WordCount()==0);
-}
-
-
-Integer& Integer::operator=(const Integer& t)
-{
-    if (this != &t)
-    {
-        reg_.New(RoundupSize(t.WordCount()));
-        CopyWords(reg_.get_buffer(), t.reg_.get_buffer(), reg_.size());
-        sign_ = t.sign_;
-    }
-    return *this;
-}
-
-
-Integer& Integer::operator+=(const Integer& t)
-{
-    reg_.CleanGrow(t.reg_.size());
-    if (NotNegative())
-    {
-        if (t.NotNegative())
-            PositiveAdd(*this, *this, t);
-        else
-            PositiveSubtract(*this, *this, t);
-    }
-    else
-    {
-        if (t.NotNegative())
-            PositiveSubtract(*this, t, *this);
-        else
-        {
-            PositiveAdd(*this, *this, t);
-            sign_ = Integer::NEGATIVE;
-        }
-    }
-    return *this;
-}
-
-
-Integer Integer::operator-() const
-{
-    Integer result(*this);
-    result.Negate();
-    return result;
-}
-
-
-Integer& Integer::operator-=(const Integer& t)
-{
-    reg_.CleanGrow(t.reg_.size());
-    if (NotNegative())
-    {
-        if (t.NotNegative())
-            PositiveSubtract(*this, *this, t);
-        else
-            PositiveAdd(*this, *this, t);
-    }
-    else
-    {
-        if (t.NotNegative())
-        {
-            PositiveAdd(*this, *this, t);
-            sign_ = Integer::NEGATIVE;
-        }
-        else
-            PositiveSubtract(*this, t, *this);
-    }
-    return *this;
-}
-
-
-Integer& Integer::operator++()
-{
-    if (NotNegative())
-    {
-        if (Increment(reg_.get_buffer(), reg_.size()))
-        {
-            reg_.CleanGrow(2*reg_.size());
-            reg_[reg_.size()/2]=1;
-        }
-    }
-    else
-    {
-        word borrow = Decrement(reg_.get_buffer(), reg_.size());
-        (void)borrow;           // shut up compiler
-        if (WordCount()==0)
-            *this = Zero();
-    }
-    return *this;
-}
-
-Integer& Integer::operator--()
-{
-    if (IsNegative())
-    {
-        if (Increment(reg_.get_buffer(), reg_.size()))
-        {
-            reg_.CleanGrow(2*reg_.size());
-            reg_[reg_.size()/2]=1;
-        }
-    }
-    else
-    {
-        if (Decrement(reg_.get_buffer(), reg_.size()))
-            *this = -One();
-    }
-    return *this;
-}
-
-
-Integer& Integer::operator<<=(unsigned int n)
-{
-    const unsigned int wordCount = WordCount();
-    const unsigned int shiftWords = n / WORD_BITS;
-    const unsigned int shiftBits = n % WORD_BITS;
-
-    reg_.CleanGrow(RoundupSize(wordCount+BitsToWords(n)));
-    ShiftWordsLeftByWords(reg_.get_buffer(), wordCount + shiftWords,
-                          shiftWords);
-    ShiftWordsLeftByBits(reg_+shiftWords, wordCount+BitsToWords(shiftBits),
-                         shiftBits);
-    return *this;
-}
-
-Integer& Integer::operator>>=(unsigned int n)
-{
-    const unsigned int wordCount = WordCount();
-    const unsigned int shiftWords = n / WORD_BITS;
-    const unsigned int shiftBits = n % WORD_BITS;
-
-    ShiftWordsRightByWords(reg_.get_buffer(), wordCount, shiftWords);
-    if (wordCount > shiftWords)
-        ShiftWordsRightByBits(reg_.get_buffer(), wordCount-shiftWords,
-                              shiftBits);
-    if (IsNegative() && WordCount()==0)   // avoid -0
-        *this = Zero();
-    return *this;
-}
-
-
-void PositiveAdd(Integer& sum, const Integer& a, const Integer& b)
-{
-    word carry;
-    if (a.reg_.size() == b.reg_.size())
-        carry = Add(sum.reg_.get_buffer(), a.reg_.get_buffer(),
-                    b.reg_.get_buffer(), a.reg_.size());
-    else if (a.reg_.size() > b.reg_.size())
-    {
-        carry = Add(sum.reg_.get_buffer(), a.reg_.get_buffer(),
-                    b.reg_.get_buffer(), b.reg_.size());
-        CopyWords(sum.reg_+b.reg_.size(), a.reg_+b.reg_.size(),
-                  a.reg_.size()-b.reg_.size());
-        carry = Increment(sum.reg_+b.reg_.size(), a.reg_.size()-b.reg_.size(),
-                          carry);
-    }
-    else
-    {
-        carry = Add(sum.reg_.get_buffer(), a.reg_.get_buffer(),
-                    b.reg_.get_buffer(), a.reg_.size());
-        CopyWords(sum.reg_+a.reg_.size(), b.reg_+a.reg_.size(),
-                  b.reg_.size()-a.reg_.size());
-        carry = Increment(sum.reg_+a.reg_.size(), b.reg_.size()-a.reg_.size(),
-                          carry);
-    }
-
-    if (carry)
-    {
-        sum.reg_.CleanGrow(2*sum.reg_.size());
-        sum.reg_[sum.reg_.size()/2] = 1;
-    }
-    sum.sign_ = Integer::POSITIVE;
-}
-
-void PositiveSubtract(Integer &diff, const Integer &a, const Integer& b)
-{
-    unsigned aSize = a.WordCount();
-    aSize += aSize%2;
-    unsigned bSize = b.WordCount();
-    bSize += bSize%2;
-
-    if (aSize == bSize)
-    {
-        if (Compare(a.reg_.get_buffer(), b.reg_.get_buffer(), aSize) >= 0)
-        {
-            Subtract(diff.reg_.get_buffer(), a.reg_.get_buffer(),
-                     b.reg_.get_buffer(), aSize);
-            diff.sign_ = Integer::POSITIVE;
-        }
-        else
-        {
-            Subtract(diff.reg_.get_buffer(), b.reg_.get_buffer(),
-                     a.reg_.get_buffer(), aSize);
-            diff.sign_ = Integer::NEGATIVE;
-        }
-    }
-    else if (aSize > bSize)
-    {
-        word borrow = Subtract(diff.reg_.get_buffer(), a.reg_.get_buffer(),
-                               b.reg_.get_buffer(), bSize);
-        CopyWords(diff.reg_+bSize, a.reg_+bSize, aSize-bSize);
-        borrow = Decrement(diff.reg_+bSize, aSize-bSize, borrow);
-        diff.sign_ = Integer::POSITIVE;
-    }
-    else
-    {
-        word borrow = Subtract(diff.reg_.get_buffer(), b.reg_.get_buffer(),
-                               a.reg_.get_buffer(), aSize);
-        CopyWords(diff.reg_+aSize, b.reg_+aSize, bSize-aSize);
-        borrow = Decrement(diff.reg_+aSize, bSize-aSize, borrow);
-        diff.sign_ = Integer::NEGATIVE;
-    }
-}
-
-
-unsigned int Integer::MinEncodedSize(Signedness signedness) const
-{
-    unsigned int outputLen = max(1U, ByteCount());
-    if (signedness == UNSIGNED)
-        return outputLen;
-    if (NotNegative() && (GetByte(outputLen-1) & 0x80))
-        outputLen++;
-    if (IsNegative() && *this < -Power2(outputLen*8-1))
-        outputLen++;
-    return outputLen;
-}
-
-
-int Integer::Compare(const Integer& t) const
-{
-    if (NotNegative())
-    {
-        if (t.NotNegative())
-            return PositiveCompare(t);
-        else
-            return 1;
-    }
-    else
-    {
-        if (t.NotNegative())
-            return -1;
-        else
-            return -PositiveCompare(t);
-    }
-}
-
-
-int Integer::PositiveCompare(const Integer& t) const
-{
-    unsigned size = WordCount(), tSize = t.WordCount();
-
-    if (size == tSize)
-        return TaoCrypt::Compare(reg_.get_buffer(), t.reg_.get_buffer(), size);
-    else
-        return size > tSize ? 1 : -1;
-}
-
-
-bool Integer::GetBit(unsigned int n) const
-{
-    if (n/WORD_BITS >= reg_.size())
-        return 0;
-    else
-        return bool((reg_[n/WORD_BITS] >> (n % WORD_BITS)) & 1);
-}
-
-
-unsigned long Integer::GetBits(unsigned int i, unsigned int n) const
-{
-    unsigned long v = 0;
-    for (unsigned int j=0; j= reg_.size())
-        return 0;
-    else
-        return byte(reg_[n/WORD_SIZE] >> ((n%WORD_SIZE)*8));
-}
-
-
-unsigned int Integer::BitCount() const
-{
-    unsigned wordCount = WordCount();
-    if (wordCount)
-        return (wordCount-1)*WORD_BITS + BitPrecision(reg_[wordCount-1]);
-    else
-        return 0;
-}
-
-
-unsigned int Integer::ByteCount() const
-{
-    unsigned wordCount = WordCount();
-    if (wordCount)
-        return (wordCount-1)*WORD_SIZE + BytePrecision(reg_[wordCount-1]);
-    else
-        return 0;
-}
-
-
-unsigned int Integer::WordCount() const
-{
-    return CountWords(reg_.get_buffer(), reg_.size());
-}
-
-
-bool Integer::IsConvertableToLong() const
-{
-    if (ByteCount() > sizeof(long))
-        return false;
-
-    unsigned long value = reg_[0];
-    value += SafeLeftShift(reg_[1]);
-
-    if (sign_ == POSITIVE)
-        return (signed long)value >= 0;
-    else
-        return -(signed long)value < 0;
-}
-
-
-signed long Integer::ConvertToLong() const
-{
-    unsigned long value = reg_[0];
-    value += SafeLeftShift(reg_[1]);
-    return sign_ == POSITIVE ? value : -(signed long)value;
-}
-
-
-void Integer::Swap(Integer& a)
-{
-    reg_.Swap(a.reg_);
-    STL::swap(sign_, a.sign_);
-}
-
-
-Integer Integer::Plus(const Integer& b) const
-{
-    Integer sum((word)0, max(reg_.size(), b.reg_.size()));
-    if (NotNegative())
-    {
-        if (b.NotNegative())
-            PositiveAdd(sum, *this, b);
-        else
-            PositiveSubtract(sum, *this, b);
-    }
-    else
-    {
-        if (b.NotNegative())
-            PositiveSubtract(sum, b, *this);
-        else
-        {
-            PositiveAdd(sum, *this, b);
-            sum.sign_ = Integer::NEGATIVE;
-        }
-    }
-    return sum;
-}
-
-
-Integer Integer::Minus(const Integer& b) const
-{
-    Integer diff((word)0, max(reg_.size(), b.reg_.size()));
-    if (NotNegative())
-    {
-        if (b.NotNegative())
-            PositiveSubtract(diff, *this, b);
-        else
-            PositiveAdd(diff, *this, b);
-    }
-    else
-    {
-        if (b.NotNegative())
-        {
-            PositiveAdd(diff, *this, b);
-            diff.sign_ = Integer::NEGATIVE;
-        }
-        else
-            PositiveSubtract(diff, b, *this);
-    }
-    return diff;
-}
-
-
-Integer Integer::Times(const Integer &b) const
-{
-    Integer product;
-    Multiply(product, *this, b);
-    return product;
-}
-
-
-#undef A0
-#undef A1
-#undef B0
-#undef B1
-
-#undef T0
-#undef T1
-#undef T2
-#undef T3
-
-#undef R0
-#undef R1
-#undef R2
-#undef R3
-
-
-static inline void AtomicDivide(word *Q, const word *A, const word *B)
-{
-    word T[4];
-    DWord q = DivideFourWordsByTwo(T, DWord(A[0], A[1]),
-                                         DWord(A[2], A[3]), DWord(B[0], B[1]));
-    Q[0] = q.GetLowHalf();
-    Q[1] = q.GetHighHalf();
-
-#ifndef NDEBUG
-    if (B[0] || B[1])
-    {
-        // multiply quotient and divisor and add remainder, make sure it 
-        // equals dividend
-        word P[4];
-        Portable::Multiply2(P, Q, B);
-        Add(P, P, T, 4);
-    }
-#endif
-}
-
-
-// for use by Divide(), corrects the underestimated quotient {Q1,Q0}
-static void CorrectQuotientEstimate(word *R, word *T, word *Q, const word *B,
-                                    unsigned int N)
-{
-    if (Q[1])
-    {
-        T[N] = T[N+1] = 0;
-        unsigned i;
-        for (i=0; i= 0)
-    {
-        R[N] -= Subtract(R, R, B, N);
-        Q[1] += (++Q[0]==0);
-    }
-}
-
-// R[NB] -------- remainder = A%B
-// Q[NA-NB+2] --- quotient	= A/B
-// T[NA+2*NB+4] - temp work space
-// A[NA] -------- dividend
-// B[NB] -------- divisor
-
-
-void Divide(word* R, word* Q, word* T, const word* A, unsigned int NA,
-            const word* B, unsigned int NB)
-{
-    // set up temporary work space
-    word *const TA=T;
-    word *const TB=T+NA+2;
-    word *const TP=T+NA+2+NB;
-
-    // copy B into TB and normalize it so that TB has highest bit set to 1
-    unsigned shiftWords = (B[NB-1]==0);
-    TB[0] = TB[NB-1] = 0;
-    CopyWords(TB+shiftWords, B, NB-shiftWords);
-    unsigned shiftBits = WORD_BITS - BitPrecision(TB[NB-1]);
-    ShiftWordsLeftByBits(TB, NB, shiftBits);
-
-    // copy A into TA and normalize it
-    TA[0] = TA[NA] = TA[NA+1] = 0;
-    CopyWords(TA+shiftWords, A, NA);
-    ShiftWordsLeftByBits(TA, NA+2, shiftBits);
-
-    if (TA[NA+1]==0 && TA[NA] <= 1)
-    {
-        Q[NA-NB+1] = Q[NA-NB] = 0;
-        while (TA[NA] || Compare(TA+NA-NB, TB, NB) >= 0)
-        {
-            TA[NA] -= Subtract(TA+NA-NB, TA+NA-NB, TB, NB);
-            ++Q[NA-NB];
-        }
-    }
-    else
-    {
-        NA+=2;
-    }
-
-    word BT[2];
-    BT[0] = TB[NB-2] + 1;
-    BT[1] = TB[NB-1] + (BT[0]==0);
-
-    // start reducing TA mod TB, 2 words at a time
-    for (unsigned i=NA-2; i>=NB; i-=2)
-    {
-        AtomicDivide(Q+i-NB, TA+i-2, BT);
-        CorrectQuotientEstimate(TA+i-NB, TP, Q+i-NB, TB, NB);
-    }
-
-    // copy TA into R, and denormalize it
-    CopyWords(R, TA+shiftWords, NB);
-    ShiftWordsRightByBits(R, NB, shiftBits);
-}
-
-
-void PositiveDivide(Integer& remainder, Integer& quotient,
-                   const Integer& a, const Integer& b)
-{
-    unsigned aSize = a.WordCount();
-    unsigned bSize = b.WordCount();
-
-    if (a.PositiveCompare(b) == -1)
-    {
-        remainder = a;
-        remainder.sign_ = Integer::POSITIVE;
-        quotient = Integer::Zero();
-        return;
-    }
-
-    aSize += aSize%2;	// round up to next even number
-    bSize += bSize%2;
-
-    remainder.reg_.CleanNew(RoundupSize(bSize));
-    remainder.sign_ = Integer::POSITIVE;
-    quotient.reg_.CleanNew(RoundupSize(aSize-bSize+2));
-    quotient.sign_ = Integer::POSITIVE;
-
-    AlignedWordBlock T(aSize+2*bSize+4);
-    Divide(remainder.reg_.get_buffer(), quotient.reg_.get_buffer(),
-           T.get_buffer(), a.reg_.get_buffer(), aSize, b.reg_.get_buffer(),
-           bSize);
-}
-
-void Integer::Divide(Integer &remainder, Integer "ient,
-                     const Integer ÷nd, const Integer &divisor)
-{
-    PositiveDivide(remainder, quotient, dividend, divisor);
-
-    if (dividend.IsNegative())
-    {
-        quotient.Negate();
-        if (remainder.NotZero())
-        {
-            --quotient;
-            remainder = divisor.AbsoluteValue() - remainder;
-        }
-    }
-
-    if (divisor.IsNegative())
-        quotient.Negate();
-}
-
-void Integer::DivideByPowerOf2(Integer &r, Integer &q, const Integer &a,
-                               unsigned int n)
-{
-    q = a;
-    q >>= n;
-
-    const unsigned int wordCount = BitsToWords(n);
-    if (wordCount <= a.WordCount())
-    {
-        r.reg_.resize(RoundupSize(wordCount));
-        CopyWords(r.reg_.get_buffer(), a.reg_.get_buffer(), wordCount);
-        SetWords(r.reg_+wordCount, 0, r.reg_.size()-wordCount);
-        if (n % WORD_BITS != 0)
-          r.reg_[wordCount-1] %= (word(1) << (n % WORD_BITS));
-    }
-    else
-    {
-        r.reg_.resize(RoundupSize(a.WordCount()));
-        CopyWords(r.reg_.get_buffer(), a.reg_.get_buffer(), r.reg_.size());
-    }
-    r.sign_ = POSITIVE;
-
-    if (a.IsNegative() && r.NotZero())
-    {
-        --q;
-        r = Power2(n) - r;
-    }
-}
-
-Integer Integer::DividedBy(const Integer &b) const
-{
-    Integer remainder, quotient;
-    Integer::Divide(remainder, quotient, *this, b);
-    return quotient;
-}
-
-Integer Integer::Modulo(const Integer &b) const
-{
-    Integer remainder, quotient;
-    Integer::Divide(remainder, quotient, *this, b);
-    return remainder;
-}
-
-void Integer::Divide(word &remainder, Integer "ient,
-                     const Integer ÷nd, word divisor)
-{
-    if ((divisor & (divisor-1)) == 0)	// divisor is a power of 2
-    {
-        quotient = dividend >> (BitPrecision(divisor)-1);
-        remainder = dividend.reg_[0] & (divisor-1);
-        return;
-    }
-
-    unsigned int i = dividend.WordCount();
-    quotient.reg_.CleanNew(RoundupSize(i));
-    remainder = 0;
-    while (i--)
-    {
-        quotient.reg_[i] = DWord(dividend.reg_[i], remainder) / divisor;
-        remainder = DWord(dividend.reg_[i], remainder) % divisor;
-    }
-
-    if (dividend.NotNegative())
-        quotient.sign_ = POSITIVE;
-    else
-    {
-        quotient.sign_ = NEGATIVE;
-        if (remainder)
-        {
-            --quotient;
-            remainder = divisor - remainder;
-        }
-    }
-}
-
-Integer Integer::DividedBy(word b) const
-{
-    word remainder;
-    Integer quotient;
-    Integer::Divide(remainder, quotient, *this, b);
-    return quotient;
-}
-
-word Integer::Modulo(word divisor) const
-{
-    word remainder;
-
-    if ((divisor & (divisor-1)) == 0)	// divisor is a power of 2
-        remainder = reg_[0] & (divisor-1);
-    else
-    {
-        unsigned int i = WordCount();
-
-        if (divisor <= 5)
-        {
-            DWord sum(0, 0);
-            while (i--)
-                sum += reg_[i];
-            remainder = sum % divisor;
-        }
-        else
-        {
-            remainder = 0;
-            while (i--)
-                remainder = DWord(reg_[i], remainder) % divisor;
-        }
-    }
-
-    if (IsNegative() && remainder)
-        remainder = divisor - remainder;
-
-    return remainder;
-}
-
-
-Integer Integer::AbsoluteValue() const
-{
-    Integer result(*this);
-    result.sign_ = POSITIVE;
-    return result;
-}
-
-
-Integer Integer::SquareRoot() const
-{
-    if (!IsPositive())
-        return Zero();
-
-    // overestimate square root
-    Integer x, y = Power2((BitCount()+1)/2);
-
-    do
-    {
-        x = y;
-        y = (x + *this/x) >> 1;
-    } while (y=m)
-        return (*this%m).InverseMod(m);
-
-    if (m.IsEven())
-    {
-        if (!m || IsEven())
-            return Zero();	// no inverse
-        if (*this == One())
-            return One();
-
-        Integer u = m.InverseMod(*this);
-        return !u ? Zero() : (m*(*this-u)+1)/(*this);
-    }
-
-    AlignedWordBlock T(m.reg_.size() * 4);
-    Integer r((word)0, m.reg_.size());
-    unsigned k = AlmostInverse(r.reg_.get_buffer(), T.get_buffer(),
-                               reg_.get_buffer(), reg_.size(),
-                               m.reg_.get_buffer(), m.reg_.size());
-    DivideByPower2Mod(r.reg_.get_buffer(), r.reg_.get_buffer(), k,
-                      m.reg_.get_buffer(), m.reg_.size());
-    return r;
-}
-
-word Integer::InverseMod(const word mod) const
-{
-    word g0 = mod, g1 = *this % mod;
-    word v0 = 0, v1 = 1;
-    word y;
-
-    while (g1)
-    {
-        if (g1 == 1)
-            return v1;
-        y = g0 / g1;
-        g0 = g0 % g1;
-        v0 += y * v1;
-
-        if (!g0)
-            break;
-        if (g0 == 1)
-            return mod-v0;
-        y = g1 / g0;
-        g1 = g1 % g0;
-        v1 += y * v0;
-    }
-    return 0;
-}
-
-// ********* ModArith stuff
-
-const Integer& ModularArithmetic::Half(const Integer &a) const
-{
-    if (a.reg_.size()==modulus.reg_.size())
-    {
-        TaoCrypt::DivideByPower2Mod(result.reg_.begin(), a.reg_.begin(), 1,
-                                    modulus.reg_.begin(), a.reg_.size());
-        return result;
-    }
-    else
-        return result1 = (a.IsEven() ? (a >> 1) : ((a+modulus) >> 1));
-}
-
-const Integer& ModularArithmetic::Add(const Integer &a, const Integer &b) const
-{
-    if (a.reg_.size()==modulus.reg_.size() && 
-        b.reg_.size()==modulus.reg_.size())
-    {
-        if (TaoCrypt::Add(result.reg_.begin(), a.reg_.begin(), b.reg_.begin(),
-                          a.reg_.size())
-            || Compare(result.reg_.get_buffer(), modulus.reg_.get_buffer(),
-                       a.reg_.size()) >= 0)
-        {
-            TaoCrypt::Subtract(result.reg_.begin(), result.reg_.begin(),
-                               modulus.reg_.begin(), a.reg_.size());
-        }
-        return result;
-    }
-    else
-    {
-        result1 = a+b;
-        if (result1 >= modulus)
-            result1 -= modulus;
-        return result1;
-    }
-}
-
-Integer& ModularArithmetic::Accumulate(Integer &a, const Integer &b) const
-{
-    if (a.reg_.size()==modulus.reg_.size() && 
-        b.reg_.size()==modulus.reg_.size())
-    {
-        if (TaoCrypt::Add(a.reg_.get_buffer(), a.reg_.get_buffer(),
-                          b.reg_.get_buffer(), a.reg_.size())
-            || Compare(a.reg_.get_buffer(), modulus.reg_.get_buffer(),
-                       a.reg_.size()) >= 0)
-        {
-            TaoCrypt::Subtract(a.reg_.get_buffer(), a.reg_.get_buffer(),
-                               modulus.reg_.get_buffer(), a.reg_.size());
-        }
-    }
-    else
-    {
-        a+=b;
-        if (a>=modulus)
-            a-=modulus;
-    }
-
-    return a;
-}
-
-const Integer& ModularArithmetic::Subtract(const Integer &a,
-                                           const Integer &b) const
-{
-    if (a.reg_.size()==modulus.reg_.size() && 
-        b.reg_.size()==modulus.reg_.size())
-    {
-        if (TaoCrypt::Subtract(result.reg_.begin(), a.reg_.begin(),
-                               b.reg_.begin(), a.reg_.size()))
-            TaoCrypt::Add(result.reg_.begin(), result.reg_.begin(),
-                          modulus.reg_.begin(), a.reg_.size());
-        return result;
-    }
-    else
-    {
-        result1 = a-b;
-        if (result1.IsNegative())
-            result1 += modulus;
-        return result1;
-    }
-}
-
-Integer& ModularArithmetic::Reduce(Integer &a, const Integer &b) const
-{
-    if (a.reg_.size()==modulus.reg_.size() && 
-        b.reg_.size()==modulus.reg_.size())
-    {
-        if (TaoCrypt::Subtract(a.reg_.get_buffer(), a.reg_.get_buffer(),
-                               b.reg_.get_buffer(), a.reg_.size()))
-            TaoCrypt::Add(a.reg_.get_buffer(), a.reg_.get_buffer(),
-                          modulus.reg_.get_buffer(), a.reg_.size());
-    }
-    else
-    {
-        a-=b;
-        if (a.IsNegative())
-            a+=modulus;
-    }
-
-    return a;
-}
-
-const Integer& ModularArithmetic::Inverse(const Integer &a) const
-{
-    if (!a)
-        return a;
-
-    CopyWords(result.reg_.begin(), modulus.reg_.begin(), modulus.reg_.size());
-    if (TaoCrypt::Subtract(result.reg_.begin(), result.reg_.begin(),
-                           a.reg_.begin(), a.reg_.size()))
-        Decrement(result.reg_.begin()+a.reg_.size(), 1,
-                  modulus.reg_.size()-a.reg_.size());
-
-    return result;
-}
-
-Integer ModularArithmetic::CascadeExponentiate(const Integer &x,
-                  const Integer &e1, const Integer &y, const Integer &e2) const
-{
-    if (modulus.IsOdd())
-    {
-        MontgomeryRepresentation dr(modulus);
-        return dr.ConvertOut(dr.CascadeExponentiate(dr.ConvertIn(x), e1,
-                                                    dr.ConvertIn(y), e2));
-    }
-    else
-        return AbstractRing::CascadeExponentiate(x, e1, y, e2);
-}
-
-void ModularArithmetic::SimultaneousExponentiate(Integer *results,
-        const Integer &base, const Integer *exponents,
-        unsigned int exponentsCount) const
-{
-    if (modulus.IsOdd())
-    {
-        MontgomeryRepresentation dr(modulus);
-        dr.SimultaneousExponentiate(results, dr.ConvertIn(base), exponents,
-                                    exponentsCount);
-        for (unsigned int i=0; i
-
-namespace TaoCrypt {
-
-
-MD2::MD2()
-    : X_(X_SIZE), C_(BLOCK_SIZE), buffer_(BLOCK_SIZE)
-{
-    Init();
-}
-
-void MD2::Init()
-{
-    memset(X_.get_buffer(), 0, X_SIZE);
-    memset(C_.get_buffer(), 0, BLOCK_SIZE);
-    memset(buffer_.get_buffer(), 0, BLOCK_SIZE);
-    count_ = 0;
-}
-
-
-void MD2::Update(const byte* data, word32 len)
-{
-
-    static const byte S[256] = 
-    {
-        41, 46, 67, 201, 162, 216, 124, 1, 61, 54, 84, 161, 236, 240, 6,
-        19, 98, 167, 5, 243, 192, 199, 115, 140, 152, 147, 43, 217, 188,
-        76, 130, 202, 30, 155, 87, 60, 253, 212, 224, 22, 103, 66, 111, 24,
-        138, 23, 229, 18, 190, 78, 196, 214, 218, 158, 222, 73, 160, 251,
-        245, 142, 187, 47, 238, 122, 169, 104, 121, 145, 21, 178, 7, 63,
-        148, 194, 16, 137, 11, 34, 95, 33, 128, 127, 93, 154, 90, 144, 50,
-        39, 53, 62, 204, 231, 191, 247, 151, 3, 255, 25, 48, 179, 72, 165,
-        181, 209, 215, 94, 146, 42, 172, 86, 170, 198, 79, 184, 56, 210,
-        150, 164, 125, 182, 118, 252, 107, 226, 156, 116, 4, 241, 69, 157,
-        112, 89, 100, 113, 135, 32, 134, 91, 207, 101, 230, 45, 168, 2, 27,
-        96, 37, 173, 174, 176, 185, 246, 28, 70, 97, 105, 52, 64, 126, 15,
-        85, 71, 163, 35, 221, 81, 175, 58, 195, 92, 249, 206, 186, 197,
-        234, 38, 44, 83, 13, 110, 133, 40, 132, 9, 211, 223, 205, 244, 65,
-        129, 77, 82, 106, 220, 55, 200, 108, 193, 171, 250, 36, 225, 123,
-        8, 12, 189, 177, 74, 120, 136, 149, 139, 227, 99, 232, 109, 233,
-        203, 213, 254, 59, 0, 29, 57, 242, 239, 183, 14, 102, 88, 208, 228,
-        166, 119, 114, 248, 235, 117, 75, 10, 49, 68, 80, 180, 143, 237,
-        31, 26, 219, 153, 141, 51, 159, 17, 131, 20
-    };
-
-    while (len) {
-        word32 L = (PAD_SIZE - count_) < len ? (PAD_SIZE - count_) : len;
-        memcpy(buffer_.get_buffer() + count_, data, L);
-        count_ += L;
-        data += L;
-        len  -= L;
-
-        if (count_==PAD_SIZE) {
-            count_ = 0;
-            memcpy(X_.get_buffer() + PAD_SIZE, buffer_.get_buffer(), PAD_SIZE);
-            byte t = C_[15];
-
-            int i;
-            for(i = 0; i < PAD_SIZE; i++) {
-                X_[32 + i] = X_[PAD_SIZE + i] ^ X_[i];
-                t = C_[i] ^= S[buffer_[i] ^ t];
-            }
-
-            t=0;
-            for(i = 0; i < 18; i++) {
-                for(int j = 0; j < X_SIZE; j += 8) {
-                    t = X_[j+0] ^= S[t];
-                    t = X_[j+1] ^= S[t];
-                    t = X_[j+2] ^= S[t];
-                    t = X_[j+3] ^= S[t];
-                    t = X_[j+4] ^= S[t];
-                    t = X_[j+5] ^= S[t];
-                    t = X_[j+6] ^= S[t];
-                    t = X_[j+7] ^= S[t];
-                }
-                t = (t + i) & 0xFF;
-            }
-        }
-    }
-}
-
-
-void MD2::Final(byte *hash)
-{
-    byte   padding[BLOCK_SIZE];
-    word32 padLen = PAD_SIZE - count_;
-
-    for (word32 i = 0; i < padLen; i++)
-        padding[i] = static_cast(padLen);
-
-    Update(padding, padLen);
-    Update(C_.get_buffer(), BLOCK_SIZE);
-
-    memcpy(hash, X_.get_buffer(), DIGEST_SIZE);
-
-    Init();
-}
-
-
-
-
-} // namespace
diff --git a/extra/yassl/taocrypt/src/md4.cpp b/extra/yassl/taocrypt/src/md4.cpp
deleted file mode 100644
index 02613fcf1e3..00000000000
--- a/extra/yassl/taocrypt/src/md4.cpp
+++ /dev/null
@@ -1,157 +0,0 @@
-/*
-   Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-
-/* based on Wei Dai's md4.cpp from CryptoPP */
-
-#include "runtime.hpp"
-#include "md4.hpp"
-#ifdef USE_SYS_STL
-    #include 
-#else
-    #include "algorithm.hpp"
-#endif
-
-
-namespace STL = STL_NAMESPACE;
-   
-
-namespace TaoCrypt {
-
-void MD4::Init()
-{
-    digest_[0] = 0x67452301L;
-    digest_[1] = 0xefcdab89L;
-    digest_[2] = 0x98badcfeL;
-    digest_[3] = 0x10325476L;
-
-    buffLen_ = 0;
-    loLen_  = 0;
-    hiLen_  = 0;
-}
-
-
-MD4::MD4(const MD4& that) : HASHwithTransform(DIGEST_SIZE / sizeof(word32),
-                                              BLOCK_SIZE) 
-{ 
-    buffLen_ = that.buffLen_;
-    loLen_  =  that.loLen_;
-    hiLen_  =  that.hiLen_;
-
-    memcpy(digest_, that.digest_, DIGEST_SIZE);
-    memcpy(buffer_, that.buffer_, BLOCK_SIZE);
-}
-
-MD4& MD4::operator= (const MD4& that)
-{
-    MD4 tmp(that);
-    Swap(tmp);
-
-    return *this;
-}
-
-
-void MD4::Swap(MD4& other)
-{
-    STL::swap(loLen_,   other.loLen_);
-    STL::swap(hiLen_,   other.hiLen_);
-    STL::swap(buffLen_, other.buffLen_);
-
-    memcpy(digest_, other.digest_, DIGEST_SIZE);
-    memcpy(buffer_, other.buffer_, BLOCK_SIZE);
-}
-
-
-void MD4::Transform()
-{
-#define F(x, y, z) ((z) ^ ((x) & ((y) ^ (z))))
-#define G(x, y, z) (((x) & (y)) | ((x) & (z)) | ((y) & (z)))
-#define H(x, y, z) ((x) ^ (y) ^ (z))
-
-    word32 A, B, C, D;
-
-    A = digest_[0];
-    B = digest_[1];
-    C = digest_[2];
-    D = digest_[3];
-
-#define function(a,b,c,d,k,s) a=rotlFixed(a+F(b,c,d)+buffer_[k],s);
-    function(A,B,C,D, 0, 3);
-    function(D,A,B,C, 1, 7);
-    function(C,D,A,B, 2,11);
-    function(B,C,D,A, 3,19);
-    function(A,B,C,D, 4, 3);
-    function(D,A,B,C, 5, 7);
-    function(C,D,A,B, 6,11);
-    function(B,C,D,A, 7,19);
-    function(A,B,C,D, 8, 3);
-    function(D,A,B,C, 9, 7);
-    function(C,D,A,B,10,11);
-    function(B,C,D,A,11,19);
-    function(A,B,C,D,12, 3);
-    function(D,A,B,C,13, 7);
-    function(C,D,A,B,14,11);
-    function(B,C,D,A,15,19);
-
-#undef function	  
-#define function(a,b,c,d,k,s) a=rotlFixed(a+G(b,c,d)+buffer_[k]+0x5a827999,s);
-    function(A,B,C,D, 0, 3);
-    function(D,A,B,C, 4, 5);
-    function(C,D,A,B, 8, 9);
-    function(B,C,D,A,12,13);
-    function(A,B,C,D, 1, 3);
-    function(D,A,B,C, 5, 5);
-    function(C,D,A,B, 9, 9);
-    function(B,C,D,A,13,13);
-    function(A,B,C,D, 2, 3);
-    function(D,A,B,C, 6, 5);
-    function(C,D,A,B,10, 9);
-    function(B,C,D,A,14,13);
-    function(A,B,C,D, 3, 3);
-    function(D,A,B,C, 7, 5);
-    function(C,D,A,B,11, 9);
-    function(B,C,D,A,15,13);
-
-#undef function	 
-#define function(a,b,c,d,k,s) a=rotlFixed(a+H(b,c,d)+buffer_[k]+0x6ed9eba1,s);
-    function(A,B,C,D, 0, 3);
-    function(D,A,B,C, 8, 9);
-    function(C,D,A,B, 4,11);
-    function(B,C,D,A,12,15);
-    function(A,B,C,D, 2, 3);
-    function(D,A,B,C,10, 9);
-    function(C,D,A,B, 6,11);
-    function(B,C,D,A,14,15);
-    function(A,B,C,D, 1, 3);
-    function(D,A,B,C, 9, 9);
-    function(C,D,A,B, 5,11);
-    function(B,C,D,A,13,15);
-    function(A,B,C,D, 3, 3);
-    function(D,A,B,C,11, 9);
-    function(C,D,A,B, 7,11);
-    function(B,C,D,A,15,15);
-
-    digest_[0] += A;
-    digest_[1] += B;
-    digest_[2] += C;
-    digest_[3] += D;
-}
-
-
-} // namespace
-
diff --git a/extra/yassl/taocrypt/src/md5.cpp b/extra/yassl/taocrypt/src/md5.cpp
deleted file mode 100644
index b68be738e83..00000000000
--- a/extra/yassl/taocrypt/src/md5.cpp
+++ /dev/null
@@ -1,506 +0,0 @@
-/*
-   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-
-/* based on Wei Dai's md5.cpp from CryptoPP */
-
-#include "runtime.hpp"
-#include "md5.hpp"
-#ifdef USE_SYS_STL
-    #include 
-#else
-    #include "algorithm.hpp"
-#endif
-
-
-namespace STL = STL_NAMESPACE;
-
-
-
-namespace TaoCrypt {
-
-void MD5::Init()
-{
-    digest_[0] = 0x67452301L;
-    digest_[1] = 0xefcdab89L;
-    digest_[2] = 0x98badcfeL;
-    digest_[3] = 0x10325476L;
-
-    buffLen_ = 0;
-    loLen_  = 0;
-    hiLen_  = 0;
-}
-
-
-MD5::MD5(const MD5& that) : HASHwithTransform(DIGEST_SIZE / sizeof(word32),
-                                              BLOCK_SIZE) 
-{ 
-    buffLen_ = that.buffLen_;
-    loLen_  =  that.loLen_;
-    hiLen_  =  that.hiLen_;
-
-    memcpy(digest_, that.digest_, DIGEST_SIZE);
-    memcpy(buffer_, that.buffer_, BLOCK_SIZE);
-}
-
-MD5& MD5::operator= (const MD5& that)
-{
-    MD5 tmp(that);
-    Swap(tmp);
-
-    return *this;
-}
-
-
-void MD5::Swap(MD5& other)
-{
-    STL::swap(loLen_,   other.loLen_);
-    STL::swap(hiLen_,   other.hiLen_);
-    STL::swap(buffLen_, other.buffLen_);
-
-    memcpy(digest_, other.digest_, DIGEST_SIZE);
-    memcpy(buffer_, other.buffer_, BLOCK_SIZE);
-}
-
-
-#ifdef DO_MD5_ASM
-
-// Update digest with data of size len
-void MD5::Update(const byte* data, word32 len)
-{
-    if (!isMMX) {
-        HASHwithTransform::Update(data, len);
-        return;
-    }
-
-    byte* local = reinterpret_cast(buffer_);
-
-    // remove buffered data if possible
-    if (buffLen_)  {   
-        word32 add = min(len, BLOCK_SIZE - buffLen_);
-        memcpy(&local[buffLen_], data, add);
-
-        buffLen_ += add;
-        data     += add;
-        len      -= add;
-
-        if (buffLen_ == BLOCK_SIZE) {
-            Transform();
-            AddLength(BLOCK_SIZE);
-            buffLen_ = 0;
-        }
-    }
-
-    // at once for asm
-    if (buffLen_ == 0) {
-        word32 times = len / BLOCK_SIZE;
-        if (times) {
-            AsmTransform(data, times);
-            const word32 add = BLOCK_SIZE * times;
-            AddLength(add);
-            len  -= add;
-            data += add;
-        }
-    }
-
-    // cache any data left
-    if (len) {
-        memcpy(&local[buffLen_], data, len);
-        buffLen_ += len;
-    }
-}
-
-
-
-
-/*
-    // w = rotlFixed(w + f(x, y, z) + index[edi] + data, s) + x
-#define ASMMD5STEP(f, w, x, y, z, index, data, s)       \
-    f(x, y, z)                                          \
-    AS2(    mov   ebp, [edi + index * 4]            )   \
-    AS2(    lea     w, [esi + w + data]             )   \
-    AS2(    add     w, ebp                          )   \
-    AS2(    rol     w, s                            )   \
-    AS2(    add     w, x                            )
-
-
-    // F1(x, y, z) (z ^ (x & (y ^ z)))
-    // place in esi
-#define ASMF1(x, y, z) \
-    AS2(    mov   esi, y                )   \
-    AS2(    xor   esi, z                )   \
-    AS2(    and   esi, x                )   \
-    AS2(    xor   esi, z                )
-
-
-#define ASMF2(x, y, z) ASMF1(z, x, y)
-
-
-    // F3(x ^ y ^ z)
-    // place in esi
-#define ASMF3(x, y, z)  \
-    AS2(    mov   esi, x                )   \
-    AS2(    xor   esi, y                )   \
-    AS2(    xor   esi, z                )
-
-
-
-    // F4(x, y, z) (y ^ (x | ~z))
-    // place in esi
-#define ASMF4(x, y, z)  \
-    AS2(    mov   esi, z                )   \
-    AS1(    not   esi                   )   \
-    AS2(     or   esi, x                )   \
-    AS2(    xor   esi, y                )
-*/
-
-
-    // combine above ASMMD5STEP(f w/ each f ASMF1 - F4
-
-    // esi already set up, after using set for next round
-    // ebp already set up, set up using next round index
-    
-#define MD5STEP1(w, x, y, z, index, data, s)    \
-    AS2(    xor   esi, z                    )   \
-    AS2(    and   esi, x                    )   \
-    AS2(    lea     w, [ebp + w + data]     )   \
-    AS2(    xor   esi, z                    )   \
-    AS2(    add     w, esi                  )   \
-    AS2(    mov   esi, x                    )   \
-    AS2(    rol     w, s                    )   \
-    AS2(    mov   ebp, [edi + index * 4]    )   \
-    AS2(    add     w, x                    )
-
-#define MD5STEP2(w, x, y, z, index, data, s)    \
-    AS2(    xor   esi, x                    )   \
-    AS2(    and   esi, z                    )   \
-    AS2(    lea     w, [ebp + w + data]     )   \
-    AS2(    xor   esi, y                    )   \
-    AS2(    add     w, esi                  )   \
-    AS2(    mov   esi, x                    )   \
-    AS2(    rol     w, s                    )   \
-    AS2(    mov   ebp, [edi + index * 4]    )   \
-    AS2(    add     w, x                    )
-
-
-#define MD5STEP3(w, x, y, z, index, data, s)    \
-    AS2(    xor   esi, z                    )   \
-    AS2(    lea     w, [ebp + w + data]     )   \
-    AS2(    xor   esi, x                    )   \
-    AS2(    add     w, esi                  )   \
-    AS2(    mov   esi, x                    )   \
-    AS2(    rol     w, s                    )   \
-    AS2(    mov   ebp, [edi + index * 4]    )   \
-    AS2(    add     w, x                    )
-
-
-#define MD5STEP4(w, x, y, z, index, data, s)    \
-    AS2(     or   esi, x                    )   \
-    AS2(    lea     w, [ebp + w + data]     )   \
-    AS2(    xor   esi, y                    )   \
-    AS2(    add     w, esi                  )   \
-    AS2(    mov   esi, y                    )   \
-    AS2(    rol     w, s                    )   \
-    AS1(    not   esi                       )   \
-    AS2(    mov   ebp, [edi + index * 4]    )   \
-    AS2(    add     w, x                    )
-
-
-
-#ifdef _MSC_VER
-    __declspec(naked) 
-#else
-    __attribute__ ((noinline))
-#endif
-void MD5::AsmTransform(const byte* data, word32 times)
-{
-#ifdef __GNUC__
-    #define AS1(x)    #x ";"
-    #define AS2(x, y) #x ", " #y ";"
-
-    #define PROLOG()  \
-    __asm__ __volatile__ \
-    ( \
-        ".intel_syntax noprefix;" \
-        "push ebx;" \
-        "push ebp;"
-    #define EPILOG()  \
-        "pop ebp;" \
-        "pop ebx;" \
-       	"emms;" \
-       	".att_syntax;" \
-            : \
-            : "c" (this), "D" (data), "a" (times) \
-            : "%esi", "%edx", "memory", "cc" \
-    );
-
-#else
-    #define AS1(x)    __asm x
-    #define AS2(x, y) __asm x, y
-
-    #define PROLOG() \
-        AS1(    push  ebp                       )   \
-        AS2(    mov   ebp, esp                  )   \
-        AS2(    movd  mm3, edi                  )   \
-        AS2(    movd  mm4, ebx                  )   \
-        AS2(    movd  mm5, esi                  )   \
-        AS2(    movd  mm6, ebp                  )   \
-        AS2(    mov   edi, DWORD PTR [ebp +  8] )   \
-        AS2(    mov   eax, DWORD PTR [ebp + 12] )
-
-    #define EPILOG() \
-        AS2(    movd  ebp, mm6                  )   \
-        AS2(    movd  esi, mm5                  )   \
-        AS2(    movd  ebx, mm4                  )   \
-        AS2(    movd  edi, mm3                  )   \
-        AS2(    mov   esp, ebp                  )   \
-        AS1(    pop   ebp                       )   \
-        AS1(    emms                            )   \
-        AS1(    ret  8                          )
-        
-#endif
-
-
-    PROLOG()
-
-    AS2(    mov   esi, ecx              )
-
-    #ifdef OLD_GCC_OFFSET
-        AS2(    add   esi, 20               )   // digest_[0]
-    #else
-        AS2(    add   esi, 16               )   // digest_[0]
-    #endif
-
-    AS2(    movd  mm2, eax              )   // store times_
-    AS2(    movd  mm1, esi              )   // store digest_
-    
-    AS2(    mov   eax, [esi]            )   // a
-    AS2(    mov   ebx, [esi +  4]       )   // b
-    AS2(    mov   ecx, [esi +  8]       )   // c
-    AS2(    mov   edx, [esi + 12]       )   // d
-  
-#ifdef _MSC_VER
-    AS1( loopStart: )  // loopStart
-#else
-    AS1( 0: )          // loopStart for some gas (need numeric for jump back 
-#endif
-
-    // set up
-    AS2(    mov   esi, ecx      )
-    AS2(    mov   ebp, [edi]    )
-
-    MD5STEP1( eax, ebx, ecx, edx, 1,   0xd76aa478,  7)
-    MD5STEP1( edx, eax, ebx, ecx, 2,   0xe8c7b756, 12)
-    MD5STEP1( ecx, edx, eax, ebx, 3,   0x242070db, 17)
-    MD5STEP1( ebx, ecx, edx, eax, 4,   0xc1bdceee, 22)
-    MD5STEP1( eax, ebx, ecx, edx, 5,   0xf57c0faf,  7)
-    MD5STEP1( edx, eax, ebx, ecx, 6,   0x4787c62a, 12)
-    MD5STEP1( ecx, edx, eax, ebx, 7,   0xa8304613, 17)
-    MD5STEP1( ebx, ecx, edx, eax, 8,   0xfd469501, 22)
-    MD5STEP1( eax, ebx, ecx, edx, 9,   0x698098d8,  7)
-    MD5STEP1( edx, eax, ebx, ecx, 10,  0x8b44f7af, 12)
-    MD5STEP1( ecx, edx, eax, ebx, 11,  0xffff5bb1, 17)
-    MD5STEP1( ebx, ecx, edx, eax, 12,  0x895cd7be, 22)
-    MD5STEP1( eax, ebx, ecx, edx, 13,  0x6b901122,  7)
-    MD5STEP1( edx, eax, ebx, ecx, 14,  0xfd987193, 12)
-    MD5STEP1( ecx, edx, eax, ebx, 15,  0xa679438e, 17)
-    MD5STEP1( ebx, ecx, edx, eax, 1,   0x49b40821, 22)
-
-    MD5STEP2( eax, ebx, ecx, edx, 6,  0xf61e2562,  5)
-    MD5STEP2( edx, eax, ebx, ecx, 11, 0xc040b340,  9)
-    MD5STEP2( ecx, edx, eax, ebx, 0,  0x265e5a51, 14)
-    MD5STEP2( ebx, ecx, edx, eax, 5,  0xe9b6c7aa, 20)
-    MD5STEP2( eax, ebx, ecx, edx, 10, 0xd62f105d,  5)
-    MD5STEP2( edx, eax, ebx, ecx, 15, 0x02441453,  9)
-    MD5STEP2( ecx, edx, eax, ebx, 4,  0xd8a1e681, 14)
-    MD5STEP2( ebx, ecx, edx, eax, 9,  0xe7d3fbc8, 20)
-    MD5STEP2( eax, ebx, ecx, edx, 14, 0x21e1cde6,  5)
-    MD5STEP2( edx, eax, ebx, ecx, 3,  0xc33707d6,  9)
-    MD5STEP2( ecx, edx, eax, ebx, 8,  0xf4d50d87, 14)
-    MD5STEP2( ebx, ecx, edx, eax, 13, 0x455a14ed, 20)
-    MD5STEP2( eax, ebx, ecx, edx, 2,  0xa9e3e905,  5)
-    MD5STEP2( edx, eax, ebx, ecx, 7,  0xfcefa3f8,  9)
-    MD5STEP2( ecx, edx, eax, ebx, 12, 0x676f02d9, 14)
-    MD5STEP2( ebx, ecx, edx, eax, 5,  0x8d2a4c8a, 20)
-
-    MD5STEP3(  eax, ebx, ecx, edx, 8,   0xfffa3942,  4)
-    MD5STEP3(  edx, eax, ebx, ecx, 11,  0x8771f681, 11)
-    MD5STEP3(  ecx, edx, eax, ebx, 14,  0x6d9d6122, 16)
-    MD5STEP3(  ebx, ecx, edx, eax, 1,   0xfde5380c, 23)
-    MD5STEP3(  eax, ebx, ecx, edx, 4,   0xa4beea44,  4)
-    MD5STEP3(  edx, eax, ebx, ecx, 7,   0x4bdecfa9, 11)
-    MD5STEP3(  ecx, edx, eax, ebx, 10,  0xf6bb4b60, 16)
-    MD5STEP3(  ebx, ecx, edx, eax, 13,  0xbebfbc70, 23)
-    MD5STEP3(  eax, ebx, ecx, edx, 0,   0x289b7ec6,  4)
-    MD5STEP3(  edx, eax, ebx, ecx, 3,   0xeaa127fa, 11)
-    MD5STEP3(  ecx, edx, eax, ebx, 6,   0xd4ef3085, 16)
-    MD5STEP3(  ebx, ecx, edx, eax, 9,   0x04881d05, 23)
-    MD5STEP3(  eax, ebx, ecx, edx, 12,  0xd9d4d039,  4)
-    MD5STEP3(  edx, eax, ebx, ecx, 15,  0xe6db99e5, 11)
-    MD5STEP3(  ecx, edx, eax, ebx, 2,   0x1fa27cf8, 16)
-    MD5STEP3(  ebx, ecx, edx, eax, 0,   0xc4ac5665, 23)
-
-    // setup
-    AS2(    mov   esi, edx      )
-    AS1(    not   esi           )
-
-    MD5STEP4(  eax, ebx, ecx, edx, 7,   0xf4292244,  6)
-    MD5STEP4(  edx, eax, ebx, ecx, 14,  0x432aff97, 10)
-    MD5STEP4(  ecx, edx, eax, ebx, 5,   0xab9423a7, 15)
-    MD5STEP4(  ebx, ecx, edx, eax, 12,  0xfc93a039, 21)
-    MD5STEP4(  eax, ebx, ecx, edx, 3,   0x655b59c3,  6)
-    MD5STEP4(  edx, eax, ebx, ecx, 10,  0x8f0ccc92, 10)
-    MD5STEP4(  ecx, edx, eax, ebx, 1,   0xffeff47d, 15)
-    MD5STEP4(  ebx, ecx, edx, eax, 8,   0x85845dd1, 21)
-    MD5STEP4(  eax, ebx, ecx, edx, 15,  0x6fa87e4f,  6)
-    MD5STEP4(  edx, eax, ebx, ecx, 6,   0xfe2ce6e0, 10)
-    MD5STEP4(  ecx, edx, eax, ebx, 13,  0xa3014314, 15)
-    MD5STEP4(  ebx, ecx, edx, eax, 4,   0x4e0811a1, 21)
-    MD5STEP4(  eax, ebx, ecx, edx, 11,  0xf7537e82,  6)
-    MD5STEP4(  edx, eax, ebx, ecx, 2,   0xbd3af235, 10)
-    MD5STEP4(  ecx, edx, eax, ebx, 9,   0x2ad7d2bb, 15)
-    MD5STEP4(  ebx, ecx, edx, eax, 9,   0xeb86d391, 21)
-    
-    AS2(    movd  esi, mm1              )   // digest_
-
-    AS2(    add   [esi],      eax       )   // write out
-    AS2(    add   [esi +  4], ebx       )
-    AS2(    add   [esi +  8], ecx       )
-    AS2(    add   [esi + 12], edx       )
-
-    AS2(    add   edi, 64               )
-
-    AS2(    mov   eax, [esi]            )
-    AS2(    mov   ebx, [esi +  4]       )
-    AS2(    mov   ecx, [esi +  8]       )
-    AS2(    mov   edx, [esi + 12]       )
-
-    AS2(    movd  ebp, mm2              )   // times
-    AS1(    dec   ebp                   )
-    AS2(    movd  mm2, ebp              )
-#ifdef _MSC_VER
-    AS1(    jnz   loopStart )  // loopStart
-#else
-    AS1(    jnz   0b )         // loopStart
-#endif
-
-
-    EPILOG()
-}
-
-
-#endif // DO_MD5_ASM
-
-
-void MD5::Transform()
-{
-#define F1(x, y, z) (z ^ (x & (y ^ z)))
-#define F2(x, y, z) F1(z, x, y)
-#define F3(x, y, z) (x ^ y ^ z)
-#define F4(x, y, z) (y ^ (x | ~z))
-
-#define MD5STEP(f, w, x, y, z, data, s) \
-    w = rotlFixed(w + f(x, y, z) + data, s) + x
-
-    // Copy context->state[] to working vars 
-    word32 a = digest_[0];
-    word32 b = digest_[1];
-    word32 c = digest_[2];
-    word32 d = digest_[3];
-
-    MD5STEP(F1, a, b, c, d, buffer_[0]  + 0xd76aa478,  7);
-    MD5STEP(F1, d, a, b, c, buffer_[1]  + 0xe8c7b756, 12);
-    MD5STEP(F1, c, d, a, b, buffer_[2]  + 0x242070db, 17);
-    MD5STEP(F1, b, c, d, a, buffer_[3]  + 0xc1bdceee, 22);
-    MD5STEP(F1, a, b, c, d, buffer_[4]  + 0xf57c0faf,  7);
-    MD5STEP(F1, d, a, b, c, buffer_[5]  + 0x4787c62a, 12);
-    MD5STEP(F1, c, d, a, b, buffer_[6]  + 0xa8304613, 17);
-    MD5STEP(F1, b, c, d, a, buffer_[7]  + 0xfd469501, 22);
-    MD5STEP(F1, a, b, c, d, buffer_[8]  + 0x698098d8,  7);
-    MD5STEP(F1, d, a, b, c, buffer_[9]  + 0x8b44f7af, 12);
-    MD5STEP(F1, c, d, a, b, buffer_[10] + 0xffff5bb1, 17);
-    MD5STEP(F1, b, c, d, a, buffer_[11] + 0x895cd7be, 22);
-    MD5STEP(F1, a, b, c, d, buffer_[12] + 0x6b901122,  7);
-    MD5STEP(F1, d, a, b, c, buffer_[13] + 0xfd987193, 12);
-    MD5STEP(F1, c, d, a, b, buffer_[14] + 0xa679438e, 17);
-    MD5STEP(F1, b, c, d, a, buffer_[15] + 0x49b40821, 22);
-
-    MD5STEP(F2, a, b, c, d, buffer_[1]  + 0xf61e2562,  5);
-    MD5STEP(F2, d, a, b, c, buffer_[6]  + 0xc040b340,  9);
-    MD5STEP(F2, c, d, a, b, buffer_[11] + 0x265e5a51, 14);
-    MD5STEP(F2, b, c, d, a, buffer_[0]  + 0xe9b6c7aa, 20);
-    MD5STEP(F2, a, b, c, d, buffer_[5]  + 0xd62f105d,  5);
-    MD5STEP(F2, d, a, b, c, buffer_[10] + 0x02441453,  9);
-    MD5STEP(F2, c, d, a, b, buffer_[15] + 0xd8a1e681, 14);
-    MD5STEP(F2, b, c, d, a, buffer_[4]  + 0xe7d3fbc8, 20);
-    MD5STEP(F2, a, b, c, d, buffer_[9]  + 0x21e1cde6,  5);
-    MD5STEP(F2, d, a, b, c, buffer_[14] + 0xc33707d6,  9);
-    MD5STEP(F2, c, d, a, b, buffer_[3]  + 0xf4d50d87, 14);
-    MD5STEP(F2, b, c, d, a, buffer_[8]  + 0x455a14ed, 20);
-    MD5STEP(F2, a, b, c, d, buffer_[13] + 0xa9e3e905,  5);
-    MD5STEP(F2, d, a, b, c, buffer_[2]  + 0xfcefa3f8,  9);
-    MD5STEP(F2, c, d, a, b, buffer_[7]  + 0x676f02d9, 14);
-    MD5STEP(F2, b, c, d, a, buffer_[12] + 0x8d2a4c8a, 20);
-
-    MD5STEP(F3, a, b, c, d, buffer_[5]  + 0xfffa3942,  4);
-    MD5STEP(F3, d, a, b, c, buffer_[8]  + 0x8771f681, 11);
-    MD5STEP(F3, c, d, a, b, buffer_[11] + 0x6d9d6122, 16);
-    MD5STEP(F3, b, c, d, a, buffer_[14] + 0xfde5380c, 23);
-    MD5STEP(F3, a, b, c, d, buffer_[1]  + 0xa4beea44,  4);
-    MD5STEP(F3, d, a, b, c, buffer_[4]  + 0x4bdecfa9, 11);
-    MD5STEP(F3, c, d, a, b, buffer_[7]  + 0xf6bb4b60, 16);
-    MD5STEP(F3, b, c, d, a, buffer_[10] + 0xbebfbc70, 23);
-    MD5STEP(F3, a, b, c, d, buffer_[13] + 0x289b7ec6,  4);
-    MD5STEP(F3, d, a, b, c, buffer_[0]  + 0xeaa127fa, 11);
-    MD5STEP(F3, c, d, a, b, buffer_[3]  + 0xd4ef3085, 16);
-    MD5STEP(F3, b, c, d, a, buffer_[6]  + 0x04881d05, 23);
-    MD5STEP(F3, a, b, c, d, buffer_[9]  + 0xd9d4d039,  4);
-    MD5STEP(F3, d, a, b, c, buffer_[12] + 0xe6db99e5, 11);
-    MD5STEP(F3, c, d, a, b, buffer_[15] + 0x1fa27cf8, 16);
-    MD5STEP(F3, b, c, d, a, buffer_[2]  + 0xc4ac5665, 23);
-
-    MD5STEP(F4, a, b, c, d, buffer_[0]  + 0xf4292244,  6);
-    MD5STEP(F4, d, a, b, c, buffer_[7]  + 0x432aff97, 10);
-    MD5STEP(F4, c, d, a, b, buffer_[14] + 0xab9423a7, 15);
-    MD5STEP(F4, b, c, d, a, buffer_[5]  + 0xfc93a039, 21);
-    MD5STEP(F4, a, b, c, d, buffer_[12] + 0x655b59c3,  6);
-    MD5STEP(F4, d, a, b, c, buffer_[3]  + 0x8f0ccc92, 10);
-    MD5STEP(F4, c, d, a, b, buffer_[10] + 0xffeff47d, 15);
-    MD5STEP(F4, b, c, d, a, buffer_[1]  + 0x85845dd1, 21);
-    MD5STEP(F4, a, b, c, d, buffer_[8]  + 0x6fa87e4f,  6);
-    MD5STEP(F4, d, a, b, c, buffer_[15] + 0xfe2ce6e0, 10);
-    MD5STEP(F4, c, d, a, b, buffer_[6]  + 0xa3014314, 15);
-    MD5STEP(F4, b, c, d, a, buffer_[13] + 0x4e0811a1, 21);
-    MD5STEP(F4, a, b, c, d, buffer_[4]  + 0xf7537e82,  6);
-    MD5STEP(F4, d, a, b, c, buffer_[11] + 0xbd3af235, 10);
-    MD5STEP(F4, c, d, a, b, buffer_[2]  + 0x2ad7d2bb, 15);
-    MD5STEP(F4, b, c, d, a, buffer_[9]  + 0xeb86d391, 21);
-    
-    // Add the working vars back into digest state[]
-    digest_[0] += a;
-    digest_[1] += b;
-    digest_[2] += c;
-    digest_[3] += d;
-
-    // Wipe variables
-    a = b = c = d = 0;
-}
-
-
-} // namespace
-
diff --git a/extra/yassl/taocrypt/src/misc.cpp b/extra/yassl/taocrypt/src/misc.cpp
deleted file mode 100644
index 41249bcf373..00000000000
--- a/extra/yassl/taocrypt/src/misc.cpp
+++ /dev/null
@@ -1,296 +0,0 @@
-/*
-   Copyright (c) 2005, 2012, Oracle and/or its affiliates
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* based on Wei Dai's misc.cpp from CryptoPP */
-
-
-#include "runtime.hpp"
-#include "misc.hpp"
-
-
-#ifdef __GNUC__
-    #include 
-    #include 
-#endif
-
-#ifdef USE_SYS_STL
-    #include 
-#else
-    #include "algorithm.hpp"
-#endif
-
-namespace STL = STL_NAMESPACE;
-
-
-#ifdef YASSL_PURE_C
-
-    void* operator new(size_t sz, TaoCrypt::new_t)
-    {
-        void* ptr = malloc(sz ? sz : 1);
-        if (!ptr) abort();
-
-        return ptr;
-    }
-
-
-    void operator delete(void* ptr, TaoCrypt::new_t)
-    {
-        if (ptr) free(ptr);
-    }
-
-
-    void* operator new[](size_t sz, TaoCrypt::new_t nt)
-    {
-        return ::operator new(sz, nt);
-    }
-
-
-    void operator delete[](void* ptr, TaoCrypt::new_t nt)
-    {
-        ::operator delete(ptr, nt);
-    }
-
-
-    /* uncomment to test
-    // make sure not using globals anywhere by forgetting to use overloaded
-    void* operator new(size_t sz);
-
-    void operator delete(void* ptr);
-
-    void* operator new[](size_t sz);
-
-    void operator delete[](void* ptr);
-    */
-
-
-    namespace TaoCrypt {
-
-        new_t tc;   // for library new
-
-    }
-
-#if defined(__ICC) || defined(__INTEL_COMPILER)
-
-extern "C" {
-
-    int __cxa_pure_virtual() {
-      return 0;
-    }
-
-}  // extern "C"
-
-#endif
-
-#endif // YASSL_PURE_C
-
-
-namespace TaoCrypt {
-
-
-inline void XorWords(word* r, const word* a, unsigned int n)
-{
-    for (unsigned int i=0; i> (i-1)*8)
-            break;
-
-    return i;
-}
-
-
-unsigned int BitPrecision(word value)
-{
-    if (!value)
-        return 0;
-
-    unsigned int l = 0,
-                 h = 8 * sizeof(value);
-
-    while (h-l > 1)
-    {
-        unsigned int t = (l+h)/2;
-        if (value >> t)
-            l = t;
-        else
-            h = t;
-    }
-
-    return h;
-}
-
-
-word Crop(word value, unsigned int size)
-{
-    if (size < 8*sizeof(value))
-        return (value & ((1L << size) - 1));
-    else
-        return value;
-}
-
-
-
-#ifdef TAOCRYPT_X86ASM_AVAILABLE
-
-#ifdef NOT_USED
-#ifndef _MSC_VER
-    static jmp_buf s_env;
-    static void SigIllHandler(int)
-    {
-        longjmp(s_env, 1);
-    }
-#endif
-#endif
-
-bool HaveCpuId()
-{
-#ifdef _MSC_VER
-    __try
-    {
-        __asm
-        {
-            mov eax, 0
-            cpuid
-        }            
-    }
-    __except (1)
-    {
-        return false;
-    }
-    return true;
-#else
-    word32 eax, ebx;
-    __asm__ __volatile
-    (
-        /* Put EFLAGS in eax and ebx */
-        "pushf;"
-        "pushf;"
-        "pop %0;"
-        "movl %0,%1;"
-
-        /* Flip the cpuid bit and store back in EFLAGS */
-        "xorl $0x200000,%0;"
-        "push %0;"
-        "popf;"
-
-        /* Read EFLAGS again */
-        "pushf;"
-        "pop %0;"
-        "popf"
-        : "=r" (eax), "=r" (ebx)
-        :
-        : "cc"
-    );
-
-    if (eax == ebx)
-        return false;
-    return true;
-#endif
-}
-
-
-void CpuId(word32 input, word32 *output)
-{
-#ifdef __GNUC__
-    __asm__
-    (
-        // save ebx in case -fPIC is being used
-        "push %%ebx; cpuid; mov %%ebx, %%edi; pop %%ebx"
-        : "=a" (output[0]), "=D" (output[1]), "=c" (output[2]), "=d"(output[3])
-        : "a" (input)
-    );
-#else
-    __asm
-    {
-        mov eax, input
-        cpuid
-        mov edi, output
-        mov [edi], eax
-        mov [edi+4], ebx
-        mov [edi+8], ecx
-        mov [edi+12], edx
-    }
-#endif
-}
-
-
-bool IsPentium()
-{
-    if (!HaveCpuId())
-        return false;
-
-    word32 cpuid[4];
-
-    CpuId(0, cpuid);
-    STL::swap(cpuid[2], cpuid[3]);
-    if (memcmp(cpuid+1, "GenuineIntel", 12) != 0)
-        return false;
-
-    CpuId(1, cpuid);
-    byte family = ((cpuid[0] >> 8) & 0xf);
-    if (family < 5)
-        return false;
-
-    return true;
-}
-
-
-
-static bool IsMmx()
-{
-    if (!IsPentium())
-        return false;
-
-    word32 cpuid[4];
-
-    CpuId(1, cpuid);
-    if ((cpuid[3] & (1 << 23)) == 0)
-        return false;
-
-    return true;
-}
-
-
-bool isMMX = IsMmx();
-
-
-#endif // TAOCRYPT_X86ASM_AVAILABLE
-
-
-
-
-}  // namespace
-
diff --git a/extra/yassl/taocrypt/src/rabbit.cpp b/extra/yassl/taocrypt/src/rabbit.cpp
deleted file mode 100644
index d0d4b0ef3ba..00000000000
--- a/extra/yassl/taocrypt/src/rabbit.cpp
+++ /dev/null
@@ -1,255 +0,0 @@
-/*
-   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-
-#include "runtime.hpp"
-#include "rabbit.hpp"
-
-
-
-namespace TaoCrypt {
-
-
-#define U32V(x)  (word32)(x)
-
-
-#ifdef BIG_ENDIAN_ORDER
-    #define LITTLE32(x) ByteReverse((word32)x)
-#else
-    #define LITTLE32(x) (x)
-#endif
-
-
-// local
-namespace {
-
-
-/* Square a 32-bit unsigned integer to obtain the 64-bit result and return */
-/* the upper 32 bits XOR the lower 32 bits */
-word32 RABBIT_g_func(word32 x)
-{
-    /* Temporary variables */
-    word32 a, b, h, l;
-
-    /* Construct high and low argument for squaring */
-    a = x&0xFFFF;
-    b = x>>16;
-
-    /* Calculate high and low result of squaring */
-    h = (((U32V(a*a)>>17) + U32V(a*b))>>15) + b*b;
-    l = x*x;
-
-    /* Return high XOR low */
-    return U32V(h^l);
-}
-
-
-} // namespace local
-
-
-/* Calculate the next internal state */
-void Rabbit::NextState(RabbitCtx which)
-{
-    /* Temporary variables */
-    word32 g[8], c_old[8], i;
-
-    Ctx* ctx;
-
-    if (which == Master)
-        ctx = &masterCtx_;
-    else
-        ctx = &workCtx_;
-
-    /* Save old counter values */
-    for (i=0; i<8; i++)
-        c_old[i] = ctx->c[i];
-
-    /* Calculate new counter values */
-    ctx->c[0] = U32V(ctx->c[0] + 0x4D34D34D + ctx->carry);
-    ctx->c[1] = U32V(ctx->c[1] + 0xD34D34D3 + (ctx->c[0] < c_old[0]));
-    ctx->c[2] = U32V(ctx->c[2] + 0x34D34D34 + (ctx->c[1] < c_old[1]));
-    ctx->c[3] = U32V(ctx->c[3] + 0x4D34D34D + (ctx->c[2] < c_old[2]));
-    ctx->c[4] = U32V(ctx->c[4] + 0xD34D34D3 + (ctx->c[3] < c_old[3]));
-    ctx->c[5] = U32V(ctx->c[5] + 0x34D34D34 + (ctx->c[4] < c_old[4]));
-    ctx->c[6] = U32V(ctx->c[6] + 0x4D34D34D + (ctx->c[5] < c_old[5]));
-    ctx->c[7] = U32V(ctx->c[7] + 0xD34D34D3 + (ctx->c[6] < c_old[6]));
-    ctx->carry = (ctx->c[7] < c_old[7]);
-   
-    /* Calculate the g-values */
-    for (i=0;i<8;i++)
-        g[i] = RABBIT_g_func(U32V(ctx->x[i] + ctx->c[i]));
-
-    /* Calculate new state values */
-    ctx->x[0] = U32V(g[0] + rotlFixed(g[7],16) + rotlFixed(g[6], 16));
-    ctx->x[1] = U32V(g[1] + rotlFixed(g[0], 8) + g[7]);
-    ctx->x[2] = U32V(g[2] + rotlFixed(g[1],16) + rotlFixed(g[0], 16));
-    ctx->x[3] = U32V(g[3] + rotlFixed(g[2], 8) + g[1]);
-    ctx->x[4] = U32V(g[4] + rotlFixed(g[3],16) + rotlFixed(g[2], 16));
-    ctx->x[5] = U32V(g[5] + rotlFixed(g[4], 8) + g[3]);
-    ctx->x[6] = U32V(g[6] + rotlFixed(g[5],16) + rotlFixed(g[4], 16));
-    ctx->x[7] = U32V(g[7] + rotlFixed(g[6], 8) + g[5]);
-}
-
-
-/* IV setup */
-void Rabbit::SetIV(const byte* iv)
-{
-    /* Temporary variables */
-    word32 i0, i1, i2, i3, i;
-      
-    /* Generate four subvectors */
-    i0 = LITTLE32(*(word32*)(iv+0));
-    i2 = LITTLE32(*(word32*)(iv+4));
-    i1 = (i0>>16) | (i2&0xFFFF0000);
-    i3 = (i2<<16) | (i0&0x0000FFFF);
-
-    /* Modify counter values */
-    workCtx_.c[0] = masterCtx_.c[0] ^ i0;
-    workCtx_.c[1] = masterCtx_.c[1] ^ i1;
-    workCtx_.c[2] = masterCtx_.c[2] ^ i2;
-    workCtx_.c[3] = masterCtx_.c[3] ^ i3;
-    workCtx_.c[4] = masterCtx_.c[4] ^ i0;
-    workCtx_.c[5] = masterCtx_.c[5] ^ i1;
-    workCtx_.c[6] = masterCtx_.c[6] ^ i2;
-    workCtx_.c[7] = masterCtx_.c[7] ^ i3;
-
-    /* Copy state variables */
-    for (i=0; i<8; i++)
-        workCtx_.x[i] = masterCtx_.x[i];
-    workCtx_.carry = masterCtx_.carry;
-
-    /* Iterate the system four times */
-    for (i=0; i<4; i++)
-        NextState(Work);
-}
-
-
-/* Key setup */
-void Rabbit::SetKey(const byte* key, const byte* iv)
-{
-    /* Temporary variables */
-    word32 k0, k1, k2, k3, i;
-
-    /* Generate four subkeys */
-    k0 = LITTLE32(*(word32*)(key+ 0));
-    k1 = LITTLE32(*(word32*)(key+ 4));
-    k2 = LITTLE32(*(word32*)(key+ 8));
-    k3 = LITTLE32(*(word32*)(key+12));
-
-    /* Generate initial state variables */
-    masterCtx_.x[0] = k0;
-    masterCtx_.x[2] = k1;
-    masterCtx_.x[4] = k2;
-    masterCtx_.x[6] = k3;
-    masterCtx_.x[1] = U32V(k3<<16) | (k2>>16);
-    masterCtx_.x[3] = U32V(k0<<16) | (k3>>16);
-    masterCtx_.x[5] = U32V(k1<<16) | (k0>>16);
-    masterCtx_.x[7] = U32V(k2<<16) | (k1>>16);
-
-    /* Generate initial counter values */
-    masterCtx_.c[0] = rotlFixed(k2, 16);
-    masterCtx_.c[2] = rotlFixed(k3, 16);
-    masterCtx_.c[4] = rotlFixed(k0, 16);
-    masterCtx_.c[6] = rotlFixed(k1, 16);
-    masterCtx_.c[1] = (k0&0xFFFF0000) | (k1&0xFFFF);
-    masterCtx_.c[3] = (k1&0xFFFF0000) | (k2&0xFFFF);
-    masterCtx_.c[5] = (k2&0xFFFF0000) | (k3&0xFFFF);
-    masterCtx_.c[7] = (k3&0xFFFF0000) | (k0&0xFFFF);
-
-    /* Clear carry bit */
-    masterCtx_.carry = 0;
-
-    /* Iterate the system four times */
-    for (i=0; i<4; i++)
-        NextState(Master);
-
-    /* Modify the counters */
-    for (i=0; i<8; i++)
-        masterCtx_.c[i] ^= masterCtx_.x[(i+4)&0x7];
-
-    /* Copy master instance to work instance */
-    for (i=0; i<8; i++) {
-        workCtx_.x[i] = masterCtx_.x[i];
-        workCtx_.c[i] = masterCtx_.c[i];
-    }
-    workCtx_.carry = masterCtx_.carry;
-
-    if (iv) SetIV(iv);    
-}
-
-
-/* Encrypt/decrypt a message of any size */
-void Rabbit::Process(byte* output, const byte* input, word32 msglen)
-{
-    /* Temporary variables */
-    word32 i;
-
-    /* Encrypt/decrypt all full blocks */
-    while (msglen >= 16) {
-        /* Iterate the system */
-        NextState(Work);
-
-        /* Encrypt/decrypt 16 bytes of data */
-        *(word32*)(output+ 0) = *(word32*)(input+ 0) ^
-                   LITTLE32(workCtx_.x[0] ^ (workCtx_.x[5]>>16) ^
-                   U32V(workCtx_.x[3]<<16));
-        *(word32*)(output+ 4) = *(word32*)(input+ 4) ^
-                   LITTLE32(workCtx_.x[2] ^ (workCtx_.x[7]>>16) ^
-                   U32V(workCtx_.x[5]<<16));
-        *(word32*)(output+ 8) = *(word32*)(input+ 8) ^
-                   LITTLE32(workCtx_.x[4] ^ (workCtx_.x[1]>>16) ^
-                   U32V(workCtx_.x[7]<<16));
-        *(word32*)(output+12) = *(word32*)(input+12) ^
-                   LITTLE32(workCtx_.x[6] ^ (workCtx_.x[3]>>16) ^
-                   U32V(workCtx_.x[1]<<16));
-
-        /* Increment pointers and decrement length */
-        input  += 16;
-        output += 16;
-        msglen -= 16;
-    }
-
-    /* Encrypt/decrypt remaining data */
-    if (msglen) {
-
-        word32 tmp[4];
-        byte*  buffer = (byte*)tmp;
-
-        memset(tmp, 0, sizeof(tmp));   /* help static analysis */
-
-        /* Iterate the system */
-        NextState(Work);
-
-        /* Generate 16 bytes of pseudo-random data */
-        tmp[0] = LITTLE32(workCtx_.x[0] ^
-                  (workCtx_.x[5]>>16) ^ U32V(workCtx_.x[3]<<16));
-        tmp[1] = LITTLE32(workCtx_.x[2] ^ 
-                  (workCtx_.x[7]>>16) ^ U32V(workCtx_.x[5]<<16));
-        tmp[2] = LITTLE32(workCtx_.x[4] ^ 
-                  (workCtx_.x[1]>>16) ^ U32V(workCtx_.x[7]<<16));
-        tmp[3] = LITTLE32(workCtx_.x[6] ^ 
-                  (workCtx_.x[3]>>16) ^ U32V(workCtx_.x[1]<<16));
-
-        /* Encrypt/decrypt the data */
-        for (i=0; i
-#include 
-
-#if defined(_WIN32)
-    #include 
-    #include 
-#else
-    #include 
-    #include 
-    #include 
-#endif // _WIN32
-
-namespace TaoCrypt {
-
-
-// Get seed and key cipher
-RandomNumberGenerator::RandomNumberGenerator()
-{
-    byte key[32];
-    byte junk[256];
-
-    seed_.GenerateSeed(key, sizeof(key));
-    cipher_.SetKey(key, sizeof(key));
-    GenerateBlock(junk, sizeof(junk));  // rid initial state
-}
-
-
-// place a generated block in output
-void RandomNumberGenerator::GenerateBlock(byte* output, word32 sz)
-{
-    memset(output, 0, sz);
-    cipher_.Process(output, output, sz);
-}
-
-
-byte RandomNumberGenerator::GenerateByte()
-{
-    byte b;
-    GenerateBlock(&b, 1);
-
-    return b;
-}
-
-
-#if defined(_WIN32)
-
-/* The OS_Seed implementation for windows */
-
-OS_Seed::OS_Seed()
-{
-    if(!CryptAcquireContext(&handle_, 0, 0, PROV_RSA_FULL,
-                             CRYPT_VERIFYCONTEXT))
-        error_.SetError(WINCRYPT_E);
-}
-
-
-OS_Seed::~OS_Seed()
-{
-    CryptReleaseContext(handle_, 0);
-}
-
-
-void OS_Seed::GenerateSeed(byte* output, word32 sz)
-{
-    if (!CryptGenRandom(handle_, sz, output))
-        error_.SetError(CRYPTGEN_E);
-}
-
-
-#else
-
-/* The default OS_Seed implementation */
-
-OS_Seed::OS_Seed()
-{
-    fd_ = open("/dev/urandom",O_RDONLY);
-    if (fd_ == -1) {
-        fd_ = open("/dev/random",O_RDONLY);
-        if (fd_ == -1)
-            error_.SetError(OPEN_RAN_E);
-    }
-}
-
-
-OS_Seed::~OS_Seed() 
-{
-    close(fd_);
-}
-
-
-// may block
-void OS_Seed::GenerateSeed(byte* output, word32 sz)
-{
-    while (sz) {
-        int len = read(fd_, output, sz);
-        if (len == -1) {
-            error_.SetError(READ_RAN_E);
-            return;
-        }
-
-        sz     -= len;
-        output += len;
-
-        if (sz)
-            sleep(1);
-    }
-}
-
-#endif // _WIN32
-
-
-
-} // namespace
diff --git a/extra/yassl/taocrypt/src/ripemd.cpp b/extra/yassl/taocrypt/src/ripemd.cpp
deleted file mode 100644
index 04b8f82ffcc..00000000000
--- a/extra/yassl/taocrypt/src/ripemd.cpp
+++ /dev/null
@@ -1,844 +0,0 @@
-/*
-   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-
-/* based on Wei Dai's ripemd.cpp from CryptoPP */
-
-#include "runtime.hpp"
-#include "ripemd.hpp"
-#ifdef USE_SYS_STL
-    #include 
-#else
-    #include "algorithm.hpp"
-#endif
-
-
-namespace STL = STL_NAMESPACE;
-
-
-
-namespace TaoCrypt {
-
-void RIPEMD160::Init()
-{
-    digest_[0] = 0x67452301L;
-    digest_[1] = 0xefcdab89L;
-    digest_[2] = 0x98badcfeL;
-    digest_[3] = 0x10325476L;
-    digest_[4] = 0xc3d2e1f0L;
-
-    buffLen_ = 0;
-    loLen_  = 0;
-    hiLen_  = 0;
-}
-
-
-RIPEMD160::RIPEMD160(const RIPEMD160& that)
-    : HASHwithTransform(DIGEST_SIZE / sizeof(word32), BLOCK_SIZE) 
-{ 
-    buffLen_ = that.buffLen_;
-    loLen_   = that.loLen_;
-    hiLen_   = that.hiLen_;
-
-    memcpy(digest_, that.digest_, DIGEST_SIZE);
-    memcpy(buffer_, that.buffer_, BLOCK_SIZE);
-}
-
-
-RIPEMD160& RIPEMD160::operator= (const RIPEMD160& that)
-{
-    RIPEMD160 tmp(that);
-    Swap(tmp);
-
-    return *this;
-}
-
-
-void RIPEMD160::Swap(RIPEMD160& other)
-{
-    STL::swap(loLen_,   other.loLen_);
-    STL::swap(hiLen_,   other.hiLen_);
-    STL::swap(buffLen_, other.buffLen_);
-
-    memcpy(digest_, other.digest_, DIGEST_SIZE);
-    memcpy(buffer_, other.buffer_, BLOCK_SIZE);
-}
-
-
-#ifdef DO_RIPEMD_ASM
-
-// Update digest with data of size len
-void RIPEMD160::Update(const byte* data, word32 len)
-{
-    if (!isMMX) {
-        HASHwithTransform::Update(data, len);
-        return;
-    }
-
-    byte* local = reinterpret_cast(buffer_);
-
-    // remove buffered data if possible
-    if (buffLen_)  {   
-        word32 add = min(len, BLOCK_SIZE - buffLen_);
-        memcpy(&local[buffLen_], data, add);
-
-        buffLen_ += add;
-        data     += add;
-        len      -= add;
-
-        if (buffLen_ == BLOCK_SIZE) {
-            Transform();
-            AddLength(BLOCK_SIZE);
-            buffLen_ = 0;
-        }
-    }
-
-    // all at once for asm
-    if (buffLen_ == 0) {
-        word32 times = len / BLOCK_SIZE;
-        if (times) {
-            AsmTransform(data, times);
-            const word32 add = BLOCK_SIZE * times;
-            AddLength(add);
-            len  -= add;
-            data += add;
-        }
-    }
-
-    // cache any data left
-    if (len) {
-        memcpy(&local[buffLen_], data, len);
-        buffLen_ += len;
-    }
-}
-
-#endif // DO_RIPEMD_ASM
-
-
-// for all
-#define F(x, y, z)    (x ^ y ^ z) 
-#define G(x, y, z)    (z ^ (x & (y^z)))
-#define H(x, y, z)    (z ^ (x | ~y))
-#define I(x, y, z)    (y ^ (z & (x^y)))
-#define J(x, y, z)    (x ^ (y | ~z))
-
-#define k0 0
-#define k1 0x5a827999
-#define k2 0x6ed9eba1
-#define k3 0x8f1bbcdc
-#define k4 0xa953fd4e
-#define k5 0x50a28be6
-#define k6 0x5c4dd124
-#define k7 0x6d703ef3
-#define k8 0x7a6d76e9
-#define k9 0
-
-// for 160 and 320
-#define Subround(f, a, b, c, d, e, x, s, k) \
-    a += f(b, c, d) + x + k;\
-    a = rotlFixed((word32)a, s) + e;\
-    c = rotlFixed((word32)c, 10U)
-
-
-void RIPEMD160::Transform()
-{
-    unsigned long a1, b1, c1, d1, e1, a2, b2, c2, d2, e2;
-    a1 = a2 = digest_[0];
-    b1 = b2 = digest_[1];
-    c1 = c2 = digest_[2];
-    d1 = d2 = digest_[3];
-    e1 = e2 = digest_[4];
-
-    Subround(F, a1, b1, c1, d1, e1, buffer_[ 0], 11, k0);
-    Subround(F, e1, a1, b1, c1, d1, buffer_[ 1], 14, k0);
-    Subround(F, d1, e1, a1, b1, c1, buffer_[ 2], 15, k0);
-    Subround(F, c1, d1, e1, a1, b1, buffer_[ 3], 12, k0);
-    Subround(F, b1, c1, d1, e1, a1, buffer_[ 4],  5, k0);
-    Subround(F, a1, b1, c1, d1, e1, buffer_[ 5],  8, k0);
-    Subround(F, e1, a1, b1, c1, d1, buffer_[ 6],  7, k0);
-    Subround(F, d1, e1, a1, b1, c1, buffer_[ 7],  9, k0);
-    Subround(F, c1, d1, e1, a1, b1, buffer_[ 8], 11, k0);
-    Subround(F, b1, c1, d1, e1, a1, buffer_[ 9], 13, k0);
-    Subround(F, a1, b1, c1, d1, e1, buffer_[10], 14, k0);
-    Subround(F, e1, a1, b1, c1, d1, buffer_[11], 15, k0);
-    Subround(F, d1, e1, a1, b1, c1, buffer_[12],  6, k0);
-    Subround(F, c1, d1, e1, a1, b1, buffer_[13],  7, k0);
-    Subround(F, b1, c1, d1, e1, a1, buffer_[14],  9, k0);
-    Subround(F, a1, b1, c1, d1, e1, buffer_[15],  8, k0);
-
-    Subround(G, e1, a1, b1, c1, d1, buffer_[ 7],  7, k1);
-    Subround(G, d1, e1, a1, b1, c1, buffer_[ 4],  6, k1);
-    Subround(G, c1, d1, e1, a1, b1, buffer_[13],  8, k1);
-    Subround(G, b1, c1, d1, e1, a1, buffer_[ 1], 13, k1);
-    Subround(G, a1, b1, c1, d1, e1, buffer_[10], 11, k1);
-    Subround(G, e1, a1, b1, c1, d1, buffer_[ 6],  9, k1);
-    Subround(G, d1, e1, a1, b1, c1, buffer_[15],  7, k1);
-    Subround(G, c1, d1, e1, a1, b1, buffer_[ 3], 15, k1);
-    Subround(G, b1, c1, d1, e1, a1, buffer_[12],  7, k1);
-    Subround(G, a1, b1, c1, d1, e1, buffer_[ 0], 12, k1);
-    Subround(G, e1, a1, b1, c1, d1, buffer_[ 9], 15, k1);
-    Subround(G, d1, e1, a1, b1, c1, buffer_[ 5],  9, k1);
-    Subround(G, c1, d1, e1, a1, b1, buffer_[ 2], 11, k1);
-    Subround(G, b1, c1, d1, e1, a1, buffer_[14],  7, k1);
-    Subround(G, a1, b1, c1, d1, e1, buffer_[11], 13, k1);
-    Subround(G, e1, a1, b1, c1, d1, buffer_[ 8], 12, k1);
-
-    Subround(H, d1, e1, a1, b1, c1, buffer_[ 3], 11, k2);
-    Subround(H, c1, d1, e1, a1, b1, buffer_[10], 13, k2);
-    Subround(H, b1, c1, d1, e1, a1, buffer_[14],  6, k2);
-    Subround(H, a1, b1, c1, d1, e1, buffer_[ 4],  7, k2);
-    Subround(H, e1, a1, b1, c1, d1, buffer_[ 9], 14, k2);
-    Subround(H, d1, e1, a1, b1, c1, buffer_[15],  9, k2);
-    Subround(H, c1, d1, e1, a1, b1, buffer_[ 8], 13, k2);
-    Subround(H, b1, c1, d1, e1, a1, buffer_[ 1], 15, k2);
-    Subround(H, a1, b1, c1, d1, e1, buffer_[ 2], 14, k2);
-    Subround(H, e1, a1, b1, c1, d1, buffer_[ 7],  8, k2);
-    Subround(H, d1, e1, a1, b1, c1, buffer_[ 0], 13, k2);
-    Subround(H, c1, d1, e1, a1, b1, buffer_[ 6],  6, k2);
-    Subround(H, b1, c1, d1, e1, a1, buffer_[13],  5, k2);
-    Subround(H, a1, b1, c1, d1, e1, buffer_[11], 12, k2);
-    Subround(H, e1, a1, b1, c1, d1, buffer_[ 5],  7, k2);
-    Subround(H, d1, e1, a1, b1, c1, buffer_[12],  5, k2);
-
-    Subround(I, c1, d1, e1, a1, b1, buffer_[ 1], 11, k3);
-    Subround(I, b1, c1, d1, e1, a1, buffer_[ 9], 12, k3);
-    Subround(I, a1, b1, c1, d1, e1, buffer_[11], 14, k3);
-    Subround(I, e1, a1, b1, c1, d1, buffer_[10], 15, k3);
-    Subround(I, d1, e1, a1, b1, c1, buffer_[ 0], 14, k3);
-    Subround(I, c1, d1, e1, a1, b1, buffer_[ 8], 15, k3);
-    Subround(I, b1, c1, d1, e1, a1, buffer_[12],  9, k3);
-    Subround(I, a1, b1, c1, d1, e1, buffer_[ 4],  8, k3);
-    Subround(I, e1, a1, b1, c1, d1, buffer_[13],  9, k3);
-    Subround(I, d1, e1, a1, b1, c1, buffer_[ 3], 14, k3);
-    Subround(I, c1, d1, e1, a1, b1, buffer_[ 7],  5, k3);
-    Subround(I, b1, c1, d1, e1, a1, buffer_[15],  6, k3);
-    Subround(I, a1, b1, c1, d1, e1, buffer_[14],  8, k3);
-    Subround(I, e1, a1, b1, c1, d1, buffer_[ 5],  6, k3);
-    Subround(I, d1, e1, a1, b1, c1, buffer_[ 6],  5, k3);
-    Subround(I, c1, d1, e1, a1, b1, buffer_[ 2], 12, k3);
-
-    Subround(J, b1, c1, d1, e1, a1, buffer_[ 4],  9, k4);
-    Subround(J, a1, b1, c1, d1, e1, buffer_[ 0], 15, k4);
-    Subround(J, e1, a1, b1, c1, d1, buffer_[ 5],  5, k4);
-    Subround(J, d1, e1, a1, b1, c1, buffer_[ 9], 11, k4);
-    Subround(J, c1, d1, e1, a1, b1, buffer_[ 7],  6, k4);
-    Subround(J, b1, c1, d1, e1, a1, buffer_[12],  8, k4);
-    Subround(J, a1, b1, c1, d1, e1, buffer_[ 2], 13, k4);
-    Subround(J, e1, a1, b1, c1, d1, buffer_[10], 12, k4);
-    Subround(J, d1, e1, a1, b1, c1, buffer_[14],  5, k4);
-    Subround(J, c1, d1, e1, a1, b1, buffer_[ 1], 12, k4);
-    Subround(J, b1, c1, d1, e1, a1, buffer_[ 3], 13, k4);
-    Subround(J, a1, b1, c1, d1, e1, buffer_[ 8], 14, k4);
-    Subround(J, e1, a1, b1, c1, d1, buffer_[11], 11, k4);
-    Subround(J, d1, e1, a1, b1, c1, buffer_[ 6],  8, k4);
-    Subround(J, c1, d1, e1, a1, b1, buffer_[15],  5, k4);
-    Subround(J, b1, c1, d1, e1, a1, buffer_[13],  6, k4);
-
-    Subround(J, a2, b2, c2, d2, e2, buffer_[ 5],  8, k5);
-    Subround(J, e2, a2, b2, c2, d2, buffer_[14],  9, k5);
-    Subround(J, d2, e2, a2, b2, c2, buffer_[ 7],  9, k5);
-    Subround(J, c2, d2, e2, a2, b2, buffer_[ 0], 11, k5);
-    Subround(J, b2, c2, d2, e2, a2, buffer_[ 9], 13, k5);
-    Subround(J, a2, b2, c2, d2, e2, buffer_[ 2], 15, k5);
-    Subround(J, e2, a2, b2, c2, d2, buffer_[11], 15, k5);
-    Subround(J, d2, e2, a2, b2, c2, buffer_[ 4],  5, k5);
-    Subround(J, c2, d2, e2, a2, b2, buffer_[13],  7, k5);
-    Subround(J, b2, c2, d2, e2, a2, buffer_[ 6],  7, k5);
-    Subround(J, a2, b2, c2, d2, e2, buffer_[15],  8, k5);
-    Subround(J, e2, a2, b2, c2, d2, buffer_[ 8], 11, k5);
-    Subround(J, d2, e2, a2, b2, c2, buffer_[ 1], 14, k5);
-    Subround(J, c2, d2, e2, a2, b2, buffer_[10], 14, k5);
-    Subround(J, b2, c2, d2, e2, a2, buffer_[ 3], 12, k5);
-    Subround(J, a2, b2, c2, d2, e2, buffer_[12],  6, k5);
-
-    Subround(I, e2, a2, b2, c2, d2, buffer_[ 6],  9, k6); 
-    Subround(I, d2, e2, a2, b2, c2, buffer_[11], 13, k6);
-    Subround(I, c2, d2, e2, a2, b2, buffer_[ 3], 15, k6);
-    Subround(I, b2, c2, d2, e2, a2, buffer_[ 7],  7, k6);
-    Subround(I, a2, b2, c2, d2, e2, buffer_[ 0], 12, k6);
-    Subround(I, e2, a2, b2, c2, d2, buffer_[13],  8, k6);
-    Subround(I, d2, e2, a2, b2, c2, buffer_[ 5],  9, k6);
-    Subround(I, c2, d2, e2, a2, b2, buffer_[10], 11, k6);
-    Subround(I, b2, c2, d2, e2, a2, buffer_[14],  7, k6);
-    Subround(I, a2, b2, c2, d2, e2, buffer_[15],  7, k6);
-    Subround(I, e2, a2, b2, c2, d2, buffer_[ 8], 12, k6);
-    Subround(I, d2, e2, a2, b2, c2, buffer_[12],  7, k6);
-    Subround(I, c2, d2, e2, a2, b2, buffer_[ 4],  6, k6);
-    Subround(I, b2, c2, d2, e2, a2, buffer_[ 9], 15, k6);
-    Subround(I, a2, b2, c2, d2, e2, buffer_[ 1], 13, k6);
-    Subround(I, e2, a2, b2, c2, d2, buffer_[ 2], 11, k6);
-
-    Subround(H, d2, e2, a2, b2, c2, buffer_[15],  9, k7);
-    Subround(H, c2, d2, e2, a2, b2, buffer_[ 5],  7, k7);
-    Subround(H, b2, c2, d2, e2, a2, buffer_[ 1], 15, k7);
-    Subround(H, a2, b2, c2, d2, e2, buffer_[ 3], 11, k7);
-    Subround(H, e2, a2, b2, c2, d2, buffer_[ 7],  8, k7);
-    Subround(H, d2, e2, a2, b2, c2, buffer_[14],  6, k7);
-    Subround(H, c2, d2, e2, a2, b2, buffer_[ 6],  6, k7);
-    Subround(H, b2, c2, d2, e2, a2, buffer_[ 9], 14, k7);
-    Subround(H, a2, b2, c2, d2, e2, buffer_[11], 12, k7);
-    Subround(H, e2, a2, b2, c2, d2, buffer_[ 8], 13, k7);
-    Subround(H, d2, e2, a2, b2, c2, buffer_[12],  5, k7);
-    Subround(H, c2, d2, e2, a2, b2, buffer_[ 2], 14, k7);
-    Subround(H, b2, c2, d2, e2, a2, buffer_[10], 13, k7);
-    Subround(H, a2, b2, c2, d2, e2, buffer_[ 0], 13, k7);
-    Subround(H, e2, a2, b2, c2, d2, buffer_[ 4],  7, k7);
-    Subround(H, d2, e2, a2, b2, c2, buffer_[13],  5, k7);
-
-    Subround(G, c2, d2, e2, a2, b2, buffer_[ 8], 15, k8);
-    Subround(G, b2, c2, d2, e2, a2, buffer_[ 6],  5, k8);
-    Subround(G, a2, b2, c2, d2, e2, buffer_[ 4],  8, k8);
-    Subround(G, e2, a2, b2, c2, d2, buffer_[ 1], 11, k8);
-    Subround(G, d2, e2, a2, b2, c2, buffer_[ 3], 14, k8);
-    Subround(G, c2, d2, e2, a2, b2, buffer_[11], 14, k8);
-    Subround(G, b2, c2, d2, e2, a2, buffer_[15],  6, k8);
-    Subround(G, a2, b2, c2, d2, e2, buffer_[ 0], 14, k8);
-    Subround(G, e2, a2, b2, c2, d2, buffer_[ 5],  6, k8);
-    Subround(G, d2, e2, a2, b2, c2, buffer_[12],  9, k8);
-    Subround(G, c2, d2, e2, a2, b2, buffer_[ 2], 12, k8);
-    Subround(G, b2, c2, d2, e2, a2, buffer_[13],  9, k8);
-    Subround(G, a2, b2, c2, d2, e2, buffer_[ 9], 12, k8);
-    Subround(G, e2, a2, b2, c2, d2, buffer_[ 7],  5, k8);
-    Subround(G, d2, e2, a2, b2, c2, buffer_[10], 15, k8);
-    Subround(G, c2, d2, e2, a2, b2, buffer_[14],  8, k8);
-
-    Subround(F, b2, c2, d2, e2, a2, buffer_[12],  8, k9);
-    Subround(F, a2, b2, c2, d2, e2, buffer_[15],  5, k9);
-    Subround(F, e2, a2, b2, c2, d2, buffer_[10], 12, k9);
-    Subround(F, d2, e2, a2, b2, c2, buffer_[ 4],  9, k9);
-    Subround(F, c2, d2, e2, a2, b2, buffer_[ 1], 12, k9);
-    Subround(F, b2, c2, d2, e2, a2, buffer_[ 5],  5, k9);
-    Subround(F, a2, b2, c2, d2, e2, buffer_[ 8], 14, k9);
-    Subround(F, e2, a2, b2, c2, d2, buffer_[ 7],  6, k9);
-    Subround(F, d2, e2, a2, b2, c2, buffer_[ 6],  8, k9);
-    Subround(F, c2, d2, e2, a2, b2, buffer_[ 2], 13, k9);
-    Subround(F, b2, c2, d2, e2, a2, buffer_[13],  6, k9);
-    Subround(F, a2, b2, c2, d2, e2, buffer_[14],  5, k9);
-    Subround(F, e2, a2, b2, c2, d2, buffer_[ 0], 15, k9);
-    Subround(F, d2, e2, a2, b2, c2, buffer_[ 3], 13, k9);
-    Subround(F, c2, d2, e2, a2, b2, buffer_[ 9], 11, k9);
-    Subround(F, b2, c2, d2, e2, a2, buffer_[11], 11, k9);
-
-    c1         = digest_[1] + c1 + d2;
-    digest_[1] = digest_[2] + d1 + e2;
-    digest_[2] = digest_[3] + e1 + a2;
-    digest_[3] = digest_[4] + a1 + b2;
-    digest_[4] = digest_[0] + b1 + c2;
-    digest_[0] = c1;
-}
-
-
-#ifdef DO_RIPEMD_ASM
-
-/*
-    // F(x ^ y ^ z)
-    // place in esi
-#define ASMF(x, y, z)  \
-    AS2(    mov   esi, x                )   \
-    AS2(    xor   esi, y                )   \
-    AS2(    xor   esi, z                )
-
-
-    // G(z ^ (x & (y^z)))
-    // place in esi
-#define ASMG(x, y, z)  \
-    AS2(    mov   esi, z                )   \
-    AS2(    xor   esi, y                )   \
-    AS2(    and   esi, x                )   \
-    AS2(    xor   esi, z                )
-
-    
-    // H(z ^ (x | ~y))
-    // place in esi
-#define ASMH(x, y, z) \
-    AS2(    mov   esi, y                )   \
-    AS1(    not   esi                   )   \
-    AS2(     or   esi, x                )   \
-    AS2(    xor   esi, z                )
-
-
-    // I(y ^ (z & (x^y)))
-    // place in esi
-#define ASMI(x, y, z)  \
-    AS2(    mov   esi, y                )   \
-    AS2(    xor   esi, x                )   \
-    AS2(    and   esi, z                )   \
-    AS2(    xor   esi, y                )
-
-
-    // J(x ^ (y | ~z)))
-    // place in esi
-#define ASMJ(x, y, z)   \
-    AS2(    mov   esi, z                )   \
-    AS1(    not   esi                   )   \
-    AS2(     or   esi, y                )   \
-    AS2(    xor   esi, x                )
-
-
-// for 160 and 320
-// #define ASMSubround(f, a, b, c, d, e, i, s, k) 
-//    a += f(b, c, d) + data[i] + k;
-//    a = rotlFixed((word32)a, s) + e;
-//    c = rotlFixed((word32)c, 10U)
-
-#define ASMSubround(f, a, b, c, d, e, index, s, k) \
-    // a += f(b, c, d) + data[i] + k                    \
-    AS2(    mov   esp, [edi + index * 4]            )   \
-    f(b, c, d)                                          \
-    AS2(    add   esi, k                            )   \
-    AS2(    add   esi, esp                          )   \
-    AS2(    add     a, esi                          )   \
-    // a = rotlFixed((word32)a, s) + e                  \
-    AS2(    rol     a, s                            )   \
-    AS2(    rol     c, 10                           )   \
-    // c = rotlFixed((word32)c, 10U)                    \
-    AS2(    add     a, e                            )
-*/
-
-
-// combine F into subround w/ setup
-// esi already has c, setup for next round when done
-// esp already has edi[index], setup for next round when done
-
-#define ASMSubroundF(a, b, c, d, e, index, s) \
-    /* a += (b ^ c ^ d) + data[i] + k  */               \
-    AS2(    xor   esi, b                            )   \
-    AS2(    add     a, [edi + index * 4]            )   \
-    AS2(    xor   esi, d                            )   \
-    AS2(    add     a, esi                          )   \
-    /* a = rotlFixed((word32)a, s) + e */               \
-    AS2(    mov   esi, b                            )   \
-    AS2(    rol     a, s                            )   \
-    /* c = rotlFixed((word32)c, 10U) */                 \
-    AS2(    rol     c, 10                           )   \
-    AS2(    add     a, e                            )
-
-
-// combine G into subround w/ setup
-// esi already has c, setup for next round when done
-// esp already has edi[index], setup for next round when done
-
-#define ASMSubroundG(a, b, c, d, e, index, s, k) \
-    /* a += (d ^ (b & (c^d))) + data[i] + k  */         \
-    AS2(    xor   esi, d                            )   \
-    AS2(    and   esi, b                            )   \
-    AS2(    add     a, [edi + index * 4]            )   \
-    AS2(    xor   esi, d                            )   \
-    AS2(    lea     a, [esi + a + k]                )   \
-    /* a = rotlFixed((word32)a, s) + e */               \
-    AS2(    mov   esi, b                            )   \
-    AS2(    rol     a, s                            )   \
-    /* c = rotlFixed((word32)c, 10U) */                 \
-    AS2(    rol     c, 10                           )   \
-    AS2(    add     a, e                            )
-
-
-// combine H into subround w/ setup
-// esi already has c, setup for next round when done
-// esp already has edi[index], setup for next round when done
-
-#define ASMSubroundH(a, b, c, d, e, index, s, k) \
-    /* a += (d ^ (b | ~c)) + data[i] + k  */            \
-    AS1(    not   esi                               )   \
-    AS2(     or   esi, b                            )   \
-    AS2(    add     a, [edi + index * 4]            )   \
-    AS2(    xor   esi, d                            )   \
-    AS2(    lea     a, [esi + a + k]                )   \
-    /* a = rotlFixed((word32)a, s) + e */               \
-    AS2(    mov   esi, b                            )   \
-    AS2(    rol     a, s                            )   \
-    /* c = rotlFixed((word32)c, 10U) */                 \
-    AS2(    rol     c, 10                           )   \
-    AS2(    add     a, e                            )
-
-
-// combine I into subround w/ setup
-// esi already has c, setup for next round when done
-// esp already has edi[index], setup for next round when done
-
-#define ASMSubroundI(a, b, c, d, e, index, s, k) \
-    /* a += (c ^ (d & (b^c))) + data[i] + k  */         \
-    AS2(    xor   esi, b                            )   \
-    AS2(    and   esi, d                            )   \
-    AS2(    add     a, [edi + index * 4]            )   \
-    AS2(    xor   esi, c                            )   \
-    AS2(    lea     a, [esi + a + k]                )   \
-    /* a = rotlFixed((word32)a, s) + e */               \
-    AS2(    mov   esi, b                            )   \
-    AS2(    rol     a, s                            )   \
-    /* c = rotlFixed((word32)c, 10U) */                 \
-    AS2(    rol     c, 10                           )   \
-    AS2(    add     a, e                            )
-
-
-// combine J into subround w/ setup
-// esi already has d, setup for next round when done
-// esp already has edi[index], setup for next round when done
-
-#define ASMSubroundJ(a, b, c, d, e, index, s, k) \
-    /* a += (b ^ (c | ~d))) + data[i] + k  */           \
-    AS1(    not   esi                               )   \
-    AS2(     or   esi, c                            )   \
-    /* c = rotlFixed((word32)c, 10U) */                 \
-    AS2(    add     a, [edi + index * 4]            )   \
-    AS2(    xor   esi, b                            )   \
-    AS2(    rol     c, 10                           )   \
-    AS2(    lea     a, [esi + a + k]                )   \
-    /* a = rotlFixed((word32)a, s) + e */               \
-    AS2(    rol     a, s                            )   \
-    AS2(    mov   esi, c                            )   \
-    AS2(    add     a, e                            )
-
-
-#ifdef _MSC_VER
-    __declspec(naked) 
-#else
-    __attribute__ ((noinline))
-#endif
-void RIPEMD160::AsmTransform(const byte* data, word32 times)
-{
-#ifdef __GNUC__
-    #define AS1(x)    #x ";"
-    #define AS2(x, y) #x ", " #y ";"
-
-    #define PROLOG()  \
-    __asm__ __volatile__ \
-    ( \
-        ".intel_syntax noprefix;" \
-        "push ebx;" \
-        "push ebp;"
-    #define EPILOG()  \
-        "pop ebp;" \
-        "pop ebx;" \
-       	"emms;" \
-       	".att_syntax;" \
-            : \
-            : "c" (this), "D" (data), "d" (times) \
-            : "%esi", "%eax", "memory", "cc" \
-    );
-
-#else
-    #define AS1(x)    __asm x
-    #define AS2(x, y) __asm x, y
-
-    #define PROLOG() \
-        AS1(    push  ebp                       )   \
-        AS2(    mov   ebp, esp                  )   \
-        AS2(    movd  mm3, edi                  )   \
-        AS2(    movd  mm4, ebx                  )   \
-        AS2(    movd  mm5, esi                  )   \
-        AS2(    movd  mm6, ebp                  )   \
-        AS2(    mov   edi, DWORD PTR [ebp +  8] )   \
-        AS2(    mov   edx, DWORD PTR [ebp + 12] )
-
-    #define EPILOG() \
-        AS2(    movd  ebp, mm6                  )   \
-        AS2(    movd  esi, mm5                  )   \
-        AS2(    movd  ebx, mm4                  )   \
-        AS2(    movd  edi, mm3                  )   \
-        AS2(    mov   esp, ebp                  )   \
-        AS1(    pop   ebp                       )   \
-        AS1(    emms                            )   \
-        AS1(    ret   8                         )
-        
-#endif
-
-    PROLOG()
-
-    #ifdef OLD_GCC_OFFSET
-        AS2(    lea   esi, [ecx + 20]               )   // digest_[0]
-    #else
-        AS2(    lea   esi, [ecx + 16]               )   // digest_[0]
-    #endif
-
-    AS2(    sub   esp, 24               )   // make room for tmp a1 - e1
-    AS2(    movd  mm1, esi              )   // store digest_
-    
-#ifdef _MSC_VER
-    AS1( loopStart: )  // loopStart
-#else
-    AS1( 0: )          // loopStart for some gas (need numeric for jump back 
-#endif
-
-    AS2(    movd  mm2, edx              )   // store times_
-
-    AS2(    mov   eax, [esi]            )   // a1
-    AS2(    mov   ebx, [esi +  4]       )   // b1
-    AS2(    mov   ecx, [esi +  8]       )   // c1
-    AS2(    mov   edx, [esi + 12]       )   // d1
-    AS2(    mov   ebp, [esi + 16]       )   // e1
-
-    // setup 
-    AS2(    mov   esi, ecx      )
-
-    ASMSubroundF( eax, ebx, ecx, edx, ebp,  0, 11)
-    ASMSubroundF( ebp, eax, ebx, ecx, edx,  1, 14)
-    ASMSubroundF( edx, ebp, eax, ebx, ecx,  2, 15)
-    ASMSubroundF( ecx, edx, ebp, eax, ebx,  3, 12)
-    ASMSubroundF( ebx, ecx, edx, ebp, eax,  4,  5)
-    ASMSubroundF( eax, ebx, ecx, edx, ebp,  5,  8)
-    ASMSubroundF( ebp, eax, ebx, ecx, edx,  6,  7)
-    ASMSubroundF( edx, ebp, eax, ebx, ecx,  7,  9)
-    ASMSubroundF( ecx, edx, ebp, eax, ebx,  8, 11)
-    ASMSubroundF( ebx, ecx, edx, ebp, eax,  9, 13)
-    ASMSubroundF( eax, ebx, ecx, edx, ebp, 10, 14)
-    ASMSubroundF( ebp, eax, ebx, ecx, edx, 11, 15)
-    ASMSubroundF( edx, ebp, eax, ebx, ecx, 12,  6)
-    ASMSubroundF( ecx, edx, ebp, eax, ebx, 13,  7)
-    ASMSubroundF( ebx, ecx, edx, ebp, eax, 14,  9)
-    ASMSubroundF( eax, ebx, ecx, edx, ebp, 15,  8)
-
-    ASMSubroundG( ebp, eax, ebx, ecx, edx,  7,  7, k1)
-    ASMSubroundG( edx, ebp, eax, ebx, ecx,  4,  6, k1)
-    ASMSubroundG( ecx, edx, ebp, eax, ebx, 13,  8, k1)
-    ASMSubroundG( ebx, ecx, edx, ebp, eax,  1, 13, k1)
-    ASMSubroundG( eax, ebx, ecx, edx, ebp, 10, 11, k1)
-    ASMSubroundG( ebp, eax, ebx, ecx, edx,  6,  9, k1)
-    ASMSubroundG( edx, ebp, eax, ebx, ecx, 15,  7, k1)
-    ASMSubroundG( ecx, edx, ebp, eax, ebx,  3, 15, k1)
-    ASMSubroundG( ebx, ecx, edx, ebp, eax, 12,  7, k1)
-    ASMSubroundG( eax, ebx, ecx, edx, ebp,  0, 12, k1)
-    ASMSubroundG( ebp, eax, ebx, ecx, edx,  9, 15, k1)
-    ASMSubroundG( edx, ebp, eax, ebx, ecx,  5,  9, k1)
-    ASMSubroundG( ecx, edx, ebp, eax, ebx,  2, 11, k1)
-    ASMSubroundG( ebx, ecx, edx, ebp, eax, 14,  7, k1)
-    ASMSubroundG( eax, ebx, ecx, edx, ebp, 11, 13, k1)
-    ASMSubroundG( ebp, eax, ebx, ecx, edx,  8, 12, k1)
-
-    ASMSubroundH( edx, ebp, eax, ebx, ecx,  3, 11, k2)
-    ASMSubroundH( ecx, edx, ebp, eax, ebx, 10, 13, k2)
-    ASMSubroundH( ebx, ecx, edx, ebp, eax, 14,  6, k2)
-    ASMSubroundH( eax, ebx, ecx, edx, ebp,  4,  7, k2)
-    ASMSubroundH( ebp, eax, ebx, ecx, edx,  9, 14, k2)
-    ASMSubroundH( edx, ebp, eax, ebx, ecx, 15,  9, k2)
-    ASMSubroundH( ecx, edx, ebp, eax, ebx,  8, 13, k2)
-    ASMSubroundH( ebx, ecx, edx, ebp, eax,  1, 15, k2)
-    ASMSubroundH( eax, ebx, ecx, edx, ebp,  2, 14, k2)
-    ASMSubroundH( ebp, eax, ebx, ecx, edx,  7,  8, k2)
-    ASMSubroundH( edx, ebp, eax, ebx, ecx,  0, 13, k2)
-    ASMSubroundH( ecx, edx, ebp, eax, ebx,  6,  6, k2)
-    ASMSubroundH( ebx, ecx, edx, ebp, eax, 13,  5, k2)
-    ASMSubroundH( eax, ebx, ecx, edx, ebp, 11, 12, k2)
-    ASMSubroundH( ebp, eax, ebx, ecx, edx,  5,  7, k2)
-    ASMSubroundH( edx, ebp, eax, ebx, ecx, 12,  5, k2)
-
-    ASMSubroundI( ecx, edx, ebp, eax, ebx,  1, 11, k3)
-    ASMSubroundI( ebx, ecx, edx, ebp, eax,  9, 12, k3)
-    ASMSubroundI( eax, ebx, ecx, edx, ebp, 11, 14, k3)
-    ASMSubroundI( ebp, eax, ebx, ecx, edx, 10, 15, k3)
-    ASMSubroundI( edx, ebp, eax, ebx, ecx,  0, 14, k3)
-    ASMSubroundI( ecx, edx, ebp, eax, ebx,  8, 15, k3)
-    ASMSubroundI( ebx, ecx, edx, ebp, eax, 12,  9, k3)
-    ASMSubroundI( eax, ebx, ecx, edx, ebp,  4,  8, k3)
-    ASMSubroundI( ebp, eax, ebx, ecx, edx, 13,  9, k3)
-    ASMSubroundI( edx, ebp, eax, ebx, ecx,  3, 14, k3)
-    ASMSubroundI( ecx, edx, ebp, eax, ebx,  7,  5, k3)
-    ASMSubroundI( ebx, ecx, edx, ebp, eax, 15,  6, k3)
-    ASMSubroundI( eax, ebx, ecx, edx, ebp, 14,  8, k3)
-    ASMSubroundI( ebp, eax, ebx, ecx, edx,  5,  6, k3)
-    ASMSubroundI( edx, ebp, eax, ebx, ecx,  6,  5, k3)
-    ASMSubroundI( ecx, edx, ebp, eax, ebx,  2, 12, k3)
-
-    // setup
-    AS2(    mov   esi, ebp      )
-
-    ASMSubroundJ( ebx, ecx, edx, ebp, eax,  4,  9, k4)
-    ASMSubroundJ( eax, ebx, ecx, edx, ebp,  0, 15, k4)
-    ASMSubroundJ( ebp, eax, ebx, ecx, edx,  5,  5, k4)
-    ASMSubroundJ( edx, ebp, eax, ebx, ecx,  9, 11, k4)
-    ASMSubroundJ( ecx, edx, ebp, eax, ebx,  7,  6, k4)
-    ASMSubroundJ( ebx, ecx, edx, ebp, eax, 12,  8, k4)
-    ASMSubroundJ( eax, ebx, ecx, edx, ebp,  2, 13, k4)
-    ASMSubroundJ( ebp, eax, ebx, ecx, edx, 10, 12, k4)
-    ASMSubroundJ( edx, ebp, eax, ebx, ecx, 14,  5, k4)
-    ASMSubroundJ( ecx, edx, ebp, eax, ebx,  1, 12, k4)
-    ASMSubroundJ( ebx, ecx, edx, ebp, eax,  3, 13, k4)
-    ASMSubroundJ( eax, ebx, ecx, edx, ebp,  8, 14, k4)
-    ASMSubroundJ( ebp, eax, ebx, ecx, edx, 11, 11, k4)
-    ASMSubroundJ( edx, ebp, eax, ebx, ecx,  6,  8, k4)
-    ASMSubroundJ( ecx, edx, ebp, eax, ebx, 15,  5, k4)
-    ASMSubroundJ( ebx, ecx, edx, ebp, eax, 13,  6, k4)
-
-    // store a1 - e1 on stack
-    AS2(    movd  esi, mm1              )   // digest_
-
-    AS2(    mov   [esp],      eax       )
-    AS2(    mov   [esp +  4], ebx       )
-    AS2(    mov   [esp +  8], ecx       )
-    AS2(    mov   [esp + 12], edx       )
-    AS2(    mov   [esp + 16], ebp       )
-
-    AS2(    mov   eax, [esi]            )   // a2
-    AS2(    mov   ebx, [esi +  4]       )   // b2
-    AS2(    mov   ecx, [esi +  8]       )   // c2
-    AS2(    mov   edx, [esi + 12]       )   // d2
-    AS2(    mov   ebp, [esi + 16]       )   // e2
-
-
-    // setup
-    AS2(    mov   esi, edx      )
-
-    ASMSubroundJ( eax, ebx, ecx, edx, ebp,  5,  8, k5)
-    ASMSubroundJ( ebp, eax, ebx, ecx, edx, 14,  9, k5)
-    ASMSubroundJ( edx, ebp, eax, ebx, ecx,  7,  9, k5)
-    ASMSubroundJ( ecx, edx, ebp, eax, ebx,  0, 11, k5)
-    ASMSubroundJ( ebx, ecx, edx, ebp, eax,  9, 13, k5)
-    ASMSubroundJ( eax, ebx, ecx, edx, ebp,  2, 15, k5)
-    ASMSubroundJ( ebp, eax, ebx, ecx, edx, 11, 15, k5)
-    ASMSubroundJ( edx, ebp, eax, ebx, ecx,  4,  5, k5)
-    ASMSubroundJ( ecx, edx, ebp, eax, ebx, 13,  7, k5)
-    ASMSubroundJ( ebx, ecx, edx, ebp, eax,  6,  7, k5)
-    ASMSubroundJ( eax, ebx, ecx, edx, ebp, 15,  8, k5)
-    ASMSubroundJ( ebp, eax, ebx, ecx, edx,  8, 11, k5)
-    ASMSubroundJ( edx, ebp, eax, ebx, ecx,  1, 14, k5)
-    ASMSubroundJ( ecx, edx, ebp, eax, ebx, 10, 14, k5)
-    ASMSubroundJ( ebx, ecx, edx, ebp, eax,  3, 12, k5)
-    ASMSubroundJ( eax, ebx, ecx, edx, ebp, 12,  6, k5)
-
-    // setup
-    AS2(    mov   esi, ebx      )
-
-    ASMSubroundI( ebp, eax, ebx, ecx, edx,  6,  9, k6) 
-    ASMSubroundI( edx, ebp, eax, ebx, ecx, 11, 13, k6)
-    ASMSubroundI( ecx, edx, ebp, eax, ebx,  3, 15, k6)
-    ASMSubroundI( ebx, ecx, edx, ebp, eax,  7,  7, k6)
-    ASMSubroundI( eax, ebx, ecx, edx, ebp,  0, 12, k6)
-    ASMSubroundI( ebp, eax, ebx, ecx, edx, 13,  8, k6)
-    ASMSubroundI( edx, ebp, eax, ebx, ecx,  5,  9, k6)
-    ASMSubroundI( ecx, edx, ebp, eax, ebx, 10, 11, k6)
-    ASMSubroundI( ebx, ecx, edx, ebp, eax, 14,  7, k6)
-    ASMSubroundI( eax, ebx, ecx, edx, ebp, 15,  7, k6)
-    ASMSubroundI( ebp, eax, ebx, ecx, edx,  8, 12, k6)
-    ASMSubroundI( edx, ebp, eax, ebx, ecx, 12,  7, k6)
-    ASMSubroundI( ecx, edx, ebp, eax, ebx,  4,  6, k6)
-    ASMSubroundI( ebx, ecx, edx, ebp, eax,  9, 15, k6)
-    ASMSubroundI( eax, ebx, ecx, edx, ebp,  1, 13, k6)
-    ASMSubroundI( ebp, eax, ebx, ecx, edx,  2, 11, k6)
-
-    ASMSubroundH( edx, ebp, eax, ebx, ecx, 15,  9, k7)
-    ASMSubroundH( ecx, edx, ebp, eax, ebx,  5,  7, k7)
-    ASMSubroundH( ebx, ecx, edx, ebp, eax,  1, 15, k7)
-    ASMSubroundH( eax, ebx, ecx, edx, ebp,  3, 11, k7)
-    ASMSubroundH( ebp, eax, ebx, ecx, edx,  7,  8, k7)
-    ASMSubroundH( edx, ebp, eax, ebx, ecx, 14,  6, k7)
-    ASMSubroundH( ecx, edx, ebp, eax, ebx,  6,  6, k7)
-    ASMSubroundH( ebx, ecx, edx, ebp, eax,  9, 14, k7)
-    ASMSubroundH( eax, ebx, ecx, edx, ebp, 11, 12, k7)
-    ASMSubroundH( ebp, eax, ebx, ecx, edx,  8, 13, k7)
-    ASMSubroundH( edx, ebp, eax, ebx, ecx, 12,  5, k7)
-    ASMSubroundH( ecx, edx, ebp, eax, ebx,  2, 14, k7)
-    ASMSubroundH( ebx, ecx, edx, ebp, eax, 10, 13, k7)
-    ASMSubroundH( eax, ebx, ecx, edx, ebp,  0, 13, k7)
-    ASMSubroundH( ebp, eax, ebx, ecx, edx,  4,  7, k7)
-    ASMSubroundH( edx, ebp, eax, ebx, ecx, 13,  5, k7)
-
-    ASMSubroundG( ecx, edx, ebp, eax, ebx,  8, 15, k8)
-    ASMSubroundG( ebx, ecx, edx, ebp, eax,  6,  5, k8)
-    ASMSubroundG( eax, ebx, ecx, edx, ebp,  4,  8, k8)
-    ASMSubroundG( ebp, eax, ebx, ecx, edx,  1, 11, k8)
-    ASMSubroundG( edx, ebp, eax, ebx, ecx,  3, 14, k8)
-    ASMSubroundG( ecx, edx, ebp, eax, ebx, 11, 14, k8)
-    ASMSubroundG( ebx, ecx, edx, ebp, eax, 15,  6, k8)
-    ASMSubroundG( eax, ebx, ecx, edx, ebp,  0, 14, k8)
-    ASMSubroundG( ebp, eax, ebx, ecx, edx,  5,  6, k8)
-    ASMSubroundG( edx, ebp, eax, ebx, ecx, 12,  9, k8)
-    ASMSubroundG( ecx, edx, ebp, eax, ebx,  2, 12, k8)
-    ASMSubroundG( ebx, ecx, edx, ebp, eax, 13,  9, k8)
-    ASMSubroundG( eax, ebx, ecx, edx, ebp,  9, 12, k8)
-    ASMSubroundG( ebp, eax, ebx, ecx, edx,  7,  5, k8)
-    ASMSubroundG( edx, ebp, eax, ebx, ecx, 10, 15, k8)
-    ASMSubroundG( ecx, edx, ebp, eax, ebx, 14,  8, k8)
-
-    ASMSubroundF( ebx, ecx, edx, ebp, eax, 12,  8)
-    ASMSubroundF( eax, ebx, ecx, edx, ebp, 15,  5)
-    ASMSubroundF( ebp, eax, ebx, ecx, edx, 10, 12)
-    ASMSubroundF( edx, ebp, eax, ebx, ecx,  4,  9)
-    ASMSubroundF( ecx, edx, ebp, eax, ebx,  1, 12)
-    ASMSubroundF( ebx, ecx, edx, ebp, eax,  5,  5)
-    ASMSubroundF( eax, ebx, ecx, edx, ebp,  8, 14)
-    ASMSubroundF( ebp, eax, ebx, ecx, edx,  7,  6)
-    ASMSubroundF( edx, ebp, eax, ebx, ecx,  6,  8)
-    ASMSubroundF( ecx, edx, ebp, eax, ebx,  2, 13)
-    ASMSubroundF( ebx, ecx, edx, ebp, eax, 13,  6)
-    ASMSubroundF( eax, ebx, ecx, edx, ebp, 14,  5)
-    ASMSubroundF( ebp, eax, ebx, ecx, edx,  0, 15)
-    ASMSubroundF( edx, ebp, eax, ebx, ecx,  3, 13)
-    ASMSubroundF( ecx, edx, ebp, eax, ebx,  9, 11)
-    ASMSubroundF( ebx, ecx, edx, ebp, eax, 11, 11)
-
-    // advance data and store for next round
-    AS2(    add   edi, 64                       )
-    AS2(    movd  esi, mm1                      )   // digest_
-    AS2(    movd  mm0, edi                      )   // store
-
-    // now edi as tmp
-
-    // c1         = digest_[1] + c1 + d2;
-    AS2(    add   [esp +  8], edx               )   // + d2
-    AS2(    mov   edi, [esi + 4]                )   // digest_[1]
-    AS2(    add   [esp +  8], edi               )
-
-    // digest_[1] = digest_[2] + d1 + e2;
-    AS2(    mov   [esi + 4], ebp                )   // e2
-    AS2(    mov   edi, [esp + 12]               )   // d1
-    AS2(    add   edi, [esi + 8]                )   // digest_[2]
-    AS2(    add   [esi + 4], edi                )
-
-    // digest_[2] = digest_[3] + e1 + a2;
-    AS2(    mov   [esi + 8], eax                )   // a2
-    AS2(    mov   edi, [esp + 16]               )   // e1
-    AS2(    add   edi, [esi + 12]               )   // digest_[3]
-    AS2(    add   [esi + 8], edi                )
-
-    // digest_[3] = digest_[4] + a1 + b2;
-    AS2(    mov   [esi + 12], ebx               )   // b2
-    AS2(    mov   edi, [esp]                    )   // a1
-    AS2(    add   edi, [esi + 16]               )   // digest_[4]
-    AS2(    add   [esi + 12], edi               )
-
-    // digest_[4] = digest_[0] + b1 + c2;
-    AS2(    mov   [esi + 16], ecx               )   // c2
-    AS2(    mov   edi, [esp +  4]               )   // b1
-    AS2(    add   edi, [esi]                    )   // digest_[0]
-    AS2(    add   [esi + 16], edi               )
-
-    // digest_[0] = c1;
-    AS2(    mov   edi, [esp +  8]               )   // c1
-    AS2(    mov   [esi], edi                    )
-
-    // setup for loop back
-    AS2(    movd  edx, mm2              )   // times
-    AS2(    movd  edi, mm0              )   // data, already advanced
-    AS1(    dec   edx                   )
-#ifdef _MSC_VER
-    AS1(    jnz   loopStart )  // loopStart
-#else
-    AS1(    jnz   0b )         // loopStart
-#endif
-
-    // inline adjust 
-    AS2(    add   esp, 24               )   // fix room on stack
-
-    EPILOG()
-}
-
-
-#endif // DO_RIPEMD_ASM
-
-
-} // namespace TaoCrypt
diff --git a/extra/yassl/taocrypt/src/rsa.cpp b/extra/yassl/taocrypt/src/rsa.cpp
deleted file mode 100644
index e458a1adb21..00000000000
--- a/extra/yassl/taocrypt/src/rsa.cpp
+++ /dev/null
@@ -1,215 +0,0 @@
-/*
-   Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* based on Wei Dai's rsa.cpp from CryptoPP */
-
-#include "runtime.hpp"
-#include "rsa.hpp"
-#include "asn.hpp"
-#include "modarith.hpp"
-
-
-
-namespace TaoCrypt {
-
-
-Integer RSA_PublicKey::ApplyFunction(const Integer& x) const
-{
-    return a_exp_b_mod_c(x, e_, n_);
-}
-
-
-RSA_PublicKey::RSA_PublicKey(Source& source)
-{
-    Initialize(source);
-}
-
-
-void RSA_PublicKey::Initialize(Source& source)
-{
-    RSA_Public_Decoder decoder(source);
-    decoder.Decode(*this);
-}
-
-
-Integer RSA_PrivateKey::CalculateInverse(RandomNumberGenerator& rng,
-                                         const Integer& x) const
-{
-    ModularArithmetic modn(n_);
-
-    Integer r(rng, Integer::One(), n_ - Integer::One());
-    Integer re = modn.Exponentiate(r, e_);
-    re = modn.Multiply(re, x);			// blind
-
-    // here we follow the notation of PKCS #1 and let u=q inverse mod p
-    // but in ModRoot, u=p inverse mod q, so we reverse the order of p and q
-
-    Integer y = ModularRoot(re, dq_, dp_, q_, p_, u_);
-    y = modn.Divide(y, r);				    // unblind
-       
-    return y;
-}
-
-
-RSA_PrivateKey::RSA_PrivateKey(Source& source)
-{
-    Initialize(source);
-}
-
-
-void RSA_PrivateKey::Initialize(Source& source)
-{
-    RSA_Private_Decoder decoder(source);
-    decoder.Decode(*this);
-}
-
-
-void RSA_BlockType2::Pad(const byte *input, word32 inputLen, byte *pkcsBlock,
-                         word32 pkcsBlockLen, RandomNumberGenerator& rng) const
-{
-    // convert from bit length to byte length
-    if (pkcsBlockLen % 8 != 0)
-    {
-        pkcsBlock[0] = 0;
-        pkcsBlock++;
-    }
-    pkcsBlockLen /= 8;
-
-    pkcsBlock[0] = 2;  // block type 2
-
-    // pad with non-zero random bytes
-    word32 padLen = pkcsBlockLen - inputLen - 1;
-    rng.GenerateBlock(&pkcsBlock[1], padLen);
-    for (word32 i = 1; i < padLen; i++)
-        if (pkcsBlock[i] == 0) pkcsBlock[i] = 0x01;
-    
-    pkcsBlock[pkcsBlockLen-inputLen-1] = 0;     // separator
-    memcpy(pkcsBlock+pkcsBlockLen-inputLen, input, inputLen);
-}
-
-word32 RSA_BlockType2::UnPad(const byte *pkcsBlock, unsigned int pkcsBlockLen,
-                           byte *output) const
-{
-    bool invalid = false;
-    unsigned int maxOutputLen = SaturatingSubtract(pkcsBlockLen / 8, 10U);
-
-    // convert from bit length to byte length
-    if (pkcsBlockLen % 8 != 0)
-    {
-        invalid = (pkcsBlock[0] != 0) || invalid;
-        pkcsBlock++;
-    }
-    pkcsBlockLen /= 8;
-
-    // Require block type 2.
-    invalid = (pkcsBlock[0] != 2) || invalid;
-
-    // skip past the padding until we find the separator
-    unsigned i=1;
-    while (i maxOutputLen) || invalid;
-
-    if (invalid)
-        return 0;
-
-    memcpy (output, pkcsBlock+i, outputLen);
-    return outputLen;
-}
-
-
-void RSA_BlockType1::Pad(const byte* input, word32 inputLen, byte* pkcsBlock,
-                         word32 pkcsBlockLen, RandomNumberGenerator&) const
-{
-    // sanity checks
-    if (input == NULL || pkcsBlock == NULL)
-        return;
-
-    // convert from bit length to byte length
-    if (pkcsBlockLen % 8 != 0)
-    {
-        pkcsBlock[0] = 0;
-        pkcsBlock++;
-    }
-    pkcsBlockLen /= 8;
-
-    pkcsBlock[0] = 1;  // block type 1 for SSL
-
-    // pad with 0xff bytes
-    memset(&pkcsBlock[1], 0xFF, pkcsBlockLen - inputLen - 2);
-
-    pkcsBlock[pkcsBlockLen-inputLen-1] = 0;     // separator
-    memcpy(pkcsBlock+pkcsBlockLen-inputLen, input, inputLen);
-}
-
-
-word32 RSA_BlockType1::UnPad(const byte* pkcsBlock, word32 pkcsBlockLen,
-                             byte* output) const
-{
-    bool invalid = false;
-    unsigned int maxOutputLen = SaturatingSubtract(pkcsBlockLen / 8, 10U);
-
-    // convert from bit length to byte length
-    if (pkcsBlockLen % 8 != 0)
-    {
-        invalid = (pkcsBlock[0] != 0) || invalid;
-        pkcsBlock++;
-    }
-    pkcsBlockLen /= 8;
-
-    // Require block type 1 for SSL.
-    invalid = (pkcsBlock[0] != 1) || invalid;
-
-    // skip past the padding until we find the separator
-    unsigned i=1;
-    while (i maxOutputLen) || invalid;
-
-    if (invalid)
-        return 0;
-
-    memcpy(output, pkcsBlock+i, outputLen);
-    return outputLen;
-}
-
-
-word32 SSL_Decrypt(const RSA_PublicKey& key, const byte* sig, byte* plain)
-{
-    PK_Lengths lengths(key.GetModulus());
-   
-    ByteBlock paddedBlock(BitsToBytes(lengths.PaddedBlockBitLength()));
-    Integer x = key.ApplyFunction(Integer(sig,
-                                          lengths.FixedCiphertextLength()));
-    if (x.ByteCount() > paddedBlock.size())
-        x = Integer::Zero();	
-    x.Encode(paddedBlock.get_buffer(), paddedBlock.size());
-    return RSA_BlockType1().UnPad(paddedBlock.get_buffer(),
-                                  lengths.PaddedBlockBitLength(), plain);
-}
-
-
-} // namespace
diff --git a/extra/yassl/taocrypt/src/sha.cpp b/extra/yassl/taocrypt/src/sha.cpp
deleted file mode 100644
index e7ba5582d38..00000000000
--- a/extra/yassl/taocrypt/src/sha.cpp
+++ /dev/null
@@ -1,1033 +0,0 @@
-/*
-   Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* based on Wei Dai's sha.cpp from CryptoPP */
-
-#include "runtime.hpp"
-#include 
-#include "sha.hpp"
-#ifdef USE_SYS_STL
-    #include 
-#else
-    #include "algorithm.hpp"
-#endif
-
-
-namespace STL = STL_NAMESPACE;
-
-
-
-namespace TaoCrypt {
-
-#define blk0(i) (W[i] = buffer_[i])
-#define blk1(i) (W[i&15] = \
-                 rotlFixed(W[(i+13)&15]^W[(i+8)&15]^W[(i+2)&15]^W[i&15],1))
-
-#define f1(x,y,z) (z^(x &(y^z)))
-#define f2(x,y,z) (x^y^z)
-#define f3(x,y,z) ((x&y)|(z&(x|y)))
-#define f4(x,y,z) (x^y^z)
-
-// (R0+R1), R2, R3, R4 are the different operations used in SHA1
-#define R0(v,w,x,y,z,i) z+= f1(w,x,y) + blk0(i) + 0x5A827999+ \
-                        rotlFixed(v,5); w = rotlFixed(w,30);
-#define R1(v,w,x,y,z,i) z+= f1(w,x,y) + blk1(i) + 0x5A827999+ \
-                        rotlFixed(v,5); w = rotlFixed(w,30);
-#define R2(v,w,x,y,z,i) z+= f2(w,x,y) + blk1(i) + 0x6ED9EBA1+ \
-                        rotlFixed(v,5); w = rotlFixed(w,30);
-#define R3(v,w,x,y,z,i) z+= f3(w,x,y) + blk1(i) + 0x8F1BBCDC+ \
-                        rotlFixed(v,5); w = rotlFixed(w,30);
-#define R4(v,w,x,y,z,i) z+= f4(w,x,y) + blk1(i) + 0xCA62C1D6+ \
-                        rotlFixed(v,5); w = rotlFixed(w,30);
-
-
-void SHA::Init()
-{
-    digest_[0] = 0x67452301L;
-    digest_[1] = 0xEFCDAB89L;
-    digest_[2] = 0x98BADCFEL;
-    digest_[3] = 0x10325476L;
-    digest_[4] = 0xC3D2E1F0L;
-
-    buffLen_ = 0;
-    loLen_  = 0;
-    hiLen_  = 0;
-}
-
-void SHA256::Init()
-{
-    digest_[0] = 0x6A09E667L;
-    digest_[1] = 0xBB67AE85L;
-    digest_[2] = 0x3C6EF372L;
-    digest_[3] = 0xA54FF53AL;
-    digest_[4] = 0x510E527FL;
-    digest_[5] = 0x9B05688CL;
-    digest_[6] = 0x1F83D9ABL;
-    digest_[7] = 0x5BE0CD19L;
-
-    buffLen_ = 0;
-    loLen_  = 0;
-    hiLen_  = 0;
-}
-
-
-void SHA224::Init()
-{
-    digest_[0] = 0xc1059ed8;
-    digest_[1] = 0x367cd507;
-    digest_[2] = 0x3070dd17;
-    digest_[3] = 0xf70e5939;
-    digest_[4] = 0xffc00b31;
-    digest_[5] = 0x68581511;
-    digest_[6] = 0x64f98fa7;
-    digest_[7] = 0xbefa4fa4;
-
-    buffLen_ = 0;
-    loLen_  = 0;
-    hiLen_  = 0;
-}
-
-
-#ifdef WORD64_AVAILABLE
-
-void SHA512::Init()
-{
-    digest_[0] = W64LIT(0x6a09e667f3bcc908);
-    digest_[1] = W64LIT(0xbb67ae8584caa73b);
-    digest_[2] = W64LIT(0x3c6ef372fe94f82b);
-    digest_[3] = W64LIT(0xa54ff53a5f1d36f1);
-    digest_[4] = W64LIT(0x510e527fade682d1);
-    digest_[5] = W64LIT(0x9b05688c2b3e6c1f);
-    digest_[6] = W64LIT(0x1f83d9abfb41bd6b);
-    digest_[7] = W64LIT(0x5be0cd19137e2179);
-
-    buffLen_ = 0;
-    loLen_  = 0;
-    hiLen_  = 0;
-}
-
-
-void SHA384::Init()
-{
-    digest_[0] = W64LIT(0xcbbb9d5dc1059ed8);
-    digest_[1] = W64LIT(0x629a292a367cd507);
-    digest_[2] = W64LIT(0x9159015a3070dd17);
-    digest_[3] = W64LIT(0x152fecd8f70e5939);
-    digest_[4] = W64LIT(0x67332667ffc00b31);
-    digest_[5] = W64LIT(0x8eb44a8768581511);
-    digest_[6] = W64LIT(0xdb0c2e0d64f98fa7);
-    digest_[7] = W64LIT(0x47b5481dbefa4fa4);
-
-    buffLen_ = 0;
-    loLen_  = 0;
-    hiLen_  = 0;
-}
-
-#endif // WORD64_AVAILABLE
-
-
-SHA::SHA(const SHA& that) : HASHwithTransform(DIGEST_SIZE / sizeof(word32),
-                                              BLOCK_SIZE) 
-{ 
-    buffLen_ = that.buffLen_;
-    loLen_   = that.loLen_;
-    hiLen_   = that.hiLen_;
-
-    memcpy(digest_, that.digest_, DIGEST_SIZE);
-    memcpy(buffer_, that.buffer_, BLOCK_SIZE);
-}
-
-
-SHA256::SHA256(const SHA256& that) : HASHwithTransform(DIGEST_SIZE /
-                                       sizeof(word32), BLOCK_SIZE) 
-{ 
-    buffLen_ = that.buffLen_;
-    loLen_   = that.loLen_;
-    hiLen_   = that.hiLen_;
-
-    memcpy(digest_, that.digest_, DIGEST_SIZE);
-    memcpy(buffer_, that.buffer_, BLOCK_SIZE);
-}
-
-
-SHA224::SHA224(const SHA224& that) : HASHwithTransform(SHA256::DIGEST_SIZE /
-                                       sizeof(word32), BLOCK_SIZE) 
-{ 
-    buffLen_ = that.buffLen_;
-    loLen_   = that.loLen_;
-    hiLen_   = that.hiLen_;
-
-    memcpy(digest_, that.digest_, DIGEST_SIZE);
-    memcpy(buffer_, that.buffer_, BLOCK_SIZE);
-}
-
-
-#ifdef WORD64_AVAILABLE 
-
-SHA512::SHA512(const SHA512& that) : HASH64withTransform(DIGEST_SIZE /
-                                       sizeof(word64), BLOCK_SIZE) 
-{ 
-    buffLen_ = that.buffLen_;
-    loLen_   = that.loLen_;
-    hiLen_   = that.hiLen_;
-
-    memcpy(digest_, that.digest_, DIGEST_SIZE);
-    memcpy(buffer_, that.buffer_, BLOCK_SIZE);
-}
-
-
-SHA384::SHA384(const SHA384& that) : HASH64withTransform(SHA512::DIGEST_SIZE /
-                                       sizeof(word64), BLOCK_SIZE) 
-{ 
-    buffLen_ = that.buffLen_;
-    loLen_   = that.loLen_;
-    hiLen_   = that.hiLen_;
-
-    memcpy(digest_, that.digest_, DIGEST_SIZE);
-    memcpy(buffer_, that.buffer_, BLOCK_SIZE);
-}
-
-#endif // WORD64_AVAILABLE
-
-
-SHA& SHA::operator= (const SHA& that)
-{
-    SHA tmp(that);
-    Swap(tmp);
-
-    return *this;
-}
-
-
-SHA256& SHA256::operator= (const SHA256& that)
-{
-    SHA256 tmp(that);
-    Swap(tmp);
-
-    return *this;
-}
-
-
-SHA224& SHA224::operator= (const SHA224& that)
-{
-    SHA224 tmp(that);
-    Swap(tmp);
-
-    return *this;
-}
-
-
-#ifdef WORD64_AVAILABLE
-
-SHA512& SHA512::operator= (const SHA512& that)
-{
-    SHA512 tmp(that);
-    Swap(tmp);
-
-    return *this;
-}
-
-
-SHA384& SHA384::operator= (const SHA384& that)
-{
-    SHA384 tmp(that);
-    Swap(tmp);
-
-    return *this;
-}
-
-#endif // WORD64_AVAILABLE
-
-
-void SHA::Swap(SHA& other)
-{
-    STL::swap(loLen_,   other.loLen_);
-    STL::swap(hiLen_,   other.hiLen_);
-    STL::swap(buffLen_, other.buffLen_);
-
-    memcpy(digest_, other.digest_, DIGEST_SIZE);
-    memcpy(buffer_, other.buffer_, BLOCK_SIZE);
-}
-
-
-void SHA256::Swap(SHA256& other)
-{
-    STL::swap(loLen_,   other.loLen_);
-    STL::swap(hiLen_,   other.hiLen_);
-    STL::swap(buffLen_, other.buffLen_);
-
-    memcpy(digest_, other.digest_, DIGEST_SIZE);
-    memcpy(buffer_, other.buffer_, BLOCK_SIZE);
-}
-
-
-void SHA224::Swap(SHA224& other)
-{
-    STL::swap(loLen_,   other.loLen_);
-    STL::swap(hiLen_,   other.hiLen_);
-    STL::swap(buffLen_, other.buffLen_);
-
-    memcpy(digest_, other.digest_, DIGEST_SIZE);
-    memcpy(buffer_, other.buffer_, BLOCK_SIZE);
-}
-
-
-#ifdef WORD64_AVAILABLE
-
-void SHA512::Swap(SHA512& other)
-{
-    STL::swap(loLen_,   other.loLen_);
-    STL::swap(hiLen_,   other.hiLen_);
-    STL::swap(buffLen_, other.buffLen_);
-
-    memcpy(digest_, other.digest_, DIGEST_SIZE);
-    memcpy(buffer_, other.buffer_, BLOCK_SIZE);
-}
-
-
-void SHA384::Swap(SHA384& other)
-{
-    STL::swap(loLen_,   other.loLen_);
-    STL::swap(hiLen_,   other.hiLen_);
-    STL::swap(buffLen_, other.buffLen_);
-
-    memcpy(digest_, other.digest_, DIGEST_SIZE);
-    memcpy(buffer_, other.buffer_, BLOCK_SIZE);
-}
-
-#endif // WORD64_AVIALABLE
-
-
-#ifdef DO_SHA_ASM
-
-// Update digest with data of size len
-void SHA::Update(const byte* data, word32 len)
-{
-    if (!isMMX) {
-        HASHwithTransform::Update(data, len);
-        return;
-    }
-
-    byte* local = reinterpret_cast(buffer_);
-
-    // remove buffered data if possible
-    if (buffLen_)  {   
-        word32 add = min(len, BLOCK_SIZE - buffLen_);
-        memcpy(&local[buffLen_], data, add);
-
-        buffLen_ += add;
-        data     += add;
-        len      -= add;
-
-        if (buffLen_ == BLOCK_SIZE) {
-            ByteReverse(local, local, BLOCK_SIZE);
-            Transform();
-            AddLength(BLOCK_SIZE);
-            buffLen_ = 0;
-        }
-    }
-
-    // all at once for asm
-    if (buffLen_ == 0) {
-        word32 times = len / BLOCK_SIZE;
-        if (times) {
-            AsmTransform(data, times);
-            const word32 add = BLOCK_SIZE * times;
-            AddLength(add);
-            len  -= add;
-            data += add;
-        }
-    }
-
-    // cache any data left
-    if (len) {
-        memcpy(&local[buffLen_], data, len);
-        buffLen_ += len;
-    }
-}
-
-#endif // DO_SHA_ASM
-
-
-void SHA::Transform()
-{
-    word32 W[BLOCK_SIZE / sizeof(word32)];
-
-    // Copy context->state[] to working vars 
-    word32 a = digest_[0];
-    word32 b = digest_[1];
-    word32 c = digest_[2];
-    word32 d = digest_[3];
-    word32 e = digest_[4];
-
-    // 4 rounds of 20 operations each. Loop unrolled. 
-    R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3);
-    R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7);
-    R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11);
-    R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15);
-
-    R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19);
-
-    R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23);
-    R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27);
-    R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31);
-    R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35);
-    R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39);
-
-    R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43);
-    R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47);
-    R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51);
-    R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55);
-    R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59);
-
-    R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63);
-    R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67);
-    R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71);
-    R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75);
-    R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79);
-
-    // Add the working vars back into digest state[]
-    digest_[0] += a;
-    digest_[1] += b;
-    digest_[2] += c;
-    digest_[3] += d;
-    digest_[4] += e;
-
-    // Wipe variables
-    a = b = c = d = e = 0;
-    memset(W, 0, sizeof(W));
-}
-
-
-#define blk2(i) (W[i&15]+=s1(W[(i-2)&15])+W[(i-7)&15]+s0(W[(i-15)&15]))
-
-#define Ch(x,y,z) (z^(x&(y^z)))
-#define Maj(x,y,z) ((x&y)|(z&(x|y)))
-
-#define a(i) T[(0-i)&7]
-#define b(i) T[(1-i)&7]
-#define c(i) T[(2-i)&7]
-#define d(i) T[(3-i)&7]
-#define e(i) T[(4-i)&7]
-#define f(i) T[(5-i)&7]
-#define g(i) T[(6-i)&7]
-#define h(i) T[(7-i)&7]
-
-#define R(i) h(i)+=S1(e(i))+Ch(e(i),f(i),g(i))+K[i+j]+(j?blk2(i):blk0(i));\
-	d(i)+=h(i);h(i)+=S0(a(i))+Maj(a(i),b(i),c(i))
-
-// for SHA256
-#define S0(x) (rotrFixed(x,2)^rotrFixed(x,13)^rotrFixed(x,22))
-#define S1(x) (rotrFixed(x,6)^rotrFixed(x,11)^rotrFixed(x,25))
-#define s0(x) (rotrFixed(x,7)^rotrFixed(x,18)^(x>>3))
-#define s1(x) (rotrFixed(x,17)^rotrFixed(x,19)^(x>>10))
-
-
-static const word32 K256[64] = {
-	0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5,
-	0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
-	0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3,
-	0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
-	0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc,
-	0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
-	0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7,
-	0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
-	0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13,
-	0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
-	0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3,
-	0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
-	0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5,
-	0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
-	0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,
-	0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
-};
-
-
-static void Transform256(word32* digest_, word32* buffer_)
-{
-    const  word32* K = K256;
-
-    word32 W[16];
-    word32 T[8];
-
-    // Copy digest to working vars
-    memcpy(T, digest_, sizeof(T));
-
-    // 64 operations, partially loop unrolled
-    for (unsigned int j = 0; j < 64; j += 16) {
-        R( 0); R( 1); R( 2); R( 3);
-        R( 4); R( 5); R( 6); R( 7);
-        R( 8); R( 9); R(10); R(11);
-        R(12); R(13); R(14); R(15);
-    }
-
-    // Add the working vars back into digest
-    digest_[0] += a(0);
-    digest_[1] += b(0);
-    digest_[2] += c(0);
-    digest_[3] += d(0);
-    digest_[4] += e(0);
-    digest_[5] += f(0);
-    digest_[6] += g(0);
-    digest_[7] += h(0);
-
-    // Wipe variables
-    memset(W, 0, sizeof(W));
-    memset(T, 0, sizeof(T));
-}
-
-
-// undef for 256
-#undef S0
-#undef S1
-#undef s0
-#undef s1
-
-
-void SHA256::Transform()
-{
-    Transform256(digest_, buffer_);
-}
-
-
-void SHA224::Transform()
-{
-    Transform256(digest_, buffer_);
-}
-
-
-#ifdef WORD64_AVAILABLE
-
-static const word64 K512[80] = {
-	W64LIT(0x428a2f98d728ae22), W64LIT(0x7137449123ef65cd),
-	W64LIT(0xb5c0fbcfec4d3b2f), W64LIT(0xe9b5dba58189dbbc),
-	W64LIT(0x3956c25bf348b538), W64LIT(0x59f111f1b605d019),
-	W64LIT(0x923f82a4af194f9b), W64LIT(0xab1c5ed5da6d8118),
-	W64LIT(0xd807aa98a3030242), W64LIT(0x12835b0145706fbe),
-	W64LIT(0x243185be4ee4b28c), W64LIT(0x550c7dc3d5ffb4e2),
-	W64LIT(0x72be5d74f27b896f), W64LIT(0x80deb1fe3b1696b1),
-	W64LIT(0x9bdc06a725c71235), W64LIT(0xc19bf174cf692694),
-	W64LIT(0xe49b69c19ef14ad2), W64LIT(0xefbe4786384f25e3),
-	W64LIT(0x0fc19dc68b8cd5b5), W64LIT(0x240ca1cc77ac9c65),
-	W64LIT(0x2de92c6f592b0275), W64LIT(0x4a7484aa6ea6e483),
-	W64LIT(0x5cb0a9dcbd41fbd4), W64LIT(0x76f988da831153b5),
-	W64LIT(0x983e5152ee66dfab), W64LIT(0xa831c66d2db43210),
-	W64LIT(0xb00327c898fb213f), W64LIT(0xbf597fc7beef0ee4),
-	W64LIT(0xc6e00bf33da88fc2), W64LIT(0xd5a79147930aa725),
-	W64LIT(0x06ca6351e003826f), W64LIT(0x142929670a0e6e70),
-	W64LIT(0x27b70a8546d22ffc), W64LIT(0x2e1b21385c26c926),
-	W64LIT(0x4d2c6dfc5ac42aed), W64LIT(0x53380d139d95b3df),
-	W64LIT(0x650a73548baf63de), W64LIT(0x766a0abb3c77b2a8),
-	W64LIT(0x81c2c92e47edaee6), W64LIT(0x92722c851482353b),
-	W64LIT(0xa2bfe8a14cf10364), W64LIT(0xa81a664bbc423001),
-	W64LIT(0xc24b8b70d0f89791), W64LIT(0xc76c51a30654be30),
-	W64LIT(0xd192e819d6ef5218), W64LIT(0xd69906245565a910),
-	W64LIT(0xf40e35855771202a), W64LIT(0x106aa07032bbd1b8),
-	W64LIT(0x19a4c116b8d2d0c8), W64LIT(0x1e376c085141ab53),
-	W64LIT(0x2748774cdf8eeb99), W64LIT(0x34b0bcb5e19b48a8),
-	W64LIT(0x391c0cb3c5c95a63), W64LIT(0x4ed8aa4ae3418acb),
-	W64LIT(0x5b9cca4f7763e373), W64LIT(0x682e6ff3d6b2b8a3),
-	W64LIT(0x748f82ee5defb2fc), W64LIT(0x78a5636f43172f60),
-	W64LIT(0x84c87814a1f0ab72), W64LIT(0x8cc702081a6439ec),
-	W64LIT(0x90befffa23631e28), W64LIT(0xa4506cebde82bde9),
-	W64LIT(0xbef9a3f7b2c67915), W64LIT(0xc67178f2e372532b),
-	W64LIT(0xca273eceea26619c), W64LIT(0xd186b8c721c0c207),
-	W64LIT(0xeada7dd6cde0eb1e), W64LIT(0xf57d4f7fee6ed178),
-	W64LIT(0x06f067aa72176fba), W64LIT(0x0a637dc5a2c898a6),
-	W64LIT(0x113f9804bef90dae), W64LIT(0x1b710b35131c471b),
-	W64LIT(0x28db77f523047d84), W64LIT(0x32caab7b40c72493),
-	W64LIT(0x3c9ebe0a15c9bebc), W64LIT(0x431d67c49c100d4c),
-	W64LIT(0x4cc5d4becb3e42b6), W64LIT(0x597f299cfc657e2a),
-	W64LIT(0x5fcb6fab3ad6faec), W64LIT(0x6c44198c4a475817)
-};
-
-
-// for SHA512
-#define S0(x) (rotrFixed(x,28)^rotrFixed(x,34)^rotrFixed(x,39))
-#define S1(x) (rotrFixed(x,14)^rotrFixed(x,18)^rotrFixed(x,41))
-#define s0(x) (rotrFixed(x,1)^rotrFixed(x,8)^(x>>7))
-#define s1(x) (rotrFixed(x,19)^rotrFixed(x,61)^(x>>6))
-
-
-static void Transform512(word64* digest_, word64* buffer_)
-{
-    const word64* K = K512;
-
-    word64 W[16];
-    word64 T[8];
-
-    // Copy digest to working vars
-    memcpy(T, digest_, sizeof(T));
-
-    // 64 operations, partially loop unrolled
-    for (unsigned int j = 0; j < 80; j += 16) {
-        R( 0); R( 1); R( 2); R( 3);
-        R( 4); R( 5); R( 6); R( 7);
-        R( 8); R( 9); R(10); R(11);
-        R(12); R(13); R(14); R(15);
-    }
-
-    // Add the working vars back into digest 
-
-    digest_[0] += a(0);
-    digest_[1] += b(0);
-    digest_[2] += c(0);
-    digest_[3] += d(0);
-    digest_[4] += e(0);
-    digest_[5] += f(0);
-    digest_[6] += g(0);
-    digest_[7] += h(0);
-
-    // Wipe variables
-    memset(W, 0, sizeof(W));
-    memset(T, 0, sizeof(T));
-}
-
-
-void SHA512::Transform()
-{
-    Transform512(digest_, buffer_);
-}
-
-
-void SHA384::Transform()
-{
-    Transform512(digest_, buffer_);
-}
-
-#endif // WORD64_AVIALABLE
-
-
-#ifdef DO_SHA_ASM
-
-// f1(x,y,z) (z^(x &(y^z)))
-// place in esi
-#define ASMf1(x,y,z)   \
-    AS2(    mov   esi, y    )   \
-    AS2(    xor   esi, z    )   \
-    AS2(    and   esi, x    )   \
-    AS2(    xor   esi, z    )
-
-
-// R0(v,w,x,y,z,i) =
-//      z+= f1(w,x,y) + W[i] + 0x5A827999 + rotlFixed(v,5);
-//      w = rotlFixed(w,30);
-
-//      use esi for f
-//      use edi as tmp
-
-
-#define ASMR0(v,w,x,y,z,i) \
-    AS2(    mov   esi, x                        )   \
-    AS2(    mov   edi, [esp + i * 4]            )   \
-    AS2(    xor   esi, y                        )   \
-    AS2(    and   esi, w                        )   \
-    AS2(    lea     z, [edi + z + 0x5A827999]   )   \
-    AS2(    mov   edi, v                        )   \
-    AS2(    xor   esi, y                        )   \
-    AS2(    rol   edi, 5                        )   \
-    AS2(    add     z, esi                      )   \
-    AS2(    rol     w, 30                       )   \
-    AS2(    add     z, edi                      )
-
-
-/*  Some macro stuff, but older gas ( < 2,16 ) can't process &, so do by hand
-    % won't work on gas at all
-
-#define xstr(s) str(s)
-#define  str(s) #s
-
-#define WOFF1(a) ( a       & 15)
-#define WOFF2(a) ((a +  2) & 15)
-#define WOFF3(a) ((a +  8) & 15)
-#define WOFF4(a) ((a + 13) & 15)
-
-#ifdef __GNUC__
-    #define WGET1(i) asm("mov esp, [edi - "xstr(WOFF1(i))" * 4] ");
-    #define WGET2(i) asm("xor esp, [edi - "xstr(WOFF2(i))" * 4] ");
-    #define WGET3(i) asm("xor esp, [edi - "xstr(WOFF3(i))" * 4] ");
-    #define WGET4(i) asm("xor esp, [edi - "xstr(WOFF4(i))" * 4] ");
-    #define WPUT1(i) asm("mov [edi - "xstr(WOFF1(i))" * 4], esp ");
-#else
-    #define WGET1(i) AS2( mov   esp, [edi - WOFF1(i) * 4]   )
-    #define WGET2(i) AS2( xor   esp, [edi - WOFF2(i) * 4]   )
-    #define WGET3(i) AS2( xor   esp, [edi - WOFF3(i) * 4]   )
-    #define WGET4(i) AS2( xor   esp, [edi - WOFF4(i) * 4]   )
-    #define WPUT1(i) AS2( mov   [edi - WOFF1(i) * 4], esp   )
-#endif
-*/
-
-// ASMR1 = ASMR0 but use esp for W calcs
-
-#define ASMR1(v,w,x,y,z,i,W1,W2,W3,W4) \
-    AS2(    mov   edi, [esp + W1 * 4]           )   \
-    AS2(    mov   esi, x                        )   \
-    AS2(    xor   edi, [esp + W2 * 4]           )   \
-    AS2(    xor   esi, y                        )   \
-    AS2(    xor   edi, [esp + W3 * 4]           )   \
-    AS2(    and   esi, w                        )   \
-    AS2(    xor   edi, [esp + W4 * 4]           )   \
-    AS2(    rol   edi, 1                        )   \
-    AS2(    xor   esi, y                        )   \
-    AS2(    mov   [esp + W1 * 4], edi           )   \
-    AS2(    lea     z, [edi + z + 0x5A827999]   )   \
-    AS2(    mov   edi, v                        )   \
-    AS2(    rol   edi, 5                        )   \
-    AS2(    add     z, esi                      )   \
-    AS2(    rol     w, 30                       )   \
-    AS2(    add     z, edi                      )
-
-
-// ASMR2 = ASMR1 but f is xor, xor instead
-
-#define ASMR2(v,w,x,y,z,i,W1,W2,W3,W4) \
-    AS2(    mov   edi, [esp + W1 * 4]           )   \
-    AS2(    mov   esi, x                        )   \
-    AS2(    xor   edi, [esp + W2 * 4]           )   \
-    AS2(    xor   esi, y                        )   \
-    AS2(    xor   edi, [esp + W3 * 4]           )   \
-    AS2(    xor   esi, w                        )   \
-    AS2(    xor   edi, [esp + W4 * 4]           )   \
-    AS2(    rol   edi, 1                        )   \
-    AS2(    add     z, esi                      )   \
-    AS2(    mov   [esp + W1 * 4], edi           )   \
-    AS2(    lea     z, [edi + z + 0x6ED9EBA1]   )   \
-    AS2(    mov   edi, v                        )   \
-    AS2(    rol   edi, 5                        )   \
-    AS2(    rol     w, 30                       )   \
-    AS2(    add     z, edi                      )
-
-
-// ASMR3 = ASMR2 but f is (x&y)|(z&(x|y))
-//               which is (w&x)|(y&(w|x))
-
-#define ASMR3(v,w,x,y,z,i,W1,W2,W3,W4) \
-    AS2(    mov   edi, [esp + W1 * 4]           )   \
-    AS2(    mov   esi, x                        )   \
-    AS2(    xor   edi, [esp + W2 * 4]           )   \
-    AS2(     or   esi, w                        )   \
-    AS2(    xor   edi, [esp + W3 * 4]           )   \
-    AS2(    and   esi, y                        )   \
-    AS2(    xor   edi, [esp + W4 * 4]           )   \
-    AS2(    movd  mm0, esi                      )   \
-    AS2(    rol   edi, 1                        )   \
-    AS2(    mov   esi, x                        )   \
-    AS2(    mov   [esp + W1 * 4], edi           )   \
-    AS2(    and   esi, w                        )   \
-    AS2(    lea     z, [edi + z + 0x8F1BBCDC]   )   \
-    AS2(    movd  edi, mm0                      )   \
-    AS2(     or   esi, edi                      )   \
-    AS2(    mov   edi, v                        )   \
-    AS2(    rol   edi, 5                        )   \
-    AS2(    add     z, esi                      )   \
-    AS2(    rol     w, 30                       )   \
-    AS2(    add     z, edi                      )
-
-
-// ASMR4 = ASMR2 but different constant
-
-#define ASMR4(v,w,x,y,z,i,W1,W2,W3,W4) \
-    AS2(    mov   edi, [esp + W1 * 4]           )   \
-    AS2(    mov   esi, x                        )   \
-    AS2(    xor   edi, [esp + W2 * 4]           )   \
-    AS2(    xor   esi, y                        )   \
-    AS2(    xor   edi, [esp + W3 * 4]           )   \
-    AS2(    xor   esi, w                        )   \
-    AS2(    xor   edi, [esp + W4 * 4]           )   \
-    AS2(    rol   edi, 1                        )   \
-    AS2(    add     z, esi                      )   \
-    AS2(    mov   [esp + W1 * 4], edi           )   \
-    AS2(    lea     z, [edi + z + 0xCA62C1D6]   )   \
-    AS2(    mov   edi, v                        )   \
-    AS2(    rol   edi, 5                        )   \
-    AS2(    rol     w, 30                       )   \
-    AS2(    add     z, edi                      )
-
-
-#ifdef _MSC_VER
-    __declspec(naked)
-#else
-    __attribute__ ((noinline))
-#endif
-void SHA::AsmTransform(const byte* data, word32 times)
-{
-#ifdef __GNUC__
-    #define AS1(x)    #x ";"
-    #define AS2(x, y) #x ", " #y ";"
-
-    #define PROLOG()  \
-    __asm__ __volatile__ \
-    ( \
-        ".intel_syntax noprefix;" \
-        "push ebx;" \
-        "push ebp;"
-    #define EPILOG()  \
-        "pop ebp;" \
-        "pop ebx;" \
-       	"emms;" \
-       	".att_syntax;" \
-            : \
-            : "c" (this), "D" (data), "a" (times) \
-            : "%esi", "%edx", "memory", "cc" \
-    );
-
-#else
-    #define AS1(x)    __asm x
-    #define AS2(x, y) __asm x, y
-
-    #define PROLOG() \
-        AS1(    push  ebp                           )   \
-        AS2(    mov   ebp, esp                      )   \
-        AS2(    movd  mm3, edi                      )   \
-        AS2(    movd  mm4, ebx                      )   \
-        AS2(    movd  mm5, esi                      )   \
-        AS2(    movd  mm6, ebp                      )   \
-        AS2(    mov   edi, data                     )   \
-        AS2(    mov   eax, times                    )
-
-    #define EPILOG() \
-        AS2(    movd  ebp, mm6                  )   \
-        AS2(    movd  esi, mm5                  )   \
-        AS2(    movd  ebx, mm4                  )   \
-        AS2(    movd  edi, mm3                  )   \
-        AS2(    mov   esp, ebp                  )   \
-        AS1(    pop   ebp                       )   \
-        AS1(    emms   )                            \
-        AS1(    ret 8  )   
-#endif
-
-    PROLOG()
-
-    AS2(    mov   esi, ecx              )
-
-    #ifdef OLD_GCC_OFFSET
-        AS2(    add   esi, 20               )   // digest_[0]
-    #else
-        AS2(    add   esi, 16               )   // digest_[0]
-    #endif
-
-    AS2(    movd  mm2, eax              )   // store times_
-    AS2(    movd  mm1, esi              )   // store digest_
-
-    AS2(    sub   esp, 68               )   // make room on stack
-
-#ifdef _MSC_VER
-    AS1( loopStart: )  // loopStart
-#else
-    AS1( 0: )          // loopStart for some gas (need numeric for jump back 
-#endif
-
-    // byte reverse 16 words of input, 4 at a time, put on stack for W[]
-
-    // part 1
-    AS2(    mov   eax, [edi]        )
-    AS2(    mov   ebx, [edi +  4]   )
-    AS2(    mov   ecx, [edi +  8]   )
-    AS2(    mov   edx, [edi + 12]   )
-
-    AS1(    bswap eax   )
-    AS1(    bswap ebx   )
-    AS1(    bswap ecx   )
-    AS1(    bswap edx   )
-
-    AS2(    mov   [esp],      eax   )
-    AS2(    mov   [esp +  4], ebx   )
-    AS2(    mov   [esp +  8], ecx   )
-    AS2(    mov   [esp + 12], edx   )
-
-    // part 2
-    AS2(    mov   eax, [edi + 16]   )
-    AS2(    mov   ebx, [edi + 20]   )
-    AS2(    mov   ecx, [edi + 24]   )
-    AS2(    mov   edx, [edi + 28]   )
-
-    AS1(    bswap eax   )
-    AS1(    bswap ebx   )
-    AS1(    bswap ecx   )
-    AS1(    bswap edx   )
-
-    AS2(    mov   [esp + 16], eax   )
-    AS2(    mov   [esp + 20], ebx   )
-    AS2(    mov   [esp + 24], ecx   )
-    AS2(    mov   [esp + 28], edx   )
-
-
-    // part 3
-    AS2(    mov   eax, [edi + 32]   )
-    AS2(    mov   ebx, [edi + 36]   )
-    AS2(    mov   ecx, [edi + 40]   )
-    AS2(    mov   edx, [edi + 44]   )
-
-    AS1(    bswap eax   )
-    AS1(    bswap ebx   )
-    AS1(    bswap ecx   )
-    AS1(    bswap edx   )
-
-    AS2(    mov   [esp + 32], eax   )
-    AS2(    mov   [esp + 36], ebx   )
-    AS2(    mov   [esp + 40], ecx   )
-    AS2(    mov   [esp + 44], edx   )
-
-
-    // part 4
-    AS2(    mov   eax, [edi + 48]   )
-    AS2(    mov   ebx, [edi + 52]   )
-    AS2(    mov   ecx, [edi + 56]   )
-    AS2(    mov   edx, [edi + 60]   )
-
-    AS1(    bswap eax   )
-    AS1(    bswap ebx   )
-    AS1(    bswap ecx   )
-    AS1(    bswap edx   )
-
-    AS2(    mov   [esp + 48], eax   )
-    AS2(    mov   [esp + 52], ebx   )
-    AS2(    mov   [esp + 56], ecx   )
-    AS2(    mov   [esp + 60], edx   )
-
-    AS2(    mov   [esp + 64], edi   )   // store edi for end
-
-    // read from digest_
-    AS2(    mov   eax, [esi]            )   // a1
-    AS2(    mov   ebx, [esi +  4]       )   // b1
-    AS2(    mov   ecx, [esi +  8]       )   // c1
-    AS2(    mov   edx, [esi + 12]       )   // d1
-    AS2(    mov   ebp, [esi + 16]       )   // e1
-
-
-    ASMR0(eax, ebx, ecx, edx, ebp,  0)
-    ASMR0(ebp, eax, ebx, ecx, edx,  1)
-    ASMR0(edx, ebp, eax, ebx, ecx,  2)
-    ASMR0(ecx, edx, ebp, eax, ebx,  3)
-    ASMR0(ebx, ecx, edx, ebp, eax,  4)
-    ASMR0(eax, ebx, ecx, edx, ebp,  5)
-    ASMR0(ebp, eax, ebx, ecx, edx,  6)
-    ASMR0(edx, ebp, eax, ebx, ecx,  7)
-    ASMR0(ecx, edx, ebp, eax, ebx,  8)
-    ASMR0(ebx, ecx, edx, ebp, eax,  9)
-    ASMR0(eax, ebx, ecx, edx, ebp, 10)
-    ASMR0(ebp, eax, ebx, ecx, edx, 11)
-    ASMR0(edx, ebp, eax, ebx, ecx, 12)
-    ASMR0(ecx, edx, ebp, eax, ebx, 13)
-    ASMR0(ebx, ecx, edx, ebp, eax, 14)
-    ASMR0(eax, ebx, ecx, edx, ebp, 15)
-
-    ASMR1(ebp, eax, ebx, ecx, edx, 16,  0,  2,  8, 13)
-    ASMR1(edx, ebp, eax, ebx, ecx, 17,  1,  3,  9, 14)
-    ASMR1(ecx, edx, ebp, eax, ebx, 18,  2,  4, 10, 15)
-    ASMR1(ebx, ecx, edx, ebp, eax, 19,  3,  5, 11,  0)
-
-    ASMR2(eax, ebx, ecx, edx, ebp, 20,  4,  6, 12,  1)
-    ASMR2(ebp, eax, ebx, ecx, edx, 21,  5,  7, 13,  2)
-    ASMR2(edx, ebp, eax, ebx, ecx, 22,  6,  8, 14,  3)
-    ASMR2(ecx, edx, ebp, eax, ebx, 23,  7,  9, 15,  4)
-    ASMR2(ebx, ecx, edx, ebp, eax, 24,  8, 10,  0,  5)
-    ASMR2(eax, ebx, ecx, edx, ebp, 25,  9, 11,  1,  6)
-    ASMR2(ebp, eax, ebx, ecx, edx, 26, 10, 12,  2,  7)
-    ASMR2(edx, ebp, eax, ebx, ecx, 27, 11, 13,  3,  8)
-    ASMR2(ecx, edx, ebp, eax, ebx, 28, 12, 14,  4,  9)
-    ASMR2(ebx, ecx, edx, ebp, eax, 29, 13, 15,  5, 10)
-    ASMR2(eax, ebx, ecx, edx, ebp, 30, 14,  0,  6, 11)
-    ASMR2(ebp, eax, ebx, ecx, edx, 31, 15,  1,  7, 12)
-    ASMR2(edx, ebp, eax, ebx, ecx, 32,  0,  2,  8, 13)
-    ASMR2(ecx, edx, ebp, eax, ebx, 33,  1,  3,  9, 14)
-    ASMR2(ebx, ecx, edx, ebp, eax, 34,  2,  4, 10, 15)
-    ASMR2(eax, ebx, ecx, edx, ebp, 35,  3,  5, 11,  0)
-    ASMR2(ebp, eax, ebx, ecx, edx, 36,  4,  6, 12,  1)
-    ASMR2(edx, ebp, eax, ebx, ecx, 37,  5,  7, 13,  2)
-    ASMR2(ecx, edx, ebp, eax, ebx, 38,  6,  8, 14,  3)
-    ASMR2(ebx, ecx, edx, ebp, eax, 39,  7,  9, 15,  4)
-
-
-    ASMR3(eax, ebx, ecx, edx, ebp, 40,  8, 10,  0,  5)
-    ASMR3(ebp, eax, ebx, ecx, edx, 41,  9, 11,  1,  6)
-    ASMR3(edx, ebp, eax, ebx, ecx, 42, 10, 12,  2,  7)
-    ASMR3(ecx, edx, ebp, eax, ebx, 43, 11, 13,  3,  8)
-    ASMR3(ebx, ecx, edx, ebp, eax, 44, 12, 14,  4,  9)
-    ASMR3(eax, ebx, ecx, edx, ebp, 45, 13, 15,  5, 10)
-    ASMR3(ebp, eax, ebx, ecx, edx, 46, 14,  0,  6, 11)
-    ASMR3(edx, ebp, eax, ebx, ecx, 47, 15,  1,  7, 12)
-    ASMR3(ecx, edx, ebp, eax, ebx, 48,  0,  2,  8, 13)
-    ASMR3(ebx, ecx, edx, ebp, eax, 49,  1,  3,  9, 14)
-    ASMR3(eax, ebx, ecx, edx, ebp, 50,  2,  4, 10, 15)
-    ASMR3(ebp, eax, ebx, ecx, edx, 51,  3,  5, 11,  0)
-    ASMR3(edx, ebp, eax, ebx, ecx, 52,  4,  6, 12,  1)
-    ASMR3(ecx, edx, ebp, eax, ebx, 53,  5,  7, 13,  2)
-    ASMR3(ebx, ecx, edx, ebp, eax, 54,  6,  8, 14,  3)
-    ASMR3(eax, ebx, ecx, edx, ebp, 55,  7,  9, 15,  4)
-    ASMR3(ebp, eax, ebx, ecx, edx, 56,  8, 10,  0,  5)
-    ASMR3(edx, ebp, eax, ebx, ecx, 57,  9, 11,  1,  6)
-    ASMR3(ecx, edx, ebp, eax, ebx, 58, 10, 12,  2,  7)
-    ASMR3(ebx, ecx, edx, ebp, eax, 59, 11, 13,  3,  8)
-
-    ASMR4(eax, ebx, ecx, edx, ebp, 60, 12, 14,  4,  9)
-    ASMR4(ebp, eax, ebx, ecx, edx, 61, 13, 15,  5, 10)
-    ASMR4(edx, ebp, eax, ebx, ecx, 62, 14,  0,  6, 11)
-    ASMR4(ecx, edx, ebp, eax, ebx, 63, 15,  1,  7, 12)
-    ASMR4(ebx, ecx, edx, ebp, eax, 64,  0,  2,  8, 13)
-    ASMR4(eax, ebx, ecx, edx, ebp, 65,  1,  3,  9, 14)
-    ASMR4(ebp, eax, ebx, ecx, edx, 66,  2,  4, 10, 15)
-    ASMR4(edx, ebp, eax, ebx, ecx, 67,  3,  5, 11,  0)
-    ASMR4(ecx, edx, ebp, eax, ebx, 68,  4,  6, 12,  1)
-    ASMR4(ebx, ecx, edx, ebp, eax, 69,  5,  7, 13,  2)
-    ASMR4(eax, ebx, ecx, edx, ebp, 70,  6,  8, 14,  3)
-    ASMR4(ebp, eax, ebx, ecx, edx, 71,  7,  9, 15,  4)
-    ASMR4(edx, ebp, eax, ebx, ecx, 72,  8, 10,  0,  5)
-    ASMR4(ecx, edx, ebp, eax, ebx, 73,  9, 11,  1,  6)
-    ASMR4(ebx, ecx, edx, ebp, eax, 74, 10, 12,  2,  7)
-    ASMR4(eax, ebx, ecx, edx, ebp, 75, 11, 13,  3,  8)
-    ASMR4(ebp, eax, ebx, ecx, edx, 76, 12, 14,  4,  9)
-    ASMR4(edx, ebp, eax, ebx, ecx, 77, 13, 15,  5, 10)
-    ASMR4(ecx, edx, ebp, eax, ebx, 78, 14,  0,  6, 11)
-    ASMR4(ebx, ecx, edx, ebp, eax, 79, 15,  1,  7, 12)
-
-
-    AS2(    movd  esi, mm1              )   // digest_
-
-    AS2(    add   [esi],      eax       )   // write out
-    AS2(    add   [esi +  4], ebx       )
-    AS2(    add   [esi +  8], ecx       )
-    AS2(    add   [esi + 12], edx       )
-    AS2(    add   [esi + 16], ebp       )
-
-    // setup next round
-    AS2(    movd  ebp, mm2              )   // times
- 
-    AS2(    mov   edi, DWORD PTR [esp + 64] )   // data
-    
-    AS2(    add   edi, 64               )   // next round of data
-    AS2(    mov   [esp + 64], edi       )   // restore
-    
-    AS1(    dec   ebp                   )
-    AS2(    movd  mm2, ebp              )
-#ifdef _MSC_VER
-    AS1(    jnz   loopStart )  // loopStart
-#else
-    AS1(    jnz   0b )         // loopStart
-#endif
-
-    // inline adjust 
-    AS2(    add   esp, 68               )   // fix room on stack
-
-    EPILOG()
-}
-
-
-#endif // DO_SHA_ASM
-
-} // namespace
diff --git a/extra/yassl/taocrypt/src/tftables.cpp b/extra/yassl/taocrypt/src/tftables.cpp
deleted file mode 100644
index 1dd4a846abd..00000000000
--- a/extra/yassl/taocrypt/src/tftables.cpp
+++ /dev/null
@@ -1,350 +0,0 @@
-/*
-   Copyright (C) 2000-2007 MySQL AB
-   Use is subject to license terms
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* based on Wei Dai's tftables.cpp from CryptoPP */
-
-#include "runtime.hpp"
-#include "twofish.hpp"
-
-
-namespace TaoCrypt {
-
-
-const byte Twofish::q_[2][256] = {
-{
-   0xA9, 0x67, 0xB3, 0xE8, 0x04, 0xFD, 0xA3, 0x76, 0x9A, 0x92, 0x80, 0x78,
-   0xE4, 0xDD, 0xD1, 0x38, 0x0D, 0xC6, 0x35, 0x98, 0x18, 0xF7, 0xEC, 0x6C,
-   0x43, 0x75, 0x37, 0x26, 0xFA, 0x13, 0x94, 0x48, 0xF2, 0xD0, 0x8B, 0x30,
-   0x84, 0x54, 0xDF, 0x23, 0x19, 0x5B, 0x3D, 0x59, 0xF3, 0xAE, 0xA2, 0x82,
-   0x63, 0x01, 0x83, 0x2E, 0xD9, 0x51, 0x9B, 0x7C, 0xA6, 0xEB, 0xA5, 0xBE,
-   0x16, 0x0C, 0xE3, 0x61, 0xC0, 0x8C, 0x3A, 0xF5, 0x73, 0x2C, 0x25, 0x0B,
-   0xBB, 0x4E, 0x89, 0x6B, 0x53, 0x6A, 0xB4, 0xF1, 0xE1, 0xE6, 0xBD, 0x45,
-   0xE2, 0xF4, 0xB6, 0x66, 0xCC, 0x95, 0x03, 0x56, 0xD4, 0x1C, 0x1E, 0xD7,
-   0xFB, 0xC3, 0x8E, 0xB5, 0xE9, 0xCF, 0xBF, 0xBA, 0xEA, 0x77, 0x39, 0xAF,
-   0x33, 0xC9, 0x62, 0x71, 0x81, 0x79, 0x09, 0xAD, 0x24, 0xCD, 0xF9, 0xD8,
-   0xE5, 0xC5, 0xB9, 0x4D, 0x44, 0x08, 0x86, 0xE7, 0xA1, 0x1D, 0xAA, 0xED,
-   0x06, 0x70, 0xB2, 0xD2, 0x41, 0x7B, 0xA0, 0x11, 0x31, 0xC2, 0x27, 0x90,
-   0x20, 0xF6, 0x60, 0xFF, 0x96, 0x5C, 0xB1, 0xAB, 0x9E, 0x9C, 0x52, 0x1B,
-   0x5F, 0x93, 0x0A, 0xEF, 0x91, 0x85, 0x49, 0xEE, 0x2D, 0x4F, 0x8F, 0x3B,
-   0x47, 0x87, 0x6D, 0x46, 0xD6, 0x3E, 0x69, 0x64, 0x2A, 0xCE, 0xCB, 0x2F,
-   0xFC, 0x97, 0x05, 0x7A, 0xAC, 0x7F, 0xD5, 0x1A, 0x4B, 0x0E, 0xA7, 0x5A,
-   0x28, 0x14, 0x3F, 0x29, 0x88, 0x3C, 0x4C, 0x02, 0xB8, 0xDA, 0xB0, 0x17,
-   0x55, 0x1F, 0x8A, 0x7D, 0x57, 0xC7, 0x8D, 0x74, 0xB7, 0xC4, 0x9F, 0x72,
-   0x7E, 0x15, 0x22, 0x12, 0x58, 0x07, 0x99, 0x34, 0x6E, 0x50, 0xDE, 0x68,
-   0x65, 0xBC, 0xDB, 0xF8, 0xC8, 0xA8, 0x2B, 0x40, 0xDC, 0xFE, 0x32, 0xA4,
-   0xCA, 0x10, 0x21, 0xF0, 0xD3, 0x5D, 0x0F, 0x00, 0x6F, 0x9D, 0x36, 0x42,
-   0x4A, 0x5E, 0xC1, 0xE0
-},
-{
-   0x75, 0xF3, 0xC6, 0xF4, 0xDB, 0x7B, 0xFB, 0xC8, 0x4A, 0xD3, 0xE6, 0x6B,
-   0x45, 0x7D, 0xE8, 0x4B, 0xD6, 0x32, 0xD8, 0xFD, 0x37, 0x71, 0xF1, 0xE1,
-   0x30, 0x0F, 0xF8, 0x1B, 0x87, 0xFA, 0x06, 0x3F, 0x5E, 0xBA, 0xAE, 0x5B,
-   0x8A, 0x00, 0xBC, 0x9D, 0x6D, 0xC1, 0xB1, 0x0E, 0x80, 0x5D, 0xD2, 0xD5,
-   0xA0, 0x84, 0x07, 0x14, 0xB5, 0x90, 0x2C, 0xA3, 0xB2, 0x73, 0x4C, 0x54,
-   0x92, 0x74, 0x36, 0x51, 0x38, 0xB0, 0xBD, 0x5A, 0xFC, 0x60, 0x62, 0x96,
-   0x6C, 0x42, 0xF7, 0x10, 0x7C, 0x28, 0x27, 0x8C, 0x13, 0x95, 0x9C, 0xC7,
-   0x24, 0x46, 0x3B, 0x70, 0xCA, 0xE3, 0x85, 0xCB, 0x11, 0xD0, 0x93, 0xB8,
-   0xA6, 0x83, 0x20, 0xFF, 0x9F, 0x77, 0xC3, 0xCC, 0x03, 0x6F, 0x08, 0xBF,
-   0x40, 0xE7, 0x2B, 0xE2, 0x79, 0x0C, 0xAA, 0x82, 0x41, 0x3A, 0xEA, 0xB9,
-   0xE4, 0x9A, 0xA4, 0x97, 0x7E, 0xDA, 0x7A, 0x17, 0x66, 0x94, 0xA1, 0x1D,
-   0x3D, 0xF0, 0xDE, 0xB3, 0x0B, 0x72, 0xA7, 0x1C, 0xEF, 0xD1, 0x53, 0x3E,
-   0x8F, 0x33, 0x26, 0x5F, 0xEC, 0x76, 0x2A, 0x49, 0x81, 0x88, 0xEE, 0x21,
-   0xC4, 0x1A, 0xEB, 0xD9, 0xC5, 0x39, 0x99, 0xCD, 0xAD, 0x31, 0x8B, 0x01,
-   0x18, 0x23, 0xDD, 0x1F, 0x4E, 0x2D, 0xF9, 0x48, 0x4F, 0xF2, 0x65, 0x8E,
-   0x78, 0x5C, 0x58, 0x19, 0x8D, 0xE5, 0x98, 0x57, 0x67, 0x7F, 0x05, 0x64,
-   0xAF, 0x63, 0xB6, 0xFE, 0xF5, 0xB7, 0x3C, 0xA5, 0xCE, 0xE9, 0x68, 0x44,
-   0xE0, 0x4D, 0x43, 0x69, 0x29, 0x2E, 0xAC, 0x15, 0x59, 0xA8, 0x0A, 0x9E,
-   0x6E, 0x47, 0xDF, 0x34, 0x35, 0x6A, 0xCF, 0xDC, 0x22, 0xC9, 0xC0, 0x9B,
-   0x89, 0xD4, 0xED, 0xAB, 0x12, 0xA2, 0x0D, 0x52, 0xBB, 0x02, 0x2F, 0xA9,
-   0xD7, 0x61, 0x1E, 0xB4, 0x50, 0x04, 0xF6, 0xC2, 0x16, 0x25, 0x86, 0x56,
-   0x55, 0x09, 0xBE, 0x91
-}
-};
-
-
-const word32 Twofish::mds_[4][256] = {
-    {
-	0xbcbc3275, 0xecec21f3, 0x202043c6, 0xb3b3c9f4, 
-	0xdada03db, 0x02028b7b, 0xe2e22bfb, 0x9e9efac8, 
-	0xc9c9ec4a, 0xd4d409d3, 0x18186be6, 0x1e1e9f6b, 
-	0x98980e45, 0xb2b2387d, 0xa6a6d2e8, 0x2626b74b, 
-	0x3c3c57d6, 0x93938a32, 0x8282eed8, 0x525298fd, 
-	0x7b7bd437, 0xbbbb3771, 0x5b5b97f1, 0x474783e1, 
-	0x24243c30, 0x5151e20f, 0xbabac6f8, 0x4a4af31b, 
-	0xbfbf4887, 0x0d0d70fa, 0xb0b0b306, 0x7575de3f, 
-	0xd2d2fd5e, 0x7d7d20ba, 0x666631ae, 0x3a3aa35b, 
-	0x59591c8a, 0x00000000, 0xcdcd93bc, 0x1a1ae09d, 
-	0xaeae2c6d, 0x7f7fabc1, 0x2b2bc7b1, 0xbebeb90e, 
-	0xe0e0a080, 0x8a8a105d, 0x3b3b52d2, 0x6464bad5, 
-	0xd8d888a0, 0xe7e7a584, 0x5f5fe807, 0x1b1b1114, 
-	0x2c2cc2b5, 0xfcfcb490, 0x3131272c, 0x808065a3, 
-	0x73732ab2, 0x0c0c8173, 0x79795f4c, 0x6b6b4154, 
-	0x4b4b0292, 0x53536974, 0x94948f36, 0x83831f51, 
-	0x2a2a3638, 0xc4c49cb0, 0x2222c8bd, 0xd5d5f85a, 
-	0xbdbdc3fc, 0x48487860, 0xffffce62, 0x4c4c0796, 
-	0x4141776c, 0xc7c7e642, 0xebeb24f7, 0x1c1c1410, 
-	0x5d5d637c, 0x36362228, 0x6767c027, 0xe9e9af8c, 
-	0x4444f913, 0x1414ea95, 0xf5f5bb9c, 0xcfcf18c7, 
-	0x3f3f2d24, 0xc0c0e346, 0x7272db3b, 0x54546c70, 
-	0x29294cca, 0xf0f035e3, 0x0808fe85, 0xc6c617cb, 
-	0xf3f34f11, 0x8c8ce4d0, 0xa4a45993, 0xcaca96b8, 
-	0x68683ba6, 0xb8b84d83, 0x38382820, 0xe5e52eff, 
-	0xadad569f, 0x0b0b8477, 0xc8c81dc3, 0x9999ffcc, 
-	0x5858ed03, 0x19199a6f, 0x0e0e0a08, 0x95957ebf, 
-	0x70705040, 0xf7f730e7, 0x6e6ecf2b, 0x1f1f6ee2, 
-	0xb5b53d79, 0x09090f0c, 0x616134aa, 0x57571682, 
-	0x9f9f0b41, 0x9d9d803a, 0x111164ea, 0x2525cdb9, 
-	0xafafdde4, 0x4545089a, 0xdfdf8da4, 0xa3a35c97, 
-	0xeaead57e, 0x353558da, 0xededd07a, 0x4343fc17, 
-	0xf8f8cb66, 0xfbfbb194, 0x3737d3a1, 0xfafa401d, 
-	0xc2c2683d, 0xb4b4ccf0, 0x32325dde, 0x9c9c71b3, 
-	0x5656e70b, 0xe3e3da72, 0x878760a7, 0x15151b1c, 
-	0xf9f93aef, 0x6363bfd1, 0x3434a953, 0x9a9a853e, 
-	0xb1b1428f, 0x7c7cd133, 0x88889b26, 0x3d3da65f, 
-	0xa1a1d7ec, 0xe4e4df76, 0x8181942a, 0x91910149, 
-	0x0f0ffb81, 0xeeeeaa88, 0x161661ee, 0xd7d77321, 
-	0x9797f5c4, 0xa5a5a81a, 0xfefe3feb, 0x6d6db5d9, 
-	0x7878aec5, 0xc5c56d39, 0x1d1de599, 0x7676a4cd, 
-	0x3e3edcad, 0xcbcb6731, 0xb6b6478b, 0xefef5b01, 
-	0x12121e18, 0x6060c523, 0x6a6ab0dd, 0x4d4df61f, 
-	0xcecee94e, 0xdede7c2d, 0x55559df9, 0x7e7e5a48, 
-	0x2121b24f, 0x03037af2, 0xa0a02665, 0x5e5e198e, 
-	0x5a5a6678, 0x65654b5c, 0x62624e58, 0xfdfd4519, 
-	0x0606f48d, 0x404086e5, 0xf2f2be98, 0x3333ac57, 
-	0x17179067, 0x05058e7f, 0xe8e85e05, 0x4f4f7d64, 
-	0x89896aaf, 0x10109563, 0x74742fb6, 0x0a0a75fe, 
-	0x5c5c92f5, 0x9b9b74b7, 0x2d2d333c, 0x3030d6a5, 
-	0x2e2e49ce, 0x494989e9, 0x46467268, 0x77775544, 
-	0xa8a8d8e0, 0x9696044d, 0x2828bd43, 0xa9a92969, 
-	0xd9d97929, 0x8686912e, 0xd1d187ac, 0xf4f44a15, 
-	0x8d8d1559, 0xd6d682a8, 0xb9b9bc0a, 0x42420d9e, 
-	0xf6f6c16e, 0x2f2fb847, 0xdddd06df, 0x23233934, 
-	0xcccc6235, 0xf1f1c46a, 0xc1c112cf, 0x8585ebdc, 
-	0x8f8f9e22, 0x7171a1c9, 0x9090f0c0, 0xaaaa539b, 
-	0x0101f189, 0x8b8be1d4, 0x4e4e8ced, 0x8e8e6fab, 
-	0xababa212, 0x6f6f3ea2, 0xe6e6540d, 0xdbdbf252, 
-	0x92927bbb, 0xb7b7b602, 0x6969ca2f, 0x3939d9a9, 
-	0xd3d30cd7, 0xa7a72361, 0xa2a2ad1e, 0xc3c399b4, 
-	0x6c6c4450, 0x07070504, 0x04047ff6, 0x272746c2, 
-	0xacaca716, 0xd0d07625, 0x50501386, 0xdcdcf756, 
-	0x84841a55, 0xe1e15109, 0x7a7a25be, 0x1313ef91
-    },
-    {
-	0xa9d93939, 0x67901717, 0xb3719c9c, 0xe8d2a6a6, 
-	0x04050707, 0xfd985252, 0xa3658080, 0x76dfe4e4, 
-	0x9a084545, 0x92024b4b, 0x80a0e0e0, 0x78665a5a, 
-	0xe4ddafaf, 0xddb06a6a, 0xd1bf6363, 0x38362a2a, 
-	0x0d54e6e6, 0xc6432020, 0x3562cccc, 0x98bef2f2, 
-	0x181e1212, 0xf724ebeb, 0xecd7a1a1, 0x6c774141, 
-	0x43bd2828, 0x7532bcbc, 0x37d47b7b, 0x269b8888, 
-	0xfa700d0d, 0x13f94444, 0x94b1fbfb, 0x485a7e7e, 
-	0xf27a0303, 0xd0e48c8c, 0x8b47b6b6, 0x303c2424, 
-	0x84a5e7e7, 0x54416b6b, 0xdf06dddd, 0x23c56060, 
-	0x1945fdfd, 0x5ba33a3a, 0x3d68c2c2, 0x59158d8d, 
-	0xf321ecec, 0xae316666, 0xa23e6f6f, 0x82165757, 
-	0x63951010, 0x015befef, 0x834db8b8, 0x2e918686, 
-	0xd9b56d6d, 0x511f8383, 0x9b53aaaa, 0x7c635d5d, 
-	0xa63b6868, 0xeb3ffefe, 0xa5d63030, 0xbe257a7a, 
-	0x16a7acac, 0x0c0f0909, 0xe335f0f0, 0x6123a7a7, 
-	0xc0f09090, 0x8cafe9e9, 0x3a809d9d, 0xf5925c5c, 
-	0x73810c0c, 0x2c273131, 0x2576d0d0, 0x0be75656, 
-	0xbb7b9292, 0x4ee9cece, 0x89f10101, 0x6b9f1e1e, 
-	0x53a93434, 0x6ac4f1f1, 0xb499c3c3, 0xf1975b5b, 
-	0xe1834747, 0xe66b1818, 0xbdc82222, 0x450e9898, 
-	0xe26e1f1f, 0xf4c9b3b3, 0xb62f7474, 0x66cbf8f8, 
-	0xccff9999, 0x95ea1414, 0x03ed5858, 0x56f7dcdc, 
-	0xd4e18b8b, 0x1c1b1515, 0x1eada2a2, 0xd70cd3d3, 
-	0xfb2be2e2, 0xc31dc8c8, 0x8e195e5e, 0xb5c22c2c, 
-	0xe9894949, 0xcf12c1c1, 0xbf7e9595, 0xba207d7d, 
-	0xea641111, 0x77840b0b, 0x396dc5c5, 0xaf6a8989, 
-	0x33d17c7c, 0xc9a17171, 0x62ceffff, 0x7137bbbb, 
-	0x81fb0f0f, 0x793db5b5, 0x0951e1e1, 0xaddc3e3e, 
-	0x242d3f3f, 0xcda47676, 0xf99d5555, 0xd8ee8282, 
-	0xe5864040, 0xc5ae7878, 0xb9cd2525, 0x4d049696, 
-	0x44557777, 0x080a0e0e, 0x86135050, 0xe730f7f7, 
-	0xa1d33737, 0x1d40fafa, 0xaa346161, 0xed8c4e4e, 
-	0x06b3b0b0, 0x706c5454, 0xb22a7373, 0xd2523b3b, 
-	0x410b9f9f, 0x7b8b0202, 0xa088d8d8, 0x114ff3f3, 
-	0x3167cbcb, 0xc2462727, 0x27c06767, 0x90b4fcfc, 
-	0x20283838, 0xf67f0404, 0x60784848, 0xff2ee5e5, 
-	0x96074c4c, 0x5c4b6565, 0xb1c72b2b, 0xab6f8e8e, 
-	0x9e0d4242, 0x9cbbf5f5, 0x52f2dbdb, 0x1bf34a4a, 
-	0x5fa63d3d, 0x9359a4a4, 0x0abcb9b9, 0xef3af9f9, 
-	0x91ef1313, 0x85fe0808, 0x49019191, 0xee611616, 
-	0x2d7cdede, 0x4fb22121, 0x8f42b1b1, 0x3bdb7272, 
-	0x47b82f2f, 0x8748bfbf, 0x6d2caeae, 0x46e3c0c0, 
-	0xd6573c3c, 0x3e859a9a, 0x6929a9a9, 0x647d4f4f, 
-	0x2a948181, 0xce492e2e, 0xcb17c6c6, 0x2fca6969, 
-	0xfcc3bdbd, 0x975ca3a3, 0x055ee8e8, 0x7ad0eded, 
-	0xac87d1d1, 0x7f8e0505, 0xd5ba6464, 0x1aa8a5a5, 
-	0x4bb72626, 0x0eb9bebe, 0xa7608787, 0x5af8d5d5, 
-	0x28223636, 0x14111b1b, 0x3fde7575, 0x2979d9d9, 
-	0x88aaeeee, 0x3c332d2d, 0x4c5f7979, 0x02b6b7b7, 
-	0xb896caca, 0xda583535, 0xb09cc4c4, 0x17fc4343, 
-	0x551a8484, 0x1ff64d4d, 0x8a1c5959, 0x7d38b2b2, 
-	0x57ac3333, 0xc718cfcf, 0x8df40606, 0x74695353, 
-	0xb7749b9b, 0xc4f59797, 0x9f56adad, 0x72dae3e3, 
-	0x7ed5eaea, 0x154af4f4, 0x229e8f8f, 0x12a2abab, 
-	0x584e6262, 0x07e85f5f, 0x99e51d1d, 0x34392323, 
-	0x6ec1f6f6, 0x50446c6c, 0xde5d3232, 0x68724646, 
-	0x6526a0a0, 0xbc93cdcd, 0xdb03dada, 0xf8c6baba, 
-	0xc8fa9e9e, 0xa882d6d6, 0x2bcf6e6e, 0x40507070, 
-	0xdceb8585, 0xfe750a0a, 0x328a9393, 0xa48ddfdf, 
-	0xca4c2929, 0x10141c1c, 0x2173d7d7, 0xf0ccb4b4, 
-	0xd309d4d4, 0x5d108a8a, 0x0fe25151, 0x00000000, 
-	0x6f9a1919, 0x9de01a1a, 0x368f9494, 0x42e6c7c7, 
-	0x4aecc9c9, 0x5efdd2d2, 0xc1ab7f7f, 0xe0d8a8a8
-    },
-    {
-	0xbc75bc32, 0xecf3ec21, 0x20c62043, 0xb3f4b3c9, 
-	0xdadbda03, 0x027b028b, 0xe2fbe22b, 0x9ec89efa, 
-	0xc94ac9ec, 0xd4d3d409, 0x18e6186b, 0x1e6b1e9f, 
-	0x9845980e, 0xb27db238, 0xa6e8a6d2, 0x264b26b7, 
-	0x3cd63c57, 0x9332938a, 0x82d882ee, 0x52fd5298, 
-	0x7b377bd4, 0xbb71bb37, 0x5bf15b97, 0x47e14783, 
-	0x2430243c, 0x510f51e2, 0xbaf8bac6, 0x4a1b4af3, 
-	0xbf87bf48, 0x0dfa0d70, 0xb006b0b3, 0x753f75de, 
-	0xd25ed2fd, 0x7dba7d20, 0x66ae6631, 0x3a5b3aa3, 
-	0x598a591c, 0x00000000, 0xcdbccd93, 0x1a9d1ae0, 
-	0xae6dae2c, 0x7fc17fab, 0x2bb12bc7, 0xbe0ebeb9, 
-	0xe080e0a0, 0x8a5d8a10, 0x3bd23b52, 0x64d564ba, 
-	0xd8a0d888, 0xe784e7a5, 0x5f075fe8, 0x1b141b11, 
-	0x2cb52cc2, 0xfc90fcb4, 0x312c3127, 0x80a38065, 
-	0x73b2732a, 0x0c730c81, 0x794c795f, 0x6b546b41, 
-	0x4b924b02, 0x53745369, 0x9436948f, 0x8351831f, 
-	0x2a382a36, 0xc4b0c49c, 0x22bd22c8, 0xd55ad5f8, 
-	0xbdfcbdc3, 0x48604878, 0xff62ffce, 0x4c964c07, 
-	0x416c4177, 0xc742c7e6, 0xebf7eb24, 0x1c101c14, 
-	0x5d7c5d63, 0x36283622, 0x672767c0, 0xe98ce9af, 
-	0x441344f9, 0x149514ea, 0xf59cf5bb, 0xcfc7cf18, 
-	0x3f243f2d, 0xc046c0e3, 0x723b72db, 0x5470546c, 
-	0x29ca294c, 0xf0e3f035, 0x088508fe, 0xc6cbc617, 
-	0xf311f34f, 0x8cd08ce4, 0xa493a459, 0xcab8ca96, 
-	0x68a6683b, 0xb883b84d, 0x38203828, 0xe5ffe52e, 
-	0xad9fad56, 0x0b770b84, 0xc8c3c81d, 0x99cc99ff, 
-	0x580358ed, 0x196f199a, 0x0e080e0a, 0x95bf957e, 
-	0x70407050, 0xf7e7f730, 0x6e2b6ecf, 0x1fe21f6e, 
-	0xb579b53d, 0x090c090f, 0x61aa6134, 0x57825716, 
-	0x9f419f0b, 0x9d3a9d80, 0x11ea1164, 0x25b925cd, 
-	0xafe4afdd, 0x459a4508, 0xdfa4df8d, 0xa397a35c, 
-	0xea7eead5, 0x35da3558, 0xed7aedd0, 0x431743fc, 
-	0xf866f8cb, 0xfb94fbb1, 0x37a137d3, 0xfa1dfa40, 
-	0xc23dc268, 0xb4f0b4cc, 0x32de325d, 0x9cb39c71, 
-	0x560b56e7, 0xe372e3da, 0x87a78760, 0x151c151b, 
-	0xf9eff93a, 0x63d163bf, 0x345334a9, 0x9a3e9a85, 
-	0xb18fb142, 0x7c337cd1, 0x8826889b, 0x3d5f3da6, 
-	0xa1eca1d7, 0xe476e4df, 0x812a8194, 0x91499101, 
-	0x0f810ffb, 0xee88eeaa, 0x16ee1661, 0xd721d773, 
-	0x97c497f5, 0xa51aa5a8, 0xfeebfe3f, 0x6dd96db5, 
-	0x78c578ae, 0xc539c56d, 0x1d991de5, 0x76cd76a4, 
-	0x3ead3edc, 0xcb31cb67, 0xb68bb647, 0xef01ef5b, 
-	0x1218121e, 0x602360c5, 0x6add6ab0, 0x4d1f4df6, 
-	0xce4ecee9, 0xde2dde7c, 0x55f9559d, 0x7e487e5a, 
-	0x214f21b2, 0x03f2037a, 0xa065a026, 0x5e8e5e19, 
-	0x5a785a66, 0x655c654b, 0x6258624e, 0xfd19fd45, 
-	0x068d06f4, 0x40e54086, 0xf298f2be, 0x335733ac, 
-	0x17671790, 0x057f058e, 0xe805e85e, 0x4f644f7d, 
-	0x89af896a, 0x10631095, 0x74b6742f, 0x0afe0a75, 
-	0x5cf55c92, 0x9bb79b74, 0x2d3c2d33, 0x30a530d6, 
-	0x2ece2e49, 0x49e94989, 0x46684672, 0x77447755, 
-	0xa8e0a8d8, 0x964d9604, 0x284328bd, 0xa969a929, 
-	0xd929d979, 0x862e8691, 0xd1acd187, 0xf415f44a, 
-	0x8d598d15, 0xd6a8d682, 0xb90ab9bc, 0x429e420d, 
-	0xf66ef6c1, 0x2f472fb8, 0xdddfdd06, 0x23342339, 
-	0xcc35cc62, 0xf16af1c4, 0xc1cfc112, 0x85dc85eb, 
-	0x8f228f9e, 0x71c971a1, 0x90c090f0, 0xaa9baa53, 
-	0x018901f1, 0x8bd48be1, 0x4eed4e8c, 0x8eab8e6f, 
-	0xab12aba2, 0x6fa26f3e, 0xe60de654, 0xdb52dbf2, 
-	0x92bb927b, 0xb702b7b6, 0x692f69ca, 0x39a939d9, 
-	0xd3d7d30c, 0xa761a723, 0xa21ea2ad, 0xc3b4c399, 
-	0x6c506c44, 0x07040705, 0x04f6047f, 0x27c22746, 
-	0xac16aca7, 0xd025d076, 0x50865013, 0xdc56dcf7, 
-	0x8455841a, 0xe109e151, 0x7abe7a25, 0x139113ef
-    },
-    {
-	0xd939a9d9, 0x90176790, 0x719cb371, 0xd2a6e8d2, 
-	0x05070405, 0x9852fd98, 0x6580a365, 0xdfe476df, 
-	0x08459a08, 0x024b9202, 0xa0e080a0, 0x665a7866, 
-	0xddafe4dd, 0xb06addb0, 0xbf63d1bf, 0x362a3836, 
-	0x54e60d54, 0x4320c643, 0x62cc3562, 0xbef298be, 
-	0x1e12181e, 0x24ebf724, 0xd7a1ecd7, 0x77416c77, 
-	0xbd2843bd, 0x32bc7532, 0xd47b37d4, 0x9b88269b, 
-	0x700dfa70, 0xf94413f9, 0xb1fb94b1, 0x5a7e485a, 
-	0x7a03f27a, 0xe48cd0e4, 0x47b68b47, 0x3c24303c, 
-	0xa5e784a5, 0x416b5441, 0x06dddf06, 0xc56023c5, 
-	0x45fd1945, 0xa33a5ba3, 0x68c23d68, 0x158d5915, 
-	0x21ecf321, 0x3166ae31, 0x3e6fa23e, 0x16578216, 
-	0x95106395, 0x5bef015b, 0x4db8834d, 0x91862e91, 
-	0xb56dd9b5, 0x1f83511f, 0x53aa9b53, 0x635d7c63, 
-	0x3b68a63b, 0x3ffeeb3f, 0xd630a5d6, 0x257abe25, 
-	0xa7ac16a7, 0x0f090c0f, 0x35f0e335, 0x23a76123, 
-	0xf090c0f0, 0xafe98caf, 0x809d3a80, 0x925cf592, 
-	0x810c7381, 0x27312c27, 0x76d02576, 0xe7560be7, 
-	0x7b92bb7b, 0xe9ce4ee9, 0xf10189f1, 0x9f1e6b9f, 
-	0xa93453a9, 0xc4f16ac4, 0x99c3b499, 0x975bf197, 
-	0x8347e183, 0x6b18e66b, 0xc822bdc8, 0x0e98450e, 
-	0x6e1fe26e, 0xc9b3f4c9, 0x2f74b62f, 0xcbf866cb, 
-	0xff99ccff, 0xea1495ea, 0xed5803ed, 0xf7dc56f7, 
-	0xe18bd4e1, 0x1b151c1b, 0xada21ead, 0x0cd3d70c, 
-	0x2be2fb2b, 0x1dc8c31d, 0x195e8e19, 0xc22cb5c2, 
-	0x8949e989, 0x12c1cf12, 0x7e95bf7e, 0x207dba20, 
-	0x6411ea64, 0x840b7784, 0x6dc5396d, 0x6a89af6a, 
-	0xd17c33d1, 0xa171c9a1, 0xceff62ce, 0x37bb7137, 
-	0xfb0f81fb, 0x3db5793d, 0x51e10951, 0xdc3eaddc, 
-	0x2d3f242d, 0xa476cda4, 0x9d55f99d, 0xee82d8ee, 
-	0x8640e586, 0xae78c5ae, 0xcd25b9cd, 0x04964d04, 
-	0x55774455, 0x0a0e080a, 0x13508613, 0x30f7e730, 
-	0xd337a1d3, 0x40fa1d40, 0x3461aa34, 0x8c4eed8c, 
-	0xb3b006b3, 0x6c54706c, 0x2a73b22a, 0x523bd252, 
-	0x0b9f410b, 0x8b027b8b, 0x88d8a088, 0x4ff3114f, 
-	0x67cb3167, 0x4627c246, 0xc06727c0, 0xb4fc90b4, 
-	0x28382028, 0x7f04f67f, 0x78486078, 0x2ee5ff2e, 
-	0x074c9607, 0x4b655c4b, 0xc72bb1c7, 0x6f8eab6f, 
-	0x0d429e0d, 0xbbf59cbb, 0xf2db52f2, 0xf34a1bf3, 
-	0xa63d5fa6, 0x59a49359, 0xbcb90abc, 0x3af9ef3a, 
-	0xef1391ef, 0xfe0885fe, 0x01914901, 0x6116ee61, 
-	0x7cde2d7c, 0xb2214fb2, 0x42b18f42, 0xdb723bdb, 
-	0xb82f47b8, 0x48bf8748, 0x2cae6d2c, 0xe3c046e3, 
-	0x573cd657, 0x859a3e85, 0x29a96929, 0x7d4f647d, 
-	0x94812a94, 0x492ece49, 0x17c6cb17, 0xca692fca, 
-	0xc3bdfcc3, 0x5ca3975c, 0x5ee8055e, 0xd0ed7ad0, 
-	0x87d1ac87, 0x8e057f8e, 0xba64d5ba, 0xa8a51aa8, 
-	0xb7264bb7, 0xb9be0eb9, 0x6087a760, 0xf8d55af8, 
-	0x22362822, 0x111b1411, 0xde753fde, 0x79d92979, 
-	0xaaee88aa, 0x332d3c33, 0x5f794c5f, 0xb6b702b6, 
-	0x96cab896, 0x5835da58, 0x9cc4b09c, 0xfc4317fc, 
-	0x1a84551a, 0xf64d1ff6, 0x1c598a1c, 0x38b27d38, 
-	0xac3357ac, 0x18cfc718, 0xf4068df4, 0x69537469, 
-	0x749bb774, 0xf597c4f5, 0x56ad9f56, 0xdae372da, 
-	0xd5ea7ed5, 0x4af4154a, 0x9e8f229e, 0xa2ab12a2, 
-	0x4e62584e, 0xe85f07e8, 0xe51d99e5, 0x39233439, 
-	0xc1f66ec1, 0x446c5044, 0x5d32de5d, 0x72466872, 
-	0x26a06526, 0x93cdbc93, 0x03dadb03, 0xc6baf8c6, 
-	0xfa9ec8fa, 0x82d6a882, 0xcf6e2bcf, 0x50704050, 
-	0xeb85dceb, 0x750afe75, 0x8a93328a, 0x8ddfa48d, 
-	0x4c29ca4c, 0x141c1014, 0x73d72173, 0xccb4f0cc, 
-	0x09d4d309, 0x108a5d10, 0xe2510fe2, 0x00000000, 
-	0x9a196f9a, 0xe01a9de0, 0x8f94368f, 0xe6c742e6, 
-	0xecc94aec, 0xfdd25efd, 0xab7fc1ab, 0xd8a8e0d8
-    }
-};
-
-
-} // namespace
-
diff --git a/extra/yassl/taocrypt/src/twofish.cpp b/extra/yassl/taocrypt/src/twofish.cpp
deleted file mode 100644
index 2e28ae52cd3..00000000000
--- a/extra/yassl/taocrypt/src/twofish.cpp
+++ /dev/null
@@ -1,582 +0,0 @@
-/*
-   Copyright (c) 2006, 2012, Oracle and/or its affiliates
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-/* C++ based on Wei Dai's twofish.cpp from CryptoPP */
-/* x86 asm original */
-
-
-#if defined(TAOCRYPT_KERNEL_MODE)
-    #define DO_TAOCRYPT_KERNEL_MODE
-#endif                                  // only some modules now support this
-
-#include "runtime.hpp"
-#include "twofish.hpp"
-
-
-
-namespace TaoCrypt {
-
-
-#if defined(DO_TWOFISH_ASM)
-
-// ia32 optimized version
-void Twofish::Process(byte* out, const byte* in, word32 sz)
-{
-    if (!isMMX) {
-        Mode_BASE::Process(out, in, sz);
-        return;
-    }
-
-    word32 blocks = sz / BLOCK_SIZE;
-
-    if (mode_ == ECB)
-        while (blocks--) {
-            if (dir_ == ENCRYPTION)
-                AsmEncrypt(in, out);
-            else
-                AsmDecrypt(in, out);
-        
-            out += BLOCK_SIZE;
-            in  += BLOCK_SIZE;
-        }
-    else if (mode_ == CBC) {
-        if (dir_ == ENCRYPTION) {
-            while (blocks--) {
-                r_[0] ^= *(word32*)in;
-                r_[1] ^= *(word32*)(in +  4);
-                r_[2] ^= *(word32*)(in +  8);
-                r_[3] ^= *(word32*)(in + 12);
-
-                AsmEncrypt((byte*)r_, (byte*)r_);
-                memcpy(out, r_, BLOCK_SIZE);
-
-                out += BLOCK_SIZE;
-                in  += BLOCK_SIZE;
-            }
-        }
-        else {
-            while (blocks--) {
-                AsmDecrypt(in, out);
-               
-                *(word32*)out        ^= r_[0];
-                *(word32*)(out +  4) ^= r_[1];
-                *(word32*)(out +  8) ^= r_[2];
-                *(word32*)(out + 12) ^= r_[3];
-
-                memcpy(r_, in, BLOCK_SIZE);
-
-                out += BLOCK_SIZE;
-                in  += BLOCK_SIZE;
-            }
-        }
-    }
-}
-
-#endif // DO_TWOFISH_ASM
-
-
-namespace {     // locals
-
-// compute (c * x^4) mod (x^4 + (a + 1/a) * x^3 + a * x^2 + (a + 1/a) * x + 1)
-// over GF(256)
-static inline unsigned int Mod(unsigned int c)
-{
-	static const unsigned int modulus = 0x14d;
-	unsigned int c2 = (c<<1) ^ ((c & 0x80) ? modulus : 0);
-	unsigned int c1 = c2 ^ (c>>1) ^ ((c & 1) ? (modulus>>1) : 0);
-	return c | (c1 << 8) | (c2 << 16) | (c1 << 24);
-}
-
-// compute RS(12,8) code with the above polynomial as generator
-// this is equivalent to multiplying by the RS matrix
-static word32 ReedSolomon(word32 high, word32 low)
-{
-	for (unsigned int i=0; i<8; i++) {
-		high = Mod(high>>24) ^ (high<<8) ^ (low>>24);
-		low <<= 8;
-	}
-	return high;
-}
-
-}  // local namespace
-
-
-
-inline word32 Twofish::h0(word32 x, const word32* key, unsigned int kLen)
-{
-	x = x | (x<<8) | (x<<16) | (x<<24);
-	switch(kLen)
-	{
-#define Q(a, b, c, d, t) q_[a][GETBYTE(t,0)] ^ (q_[b][GETBYTE(t,1)] << 8) ^  \
-            (q_[c][GETBYTE(t,2)] << 16) ^ (q_[d][GETBYTE(t,3)] << 24)
-	case 4: x = Q(1, 0, 0, 1, x) ^ key[6];
-	case 3: x = Q(1, 1, 0, 0, x) ^ key[4];
-	case 2: x = Q(0, 1, 0, 1, x) ^ key[2];
-			x = Q(0, 0, 1, 1, x) ^ key[0];
-	}
-	return x;
-}
-
-inline word32 Twofish::h(word32 x, const word32* key, unsigned int kLen)
-{
-	x = h0(x, key, kLen);
-	return mds_[0][GETBYTE(x,0)] ^ mds_[1][GETBYTE(x,1)] ^ 
-        mds_[2][GETBYTE(x,2)] ^ mds_[3][GETBYTE(x,3)];
-}
-
-
-void Twofish::SetKey(const byte* userKey, word32 keylen, CipherDir /*dummy*/)
-{
-	unsigned int len = (keylen <= 16 ? 2 : (keylen <= 24 ? 3 : 4));
-    word32 key[8];
-	GetUserKey(LittleEndianOrder, key, len*2, userKey, keylen);
-
-	unsigned int i;
-	for (i=0; i<40; i+=2) {
-		word32 a = h(i, key, len);
-		word32 b = rotlFixed(h(i+1, key+1, len), 8);
-		k_[i] = a+b;
-		k_[i+1] = rotlFixed(a+2*b, 9);
-	}
-
-	word32 svec[8];
-	for (i=0; i gpBlock;
-
-void Twofish::encrypt(const byte* inBlock, const byte* xorBlock,
-                  byte* outBlock) const
-{
-	word32 x, y, a, b, c, d;
-
-	gpBlock::Get(inBlock)(a)(b)(c)(d);
-
-	a ^= k_[0];
-	b ^= k_[1];
-	c ^= k_[2];
-	d ^= k_[3];
-
-	const word32 *k = k_+8;
-
-	ENCCYCLE (0);
-	ENCCYCLE (1);
-	ENCCYCLE (2);
-	ENCCYCLE (3);
-	ENCCYCLE (4);
-	ENCCYCLE (5);
-	ENCCYCLE (6);
-	ENCCYCLE (7);
-
-	c ^= k_[4];
-	d ^= k_[5];
-	a ^= k_[6];
-	b ^= k_[7]; 
-
-	gpBlock::Put(xorBlock, outBlock)(c)(d)(a)(b);
-}
-
-
-void Twofish::decrypt(const byte* inBlock, const byte* xorBlock,
-                  byte* outBlock) const
-{
-	word32 x, y, a, b, c, d;
-
-	gpBlock::Get(inBlock)(c)(d)(a)(b);
-
-	c ^= k_[4];
-	d ^= k_[5];
-	a ^= k_[6];
-	b ^= k_[7];
-
-	const word32 *k = k_+8;
-	DECCYCLE (7);
-	DECCYCLE (6);
-	DECCYCLE (5);
-	DECCYCLE (4);
-	DECCYCLE (3);
-	DECCYCLE (2);
-	DECCYCLE (1);
-	DECCYCLE (0);
-
-	a ^= k_[0];
-	b ^= k_[1];
-	c ^= k_[2];
-	d ^= k_[3];
-
-	gpBlock::Put(xorBlock, outBlock)(a)(b)(c)(d);
-}
-
-
-
-#if defined(DO_TWOFISH_ASM)
-    #ifdef __GNUC__
-        #define AS1(x)    #x ";"
-        #define AS2(x, y) #x ", " #y ";"
-
-        #define PROLOG()  \
-        __asm__ __volatile__ \
-        ( \
-            ".intel_syntax noprefix;" \
-            "push ebx;" \
-            "push ebp;" \
-            "movd mm3, eax;" \
-            "movd mm6, ebp;"
-        #define EPILOG()  \
-            "pop ebp;" \
-            "pop ebx;" \
-       	    "emms;" \
-       	    ".att_syntax;" \
-                : \
-                : "D" (this), "S" (inBlock), "a" (outBlock) \
-                : "%ecx", "%edx", "memory", "cc" \
-        );
-
-    #else
-        #define AS1(x)    __asm x
-        #define AS2(x, y) __asm x, y
-
-        #define PROLOG() \
-            AS1(    push  ebp                           )   \
-            AS2(    mov   ebp, esp                      )   \
-            AS2(    movd  mm3, edi                      )   \
-            AS2(    movd  mm4, ebx                      )   \
-            AS2(    movd  mm5, esi                      )   \
-            AS2(    movd  mm6, ebp                      )   \
-            AS2(    mov   edi, ecx                      )   \
-            AS2(    mov   esi, DWORD PTR [ebp +  8]     )
-
-        /* ebp already set */
-        #define EPILOG()  \
-            AS2(    movd esi, mm5                   )   \
-            AS2(    movd ebx, mm4                   )   \
-            AS2(    movd edi, mm3                   )   \
-            AS2(    mov  esp, ebp                   )   \
-            AS1(    pop  ebp                        )   \
-            AS1(    emms                            )   \
-            AS1(    ret 8                           )    
-            
-    #endif
-
-
-
-
-    // x = esi, y = [esp], s_ = ebp
-    // edi always open for G1 and G2
-    // G1 also uses edx after save and restore
-    // G2 also uses eax after save and restore
-    //      and ecx for tmp [esp] which Rounds also use
-    //      and restore from mm7
-
-    // x = G1(a)   bytes(0,1,2,3)
-#define ASMG1(z, zl, zh) \
-    AS2(    movd  mm2, edx                          )   \
-    AS2(    movzx edi, zl                           )   \
-    AS2(    mov   esi, DWORD PTR     [ebp + edi*4]  )   \
-    AS2(    movzx edx, zh                           )   \
-    AS2(    xor   esi, DWORD PTR 1024[ebp + edx*4]  )   \
-                                                        \
-    AS2(    mov   edx, z                            )   \
-    AS2(    shr   edx, 16                           )   \
-    AS2(    movzx edi, dl                           )   \
-    AS2(    xor   esi, DWORD PTR 2048[ebp + edi*4]  )   \
-    AS2(    movzx edx, dh                           )   \
-    AS2(    xor   esi, DWORD PTR 3072[ebp + edx*4]  )   \
-    AS2(    movd  edx, mm2                          )
-
-
-    // y = G2(b)  bytes(3,0,1,2)  [ put y into ecx for Rounds ]
-#define ASMG2(z, zl, zh)    \
-    AS2(    movd  mm7, ecx                          )   \
-    AS2(    movd  mm2, eax                          )   \
-    AS2(    mov   edi, z                            )   \
-    AS2(    shr   edi, 24                           )   \
-    AS2(    mov   ecx, DWORD PTR     [ebp + edi*4]  )   \
-    AS2(    movzx eax, zl                           )   \
-    AS2(    xor   ecx, DWORD PTR 1024[ebp + eax*4]  )   \
-                                                        \
-    AS2(    mov   eax, z                            )   \
-    AS2(    shr   eax, 16                           )   \
-    AS2(    movzx edi, zh                           )   \
-    AS2(    xor   ecx, DWORD PTR 2048[ebp + edi*4]  )   \
-    AS2(    movzx eax, al                           )   \
-    AS2(    xor   ecx, DWORD PTR 3072[ebp + eax*4]  )   \
-    AS2(    movd  eax, mm2                          )
-
-
-    // encrypt Round (n), 
-    // x = esi, k = ebp, edi open
-    // y is in ecx from G2, restore when done from mm7
-    //      before C (which be same register!)
-#define ASMENCROUND(N, A, A2, A3, B, B2, B3, C, D)      \
-    /* setup s_  */                                     \
-    AS2(    movd  ebp, mm1                          )   \
-    ASMG1(A, A2, A3)                                    \
-    ASMG2(B, B2, B3)                                    \
-    /* setup k  */                                      \
-    AS2(    movd  ebp, mm0                          )   \
-    /* x += y   */                                      \
-    AS2(    add   esi, ecx                          )   \
-    AS2(    add   ebp, 32                           )   \
-    /* y += x + k[2 * (n) + 1] */                       \
-    AS2(    add   ecx, esi                          )   \
-    AS2(    rol   D,   1                            )   \
-    AS2(    add   ecx, DWORD PTR [ebp + 8 * N + 4]  )   \
-	/* (d) = rotlFixed(d, 1) ^ y  */                    \
-    AS2(    xor   D,   ecx                          )   \
-    AS2(    movd  ecx, mm7                          )   \
-	/* (c) ^= x + k[2 * (n)] */                         \
-    AS2(    mov   edi, esi                          )   \
-    AS2(    add   edi, DWORD PTR [ebp + 8 * N]      )   \
-    AS2(    xor   C,   edi                          )   \
-	/* (c) = rotrFixed(c, 1) */                         \
-    AS2(    ror   C,   1                            )
-
-
-    // decrypt Round (n), 
-    // x = esi, k = ebp, edi open
-    // y is in ecx from G2, restore ecx from mm7 when done
-#define ASMDECROUND(N, A, A2, A3, B, B2, B3, C, D)      \
-    /* setup s_  */                                     \
-    AS2(    movd  ebp, mm1                          )   \
-    ASMG1(A, A2, A3)                                    \
-    ASMG2(B, B2, B3)                                    \
-    /* setup k  */                                      \
-    AS2(    movd  ebp, mm0                          )   \
-    /* x += y   */                                      \
-    AS2(    add   esi, ecx                          )   \
-    AS2(    add   ebp, 32                           )   \
-    /* y += x     */                                    \
-    AS2(    add   ecx, esi                          )   \
-	/* (d) ^= y + k[2 * (n) + 1] */                     \
-    AS2(    mov   edi, DWORD PTR [ebp + 8 * N + 4]  )   \
-    AS2(    add   edi, ecx                          )   \
-    AS2(    movd  ecx, mm7                          )   \
-    AS2(    xor   D,   edi                          )   \
-	/* (d) = rotrFixed(d, 1)     */                     \
-    AS2(    ror   D,   1                            )   \
-	/* (c) = rotlFixed(c, 1)     */                     \
-    AS2(    rol   C,   1                            )   \
-	/* (c) ^= (x + k[2 * (n)])   */                     \
-    AS2(    mov   edi, esi                          )   \
-    AS2(    add   edi, DWORD PTR [ebp + 8 * N]      )   \
-    AS2(    xor   C,   edi                          )
-
-
-#ifdef _MSC_VER
-    __declspec(naked) 
-#else
-    __attribute__ ((noinline))
-#endif
-void Twofish::AsmEncrypt(const byte* inBlock, byte* outBlock) const
-{
-    PROLOG()
-
-    #ifdef OLD_GCC_OFFSET
-        AS2(    add   edi, 60                       ) // k_
-    #else
-        AS2(    add   edi, 56                       ) // k_
-    #endif
-
-    AS2(    mov   ebp, edi                      )
-
-    AS2(    mov   eax, DWORD PTR [esi]          ) // a
-    AS2(    movd  mm0, edi                      ) // store k_
-    AS2(    mov   ebx, DWORD PTR [esi +  4]     ) // b
-    AS2(    add   ebp, 160                      ) // s_[0]
-    AS2(    mov   ecx, DWORD PTR [esi +  8]     ) // c
-    AS2(    movd  mm1, ebp                      ) // store s_
-    AS2(    mov   edx, DWORD PTR [esi + 12]     ) // d
-    
-    AS2(    xor   eax, DWORD PTR [edi]          ) // k_[0]
-    AS2(    xor   ebx, DWORD PTR [edi +  4]     ) //   [1]
-    AS2(    xor   ecx, DWORD PTR [edi +  8]     ) //   [2]
-    AS2(    xor   edx, DWORD PTR [edi + 12]     ) //   [3]
-
-
-    ASMENCROUND( 0, eax, al, ah, ebx, bl, bh, ecx, edx)
-    ASMENCROUND( 1, ecx, cl, ch, edx, dl, dh, eax, ebx)
-    ASMENCROUND( 2, eax, al, ah, ebx, bl, bh, ecx, edx)
-    ASMENCROUND( 3, ecx, cl, ch, edx, dl, dh, eax, ebx)
-    ASMENCROUND( 4, eax, al, ah, ebx, bl, bh, ecx, edx)
-    ASMENCROUND( 5, ecx, cl, ch, edx, dl, dh, eax, ebx)
-    ASMENCROUND( 6, eax, al, ah, ebx, bl, bh, ecx, edx)
-    ASMENCROUND( 7, ecx, cl, ch, edx, dl, dh, eax, ebx)
-    ASMENCROUND( 8, eax, al, ah, ebx, bl, bh, ecx, edx)
-    ASMENCROUND( 9, ecx, cl, ch, edx, dl, dh, eax, ebx)
-    ASMENCROUND(10, eax, al, ah, ebx, bl, bh, ecx, edx)
-    ASMENCROUND(11, ecx, cl, ch, edx, dl, dh, eax, ebx)
-    ASMENCROUND(12, eax, al, ah, ebx, bl, bh, ecx, edx)
-    ASMENCROUND(13, ecx, cl, ch, edx, dl, dh, eax, ebx)
-    ASMENCROUND(14, eax, al, ah, ebx, bl, bh, ecx, edx)
-    ASMENCROUND(15, ecx, cl, ch, edx, dl, dh, eax, ebx)
-
-
-    AS2(    movd  ebp, mm6                      )
-    AS2(    movd  esi, mm0                      ) // k_
-    #ifdef __GNUC__
-        AS2(    movd  edi, mm3                  ) // outBlock
-    #else
-        AS2(    mov   edi, [ebp + 12]           ) // outBlock
-    #endif
-
-    AS2(    xor   ecx, DWORD PTR [esi + 16]     ) // k_[4]
-    AS2(    xor   edx, DWORD PTR [esi + 20]     ) // k_[5]
-    AS2(    xor   eax, DWORD PTR [esi + 24]     ) // k_[6]
-    AS2(    xor   ebx, DWORD PTR [esi + 28]     ) // k_[7]
-
-    AS2(    mov   [edi],      ecx               ) // write out
-    AS2(    mov   [edi +  4], edx               ) // write out
-    AS2(    mov   [edi +  8], eax               ) // write out
-    AS2(    mov   [edi + 12], ebx               ) // write out
-
-
-    EPILOG()
-}
-
-
-#ifdef _MSC_VER
-    __declspec(naked) 
-#else
-    __attribute__ ((noinline))
-#endif
-void Twofish::AsmDecrypt(const byte* inBlock, byte* outBlock) const
-{
-    PROLOG()
-
-    #ifdef OLD_GCC_OFFSET
-        AS2(    add   edi, 60                       ) // k_
-    #else
-        AS2(    add   edi, 56                       ) // k_
-    #endif
-
-    AS2(    mov   ebp, edi                      )
-
-    AS2(    mov   ecx, DWORD PTR [esi]          ) // c
-    AS2(    movd  mm0, edi                      ) // store k_
-    AS2(    mov   edx, DWORD PTR [esi +  4]     ) // d
-    AS2(    add   ebp, 160                      ) // s_[0]
-    AS2(    mov   eax, DWORD PTR [esi +  8]     ) // a
-    AS2(    movd  mm1, ebp                      ) // store s_
-    AS2(    mov   ebx, DWORD PTR [esi + 12]     ) // b
-
-    AS2(    xor   ecx, DWORD PTR [edi + 16]     ) // k_[4]
-    AS2(    xor   edx, DWORD PTR [edi + 20]     ) //   [5]
-    AS2(    xor   eax, DWORD PTR [edi + 24]     ) //   [6]
-    AS2(    xor   ebx, DWORD PTR [edi + 28]     ) //   [7]
-
-
-    ASMDECROUND(15, ecx, cl, ch, edx, dl, dh, eax, ebx)
-    ASMDECROUND(14, eax, al, ah, ebx, bl, bh, ecx, edx)
-    ASMDECROUND(13, ecx, cl, ch, edx, dl, dh, eax, ebx)
-    ASMDECROUND(12, eax, al, ah, ebx, bl, bh, ecx, edx)
-    ASMDECROUND(11, ecx, cl, ch, edx, dl, dh, eax, ebx)
-    ASMDECROUND(10, eax, al, ah, ebx, bl, bh, ecx, edx)
-    ASMDECROUND( 9, ecx, cl, ch, edx, dl, dh, eax, ebx)
-    ASMDECROUND( 8, eax, al, ah, ebx, bl, bh, ecx, edx)
-    ASMDECROUND( 7, ecx, cl, ch, edx, dl, dh, eax, ebx)
-    ASMDECROUND( 6, eax, al, ah, ebx, bl, bh, ecx, edx)
-    ASMDECROUND( 5, ecx, cl, ch, edx, dl, dh, eax, ebx)
-    ASMDECROUND( 4, eax, al, ah, ebx, bl, bh, ecx, edx)
-    ASMDECROUND( 3, ecx, cl, ch, edx, dl, dh, eax, ebx)
-    ASMDECROUND( 2, eax, al, ah, ebx, bl, bh, ecx, edx)
-    ASMDECROUND( 1, ecx, cl, ch, edx, dl, dh, eax, ebx)
-    ASMDECROUND( 0, eax, al, ah, ebx, bl, bh, ecx, edx)
-
-
-    AS2(    movd  ebp, mm6                      )
-    AS2(    movd  esi, mm0                      ) // k_
-    #ifdef __GNUC__
-        AS2(    movd  edi, mm3                  ) // outBlock
-    #else
-        AS2(    mov   edi, [ebp + 12]           ) // outBlock
-    #endif
-
-    AS2(    xor   eax, DWORD PTR [esi     ]     ) // k_[0]
-    AS2(    xor   ebx, DWORD PTR [esi +  4]     ) // k_[1]
-    AS2(    xor   ecx, DWORD PTR [esi +  8]     ) // k_[2]
-    AS2(    xor   edx, DWORD PTR [esi + 12]     ) // k_[3]
-
-    AS2(    mov   [edi],      eax               ) // write out
-    AS2(    mov   [edi +  4], ebx               ) // write out
-    AS2(    mov   [edi +  8], ecx               ) // write out
-    AS2(    mov   [edi + 12], edx               ) // write out
-
-
-    EPILOG()
-}
-
-
-
-#endif // defined(DO_TWOFISH_ASM)
-
-
-
-
-
-} // namespace
-
-
diff --git a/extra/yassl/taocrypt/taocrypt.dsp b/extra/yassl/taocrypt/taocrypt.dsp
deleted file mode 100644
index 9c8e74da8c8..00000000000
--- a/extra/yassl/taocrypt/taocrypt.dsp
+++ /dev/null
@@ -1,321 +0,0 @@
-# Microsoft Developer Studio Project File - Name="taocrypt" - Package Owner=<4>
-# Microsoft Developer Studio Generated Build File, Format Version 6.00
-# ** DO NOT EDIT **
-
-# TARGTYPE "Win32 (x86) Static Library" 0x0104
-
-CFG=taocrypt - Win32 Debug
-!MESSAGE This is not a valid makefile. To build this project using NMAKE,
-!MESSAGE use the Export Makefile command and run
-!MESSAGE 
-!MESSAGE NMAKE /f "taocrypt.mak".
-!MESSAGE 
-!MESSAGE You can specify a configuration when running NMAKE
-!MESSAGE by defining the macro CFG on the command line. For example:
-!MESSAGE 
-!MESSAGE NMAKE /f "taocrypt.mak" CFG="taocrypt - Win32 Debug"
-!MESSAGE 
-!MESSAGE Possible choices for configuration are:
-!MESSAGE 
-!MESSAGE "taocrypt - Win32 Release" (based on "Win32 (x86) Static Library")
-!MESSAGE "taocrypt - Win32 Debug" (based on "Win32 (x86) Static Library")
-!MESSAGE 
-
-# Begin Project
-# PROP AllowPerConfigDependencies 0
-# PROP Scc_ProjName ""
-# PROP Scc_LocalPath ""
-CPP=cl.exe
-RSC=rc.exe
-
-!IF  "$(CFG)" == "taocrypt - Win32 Release"
-
-# PROP BASE Use_MFC 0
-# PROP BASE Use_Debug_Libraries 0
-# PROP BASE Output_Dir "taocrypt___Win32_Release"
-# PROP BASE Intermediate_Dir "taocrypt___Win32_Release"
-# PROP BASE Target_Dir ""
-# PROP Use_MFC 0
-# PROP Use_Debug_Libraries 0
-# PROP Output_Dir "Release"
-# PROP Intermediate_Dir "Release"
-# PROP Target_Dir ""
-# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_MBCS" /D "_LIB" /YX /FD /c
-# ADD CPP /nologo /G6 /MT /W3 /O2 /I "include" /I "mySTL" /D "WIN32" /D "NDEBUG" /D "_MBCS" /D "_LIB" /YX /FD /c
-# ADD BASE RSC /l 0x409 /d "NDEBUG"
-# ADD RSC /l 0x409 /d "NDEBUG"
-BSC32=bscmake.exe
-# ADD BASE BSC32 /nologo
-# ADD BSC32 /nologo
-LIB32=link.exe -lib
-# ADD BASE LIB32 /nologo
-# ADD LIB32 /nologo
-
-!ELSEIF  "$(CFG)" == "taocrypt - Win32 Debug"
-
-# PROP BASE Use_MFC 0
-# PROP BASE Use_Debug_Libraries 1
-# PROP BASE Output_Dir "taocrypt___Win32_Debug"
-# PROP BASE Intermediate_Dir "taocrypt___Win32_Debug"
-# PROP BASE Target_Dir ""
-# PROP Use_MFC 0
-# PROP Use_Debug_Libraries 1
-# PROP Output_Dir "Debug"
-# PROP Intermediate_Dir "Debug"
-# PROP Target_Dir ""
-# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_MBCS" /D "_LIB" /YX /FD /GZ /c
-# ADD CPP /nologo /MTd /W3 /Gm /ZI /Od /I "include" /I "mySTL" /D "WIN32" /D "_DEBUG" /D "_MBCS" /D "_LIB" /YX /FD /GZ /c
-# SUBTRACT CPP /Fr
-# ADD BASE RSC /l 0x409 /d "_DEBUG"
-# ADD RSC /l 0x409 /d "_DEBUG"
-BSC32=bscmake.exe
-# ADD BASE BSC32 /nologo
-# ADD BSC32 /nologo
-LIB32=link.exe -lib
-# ADD BASE LIB32 /nologo
-# ADD LIB32 /nologo
-
-!ENDIF 
-
-# Begin Target
-
-# Name "taocrypt - Win32 Release"
-# Name "taocrypt - Win32 Debug"
-# Begin Group "Source Files"
-
-# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"
-# Begin Source File
-
-SOURCE=.\src\aes.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\aestables.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\algebra.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\arc4.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\asn.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\bftables.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\blowfish.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\coding.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\des.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\dh.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\dsa.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\file.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\hash.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\hc128.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\integer.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\md2.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\md4.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\md5.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\misc.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\rabbit.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\random.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\ripemd.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\rsa.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\sha.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\tftables.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\twofish.cpp
-# End Source File
-# End Group
-# Begin Group "Header Files"
-
-# PROP Default_Filter "h;hpp;hxx;hm;inl"
-# Begin Source File
-
-SOURCE=.\include\aes.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\algebra.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\arc4.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\asn.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\block.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\blowfish.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\coding.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\des.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\dh.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\dsa.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\error.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\file.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\hash.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\hc128.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\hmac.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\integer.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\md2.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\md4.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\md5.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\misc.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\modarith.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\modes.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\pwdbased.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\rabbit.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\random.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\ripemd.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\rsa.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\sha.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\twofish.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\type_traits.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\types.hpp
-# End Source File
-# End Group
-# End Target
-# End Project
diff --git a/extra/yassl/taocrypt/taocrypt.dsw b/extra/yassl/taocrypt/taocrypt.dsw
deleted file mode 100644
index 43115069160..00000000000
--- a/extra/yassl/taocrypt/taocrypt.dsw
+++ /dev/null
@@ -1,59 +0,0 @@
-Microsoft Developer Studio Workspace File, Format Version 6.00
-# WARNING: DO NOT EDIT OR DELETE THIS WORKSPACE FILE!
-
-###############################################################################
-
-Project: "benchmark"=.\benchmark\benchmark.dsp - Package Owner=<4>
-
-Package=<5>
-{{{
-}}}
-
-Package=<4>
-{{{
-    Begin Project Dependency
-    Project_Dep_Name taocrypt
-    End Project Dependency
-}}}
-
-###############################################################################
-
-Project: "taocrypt"=.\taocrypt.dsp - Package Owner=<4>
-
-Package=<5>
-{{{
-}}}
-
-Package=<4>
-{{{
-}}}
-
-###############################################################################
-
-Project: "test"=.\test\test.dsp - Package Owner=<4>
-
-Package=<5>
-{{{
-}}}
-
-Package=<4>
-{{{
-    Begin Project Dependency
-    Project_Dep_Name taocrypt
-    End Project Dependency
-}}}
-
-###############################################################################
-
-Global:
-
-Package=<5>
-{{{
-}}}
-
-Package=<3>
-{{{
-}}}
-
-###############################################################################
-
diff --git a/extra/yassl/taocrypt/test.dsw b/extra/yassl/taocrypt/test.dsw
deleted file mode 100644
index b5c03bc6e03..00000000000
--- a/extra/yassl/taocrypt/test.dsw
+++ /dev/null
@@ -1,29 +0,0 @@
-Microsoft Developer Studio Workspace File, Format Version 6.00
-# WARNING: DO NOT EDIT OR DELETE THIS WORKSPACE FILE!
-
-###############################################################################
-
-Project: "test"=.\test.dsp - Package Owner=<4>
-
-Package=<5>
-{{{
-}}}
-
-Package=<4>
-{{{
-}}}
-
-###############################################################################
-
-Global:
-
-Package=<5>
-{{{
-}}}
-
-Package=<3>
-{{{
-}}}
-
-###############################################################################
-
diff --git a/extra/yassl/taocrypt/test/make.bat b/extra/yassl/taocrypt/test/make.bat
deleted file mode 100755
index cfb762ce847..00000000000
--- a/extra/yassl/taocrypt/test/make.bat
+++ /dev/null
@@ -1,24 +0,0 @@
-REM Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved.
-REM 
-REM This program is free software; you can redistribute it and/or modify
-REM it under the terms of the GNU General Public License as published by
-REM the Free Software Foundation; version 2 of the License.
-REM 
-REM This program is distributed in the hope that it will be useful,
-REM but WITHOUT ANY WARRANTY; without even the implied warranty of
-REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-REM GNU General Public License for more details.
-REM 
-REM You should have received a copy of the GNU General Public License
-REM along with this program; if not, write to the Free Software
-REM Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1335  USA
-
-REM quick and dirty build file for testing different MSDEVs
-setlocal 
-
-set myFLAGS= /I../include /I../mySTL /c /W3 /G6 /O2
-
-cl %myFLAGS% test.cpp
-
-link.exe  /out:test.exe ../src/taocrypt.lib test.obj advapi32.lib
-
diff --git a/extra/yassl/taocrypt/test/memory.cpp b/extra/yassl/taocrypt/test/memory.cpp
deleted file mode 100644
index 99f1fd646d4..00000000000
--- a/extra/yassl/taocrypt/test/memory.cpp
+++ /dev/null
@@ -1,359 +0,0 @@
-/*
-   Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-// memory.cpp
-#include "../../include/lock.hpp"     // locking
-#include           // std::bad_alloc
-#include       // malloc
-#include       // memset
-#include       // ofstream
-#include       // stringstream
-#include       // assert
-#include       // setiosflags
-
-/*********************************************************************
-
-To use MemoryTracker merely add this file to your project
-No need to instantiate anything
-
-If your app is multi threaded define MULTI_THREADED
-
-*********************************************************************/
-
-
-// locals
-namespace {
-
-class MemoryTracker {
-    std::ofstream log_;
-public:
-    MemoryTracker();
-    ~MemoryTracker();
-private:
-    MemoryTracker(const MemoryTracker&);             // hide copy
-    MemoryTracker& operator=(const MemoryTracker&);  // and assign
-
-    void LogStats();
-};
-
-
-struct alloc_node {
-    alloc_node* left_;
-    alloc_node* right_;
-  
-    alloc_node() : left_(0), right_(0) {}
-};
-
-
-alloc_node* Root = 0;
-
-size_t Allocs    = 0;
-size_t DeAllocs  = 0;
-size_t Bytes     = 0;
-
-
-struct size_tracker {
-    size_t size_;
-    size_t count_;
-};
-
-size_tracker sizes[] = 
-{
-    {0,0},
-    {2,0},
-    {4,0},
-    {8,0},
-    {16,0},
-    {32,0},
-    {64,0},
-    {128,0},
-    {256,0},
-    {512,0},
-    {1024,0},
-    {2048,0},
-    {4096,0},
-    {8192,0},
-};
-
-const size_t size_elements(sizeof(sizes) / sizeof(size_tracker));
-
-bool Tracking(false);
-
-using   yaSSL::Mutex;
-typedef Mutex::Lock Lock;
-
-Mutex mutex;
-
-MemoryTracker theTracker;
-
-
-bool lookup(alloc_node*& find, void* key, alloc_node*& prev)
-{
-    bool found(false);
-
-    while (find) {
-        if (find == key) {
-            found = true;
-            break;
-        }
-        prev = find;
-        if (key < find)
-            find = find->left_;
-        else
-            find = find->right_;
-    }
-    return found;
-}
-
-
-// iterative insert
-void insert(alloc_node* entry)
-{
-    if (!Root) {
-        Root = entry;
-        return;
-    }
-       
-    alloc_node* tmp  = Root;
-    alloc_node* prev = 0;
-
-    if (lookup(tmp, entry, prev)) 
-        assert(0); // duplicate
-
-    if (entry < prev)
-        prev->left_  = entry;
-    else
-        prev->right_ = entry;
-}
-
-
-alloc_node* predecessorSwap(alloc_node* del)
-{
-    alloc_node* pred = del->left_;
-    alloc_node* predPrev = del;
-
-    while (pred->right_) {
-        predPrev = pred;
-        pred = pred->right_;
-    }
-    if (predPrev == del)
-        predPrev->left_  = pred->left_;
-    else
-        predPrev->right_ = pred->left_;
-
-    pred->left_  = del->left_;
-    pred->right_ = del->right_;
-
-    return pred;
-}
-
-
-// iterative remove
-void remove(void* ptr)
-{
-    alloc_node* del  = Root;
-    alloc_node* prev = 0;
-    alloc_node* replace = 0;
-
-    if ( lookup(del, ptr, prev) == false)
-        assert(0); // oops, not there
-
-    if (del->left_ && del->right_)          // two children
-        replace = predecessorSwap(del);
-    else if (!del->left_ && !del->right_)   // no children
-        replace = 0;
-    else                                    // one child
-        replace = (del->left_) ? del->left_ : del->right_;
-
-    if (del == Root)
-        Root = replace;
-    else if (prev->left_ == del)
-        prev->left_  = replace;
-    else
-        prev->right_ = replace;
-}
-
-
-typedef void (*fp)(alloc_node*, void*);
-
-void applyInOrder(alloc_node* root, fp f, void* arg)
-{
-    if (root == 0)
-        return;
-    
-    applyInOrder(root->left_,  f, arg);
-    f(root, arg);
-    applyInOrder(root->right_, f, arg);
-}
-
-
-void show(alloc_node* ptr, void* arg)
-{
-    std::ofstream* log = static_cast(arg);
-    *log << ptr << '\n';
-}
-
-
-MemoryTracker::MemoryTracker() : log_("memory.log")
-{
-#ifdef __GNUC__
-    // Force pool allocator to cleanup at exit
-    setenv("GLIBCPP_FORCE_NEW", "1", 0);
-#endif
-
-#ifdef _MSC_VER
-    // msvc6 needs to create Facility for ostream before main starts, otherwise
-    // if another ostream is created and destroyed in main scope, log stats
-    // will access a dead Facility reference (std::numput)
-    int msvcFac = 6;
-    log_ << "MSVC " << msvcFac << "workaround" << std::endl; 
-#endif
-
-
-    Tracking = true;
-}
-
-
-MemoryTracker::~MemoryTracker()
-{
-    // stop tracking before log (which will alloc on output)
-    Tracking = false;
-    LogStats();
-
-    //assert(Allocs == DeAllocs);
-    //assert(Root == 0);
-}
-
-
-void MemoryTracker::LogStats()
-{
-    log_ << "Number of Allocs:     " << Allocs    << '\n';
-    log_ << "Number of DeAllocs:   " << DeAllocs  << '\n';
-    log_ << "Number of bytes used: " << Bytes     << '\n';
-
-    log_ << "Alloc size table:\n";
-    log_ << " Bytes " << '\t' << "   Times\n";
-
-    for (size_t i = 0; i < size_elements; ++i) {
-        log_ << " " << sizes[i].size_  << "  " << '\t';
-        log_ << std::setiosflags(std::ios::right) << std::setw(8);
-        log_ << sizes[i].count_ << '\n';
-    }
-
-    if (Allocs != DeAllocs) {
-        log_<< "Showing new'd allocs with no deletes" << '\n';
-        applyInOrder(Root, show, &log_);
-    }
-    log_.flush();
-}
-
-
-// return power of 2 up to size_tracker elements
-size_t powerOf2(size_t sz)
-{
-    size_t shifts = 0;
-
-    if (sz)
-        sz -= 1;
-    else
-        return 0;
-	   
-    while (sz) {
-        sz >>= 1;
-        ++shifts;
-    }
-
-    return shifts < size_elements ? shifts : size_elements;
-}
-
-
-} // namespace local
-
-
-void* operator new(size_t sz)
-{
-    // put alloc node in front of requested memory
-    void* ptr = malloc(sz + sizeof(alloc_node));
-    if (ptr) {
-        if (Tracking) {
-            Lock l(mutex);
-            ++Allocs;
-            Bytes += sz;
-            ++sizes[powerOf2(sz)].count_;
-            insert(new (ptr) alloc_node);
-        }
-        return static_cast(ptr) + sizeof(alloc_node);
-    }
-    else
-        assert(0);
-}
-
-
-void operator delete(void* ptr)
-{
-    if (ptr) {
-        ptr = static_cast(ptr) - sizeof(alloc_node);  // correct offset
-        if (Tracking) {
-            Lock l(mutex);
-            ++DeAllocs;
-            remove(ptr);
-        }
-        free(ptr);
-    }
-}
-
-
-void* operator new[](size_t sz)
-{
-    return ::operator new(sz);
-}
-
-
-void operator delete[](void* ptr)
-{
-    ::operator delete(ptr);
-}
-
-
-extern "C" {
-
-void* XMALLOC(size_t sz, void* head)
-{
-    return ::operator new(sz);
-}
-
-void* XREALLOC(void* ptr, size_t sz, void* heap)
-{
-    void* ret = ::operator new(sz);
-
-    if (ret && ptr)
-        memcpy(ret, ptr, sz);
-
-    if (ret)
-        ::operator delete(ptr);
-    return ret;
-}
-
-
-void XFREE(void* ptr, void* heap)
-{
-    ::operator delete(ptr);
-}
-
-}  // extern "C"
-
diff --git a/extra/yassl/taocrypt/test/test.cpp b/extra/yassl/taocrypt/test/test.cpp
deleted file mode 100644
index cf1ec551fe3..00000000000
--- a/extra/yassl/taocrypt/test/test.cpp
+++ /dev/null
@@ -1,1358 +0,0 @@
-/*
-   Copyright (c) 2006, 2014, Oracle and/or its affiliates.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-// test.cpp
-// test taocrypt functionality
-
-#ifdef HAVE_CONFIG_H
-#include "config.h"
-#endif
-
-#include 
-#include 
-
-#include "runtime.hpp"
-#include "sha.hpp"
-#include "md5.hpp"
-#include "md2.hpp"
-#include "md4.hpp"
-#include "ripemd.hpp"
-#include "hmac.hpp"
-#include "arc4.hpp"
-#include "des.hpp"
-#include "rsa.hpp"
-#include "dsa.hpp"
-#include "aes.hpp"
-#include "twofish.hpp"
-#include "blowfish.hpp"
-#include "asn.hpp"
-#include "dh.hpp"
-#include "coding.hpp"
-#include "random.hpp"
-#include "pwdbased.hpp"
-#include "rabbit.hpp"
-#include "hc128.hpp"
-
-
-
-using TaoCrypt::byte;
-using TaoCrypt::word32;
-using TaoCrypt::SHA;
-using TaoCrypt::SHA256;
-using TaoCrypt::SHA224;
-#ifdef WORD64_AVAILABLE
-    using TaoCrypt::SHA512;
-    using TaoCrypt::SHA384;
-#endif
-using TaoCrypt::MD5;
-using TaoCrypt::MD2;
-using TaoCrypt::MD4;
-using TaoCrypt::RIPEMD160;
-using TaoCrypt::HMAC;
-using TaoCrypt::ARC4;
-using TaoCrypt::DES_EDE3_CBC_Encryption;
-using TaoCrypt::DES_EDE3_CBC_Decryption;
-using TaoCrypt::DES_CBC_Encryption;
-using TaoCrypt::DES_CBC_Decryption;
-using TaoCrypt::DES_ECB_Encryption;
-using TaoCrypt::DES_ECB_Decryption;
-using TaoCrypt::AES_CBC_Encryption;
-using TaoCrypt::AES_CBC_Decryption;
-using TaoCrypt::AES_ECB_Encryption;
-using TaoCrypt::AES_ECB_Decryption;
-using TaoCrypt::Twofish_CBC_Encryption;
-using TaoCrypt::Twofish_CBC_Decryption;
-using TaoCrypt::Twofish_ECB_Encryption;
-using TaoCrypt::Twofish_ECB_Decryption;
-using TaoCrypt::Blowfish_CBC_Encryption;
-using TaoCrypt::Blowfish_CBC_Decryption;
-using TaoCrypt::Blowfish_ECB_Encryption;
-using TaoCrypt::Blowfish_ECB_Decryption;
-using TaoCrypt::RSA_PrivateKey;
-using TaoCrypt::RSA_PublicKey;
-using TaoCrypt::DSA_PrivateKey;
-using TaoCrypt::DSA_PublicKey;
-using TaoCrypt::DSA_Signer;
-using TaoCrypt::DSA_Verifier;
-using TaoCrypt::RSAES_Encryptor;
-using TaoCrypt::RSAES_Decryptor;
-using TaoCrypt::Source;
-using TaoCrypt::FileSource;
-using TaoCrypt::FileSource;
-using TaoCrypt::HexDecoder;
-using TaoCrypt::HexEncoder;
-using TaoCrypt::Base64Decoder;
-using TaoCrypt::Base64Encoder;
-using TaoCrypt::CertDecoder;
-using TaoCrypt::DH;
-using TaoCrypt::EncodeDSA_Signature;
-using TaoCrypt::DecodeDSA_Signature;
-using TaoCrypt::PBKDF2_HMAC;
-using TaoCrypt::tcArrayDelete;
-using TaoCrypt::GetCert;
-using TaoCrypt::GetPKCS_Cert;
-using TaoCrypt::Rabbit;
-using TaoCrypt::HC128;
-
-struct testVector {
-    byte*  input_;
-    byte*  output_; 
-    word32 inLen_;
-    word32 outLen_;
-
-    testVector(const char* in, const char* out) : input_((byte*)in),
-               output_((byte*)out), inLen_((word32)strlen(in)),
-               outLen_((word32)strlen(out)) {}
-};
-
-int  sha_test();
-int  sha256_test();
-#ifdef WORD64_AVAILABLE
-    int  sha512_test();
-    int  sha384_test();
-#endif
-int  sha224_test();
-int  md5_test();
-int  md2_test();
-int  md4_test();
-int  ripemd_test();
-int  hmac_test();
-int  arc4_test();
-int  des_test();
-int  aes_test();
-int  twofish_test();
-int  blowfish_test();
-int  rsa_test();
-int  dsa_test();
-int  dh_test();
-int  pwdbased_test();
-int  pkcs12_test();
-int  rabbit_test();
-int  hc128_test();
-
-TaoCrypt::RandomNumberGenerator rng;
-
-
-void err_sys(const char* msg, int es)
-{
-    printf("%s\n", msg);
-    exit(es);    
-}
-
-// func_args from test.hpp, so don't have to pull in other junk
-struct func_args {
-    int    argc;
-    char** argv;
-    int    return_code;
-};
-
-
-/* 
-   DES, AES, Blowfish, and Twofish need aligned (4 byte) input/output for
-   processing, can turn this off by setting gpBlock(assumeAligned = false)
-   but would hurt performance.  yaSSL always uses dynamic memory so we have
-   at least 8 byte alignment.  This test tried to force alignment for stack
-   variables (for convenience) but some compiler versions and optimizations
-   seemed to be off.  So we have msgTmp variable which we copy into dynamic
-   memory at runtime to ensure proper alignment, along with plain/cipher.
-   Whew!
-*/
-const byte msgTmp[] = { // "now is the time for all " w/o trailing 0
-    0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
-    0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
-    0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
-};
-
-byte* msg    = 0;   // for block cipher input
-byte* plain  = 0;   // for cipher decrypt comparison 
-byte* cipher = 0;   // block output
-
-
-void taocrypt_test(void* args)
-{
-    ((func_args*)args)->return_code = -1; // error state
-
-    msg    = NEW_TC byte[24];
-    plain  = NEW_TC byte[24];
-    cipher = NEW_TC byte[24];
-
-    memcpy(msg, msgTmp, 24);
-
-    int ret = 0;
-    if ( (ret = sha_test()) ) 
-        err_sys("SHA      test failed!\n", ret);
-    else
-        printf( "SHA      test passed!\n");
-
-    if ( (ret = sha256_test()) ) 
-        err_sys("SHA-256  test failed!\n", ret);
-    else
-        printf( "SHA-256  test passed!\n");
-
-    if ( (ret = sha224_test()) ) 
-        err_sys("SHA-224  test failed!\n", ret);
-    else
-        printf( "SHA-224  test passed!\n");
-
-#ifdef WORD64_AVAILABLE
-
-    if ( (ret = sha512_test()) ) 
-        err_sys("SHA-512  test failed!\n", ret);
-    else
-        printf( "SHA-512  test passed!\n");
-
-    if ( (ret = sha384_test()) ) 
-        err_sys("SHA-384  test failed!\n", ret);
-    else
-        printf( "SHA-384  test passed!\n");
-
-#endif
-
-    if ( (ret = md5_test()) ) 
-        err_sys("MD5      test failed!\n", ret);
-    else
-        printf( "MD5      test passed!\n");
-
-    if ( (ret = md2_test()) ) 
-        err_sys("MD2      test failed!\n", ret);
-    else
-        printf( "MD2      test passed!\n");
-
-    if ( (ret = md4_test()) ) 
-        err_sys("MD4      test failed!\n", ret);
-    else
-        printf( "MD4      test passed!\n");
-
-    if ( (ret = ripemd_test()) )
-        err_sys("RIPEMD   test failed!\n", ret);
-    else
-        printf( "RIPEMD   test passed!\n");
-
-    if ( ( ret = hmac_test()) )
-        err_sys("HMAC     test failed!\n", ret);
-    else
-        printf( "HMAC     test passed!\n");
-
-    if ( (ret = arc4_test()) )
-        err_sys("ARC4     test failed!\n", ret);
-    else
-        printf( "ARC4     test passed!\n");
-
-    if ( (ret = rabbit_test()) )
-        err_sys("Rabbit   test failed!\n", ret);
-    else
-        printf( "Rabbit   test passed!\n");
-
-    if ( (ret = hc128_test()) )
-        err_sys("HC128    test failed!\n", ret);
-    else
-        printf( "HC128    test passed!\n");
-
-    if ( (ret = des_test()) )
-        err_sys("DES      test failed!\n", ret);
-    else
-        printf( "DES      test passed!\n");
-
-    if ( (ret = aes_test()) )
-        err_sys("AES      test failed!\n", ret);
-    else
-        printf( "AES      test passed!\n");
-
-    if ( (ret = twofish_test()) )
-        err_sys("Twofish  test failed!\n", ret);
-    else
-        printf( "Twofish  test passed!\n");
-
-    if ( (ret = blowfish_test()) )
-        err_sys("Blowfish test failed!\n", ret);
-    else
-        printf( "Blowfish test passed!\n");
-
-    if ( (ret = rsa_test()) )
-        err_sys("RSA      test failed!\n", ret);
-    else
-        printf( "RSA      test passed!\n");
-
-    if ( (ret = dh_test()) )
-        err_sys("DH       test failed!\n", ret);
-    else
-        printf( "DH       test passed!\n");
-
-    if ( (ret = dsa_test()) )
-        err_sys("DSA      test failed!\n", ret);
-    else
-        printf( "DSA      test passed!\n");
-
-    if ( (ret = pwdbased_test()) )
-        err_sys("PBKDF2   test failed!\n", ret);
-    else
-        printf( "PBKDF2   test passed!\n");
-
-    /* not ready yet
-    if ( (ret = pkcs12_test()) )
-        err_sys("PKCS12   test failed!\n", ret);
-    else
-        printf( "PKCS12   test passed!\n");
-    */
-
-    tcArrayDelete(cipher);
-    tcArrayDelete(plain);
-    tcArrayDelete(msg);
-
-    ((func_args*)args)->return_code = ret;
-}
-
-
-// so overall tests can pull in test function 
-#ifndef NO_MAIN_DRIVER
-
-    int main(int argc, char** argv)
-    {
-        func_args args;
-
-        args.argc = argc;
-        args.argv = argv;
-
-        taocrypt_test(&args);
-        TaoCrypt::CleanUp();
-
-        return args.return_code;
-    }
-
-#endif // NO_MAIN_DRIVER
-
-
-void file_test(const char* file, byte* check)
-{
-    FILE* f;
-    int i = 0;
-    MD5    md5;
-    byte   buf[1024];
-    byte   md5sum[MD5::DIGEST_SIZE];
-    
-    if( !( f = fopen( file, "rb" ) )) {
-        printf("Can't open %s\n", file);
-        return;
-    }
-    while( ( i = (int)fread(buf, 1, sizeof(buf), f )) > 0 )
-        md5.Update(buf, i);
-    
-    md5.Final(md5sum);
-    memcpy(check, md5sum, sizeof(md5sum));
-
-    for(int j = 0; j < MD5::DIGEST_SIZE; ++j ) 
-        printf( "%02x", md5sum[j] );
-   
-    printf("  %s\n", file);
-
-    fclose(f);
-}
-
-
-int sha_test()
-{
-    SHA  sha;
-    byte hash[SHA::DIGEST_SIZE];
-
-    testVector test_sha[] =
-    {
-        testVector("abc", 
-                 "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E\x25\x71\x78\x50\xC2"
-                 "\x6C\x9C\xD0\xD8\x9D"),
-        testVector("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
-                 "\x84\x98\x3E\x44\x1C\x3B\xD2\x6E\xBA\xAE\x4A\xA1\xF9\x51\x29"
-                 "\xE5\xE5\x46\x70\xF1"),
-        testVector("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-                 "aaaaaa", 
-                 "\x00\x98\xBA\x82\x4B\x5C\x16\x42\x7B\xD7\xA1\x12\x2A\x5A\x44"
-                 "\x2A\x25\xEC\x64\x4D"),
-        testVector("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-                 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-                 "aaaaaaaaaa",
-                 "\xAD\x5B\x3F\xDB\xCB\x52\x67\x78\xC2\x83\x9D\x2F\x15\x1E\xA7"
-                 "\x53\x99\x5E\x26\xA0")  
-    };
-
-    int times( sizeof(test_sha) / sizeof(testVector) );
-    for (int i = 0; i < times; ++i) {
-        sha.Update(test_sha[i].input_, test_sha[i].inLen_);
-        sha.Final(hash);
-
-        if (memcmp(hash, test_sha[i].output_, SHA::DIGEST_SIZE) != 0)
-            return -1 - i;
-    }
-
-    return 0;
-}
-
-
-int sha256_test()
-{
-    SHA256 sha;
-    byte   hash[SHA256::DIGEST_SIZE];
-
-    testVector test_sha[] =
-    {
-        testVector("abc",
-                 "\xBA\x78\x16\xBF\x8F\x01\xCF\xEA\x41\x41\x40\xDE\x5D\xAE\x22"
-                 "\x23\xB0\x03\x61\xA3\x96\x17\x7A\x9C\xB4\x10\xFF\x61\xF2\x00"
-                 "\x15\xAD"),
-        testVector("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
-                 "\x24\x8D\x6A\x61\xD2\x06\x38\xB8\xE5\xC0\x26\x93\x0C\x3E\x60"
-                 "\x39\xA3\x3C\xE4\x59\x64\xFF\x21\x67\xF6\xEC\xED\xD4\x19\xDB"
-                 "\x06\xC1")
-    };
-
-    int times( sizeof(test_sha) / sizeof(testVector) );
-    for (int i = 0; i < times; ++i) {
-        sha.Update(test_sha[i].input_, test_sha[i].inLen_);
-        sha.Final(hash);
-
-        if (memcmp(hash, test_sha[i].output_, SHA256::DIGEST_SIZE) != 0)
-            return -1 - i;
-    }
-
-    return 0;
-}
-
-
-#ifdef WORD64_AVAILABLE
-
-int sha512_test()
-{
-    SHA512 sha;
-    byte   hash[SHA512::DIGEST_SIZE];
-
-    testVector test_sha[] =
-    {
-        testVector("abc",
-                 "\xdd\xaf\x35\xa1\x93\x61\x7a\xba\xcc\x41\x73\x49\xae\x20\x41"
-                 "\x31\x12\xe6\xfa\x4e\x89\xa9\x7e\xa2\x0a\x9e\xee\xe6\x4b\x55"
-                 "\xd3\x9a\x21\x92\x99\x2a\x27\x4f\xc1\xa8\x36\xba\x3c\x23\xa3"
-                 "\xfe\xeb\xbd\x45\x4d\x44\x23\x64\x3c\xe8\x0e\x2a\x9a\xc9\x4f"
-                 "\xa5\x4c\xa4\x9f"),
-        testVector("abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi"
-                   "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu", 
-                 "\x8e\x95\x9b\x75\xda\xe3\x13\xda\x8c\xf4\xf7\x28\x14\xfc\x14"
-                 "\x3f\x8f\x77\x79\xc6\xeb\x9f\x7f\xa1\x72\x99\xae\xad\xb6\x88"
-                 "\x90\x18\x50\x1d\x28\x9e\x49\x00\xf7\xe4\x33\x1b\x99\xde\xc4"
-                 "\xb5\x43\x3a\xc7\xd3\x29\xee\xb6\xdd\x26\x54\x5e\x96\xe5\x5b"
-                 "\x87\x4b\xe9\x09")
-    };
-
-    int times( sizeof(test_sha) / sizeof(testVector) );
-    for (int i = 0; i < times; ++i) {
-        sha.Update(test_sha[i].input_, test_sha[i].inLen_);
-        sha.Final(hash);
-
-        if (memcmp(hash, test_sha[i].output_, SHA512::DIGEST_SIZE) != 0)
-            return -1 - i;
-    }
-
-    return 0;
-}
-
-
-int sha384_test()
-{
-    SHA384 sha;
-    byte   hash[SHA384::DIGEST_SIZE];
-
-    testVector test_sha[] =
-    {
-        testVector("abc",
-                 "\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50"
-                 "\x07\x27\x2c\x32\xab\x0e\xde\xd1\x63\x1a\x8b\x60\x5a\x43\xff"
-                 "\x5b\xed\x80\x86\x07\x2b\xa1\xe7\xcc\x23\x58\xba\xec\xa1\x34"
-                 "\xc8\x25\xa7"),
-        testVector("abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi"
-                   "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu", 
-                 "\x09\x33\x0c\x33\xf7\x11\x47\xe8\x3d\x19\x2f\xc7\x82\xcd\x1b"
-                 "\x47\x53\x11\x1b\x17\x3b\x3b\x05\xd2\x2f\xa0\x80\x86\xe3\xb0"
-                 "\xf7\x12\xfc\xc7\xc7\x1a\x55\x7e\x2d\xb9\x66\xc3\xe9\xfa\x91"
-                 "\x74\x60\x39")
-    };
-
-    int times( sizeof(test_sha) / sizeof(testVector) );
-    for (int i = 0; i < times; ++i) {
-        sha.Update(test_sha[i].input_, test_sha[i].inLen_);
-        sha.Final(hash);
-
-        if (memcmp(hash, test_sha[i].output_, SHA384::DIGEST_SIZE) != 0)
-            return -1 - i;
-    }
-
-    return 0;
-}
-
-#endif // WORD64_AVAILABLE
-
-
-int sha224_test()
-{
-    SHA224 sha;
-    byte   hash[SHA224::DIGEST_SIZE];
-
-    testVector test_sha[] =
-    {
-        testVector("abc",
-                 "\x23\x09\x7d\x22\x34\x05\xd8\x22\x86\x42\xa4\x77\xbd\xa2\x55"
-                 "\xb3\x2a\xad\xbc\xe4\xbd\xa0\xb3\xf7\xe3\x6c\x9d\xa7"),
-        testVector("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
-                 "\x75\x38\x8b\x16\x51\x27\x76\xcc\x5d\xba\x5d\xa1\xfd\x89\x01"
-                 "\x50\xb0\xc6\x45\x5c\xb4\xf5\x8b\x19\x52\x52\x25\x25")
-    };
-
-    int times( sizeof(test_sha) / sizeof(testVector) );
-    for (int i = 0; i < times; ++i) {
-        sha.Update(test_sha[i].input_, test_sha[i].inLen_);
-        sha.Final(hash);
-
-        if (memcmp(hash, test_sha[i].output_, SHA224::DIGEST_SIZE) != 0)
-            return -1 - i;
-    }
-
-    return 0;
-}
-
-
-int md5_test()
-{
-    MD5  md5;
-    byte hash[MD5::DIGEST_SIZE];
-
-    testVector test_md5[] =
-    {
-        testVector("abc", 
-                 "\x90\x01\x50\x98\x3c\xd2\x4f\xb0\xd6\x96\x3f\x7d\x28\xe1\x7f"
-                 "\x72"),
-        testVector("message digest", 
-                 "\xf9\x6b\x69\x7d\x7c\xb7\x93\x8d\x52\x5a\x2f\x31\xaa\xf1\x61"
-                 "\xd0"),
-        testVector("abcdefghijklmnopqrstuvwxyz",
-                 "\xc3\xfc\xd3\xd7\x61\x92\xe4\x00\x7d\xfb\x49\x6c\xca\x67\xe1"
-                 "\x3b"),
-        testVector("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345"
-                 "6789",
-                 "\xd1\x74\xab\x98\xd2\x77\xd9\xf5\xa5\x61\x1c\x2c\x9f\x41\x9d"
-                 "\x9f"),
-        testVector("1234567890123456789012345678901234567890123456789012345678"
-                 "9012345678901234567890",
-                 "\x57\xed\xf4\xa2\x2b\xe3\xc9\x55\xac\x49\xda\x2e\x21\x07\xb6"
-                 "\x7a")
-    };
-
-    int times( sizeof(test_md5) / sizeof(testVector) );
-    for (int i = 0; i < times; ++i) {
-        md5.Update(test_md5[i].input_, test_md5[i].inLen_);
-        md5.Final(hash);
-
-        if (memcmp(hash, test_md5[i].output_, MD5::DIGEST_SIZE) != 0)
-            return -5 - i;
-    }
-
-    return 0;
-}
-
-
-int md4_test()
-{
-    MD4  md4;
-    byte hash[MD4::DIGEST_SIZE];
-
-    testVector test_md4[] =
-    {
-        testVector("",
-                 "\x31\xd6\xcf\xe0\xd1\x6a\xe9\x31\xb7\x3c\x59\xd7\xe0\xc0\x89"
-                 "\xc0"),
-        testVector("a",
-                 "\xbd\xe5\x2c\xb3\x1d\xe3\x3e\x46\x24\x5e\x05\xfb\xdb\xd6\xfb"
-                 "\x24"),
-        testVector("abc", 
-                 "\xa4\x48\x01\x7a\xaf\x21\xd8\x52\x5f\xc1\x0a\xe8\x7a\xa6\x72"
-                 "\x9d"),
-        testVector("message digest", 
-                 "\xd9\x13\x0a\x81\x64\x54\x9f\xe8\x18\x87\x48\x06\xe1\xc7\x01"
-                 "\x4b"),
-        testVector("abcdefghijklmnopqrstuvwxyz",
-                 "\xd7\x9e\x1c\x30\x8a\xa5\xbb\xcd\xee\xa8\xed\x63\xdf\x41\x2d"
-                 "\xa9"),
-        testVector("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345"
-                 "6789",
-                 "\x04\x3f\x85\x82\xf2\x41\xdb\x35\x1c\xe6\x27\xe1\x53\xe7\xf0"
-                 "\xe4"),
-        testVector("1234567890123456789012345678901234567890123456789012345678"
-                 "9012345678901234567890",
-                 "\xe3\x3b\x4d\xdc\x9c\x38\xf2\x19\x9c\x3e\x7b\x16\x4f\xcc\x05"
-                 "\x36")
-    };
-
-    int times( sizeof(test_md4) / sizeof(testVector) );
-    for (int i = 0; i < times; ++i) {
-        md4.Update(test_md4[i].input_, test_md4[i].inLen_);
-        md4.Final(hash);
-
-        if (memcmp(hash, test_md4[i].output_, MD4::DIGEST_SIZE) != 0)
-            return -5 - i;
-    }
-
-    return 0;
-}
-
-
-int md2_test()
-{
-    MD2  md5;
-    byte hash[MD2::DIGEST_SIZE];
-
-    testVector test_md2[] =
-    {
-        testVector("",
-                   "\x83\x50\xe5\xa3\xe2\x4c\x15\x3d\xf2\x27\x5c\x9f\x80\x69"
-                   "\x27\x73"),
-        testVector("a",
-                   "\x32\xec\x01\xec\x4a\x6d\xac\x72\xc0\xab\x96\xfb\x34\xc0"
-                   "\xb5\xd1"),
-        testVector("abc",
-                   "\xda\x85\x3b\x0d\x3f\x88\xd9\x9b\x30\x28\x3a\x69\xe6\xde"
-                   "\xd6\xbb"),
-        testVector("message digest",
-                   "\xab\x4f\x49\x6b\xfb\x2a\x53\x0b\x21\x9f\xf3\x30\x31\xfe"
-                   "\x06\xb0"),
-        testVector("abcdefghijklmnopqrstuvwxyz",
-                   "\x4e\x8d\xdf\xf3\x65\x02\x92\xab\x5a\x41\x08\xc3\xaa\x47"
-                   "\x94\x0b"),
-        testVector("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
-                   "0123456789",
-                   "\xda\x33\xde\xf2\xa4\x2d\xf1\x39\x75\x35\x28\x46\xc3\x03"
-                   "\x38\xcd"),
-        testVector("12345678901234567890123456789012345678901234567890123456"
-                   "789012345678901234567890",
-                   "\xd5\x97\x6f\x79\xd8\x3d\x3a\x0d\xc9\x80\x6c\x3c\x66\xf3"
-                   "\xef\xd8")
-    };
-
-    int times( sizeof(test_md2) / sizeof(testVector) );
-    for (int i = 0; i < times; ++i) {
-        md5.Update(test_md2[i].input_, test_md2[i].inLen_);
-        md5.Final(hash);
-
-        if (memcmp(hash, test_md2[i].output_, MD2::DIGEST_SIZE) != 0)
-            return -10 - i;
-    }
-
-    return 0;
-}
-
-
-int ripemd_test()
-{
-    RIPEMD160  ripe160;
-    byte hash[RIPEMD160::DIGEST_SIZE];
-
-    testVector test_ripemd[] =
-    {
-        testVector("",
-                   "\x9c\x11\x85\xa5\xc5\xe9\xfc\x54\x61\x28\x08\x97\x7e\xe8"
-                   "\xf5\x48\xb2\x25\x8d\x31"),
-        testVector("a",
-                   "\x0b\xdc\x9d\x2d\x25\x6b\x3e\xe9\xda\xae\x34\x7b\xe6\xf4"
-                   "\xdc\x83\x5a\x46\x7f\xfe"),
-        testVector("abc",
-                   "\x8e\xb2\x08\xf7\xe0\x5d\x98\x7a\x9b\x04\x4a\x8e\x98\xc6"
-                   "\xb0\x87\xf1\x5a\x0b\xfc"),
-        testVector("message digest",
-                   "\x5d\x06\x89\xef\x49\xd2\xfa\xe5\x72\xb8\x81\xb1\x23\xa8"
-                   "\x5f\xfa\x21\x59\x5f\x36"),
-        testVector("abcdefghijklmnopqrstuvwxyz",
-                   "\xf7\x1c\x27\x10\x9c\x69\x2c\x1b\x56\xbb\xdc\xeb\x5b\x9d"
-                   "\x28\x65\xb3\x70\x8d\xbc"),
-        testVector("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
-                   "\x12\xa0\x53\x38\x4a\x9c\x0c\x88\xe4\x05\xa0\x6c\x27\xdc"
-                   "\xf4\x9a\xda\x62\xeb\x2b"),
-        testVector("ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123"
-                   "456789",
-                   "\xb0\xe2\x0b\x6e\x31\x16\x64\x02\x86\xed\x3a\x87\xa5\x71"
-                   "\x30\x79\xb2\x1f\x51\x89"),
-        testVector("12345678901234567890123456789012345678901234567890123456"
-                   "789012345678901234567890",
-                   "\x9b\x75\x2e\x45\x57\x3d\x4b\x39\xf4\xdb\xd3\x32\x3c\xab"
-                   "\x82\xbf\x63\x32\x6b\xfb"),
-    };
-
-    int times( sizeof(test_ripemd) / sizeof(testVector) );
-    for (int i = 0; i < times; ++i) {
-        ripe160.Update(test_ripemd[i].input_, test_ripemd[i].inLen_);
-        ripe160.Final(hash);
-
-        if (memcmp(hash, test_ripemd[i].output_, RIPEMD160::DIGEST_SIZE) != 0)
-            return -100 - i;
-    }
-
-    return 0;
-}
-
-
-int hmac_test()
-{
-    HMAC hmacMD5;
-    byte hash[MD5::DIGEST_SIZE];
-
-    const char* keys[]=
-    {
-        "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b",
-        "Jefe",
-        "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
-    };
-
-    testVector test_hmacMD5[] = 
-    {
-        testVector("Hi There",
-                 "\x92\x94\x72\x7a\x36\x38\xbb\x1c\x13\xf4\x8e\xf8\x15\x8b\xfc"
-                 "\x9d"),
-        testVector("what do ya want for nothing?",
-                 "\x75\x0c\x78\x3e\x6a\xb0\xb5\x03\xea\xa8\x6e\x31\x0a\x5d\xb7"
-                 "\x38"),
-        testVector("\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
-                 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
-                 "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
-                 "\xDD\xDD\xDD\xDD\xDD\xDD",
-                 "\x56\xbe\x34\x52\x1d\x14\x4c\x88\xdb\xb8\xc7\x33\xf0\xe8\xb3"
-                 "\xf6")
-    };
-
-    int times( sizeof(test_hmacMD5) / sizeof(testVector) );
-    for (int i = 0; i < times; ++i) {
-        hmacMD5.SetKey((byte*)keys[i], (word32)strlen(keys[i]));
-        hmacMD5.Update(test_hmacMD5[i].input_, test_hmacMD5[i].inLen_);
-        hmacMD5.Final(hash);
-
-        if (memcmp(hash, test_hmacMD5[i].output_, MD5::DIGEST_SIZE) != 0)
-            return -20 - i;
-    }
-
-    return 0;
-}
-
-
-int arc4_test()
-{
-    byte cipher[16];
-    byte plain[16];
-
-    const char* keys[] = 
-    {           
-        "\x01\x23\x45\x67\x89\xab\xcd\xef",
-        "\x01\x23\x45\x67\x89\xab\xcd\xef",
-        "\x00\x00\x00\x00\x00\x00\x00\x00",
-        "\xef\x01\x23\x45"
-    };
-
-    testVector test_arc4[] =
-    {
-        testVector("\x01\x23\x45\x67\x89\xab\xcd\xef",
-                   "\x75\xb7\x87\x80\x99\xe0\xc5\x96"),
-        testVector("\x00\x00\x00\x00\x00\x00\x00\x00",
-                   "\x74\x94\xc2\xe7\x10\x4b\x08\x79"),
-        testVector("\x00\x00\x00\x00\x00\x00\x00\x00",
-                   "\xde\x18\x89\x41\xa3\x37\x5d\x3a"),
-        testVector("\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
-                   "\xd6\xa1\x41\xa7\xec\x3c\x38\xdf\xbd\x61")
-    };
-
-
-    int times( sizeof(test_arc4) / sizeof(testVector) );
-    for (int i = 0; i < times; ++i) {
-        ARC4::Encryption enc;
-        ARC4::Decryption dec;
-
-        enc.SetKey((byte*)keys[i], (word32)strlen(keys[i]));
-        dec.SetKey((byte*)keys[i], (word32)strlen(keys[i]));
-
-        enc.Process(cipher, test_arc4[i].input_, test_arc4[i].outLen_);
-        dec.Process(plain,  cipher, test_arc4[i].outLen_);
-
-        if (memcmp(plain, test_arc4[i].input_, test_arc4[i].outLen_))
-            return -30 - i;
-
-        if (memcmp(cipher, test_arc4[i].output_, test_arc4[i].outLen_))
-            return -40 - i;
-    }
-
-    return 0;
-}
-
-
-int rabbit_test()
-{
-    byte cipher[16];
-    byte plain[16];
-
-    const char* keys[] = 
-    {           
-        "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
-        "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
-        "\xAC\xC3\x51\xDC\xF1\x62\xFC\x3B\xFE\x36\x3D\x2E\x29\x13\x28\x91"
-    };
-
-    const char* ivs[] =
-    {
-        "\x00\x00\x00\x00\x00\x00\x00\x00",
-        "\x59\x7E\x26\xC1\x75\xF5\x73\xC3",
-        0
-    };
-
-
-    testVector test_rabbit[] =
-    {
-        testVector("\x00\x00\x00\x00\x00\x00\x00\x00",
-                   "\xED\xB7\x05\x67\x37\x5D\xCD\x7C"),
-        testVector("\x00\x00\x00\x00\x00\x00\x00\x00",
-                   "\x6D\x7D\x01\x22\x92\xCC\xDC\xE0"),
-        testVector("\x00\x00\x00\x00\x00\x00\x00\x00",
-                   "\x9C\x51\xE2\x87\x84\xC3\x7F\xE9")
-    };
-
-
-    int times( sizeof(test_rabbit) / sizeof(testVector) );
-    for (int i = 0; i < times; ++i) {
-        Rabbit::Encryption enc;
-        Rabbit::Decryption dec;
-
-        enc.SetKey((byte*)keys[i], (byte*)ivs[i]);
-        dec.SetKey((byte*)keys[i], (byte*)ivs[i]);
-
-        enc.Process(cipher, test_rabbit[i].input_, test_rabbit[i].outLen_);
-        dec.Process(plain,  cipher, test_rabbit[i].outLen_);
-
-        if (memcmp(plain, test_rabbit[i].input_, test_rabbit[i].outLen_))
-            return -230 - i;
-
-        if (memcmp(cipher, test_rabbit[i].output_, test_rabbit[i].outLen_))
-            return -240 - i;
-    }
-
-    return 0;
-}
-
-
-int hc128_test()
-{
-    byte cipher[16];
-    byte plain[16];
-
-    const char* keys[] = 
-    {           
-        "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
-        "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
-        "\x00\x53\xA6\xF9\x4C\x9F\xF2\x45\x98\xEB\x3E\x91\xE4\x37\x8A\xDD",
-        "\x0F\x62\xB5\x08\x5B\xAE\x01\x54\xA7\xFA\x4D\xA0\xF3\x46\x99\xEC"
-    };
-
-    const char* ivs[] =
-    {
-        "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
-        "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
-        "\x0D\x74\xDB\x42\xA9\x10\x77\xDE\x45\xAC\x13\x7A\xE1\x48\xAF\x16",
-        "\x28\x8F\xF6\x5D\xC4\x2B\x92\xF9\x60\xC7\x2E\x95\xFC\x63\xCA\x31"
-    };
-
-    testVector test_hc128[] =
-    {
-        testVector("\x00\x00\x00\x00\x00\x00\x00\x00",
-                   "\x37\x86\x02\xB9\x8F\x32\xA7\x48"),
-        testVector("\x00\x00\x00\x00\x00\x00\x00\x00",
-                   "\x33\x7F\x86\x11\xC6\xED\x61\x5F"),
-        testVector("\x00\x00\x00\x00\x00\x00\x00\x00",
-                   "\x2E\x1E\xD1\x2A\x85\x51\xC0\x5A"),
-      testVector("\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
-                 "\x1C\xD8\xAE\xDD\xFE\x52\xE2\x17\xE8\x35\xD0\xB7\xE8\x4E\x29")
-    };
-
-    int times( sizeof(test_hc128) / sizeof(testVector) );
-    for (int i = 0; i < times; ++i) {
-        HC128::Encryption enc;
-        HC128::Decryption dec;
-
-        enc.SetKey((byte*)keys[i], (byte*)ivs[i]);
-        dec.SetKey((byte*)keys[i], (byte*)ivs[i]);
-
-        enc.Process(cipher, test_hc128[i].input_, test_hc128[i].outLen_);
-        dec.Process(plain,  cipher, test_hc128[i].outLen_);
-
-        if (memcmp(plain, test_hc128[i].input_, test_hc128[i].outLen_))
-            return -330 - i;
-
-        if (memcmp(cipher, test_hc128[i].output_, test_hc128[i].outLen_))
-            return -340 - i;
-    }
-
-    return 0;
-}
-
-
-int des_test()
-{
-    //ECB mode
-    DES_ECB_Encryption enc;
-    DES_ECB_Decryption dec;
-
-    const int sz = TaoCrypt::DES_BLOCK_SIZE * 3;
-    const byte key[] = { 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef };
-    const byte iv[] =  { 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef };
-
-    enc.SetKey(key, sizeof(key));
-    enc.Process(cipher, msg, sz);
-    dec.SetKey(key, sizeof(key));
-    dec.Process(plain, cipher, sz);
-
-    if (memcmp(plain, msg, sz))
-        return -50;
-
-    const byte verify1[] = 
-    {
-        0xf9,0x99,0xb8,0x8e,0xaf,0xea,0x71,0x53,
-        0x6a,0x27,0x17,0x87,0xab,0x88,0x83,0xf9,
-        0x89,0x3d,0x51,0xec,0x4b,0x56,0x3b,0x53
-    };
-
-    if (memcmp(cipher, verify1, sz))
-        return -51;
-
-    // CBC mode
-    DES_CBC_Encryption enc2;
-    DES_CBC_Decryption dec2;
-
-    enc2.SetKey(key, sizeof(key), iv);
-    enc2.Process(cipher, msg, sz);
-    dec2.SetKey(key, sizeof(key), iv);
-    dec2.Process(plain, cipher, sz);
-
-    if (memcmp(plain, msg, sz))
-        return -52;
-
-    const byte verify2[] = 
-    {
-        0x8b,0x7c,0x52,0xb0,0x01,0x2b,0x6c,0xb8,
-        0x4f,0x0f,0xeb,0xf3,0xfb,0x5f,0x86,0x73,
-        0x15,0x85,0xb3,0x22,0x4b,0x86,0x2b,0x4b
-    };
-
-    if (memcmp(cipher, verify2, sz))
-        return -53;
-
-    // EDE3 CBC mode
-    DES_EDE3_CBC_Encryption enc3;
-    DES_EDE3_CBC_Decryption dec3;
-
-    const byte key3[] = 
-    {
-        0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
-        0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10,
-        0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
-    };
-    const byte iv3[] = 
-    {
-        0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef,
-        0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
-        0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81
-        
-    };
-
-    enc3.SetKey(key3, sizeof(key3), iv3);
-    enc3.Process(cipher, msg, sz);
-    dec3.SetKey(key3, sizeof(key3), iv3);
-    dec3.Process(plain, cipher, sz);
-
-    if (memcmp(plain, msg, sz))
-        return -54;
-
-    const byte verify3[] = 
-    {
-        0x08,0x8a,0xae,0xe6,0x9a,0xa9,0xc1,0x13,
-        0x93,0x7d,0xf7,0x3a,0x11,0x56,0x66,0xb3,
-        0x18,0xbc,0xbb,0x6d,0xd2,0xb1,0x16,0xda
-    };
-
-    if (memcmp(cipher, verify3, sz))
-        return -55;
-
-    return 0;
-}
-
-
-int aes_test()
-{
-    AES_CBC_Encryption enc;
-    AES_CBC_Decryption dec;
-    const int bs(TaoCrypt::AES::BLOCK_SIZE);
-
-    byte key[] = "0123456789abcdef   ";  // align
-    byte iv[]  = "1234567890abcdef   ";  // align
-
-    enc.SetKey(key, bs, iv);
-    dec.SetKey(key, bs, iv);
-
-    enc.Process(cipher, msg, bs);
-    dec.Process(plain, cipher, bs);
-
-    if (memcmp(plain, msg, bs))
-        return -60;
-
-    const byte verify[] = 
-    {
-        0x95,0x94,0x92,0x57,0x5f,0x42,0x81,0x53,
-        0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb
-    };
-
-    if (memcmp(cipher, verify, bs))
-        return -61;
-
-    AES_ECB_Encryption enc2;
-    AES_ECB_Decryption dec2;
-
-    enc2.SetKey(key, bs, iv);
-    dec2.SetKey(key, bs, iv);
-
-    enc2.Process(cipher, msg, bs);
-    dec2.Process(plain, cipher, bs);
-
-    if (memcmp(plain, msg, bs))
-        return -62;
-
-    const byte verify2[] = 
-    {
-        0xd0,0xc9,0xd9,0xc9,0x40,0xe8,0x97,0xb6,
-        0xc8,0x8c,0x33,0x3b,0xb5,0x8f,0x85,0xd1
-    };
-
-    if (memcmp(cipher, verify2, bs))
-        return -63;
-
-    return 0;
-}
-
-
-int twofish_test()
-{
-    Twofish_CBC_Encryption enc;
-    Twofish_CBC_Decryption dec;
-    const int bs(TaoCrypt::Twofish::BLOCK_SIZE);
-
-    byte key[] = "0123456789abcdef   ";  // align
-    byte iv[]  = "1234567890abcdef   ";  // align
-
-    enc.SetKey(key, bs, iv);
-    dec.SetKey(key, bs, iv);
-
-    enc.Process(cipher, msg, bs);
-    dec.Process(plain, cipher, bs);
-
-    if (memcmp(plain, msg, bs))
-        return -60;
-
-    const byte verify[] = 
-    {
-        0xD2,0xD7,0x47,0x47,0x4A,0x65,0x4E,0x16,
-        0x21,0x03,0x58,0x79,0x5F,0x02,0x27,0x2C
-    };
-
-    if (memcmp(cipher, verify, bs))
-        return -61;
-
-    Twofish_ECB_Encryption enc2;
-    Twofish_ECB_Decryption dec2;
-
-    enc2.SetKey(key, bs, iv);
-    dec2.SetKey(key, bs, iv);
-
-    enc2.Process(cipher, msg, bs);
-    dec2.Process(plain, cipher, bs);
-
-    if (memcmp(plain, msg, bs))
-        return -62;
-
-    const byte verify2[] = 
-    {
-        0x3B,0x6C,0x63,0x10,0x34,0xAB,0xB2,0x87,
-        0xC4,0xCD,0x6B,0x91,0x14,0xC5,0x3A,0x09
-    };
-
-    if (memcmp(cipher, verify2, bs))
-        return -63;
-
-    return 0;
-}
-
-
-int blowfish_test()
-{
-    Blowfish_CBC_Encryption enc;
-    Blowfish_CBC_Decryption dec;
-    const int bs(TaoCrypt::Blowfish::BLOCK_SIZE);
-
-    byte key[] = "0123456789abcdef   ";  // align
-    byte iv[]  = "1234567890abcdef   ";  // align
-
-    enc.SetKey(key, 16, iv);
-    dec.SetKey(key, 16, iv);
-
-    enc.Process(cipher, msg, bs * 2);
-    dec.Process(plain, cipher, bs * 2);
-
-    if (memcmp(plain, msg, bs))
-        return -60;
-
-    const byte verify[] = 
-    {
-        0x0E,0x26,0xAA,0x29,0x11,0x25,0xAB,0xB5,
-        0xBC,0xD9,0x08,0xC4,0x94,0x6C,0x89,0xA3
-    };
-
-    if (memcmp(cipher, verify, bs))
-        return -61;
-
-    Blowfish_ECB_Encryption enc2;
-    Blowfish_ECB_Decryption dec2;
-
-    enc2.SetKey(key, 16, iv);
-    dec2.SetKey(key, 16, iv);
-
-    enc2.Process(cipher, msg, bs * 2);
-    dec2.Process(plain, cipher, bs * 2);
-
-    if (memcmp(plain, msg, bs))
-        return -62;
-
-    const byte verify2[] = 
-    {
-        0xE7,0x42,0xB9,0x37,0xC8,0x7D,0x93,0xCA,
-        0x8F,0xCE,0x39,0x32,0xDE,0xD7,0xBC,0x5B
-    };
-
-    if (memcmp(cipher, verify2, bs))
-        return -63;
-
-    return 0;
-}
-
-
-int rsa_test()
-{
-    Source source;
-    FileSource("../certs/client-key.der", source);
-    if (source.size() == 0) {
-        FileSource("../../certs/client-key.der", source);  // for testsuite
-        if (source.size() == 0) {
-            FileSource("../../../certs/client-key.der", source); // Debug dir
-            if (source.size() == 0)
-                err_sys("where's your certs dir?", -79);
-        }
-    }
-    RSA_PrivateKey priv(source);
-
-    RSAES_Encryptor enc(priv);
-    byte message[] = "Everyone gets Friday off.";
-    const word32 len = (word32)strlen((char*)message);
-    byte cipher[512];
-    enc.Encrypt(message, len, cipher, rng);
-
-    RSAES_Decryptor dec(priv);
-    byte plain[512];
-    dec.Decrypt(cipher, priv.FixedCiphertextLength(), plain, rng);
-
-    if (memcmp(plain, message, len))
-        return -70;
-
-    dec.SSL_Sign(message, len, cipher, rng);
-    if (!enc.SSL_Verify(message, len, cipher))
-        return -71;
-
-
-    // test decode   
-    Source source2;
-    FileSource("../certs/client-cert.der", source2);
-    if (source2.size() == 0) {
-        FileSource("../../certs/client-cert.der", source2);  // for testsuite
-        if (source2.size() == 0) {
-            FileSource("../../../certs/client-cert.der", source2); // Debug dir
-            if (source2.size() == 0)
-                err_sys("where's your certs dir?", -79);
-        }
-    }
-    CertDecoder cd(source2, true, 0, false, CertDecoder::CA);
-    if (cd.GetError().What())
-        err_sys("cert error", -80);
-    Source source3(cd.GetPublicKey().GetKey(), cd.GetPublicKey().size());
-    RSA_PublicKey pub(source3);
- 
-    return 0;
-}
-
-
-int dh_test()
-{
-    Source source;
-    FileSource("../certs/dh1024.dat", source);
-    if (source.size() == 0) {
-        FileSource("../../certs/dh1024.dat", source);  // for testsuite
-        if (source.size() == 0) {
-            FileSource("../../../certs/dh1024.dat", source); // win32 Debug dir
-            if (source.size() == 0)
-                err_sys("where's your certs dir?", -79);
-        }
-    }
-    HexDecoder hDec(source);
-
-    DH dh(source);
-
-    byte pub[128];
-    byte priv[128];
-    byte agree[128];
-    byte pub2[128];
-    byte priv2[128];
-    byte agree2[128];
-
-    DH dh2(dh);
-
-    dh.GenerateKeyPair(rng, priv, pub);
-    dh2.GenerateKeyPair(rng, priv2, pub2);
-    dh.Agree(agree, priv, pub2); 
-    dh2.Agree(agree2, priv2, pub);
-
-    
-    if ( memcmp(agree, agree2, dh.GetByteLength()) )
-        return -80;
-
-    return 0;
-}
-
-
-int dsa_test()
-{
-    Source source;
-    FileSource("../certs/dsa1024.der", source);
-    if (source.size() == 0) {
-        FileSource("../../certs/dsa1024.der", source);  // for testsuite
-        if (source.size() == 0) {
-            FileSource("../../../certs/dsa1024.der", source); // win32 Debug dir
-            if (source.size() == 0)
-                err_sys("where's your certs dir?", -89);
-        }
-    }
-
-    const char msg[] = "this is the message";
-    byte signature[40];
-
-    DSA_PrivateKey priv(source);
-    DSA_Signer signer(priv);
-
-    SHA sha;
-    byte digest[SHA::DIGEST_SIZE];
-    sha.Update((byte*)msg, sizeof(msg));
-    sha.Final(digest);
-
-    signer.Sign(digest, signature, rng);
-
-    byte encoded[sizeof(signature) + 6];
-    byte decoded[40];
-
-    word32 encSz = EncodeDSA_Signature(signer.GetR(), signer.GetS(), encoded);
-    DecodeDSA_Signature(decoded, encoded, encSz);
-
-    DSA_PublicKey pub(priv);
-    DSA_Verifier verifier(pub);
-
-    if (!verifier.Verify(digest, decoded))
-        return -90;
-
-    if (!verifier.Verify(digest, signature))
-        return -91;
-
-    return 0;
-}
-
-
-int pwdbased_test()
-{
-    PBKDF2_HMAC pb;
-
-    byte derived[32];
-    const byte pwd1[] = "password   ";  // align
-    const byte salt[]  = { 0x12, 0x34, 0x56, 0x78, 0x78, 0x56, 0x34, 0x12 };
-    
-    pb.DeriveKey(derived, 8, pwd1, 8, salt, sizeof(salt), 5);
-
-    const byte verify1[] = { 0xD1, 0xDA, 0xA7, 0x86, 0x15, 0xF2, 0x87, 0xE6 };
-
-    if ( memcmp(derived, verify1, sizeof(verify1)) )
-        return -101;
-
-
-    const byte pwd2[] = "All n-entities must communicate with other n-entities"
-                        " via n-1 entiteeheehees   ";  // align
-
-    pb.DeriveKey(derived, 24, pwd2, 76, salt, sizeof(salt), 500);
-
-    const byte verify2[] = { 0x6A, 0x89, 0x70, 0xBF, 0x68, 0xC9, 0x2C, 0xAE,
-                             0xA8, 0x4A, 0x8D, 0xF2, 0x85, 0x10, 0x85, 0x86,
-                             0x07, 0x12, 0x63, 0x80, 0xCC, 0x47, 0xAB, 0x2D
-    };
-
-    if ( memcmp(derived, verify2, sizeof(verify2)) )
-        return -102;
-
-    return 0;
-}
-
-
-/*
-int pkcs12_test()
-{
-    Source cert;
-    FileSource("../certs/server-cert.pem", cert);
-    if (cert.size() == 0) {
-        FileSource("../../certs/server-cert.pem", cert);  // for testsuite
-        if (cert.size() == 0) {
-            FileSource("../../../certs/server-cert.pem", cert); // Debug dir
-            if (cert.size() == 0)
-                err_sys("where's your certs dir?", -109);
-        }
-    }
-
-    if (GetCert(cert) != 0)
-        return -110;
-
-    Source source;
-    FileSource("../certs/server.p12", source);
-    if (source.size() == 0) {
-        FileSource("../../certs/server.p12", source);  // for testsuite
-        if (source.size() == 0) {
-            FileSource("../../../certs/server.p12", source); // Debug dir
-            if (source.size() == 0)
-                err_sys("where's your certs dir?", -111);
-        }
-    }
-
-    if (GetPKCS_Cert("password", source) != 0)
-        return -112;
-
-    return 0;
-}
-*/
-
diff --git a/extra/yassl/taocrypt/test/test.dsp b/extra/yassl/taocrypt/test/test.dsp
deleted file mode 100644
index 93b369de3d9..00000000000
--- a/extra/yassl/taocrypt/test/test.dsp
+++ /dev/null
@@ -1,102 +0,0 @@
-# Microsoft Developer Studio Project File - Name="test" - Package Owner=<4>
-# Microsoft Developer Studio Generated Build File, Format Version 6.00
-# ** DO NOT EDIT **
-
-# TARGTYPE "Win32 (x86) Console Application" 0x0103
-
-CFG=test - Win32 Debug
-!MESSAGE This is not a valid makefile. To build this project using NMAKE,
-!MESSAGE use the Export Makefile command and run
-!MESSAGE 
-!MESSAGE NMAKE /f "test.mak".
-!MESSAGE 
-!MESSAGE You can specify a configuration when running NMAKE
-!MESSAGE by defining the macro CFG on the command line. For example:
-!MESSAGE 
-!MESSAGE NMAKE /f "test.mak" CFG="test - Win32 Debug"
-!MESSAGE 
-!MESSAGE Possible choices for configuration are:
-!MESSAGE 
-!MESSAGE "test - Win32 Release" (based on "Win32 (x86) Console Application")
-!MESSAGE "test - Win32 Debug" (based on "Win32 (x86) Console Application")
-!MESSAGE 
-
-# Begin Project
-# PROP AllowPerConfigDependencies 0
-# PROP Scc_ProjName ""
-# PROP Scc_LocalPath ""
-CPP=cl.exe
-RSC=rc.exe
-
-!IF  "$(CFG)" == "test - Win32 Release"
-
-# PROP BASE Use_MFC 0
-# PROP BASE Use_Debug_Libraries 0
-# PROP BASE Output_Dir "test___Win32_Release"
-# PROP BASE Intermediate_Dir "test___Win32_Release"
-# PROP BASE Target_Dir ""
-# PROP Use_MFC 0
-# PROP Use_Debug_Libraries 0
-# PROP Output_Dir "Release"
-# PROP Intermediate_Dir "Release"
-# PROP Ignore_Export_Lib 0
-# PROP Target_Dir ""
-# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
-# ADD CPP /nologo /MD /W3 /O2 /I "../include" /I "../mySTL" /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /FR /YX /FD /c
-# ADD BASE RSC /l 0x409 /d "NDEBUG"
-# ADD RSC /l 0x409 /d "NDEBUG"
-BSC32=bscmake.exe
-# ADD BASE BSC32 /nologo
-# ADD BSC32 /nologo
-LINK32=link.exe
-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
-# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
-
-!ELSEIF  "$(CFG)" == "test - Win32 Debug"
-
-# PROP BASE Use_MFC 0
-# PROP BASE Use_Debug_Libraries 1
-# PROP BASE Output_Dir "test___Win32_Debug"
-# PROP BASE Intermediate_Dir "test___Win32_Debug"
-# PROP BASE Target_Dir ""
-# PROP Use_MFC 0
-# PROP Use_Debug_Libraries 1
-# PROP Output_Dir "Debug"
-# PROP Intermediate_Dir "Debug"
-# PROP Ignore_Export_Lib 0
-# PROP Target_Dir ""
-# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c
-# ADD CPP /nologo /MDd /W3 /Gm /ZI /Od /I "../include" /I "../mySTL" /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /FR /YX /FD /GZ /c
-# ADD BASE RSC /l 0x409 /d "_DEBUG"
-# ADD RSC /l 0x409 /d "_DEBUG"
-BSC32=bscmake.exe
-# ADD BASE BSC32 /nologo
-# ADD BSC32 /nologo
-LINK32=link.exe
-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
-# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
-
-!ENDIF 
-
-# Begin Target
-
-# Name "test - Win32 Release"
-# Name "test - Win32 Debug"
-# Begin Group "Source Files"
-
-# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"
-# Begin Source File
-
-SOURCE=.\test.cpp
-# End Source File
-# End Group
-# Begin Group "Header Files"
-
-# PROP Default_Filter "h;hpp;hxx;hm;inl"
-# End Group
-# Begin Group "Resource Files"
-
-# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe"
-# End Group
-# End Target
-# End Project
diff --git a/extra/yassl/testsuite/cipher-test.sh b/extra/yassl/testsuite/cipher-test.sh
deleted file mode 100644
index d3e69146097..00000000000
--- a/extra/yassl/testsuite/cipher-test.sh
+++ /dev/null
@@ -1,131 +0,0 @@
-#!/bin/bash
-
-# test all yassl cipher suties 
-# 
-
-
-no_pid=-1
-server_pid=$no_pid
-
-
-do_cleanup() {
-    echo "in cleanup"
-
-    if [[ $server_pid != $no_pid ]]
-    then
-        echo "killing server"
-        kill -9 $server_pid
-    fi
-}
-
-do_trap() {
-    echo "got trap"
-    do_cleanup
-    exit -1
-}
-
-trap do_trap INT TERM
-
-
-# make sure example server and client are built
-if test ! -s ../examples/server/server; then
-    echo "Please build yaSSL first, example server missing"
-    exit -1
-fi
-
-if test ! -s ../examples/client/client; then
-    echo "Please build yaSSL first, example client missing"
-    exit -1
-fi
-
-
-# non DSA suites
-for suite in {"DHE-RSA-AES256-SHA","AES256-SHA","DHE-RSA-AES128-SHA","AES128-SHA","AES256-RMD","AES128-RMD","DES-CBC3-RMD","DHE-RSA-AES256-RMD","DHE-RSA-AES128-RMD","DHE-RSA-DES-CBC3-RMD","RC4-SHA","RC4-MD5","DES-CBC3-SHA","DES-CBC-SHA","EDH-RSA-DES-CBC3-SHA","EDH-RSA-DES-CBC-SHA"}
-do
-  for client_auth in {y,n}
-  do
-    echo "Trying $suite client auth = $client_auth ..."
-
-    if test -e server_ready; then
-        echo -e "removing exisitng server_ready file"
-        rm server_ready
-    fi
-    ../examples/server/server $client_auth &
-    server_pid=$!
-
-    while [ ! -s server_ready ]; do
-        echo -e "waiting for server_ready file..."
-        sleep 0.1
-    done
-
-    ../examples/client/client $suite
-    client_result=$?
-
-    wait $server_pid
-    server_result=$?
-
-    server_pid=$no_pid
-
-    if [[ $client_result != 0 ]]
-    then
-        echo "Client Error"
-        exit $client_result
-    fi
-
-    if [[ $server_result != 0 ]]
-    then
-        echo "Server Error"
-        exit $server_result
-    fi
-
-  done   # end client auth loop
-done  # end non dsa suite list
-echo -e "Non DSA Loop SUCCESS"
-
-
-
-# DSA suites
-for suite in {"DHE-DSS-AES256-SHA","DHE-DSS-AES128-SHA","DHE-DSS-AES256-RMD","DHE-DSS-AES128-RMD","DHE-DSS-DES-CBC3-RMD","EDH-DSS-DES-CBC3-SHA","EDH-DSS-DES-CBC-SHA"}
-do
-  for client_auth in {y,n}
-  do
-    echo "Trying $suite client auth = $client_auth ..."
-
-    if test -e server_ready; then
-        echo -e "removing exisitng server_ready file"
-        rm server_ready
-    fi
-    # d signifies DSA
-    ../examples/server/server $client_auth d &
-    server_pid=$!
-
-    while [ ! -s server_ready ]; do
-        echo -e "waiting for server_ready file..."
-        sleep 0.1
-    done
-
-    ../examples/client/client $suite
-    client_result=$?
-
-    wait $server_pid
-    server_result=$?
-
-    server_pid=$no_pid
-
-    if [[ $client_result != 0 ]]
-    then
-        echo "Client Error"
-        exit $client_result
-    fi
-
-    if [[ $server_result != 0 ]]
-    then
-        echo "Server Error"
-        exit $server_result
-    fi
-
-  done   # end client auth loop
-done  # end dsa suite list
-echo -e "DSA Loop SUCCESS"
-
-exit 0
diff --git a/extra/yassl/testsuite/input b/extra/yassl/testsuite/input
deleted file mode 100644
index d16cbc40750..00000000000
--- a/extra/yassl/testsuite/input
+++ /dev/null
@@ -1,107 +0,0 @@
-// testsuite.cpp
-
-#include "test.hpp"
-#include "md5.hpp"
-
-typedef unsigned char byte;
-
-void taocrypt_test(void*);
-void file_test(char*, byte*);
-
-void client_test(void*);
-void echoclient_test(void*);
-
-THREAD_RETURN YASSL_API server_test(void*);
-THREAD_RETURN YASSL_API echoserver_test(void*);
-
-int main(int argc, char** argv)
-{
-    func_args args(argc, argv);
-    func_args server_args(args);
-
-    // *** Crypto Test ***
-    taocrypt_test(&args);
-    assert(args.return_code == 0);
-    
-    
-    // *** Simple yaSSL client server test ***
-    THREAD_TYPE thread;
-
-    start_thread(server_test, &server_args, &thread);
-    client_test(&args);
-
-    assert(args.return_code == 0);
-    join_thread(thread);
-    assert(server_args.return_code == 0);
-    
-
-    // *** Echo input yaSSL client server test ***
-    start_thread(echoserver_test, &server_args, &thread);
-    func_args echo_args;
-
-            // setup args
-    echo_args.argc = 3;
-    echo_args.argv = new char*[echo_args.argc];
-    for (int i = 0; i < echo_args.argc; i++)
-        echo_args.argv[i] = new char[32];
-   
-    strcpy(echo_args.argv[0], "echoclient");
-    strcpy(echo_args.argv[1], "input");
-    strcpy(echo_args.argv[2], "output");
-    remove("output");
-
-            // make sure OK
-    echoclient_test(&echo_args);
-    assert(echo_args.return_code == 0);
-
-
-    // *** Echo quit yaSSL client server test ***
-    echo_args.argc = 2;
-    strcpy(echo_args.argv[1], "quit");
-
-    echoclient_test(&echo_args);
-    assert(echo_args.return_code == 0);
-    join_thread(thread);
-    assert(server_args.return_code == 0);
-
-
-            // input output compare
-    byte input[TaoCrypt::MD5::DIGEST_SIZE];
-    byte output[TaoCrypt::MD5::DIGEST_SIZE];
-    file_test("input", input);
-    file_test("output", output);
-    assert(memcmp(input, output, sizeof(input)) == 0);
-
-    printf("\nAll tests passed!\n");
-
-    // cleanup
-    for (int j = echo_args.argc; j >= 0; j--)
-        delete[] echo_args.argv[j];
-    delete[] echo_args.argv;
-
-    return 0;
-}
-
-
-
-void start_thread(THREAD_FUNC fun, func_args* args, THREAD_TYPE* thread)
-{
-#ifdef _WIN32
-    *thread = _beginthreadex(0, 0, fun, args, 0, 0);
-#else
-    pthread_create(thread, 0, fun, args);
-#endif
-}
-
-
-void join_thread(THREAD_TYPE thread)
-{
-#ifdef _WIN32
-    int res = WaitForSingleObject(reinterpret_cast(thread), INFINITE);
-    assert(res == WAIT_OBJECT_0);
-    res = CloseHandle(reinterpret_cast(thread));
-    assert(res);
-#else
-    pthread_join(thread, 0);
-#endif
-}
diff --git a/extra/yassl/testsuite/make.bat b/extra/yassl/testsuite/make.bat
deleted file mode 100755
index eddbe90c400..00000000000
--- a/extra/yassl/testsuite/make.bat
+++ /dev/null
@@ -1,29 +0,0 @@
-REM Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved.
-REM 
-REM This program is free software; you can redistribute it and/or modify
-REM it under the terms of the GNU General Public License as published by
-REM the Free Software Foundation; version 2 of the License.
-REM 
-REM This program is distributed in the hope that it will be useful,
-REM but WITHOUT ANY WARRANTY; without even the implied warranty of
-REM MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-REM GNU General Public License for more details.
-REM 
-REM You should have received a copy of the GNU General Public License
-REM along with this program; if not, write to the Free Software
-REM Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1335  USA
-
-REM quick and dirty build file for testing different MSDEVs
-setlocal 
-
-set myFLAGS= /I../include /I../taocrypt/include /I../taocrypt/mySTL /c /W3 /G6 /O2 /MT /D"WIN32" /D"NO_MAIN_DRIVER"
-
-cl %myFLAGS% testsuite.cpp
-cl %myFLAGS% ../examples/client/client.cpp
-cl %myFLAGS% ../examples/echoclient/echoclient.cpp
-cl %myFLAGS% ../examples/server/server.cpp
-cl %myFLAGS% ../examples/echoserver/echoserver.cpp
-cl %myFLAGS% ../taocrypt/test/test.cpp
-
-link.exe  /out:testsuite.exe ../src/yassl.lib ../taocrypt/src/taocrypt.lib testsuite.obj client.obj server.obj echoclient.obj echoserver.obj test.obj advapi32.lib Ws2_32.lib
-
diff --git a/extra/yassl/testsuite/quit b/extra/yassl/testsuite/quit
deleted file mode 100644
index 3db49b3ad12..00000000000
--- a/extra/yassl/testsuite/quit
+++ /dev/null
@@ -1,2 +0,0 @@
-quit
-
diff --git a/extra/yassl/testsuite/test.hpp b/extra/yassl/testsuite/test.hpp
deleted file mode 100644
index 12da450fffe..00000000000
--- a/extra/yassl/testsuite/test.hpp
+++ /dev/null
@@ -1,553 +0,0 @@
-/*
-   Copyright (c) 2006, 2012, Oracle and/or its affiliates.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-// test.hpp
-
-#ifndef yaSSL_TEST_HPP
-#define yaSSL_TEST_HPP
-
-#include "runtime.hpp"
-#include "error.hpp"
-#include 
-#include 
-#include 
-
-//#define NON_BLOCKING  // test server and client example (not echos)
-
-#ifdef _WIN32
-    #include 
-    #include 
-    #ifdef TEST_IPV6            // don't require newer SDK for IPV4
-	    #include 
-        #include 
-    #endif
-    #define SOCKET_T unsigned int
-#else
-    #include 
-    #include 
-    #include 
-    #include 
-    #include 
-    #include 
-    #include 
-    #include 
-    #ifdef TEST_IPV6
-        #include 
-    #endif
-    #include 
-#ifdef NON_BLOCKING
-    #include 
-#endif
-    #define SOCKET_T int
-#endif /* _WIN32 */
-#include "openssl/ssl.h"   /* openssl compatibility test */
-
-
-#ifdef _MSC_VER
-    // disable conversion warning
-    // 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy
-    #pragma warning(disable:4244 4996)
-#endif
-
-
-#if !defined(_SOCKLEN_T) && (defined(_WIN32) || defined(__APPLE__))
-    typedef int socklen_t;
-#endif
-
-
-// Check type of third arg to accept
-#if defined(__hpux)
-// HPUX uses int* for third parameter to accept
-    typedef int*       ACCEPT_THIRD_T;
-#else
-    typedef socklen_t* ACCEPT_THIRD_T;
-#endif
-
-
-#ifdef TEST_IPV6
-    typedef sockaddr_in6 SOCKADDR_IN_T;
-    #define AF_INET_V    AF_INET6
-#else
-    typedef sockaddr_in  SOCKADDR_IN_T;
-    #define AF_INET_V    AF_INET
-#endif
-   
-
-// Check if _POSIX_THREADS should be forced
-#if !defined(_POSIX_THREADS) && defined(__hpux)
-// HPUX does not define _POSIX_THREADS as it's not _fully_ implemented
-#define _POSIX_THREADS
-#endif
-
-
-#ifndef _POSIX_THREADS
-    typedef unsigned int  THREAD_RETURN;
-    typedef HANDLE        THREAD_TYPE;
-    #define YASSL_API __stdcall
-#else
-    typedef void*         THREAD_RETURN;
-    typedef pthread_t     THREAD_TYPE;
-    #define YASSL_API 
-#endif
-
-
-struct tcp_ready {
-#ifdef _POSIX_THREADS
-    pthread_mutex_t mutex_;
-    pthread_cond_t  cond_;
-    bool            ready_;   // predicate
-
-    tcp_ready() : ready_(false)
-    {
-        pthread_mutex_init(&mutex_, 0);
-        pthread_cond_init(&cond_, 0);
-    }
-
-    ~tcp_ready()
-    {
-        pthread_mutex_destroy(&mutex_);
-        pthread_cond_destroy(&cond_);
-    }
-#endif
-};    
-
-
-struct func_args {
-    int    argc;
-    char** argv;
-    int    return_code;
-    const char* file_ready;
-    tcp_ready* signal_;
-
-    func_args(int c = 0, char** v = 0) : argc(c), argv(v), file_ready(0) {}
-
-    void SetSignal(tcp_ready* p) { signal_ = p; }
-};
-
-typedef THREAD_RETURN YASSL_API THREAD_FUNC(void*);
-
-void start_thread(THREAD_FUNC, func_args*, THREAD_TYPE*);
-void join_thread(THREAD_TYPE);
-
-// yaSSL
-const char* const    yasslIP      = "127.0.0.1";
-const unsigned short yasslPort    =  11111;
-const unsigned short proxyPort    =  12345;
-
-
-// client
-const char* const cert = "../certs/client-cert.pem";
-const char* const key  = "../certs/client-key.pem";
-
-const char* const certSuite = "../../certs/client-cert.pem";
-const char* const keySuite  = "../../certs/client-key.pem";
-
-const char* const certDebug = "../../../certs/client-cert.pem";
-const char* const keyDebug  = "../../../certs/client-key.pem";
-
-
-// server
-const char* const svrCert = "../certs/server-cert.pem";
-const char* const svrKey  = "../certs/server-key.pem";
-
-const char* const svrCert2 = "../../certs/server-cert.pem";
-const char* const svrKey2  = "../../certs/server-key.pem";
-
-const char* const svrCert3 = "../../../certs/server-cert.pem";
-const char* const svrKey3  = "../../../certs/server-key.pem";
-
-
-// server dsa
-const char* const dsaCert = "../certs/dsa-cert.pem";
-const char* const dsaKey  = "../certs/dsa1024.der";
-
-const char* const dsaCert2 = "../../certs/dsa-cert.pem";
-const char* const dsaKey2  = "../../certs/dsa1024.der";
-
-const char* const dsaCert3 = "../../../certs/dsa-cert.pem";
-const char* const dsaKey3  = "../../../certs/dsa1024.der";
-
-
-// CA 
-const char* const caCert  = "../certs/ca-cert.pem";
-const char* const caCert2 = "../../certs/ca-cert.pem";
-const char* const caCert3 = "../../../certs/ca-cert.pem";
-
-
-using namespace yaSSL;
-
-
-inline void err_sys(const char* msg)
-{
-    printf("yassl error: %s\n", msg);
-    exit(EXIT_FAILURE);
-}
-
-
-extern "C" {
-  static int PasswordCallBack(char*, int, int, void*);
-}
-
-
-static int PasswordCallBack(char* passwd, int sz, int rw, void* userdata)
-{
-    strncpy(passwd, "yassl123", sz);
-    return 8;
-}
-
-
-inline void store_ca(SSL_CTX* ctx)
-{
-    // To allow testing from serveral dirs
-    if (SSL_CTX_load_verify_locations(ctx, caCert, 0) != SSL_SUCCESS)
-        if (SSL_CTX_load_verify_locations(ctx, caCert2, 0) != SSL_SUCCESS)
-            if (SSL_CTX_load_verify_locations(ctx, caCert3, 0) != SSL_SUCCESS)
-                err_sys("failed to use certificate: certs/cacert.pem");
-
-    // load client CA for server verify
-    if (SSL_CTX_load_verify_locations(ctx, cert, 0) != SSL_SUCCESS)
-        if (SSL_CTX_load_verify_locations(ctx, certSuite, 0) != SSL_SUCCESS)
-            if (SSL_CTX_load_verify_locations(ctx, certDebug,0) != SSL_SUCCESS)
-                err_sys("failed to use certificate: certs/client-cert.pem");
-
-    // DSA cert 
-    if (SSL_CTX_load_verify_locations(ctx, dsaCert, 0) != SSL_SUCCESS)
-        if (SSL_CTX_load_verify_locations(ctx, dsaCert2, 0) != SSL_SUCCESS)
-            if (SSL_CTX_load_verify_locations(ctx, dsaCert3, 0) != SSL_SUCCESS)
-                err_sys("failed to use certificate: certs/dsa-cert.pem");
-
-}
-
-
-// client
-inline void set_certs(SSL_CTX* ctx)
-{
-    store_ca(ctx);
-    SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
-
-    // To allow testing from serveral dirs
-    if (SSL_CTX_use_certificate_file(ctx, cert, SSL_FILETYPE_PEM)
-        != SSL_SUCCESS)
-        if (SSL_CTX_use_certificate_file(ctx, certSuite, SSL_FILETYPE_PEM)
-            != SSL_SUCCESS)
-            if (SSL_CTX_use_certificate_file(ctx, certDebug, SSL_FILETYPE_PEM)
-                != SSL_SUCCESS)
-                err_sys("failed to use certificate: certs/client-cert.pem");
-    
-    // To allow testing from several dirs
-    if (SSL_CTX_use_PrivateKey_file(ctx, key, SSL_FILETYPE_PEM)
-         != SSL_SUCCESS) 
-         if (SSL_CTX_use_PrivateKey_file(ctx, keySuite, SSL_FILETYPE_PEM)
-            != SSL_SUCCESS) 
-                if (SSL_CTX_use_PrivateKey_file(ctx,keyDebug,SSL_FILETYPE_PEM)
-                    != SSL_SUCCESS) 
-                    err_sys("failed to use key file: certs/client-key.pem");
-}
-
-
-// server
-inline void set_serverCerts(SSL_CTX* ctx)
-{
-    store_ca(ctx);
-    SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
-
-    // To allow testing from serveral dirs
-    if (SSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM)
-        != SSL_SUCCESS)
-        if (SSL_CTX_use_certificate_file(ctx, svrCert2, SSL_FILETYPE_PEM)
-            != SSL_SUCCESS)
-            if (SSL_CTX_use_certificate_file(ctx, svrCert3, SSL_FILETYPE_PEM)
-                != SSL_SUCCESS)
-                err_sys("failed to use certificate: certs/server-cert.pem");
-    
-    // To allow testing from several dirs
-    if (SSL_CTX_use_PrivateKey_file(ctx, svrKey, SSL_FILETYPE_PEM)
-         != SSL_SUCCESS) 
-         if (SSL_CTX_use_PrivateKey_file(ctx, svrKey2, SSL_FILETYPE_PEM)
-            != SSL_SUCCESS) 
-                if (SSL_CTX_use_PrivateKey_file(ctx, svrKey3,SSL_FILETYPE_PEM)
-                    != SSL_SUCCESS) 
-                    err_sys("failed to use key file: certs/server-key.pem");
-}
-
-
-// dsa server
-inline void set_dsaServerCerts(SSL_CTX* ctx)
-{
-    store_ca(ctx);
-
-    // To allow testing from serveral dirs
-    if (SSL_CTX_use_certificate_file(ctx, dsaCert, SSL_FILETYPE_PEM)
-        != SSL_SUCCESS)
-        if (SSL_CTX_use_certificate_file(ctx, dsaCert2, SSL_FILETYPE_PEM)
-            != SSL_SUCCESS)
-            if (SSL_CTX_use_certificate_file(ctx, dsaCert3, SSL_FILETYPE_PEM)
-                != SSL_SUCCESS)
-                err_sys("failed to use certificate: certs/dsa-cert.pem");
-    
-    // To allow testing from several dirs
-    if (SSL_CTX_use_PrivateKey_file(ctx, dsaKey, SSL_FILETYPE_ASN1)
-         != SSL_SUCCESS) 
-         if (SSL_CTX_use_PrivateKey_file(ctx, dsaKey2, SSL_FILETYPE_ASN1)
-            != SSL_SUCCESS) 
-                if (SSL_CTX_use_PrivateKey_file(ctx, dsaKey3,SSL_FILETYPE_ASN1)
-                    != SSL_SUCCESS) 
-                    err_sys("failed to use key file: certs/dsa1024.der");
-}
-
-
-inline void set_args(int& argc, char**& argv, func_args& args)
-{
-    argc = args.argc;
-    argv = args.argv;
-    args.return_code = -1; // error state
-}
-
-
-inline void set_file_ready(const char* name, func_args& args)
-{
-    args.file_ready = name;
-}
-
-
-inline void tcp_set_nonblocking(SOCKET_T& sockfd)
-{
-#ifdef NON_BLOCKING
-    #ifdef _WIN32
-        unsigned long blocking = 1;
-        int ret = ioctlsocket(sockfd, FIONBIO, &blocking);
-    #else
-        int flags = fcntl(sockfd, F_GETFL, 0);
-        int ret = fcntl(sockfd, F_SETFL, flags | O_NONBLOCK);
-    #endif
-#endif
-}
-
-
-inline void tcp_socket(SOCKET_T& sockfd, SOCKADDR_IN_T& addr)
-{
-    sockfd = socket(AF_INET_V, SOCK_STREAM, 0);
-    memset(&addr, 0, sizeof(addr));
-
-#ifdef TEST_IPV6
-    addr.sin6_family = AF_INET_V;
-    addr.sin6_port = htons(yasslPort);
-    addr.sin6_addr = in6addr_loopback;
-
-    /* // for external testing later 
-    addrinfo hints;
-    memset(&hints, 0, sizeof(hints));
-    hints.ai_family   = AF_INET_V;
-    hints.ai_socktype = SOCK_STREAM;
-    hints.ai_flags    = AI_PASSIVE;
-
-    getaddrinfo(yasslIP6, yasslPortStr, &hints, info);
-    // then use info connect(sockfd, info->ai_addr, info->ai_addrlen)
-
-    if (*info == 0)
-        err_sys("getaddrinfo failed");
-        */   // end external testing later
-#else
-    addr.sin_family = AF_INET_V;
-#ifdef YASSL_PROXY_PORT
-    addr.sin_port = htons(proxyPort);
-#else
-    addr.sin_port = htons(yasslPort);
-#endif
-    addr.sin_addr.s_addr = inet_addr(yasslIP);
-#endif
-
-}
-
-
-inline void tcp_close(SOCKET_T& sockfd)
-{
-#ifdef _WIN32
-    closesocket(sockfd);
-#else
-    close(sockfd);
-#endif
-    sockfd = (SOCKET_T) -1;
-}
-
-
-inline void tcp_connect(SOCKET_T& sockfd)
-{
-    SOCKADDR_IN_T addr;
-    tcp_socket(sockfd, addr);
-
-    if (connect(sockfd, (const sockaddr*)&addr, sizeof(addr)) != 0) {
-        tcp_close(sockfd);
-        err_sys("tcp connect failed");
-    }
-}
-
-
-inline void tcp_listen(SOCKET_T& sockfd)
-{
-    SOCKADDR_IN_T addr;
-    tcp_socket(sockfd, addr);
-
-#ifndef _WIN32
-    int       on  = 1;
-    socklen_t len = sizeof(on);
-    setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, &on, len);
-#endif
-
-    if (bind(sockfd, (const sockaddr*)&addr, sizeof(addr)) != 0) {
-        tcp_close(sockfd);
-        err_sys("tcp bind failed");
-    }
-    if (listen(sockfd, 3) != 0) {
-        tcp_close(sockfd);
-        err_sys("tcp listen failed");
-    }
-}
-
-
-inline void create_ready_file(func_args& args)
-{
-    FILE* f = fopen(args.file_ready, "w+");
-
-    if (f) {
-        fputs("ready", f);
-        fclose(f);
-    }
-}
-
-
-inline void tcp_accept(SOCKET_T& sockfd, SOCKET_T& clientfd, func_args& args)
-{
-    tcp_listen(sockfd);
-
-    SOCKADDR_IN_T client;
-    socklen_t client_len = sizeof(client);
-
-#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER)
-    // signal ready to tcp_accept
-    tcp_ready& ready = *args.signal_;
-    pthread_mutex_lock(&ready.mutex_);
-    ready.ready_ = true;
-    pthread_cond_signal(&ready.cond_);
-    pthread_mutex_unlock(&ready.mutex_);
-#endif
-
-    if (args.file_ready)
-        create_ready_file(args);
-
-    clientfd = accept(sockfd, (sockaddr*)&client, (ACCEPT_THIRD_T)&client_len);
-
-    if (clientfd == (SOCKET_T) -1) {
-        tcp_close(sockfd);
-        err_sys("tcp accept failed");
-    }
-
-#ifdef NON_BLOCKING
-    tcp_set_nonblocking(clientfd);
-#endif
-}
-
-
-inline void showPeer(SSL* ssl)
-{
-    X509* peer = SSL_get_peer_certificate(ssl);
-    if (peer) {
-        char* issuer  = X509_NAME_oneline(X509_get_issuer_name(peer), 0, 0);
-        char* subject = X509_NAME_oneline(X509_get_subject_name(peer), 0, 0);
-
-        X509_NAME_ENTRY* se = NULL;
-        ASN1_STRING*     sd = NULL;
-        char*            subCN = NULL;
-
-        X509_NAME* sub = X509_get_subject_name(peer);
-        int lastpos = -1;
-        if (sub)
-            lastpos = X509_NAME_get_index_by_NID(sub, NID_commonName, lastpos);
-        if (lastpos >= 0) {
-            se = X509_NAME_get_entry(sub, lastpos);
-            if (se)
-                sd = X509_NAME_ENTRY_get_data(se);
-            if (sd)
-                subCN = (char*)ASN1_STRING_data(sd);
-        }
-
-        printf("peer's cert info:\n issuer : %s\n subject: %s\n"
-               " subject cn: %s\n", issuer, subject, subCN);
-
-        free(subject);
-        free(issuer);
-
-    }
-    else
-        printf("peer has no cert!\n");
-}
-
-
-
-inline DH* set_tmpDH(SSL_CTX* ctx)
-{
-    static unsigned char dh1024_p[] =
-    {
-        0xE6, 0x96, 0x9D, 0x3D, 0x49, 0x5B, 0xE3, 0x2C, 0x7C, 0xF1, 0x80, 0xC3,
-        0xBD, 0xD4, 0x79, 0x8E, 0x91, 0xB7, 0x81, 0x82, 0x51, 0xBB, 0x05, 0x5E,
-        0x2A, 0x20, 0x64, 0x90, 0x4A, 0x79, 0xA7, 0x70, 0xFA, 0x15, 0xA2, 0x59,
-        0xCB, 0xD5, 0x23, 0xA6, 0xA6, 0xEF, 0x09, 0xC4, 0x30, 0x48, 0xD5, 0xA2,
-        0x2F, 0x97, 0x1F, 0x3C, 0x20, 0x12, 0x9B, 0x48, 0x00, 0x0E, 0x6E, 0xDD,
-        0x06, 0x1C, 0xBC, 0x05, 0x3E, 0x37, 0x1D, 0x79, 0x4E, 0x53, 0x27, 0xDF,
-        0x61, 0x1E, 0xBB, 0xBE, 0x1B, 0xAC, 0x9B, 0x5C, 0x60, 0x44, 0xCF, 0x02,
-        0x3D, 0x76, 0xE0, 0x5E, 0xEA, 0x9B, 0xAD, 0x99, 0x1B, 0x13, 0xA6, 0x3C,
-        0x97, 0x4E, 0x9E, 0xF1, 0x83, 0x9E, 0xB5, 0xDB, 0x12, 0x51, 0x36, 0xF7,
-        0x26, 0x2E, 0x56, 0xA8, 0x87, 0x15, 0x38, 0xDF, 0xD8, 0x23, 0xC6, 0x50,
-        0x50, 0x85, 0xE2, 0x1F, 0x0D, 0xD5, 0xC8, 0x6B,
-    };
-
-    static unsigned char dh1024_g[] =
-    {
-      0x02,
-    };
-
-    DH* dh;
-    if ( (dh = DH_new()) ) {
-        dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), 0);
-        dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), 0);
-    }
-    if (!dh->p || !dh->g) {
-        DH_free(dh);
-        dh = 0;
-    }
-    SSL_CTX_set_tmp_dh(ctx, dh);
-    return dh;
-}
-
-
-inline int verify_callback(int preverify_ok, X509_STORE_CTX* ctx)
-{
-    X509* err_cert = X509_STORE_CTX_get_current_cert(ctx);
-    int   err      = X509_STORE_CTX_get_error(ctx);
-    int   depth    = X509_STORE_CTX_get_error_depth(ctx);
-
-    // test allow self signed
-    if (err_cert && depth == 0 && err == TaoCrypt::SIG_OTHER_E)
-        return 1;
-
-    return 0;
-}
-
-
-#endif // yaSSL_TEST_HPP
-
diff --git a/extra/yassl/testsuite/testsuite.cpp b/extra/yassl/testsuite/testsuite.cpp
deleted file mode 100644
index 1792a2a3d9a..00000000000
--- a/extra/yassl/testsuite/testsuite.cpp
+++ /dev/null
@@ -1,174 +0,0 @@
-/*
-   Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved.
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; version 2 of the License.
-
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-
-   You should have received a copy of the GNU General Public License
-   along with this program; see the file COPYING. If not, write to the
-   Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
-   MA  02110-1335  USA.
-*/
-
-// testsuite.cpp
-
-#include "test.hpp"
-#include "md5.hpp"
-
-
-typedef unsigned char byte;
-
-void taocrypt_test(void*);
-void file_test(const char*, byte*);
-
-void client_test(void*);
-void echoclient_test(void*);
-
-THREAD_RETURN YASSL_API server_test(void*);
-THREAD_RETURN YASSL_API echoserver_test(void*);
-
-void wait_tcp_ready(func_args&);
-
-
-
-int main(int argc, char** argv)
-{
-    func_args args(argc, argv);
-    func_args server_args(argc, argv);
-
-    // *** Crypto Test ***
-    taocrypt_test(&args);
-    assert(args.return_code == 0);
-    
-    
-    // *** Simple yaSSL client server test ***
-    tcp_ready ready;
-    server_args.SetSignal(&ready);
-
-    THREAD_TYPE serverThread;
-    start_thread(server_test, &server_args, &serverThread);
-    wait_tcp_ready(server_args);
-
-    client_test(&args);
-    assert(args.return_code == 0);
-    join_thread(serverThread);
-    assert(server_args.return_code == 0);
-    
-
-    // *** Echo input yaSSL client server test ***
-    start_thread(echoserver_test, &server_args, &serverThread);
-    wait_tcp_ready(server_args);
-    func_args echo_args;
-
-            // setup args
-    const int numArgs = 3;
-    echo_args.argc = numArgs;
-    char* myArgv[numArgs];
-
-    char argc0[32];
-    char argc1[32];
-    char argc2[32];
-
-    myArgv[0] = argc0;
-    myArgv[1] = argc1;
-    myArgv[2] = argc2;
-
-    echo_args.argv = myArgv;
-   
-    strcpy(echo_args.argv[0], "echoclient");
-    strcpy(echo_args.argv[1], "input");
-    strcpy(echo_args.argv[2], "output");
-    remove("output");
-
-            // make sure OK
-    echoclient_test(&echo_args);
-    assert(echo_args.return_code == 0);
-
-
-    // *** Echo quit yaSSL client server test ***
-    echo_args.argc = 2;
-    strcpy(echo_args.argv[1], "quit");
-
-    echoclient_test(&echo_args);
-    assert(echo_args.return_code == 0);
-    join_thread(serverThread);
-    assert(server_args.return_code == 0);
-
-
-            // input output compare
-    byte input[TaoCrypt::MD5::DIGEST_SIZE];
-    byte output[TaoCrypt::MD5::DIGEST_SIZE];
-    file_test("input", input);
-    file_test("output", output);
-    assert(memcmp(input, output, sizeof(input)) == 0);
-
-    printf("\nAll tests passed!\n");
-    yaSSL_CleanUp();
-
-    return 0;
-}
-
-
-
-void start_thread(THREAD_FUNC fun, func_args* args, THREAD_TYPE* thread)
-{
-#ifndef _POSIX_THREADS
-    *thread = (HANDLE)_beginthreadex(0, 0, fun, args, 0, 0);
-#else
-    pthread_create(thread, 0, fun, args);
-#endif
-}
-
-
-void join_thread(THREAD_TYPE thread)
-{
-#ifndef _POSIX_THREADS
-    int res = WaitForSingleObject(thread, INFINITE);
-    assert(res == WAIT_OBJECT_0);
-    res = CloseHandle(thread);
-    assert(res);
-#else
-    pthread_join(thread, 0);
-#endif
-}
-
-
-
-void wait_tcp_ready(func_args& args)
-{
-#ifdef _POSIX_THREADS
-    pthread_mutex_lock(&args.signal_->mutex_);
-    
-    if (!args.signal_->ready_)
-        pthread_cond_wait(&args.signal_->cond_, &args.signal_->mutex_);
-    args.signal_->ready_ = false; // reset
-
-    pthread_mutex_unlock(&args.signal_->mutex_);
-#endif
-}
-
-
-int test_openSSL_des()
-{
-    /* test des encrypt/decrypt */
-    char data[] = "this is my data ";
-    int  dataSz = (int)strlen(data);
-    DES_key_schedule key[3];
-    byte iv[8];
-    EVP_BytesToKey(EVP_des_ede3_cbc(), EVP_md5(), NULL, (byte*)data, dataSz, 1,
-                   (byte*)key, iv);
-
-    byte cipher[16];
-    DES_ede3_cbc_encrypt((byte*)data, cipher, dataSz, &key[0], &key[1],
-                         &key[2], &iv, true);
-    byte plain[16];
-    DES_ede3_cbc_encrypt(cipher, plain, 16, &key[0], &key[1], &key[2],
-                         &iv, false);
-    return 0;
-}
diff --git a/extra/yassl/testsuite/testsuite.dsp b/extra/yassl/testsuite/testsuite.dsp
deleted file mode 100644
index 2a7f5a77433..00000000000
--- a/extra/yassl/testsuite/testsuite.dsp
+++ /dev/null
@@ -1,127 +0,0 @@
-# Microsoft Developer Studio Project File - Name="testsuite" - Package Owner=<4>
-# Microsoft Developer Studio Generated Build File, Format Version 6.00
-# ** DO NOT EDIT **
-
-# TARGTYPE "Win32 (x86) Console Application" 0x0103
-
-CFG=testsuite - Win32 Debug
-!MESSAGE This is not a valid makefile. To build this project using NMAKE,
-!MESSAGE use the Export Makefile command and run
-!MESSAGE 
-!MESSAGE NMAKE /f "testsuite.mak".
-!MESSAGE 
-!MESSAGE You can specify a configuration when running NMAKE
-!MESSAGE by defining the macro CFG on the command line. For example:
-!MESSAGE 
-!MESSAGE NMAKE /f "testsuite.mak" CFG="testsuite - Win32 Debug"
-!MESSAGE 
-!MESSAGE Possible choices for configuration are:
-!MESSAGE 
-!MESSAGE "testsuite - Win32 Release" (based on "Win32 (x86) Console Application")
-!MESSAGE "testsuite - Win32 Debug" (based on "Win32 (x86) Console Application")
-!MESSAGE 
-
-# Begin Project
-# PROP AllowPerConfigDependencies 0
-# PROP Scc_ProjName ""
-# PROP Scc_LocalPath ""
-CPP=cl.exe
-RSC=rc.exe
-
-!IF  "$(CFG)" == "testsuite - Win32 Release"
-
-# PROP BASE Use_MFC 0
-# PROP BASE Use_Debug_Libraries 0
-# PROP BASE Output_Dir "Release"
-# PROP BASE Intermediate_Dir "Release"
-# PROP BASE Target_Dir ""
-# PROP Use_MFC 0
-# PROP Use_Debug_Libraries 0
-# PROP Output_Dir "Release"
-# PROP Intermediate_Dir "Release"
-# PROP Ignore_Export_Lib 0
-# PROP Target_Dir ""
-# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
-# ADD CPP /nologo /MT /W3 /O2 /I "../taocrypt/include" /I "../include" /I "../taocrypt/mySTL" /D "NDEBUG" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /D "NO_MAIN_DRIVER" /YX /FD /c
-# ADD BASE RSC /l 0x409 /d "NDEBUG"
-# ADD RSC /l 0x409 /d "NDEBUG"
-BSC32=bscmake.exe
-# ADD BASE BSC32 /nologo
-# ADD BSC32 /nologo
-LINK32=link.exe
-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
-# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /machine:I386 /nodefaultlib:"LIBC"
-# SUBTRACT LINK32 /nodefaultlib
-
-!ELSEIF  "$(CFG)" == "testsuite - Win32 Debug"
-
-# PROP BASE Use_MFC 0
-# PROP BASE Use_Debug_Libraries 1
-# PROP BASE Output_Dir "Debug"
-# PROP BASE Intermediate_Dir "Debug"
-# PROP BASE Target_Dir ""
-# PROP Use_MFC 0
-# PROP Use_Debug_Libraries 1
-# PROP Output_Dir "Debug"
-# PROP Intermediate_Dir "Debug"
-# PROP Ignore_Export_Lib 0
-# PROP Target_Dir ""
-# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c
-# ADD CPP /nologo /MTd /W3 /Gm /ZI /Od /I "../taocrypt/include" /I "../include" /I "../taocrypt/mySTL" /D "_DEBUG" /D "WIN32" /D "_CONSOLE" /D "_MBCS" /D "NO_MAIN_DRIVER" /FR /YX /FD /GZ /c
-# ADD BASE RSC /l 0x409 /d "_DEBUG"
-# ADD RSC /l 0x409 /d "_DEBUG"
-BSC32=bscmake.exe
-# ADD BASE BSC32 /nologo
-# ADD BSC32 /nologo
-LINK32=link.exe
-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
-# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib Ws2_32.lib /nologo /subsystem:console /debug /machine:I386 /nodefaultlib:"LIBCD" /pdbtype:sept
-
-!ENDIF 
-
-# Begin Target
-
-# Name "testsuite - Win32 Release"
-# Name "testsuite - Win32 Debug"
-# Begin Group "Source Files"
-
-# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"
-# Begin Source File
-
-SOURCE=..\examples\client\client.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=..\examples\echoclient\echoclient.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=..\examples\echoserver\echoserver.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=..\examples\server\server.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=..\taocrypt\test\test.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\testsuite.cpp
-# End Source File
-# End Group
-# Begin Group "Header Files"
-
-# PROP Default_Filter "h;hpp;hxx;hm;inl"
-# Begin Source File
-
-SOURCE=.\test.hpp
-# End Source File
-# End Group
-# Begin Group "Resource Files"
-
-# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe"
-# End Group
-# End Target
-# End Project
diff --git a/extra/yassl/yassl.dsp b/extra/yassl/yassl.dsp
deleted file mode 100644
index f9b1699e667..00000000000
--- a/extra/yassl/yassl.dsp
+++ /dev/null
@@ -1,192 +0,0 @@
-# Microsoft Developer Studio Project File - Name="yassl" - Package Owner=<4>
-# Microsoft Developer Studio Generated Build File, Format Version 6.00
-# ** DO NOT EDIT **
-
-# TARGTYPE "Win32 (x86) Static Library" 0x0104
-
-CFG=yassl - Win32 Debug
-!MESSAGE This is not a valid makefile. To build this project using NMAKE,
-!MESSAGE use the Export Makefile command and run
-!MESSAGE 
-!MESSAGE NMAKE /f "yassl.mak".
-!MESSAGE 
-!MESSAGE You can specify a configuration when running NMAKE
-!MESSAGE by defining the macro CFG on the command line. For example:
-!MESSAGE 
-!MESSAGE NMAKE /f "yassl.mak" CFG="yassl - Win32 Debug"
-!MESSAGE 
-!MESSAGE Possible choices for configuration are:
-!MESSAGE 
-!MESSAGE "yassl - Win32 Release" (based on "Win32 (x86) Static Library")
-!MESSAGE "yassl - Win32 Debug" (based on "Win32 (x86) Static Library")
-!MESSAGE 
-
-# Begin Project
-# PROP AllowPerConfigDependencies 0
-# PROP Scc_ProjName ""
-# PROP Scc_LocalPath ""
-CPP=cl.exe
-RSC=rc.exe
-
-!IF  "$(CFG)" == "yassl - Win32 Release"
-
-# PROP BASE Use_MFC 0
-# PROP BASE Use_Debug_Libraries 0
-# PROP BASE Output_Dir "Release"
-# PROP BASE Intermediate_Dir "Release"
-# PROP BASE Target_Dir ""
-# PROP Use_MFC 0
-# PROP Use_Debug_Libraries 0
-# PROP Output_Dir "Release"
-# PROP Intermediate_Dir "Release"
-# PROP Target_Dir ""
-# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_MBCS" /D "_LIB" /D "YASSL_PREFIX" /YX /FD /c
-# ADD CPP /nologo /MT /W3 /O2 /I "include" /I "taocrypt\include" /I "taocrypt\mySTL" /D "WIN32" /D "NDEBUG" /D "_MBCS" /D "_LIB" /D "YASSL_PREFIX" /YX /FD /c
-# ADD BASE RSC /l 0x409 /d "NDEBUG"
-# ADD RSC /l 0x409 /d "NDEBUG"
-BSC32=bscmake.exe
-# ADD BASE BSC32 /nologo
-# ADD BSC32 /nologo
-LIB32=link.exe -lib
-# ADD BASE LIB32 /nologo
-# ADD LIB32 /nologo
-
-!ELSEIF  "$(CFG)" == "yassl - Win32 Debug"
-
-# PROP BASE Use_MFC 0
-# PROP BASE Use_Debug_Libraries 1
-# PROP BASE Output_Dir "Debug"
-# PROP BASE Intermediate_Dir "Debug"
-# PROP BASE Target_Dir ""
-# PROP Use_MFC 0
-# PROP Use_Debug_Libraries 1
-# PROP Output_Dir "Debug"
-# PROP Intermediate_Dir "Debug"
-# PROP Target_Dir ""
-# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_MBCS" /D "_LIB" /D "YASSL_PREFIX" /YX /FD /GZ /c
-# ADD CPP /nologo /MTd /W3 /Gm /ZI /Od /I "include" /I "taocrypt\include" /I "taocrypt\mySTL" /D "WIN32" /D "_DEBUG" /D "_MBCS" /D "_LIB" /D "YASSL_PREFIX" /FR /YX /FD /GZ /c
-# ADD BASE RSC /l 0x409 /d "_DEBUG"
-# ADD RSC /l 0x409 /d "_DEBUG"
-BSC32=bscmake.exe
-# ADD BASE BSC32 /nologo
-# ADD BSC32 /nologo
-LIB32=link.exe -lib
-# ADD BASE LIB32 /nologo
-# ADD LIB32 /nologo
-
-!ENDIF 
-
-# Begin Target
-
-# Name "yassl - Win32 Release"
-# Name "yassl - Win32 Debug"
-# Begin Group "Source Files"
-
-# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"
-# Begin Source File
-
-SOURCE=.\src\buffer.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\cert_wrapper.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\crypto_wrapper.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\handshake.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\lock.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\log.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\socket_wrapper.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\ssl.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\timer.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\yassl_error.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\yassl_imp.cpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\src\yassl_int.cpp
-# End Source File
-# End Group
-# Begin Group "Header Files"
-
-# PROP Default_Filter "h;hpp;hxx;hm;inl"
-# Begin Source File
-
-SOURCE=.\include\buffer.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\cert_wrapper.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\crypto_wrapper.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\factory.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\handshake.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\lock.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\log.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\socket_wrapper.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\timer.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\yassl_error.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\yassl_imp.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\yassl_int.hpp
-# End Source File
-# Begin Source File
-
-SOURCE=.\include\yassl_types.hpp
-# End Source File
-# End Group
-# End Target
-# End Project
diff --git a/extra/yassl/yassl.dsw b/extra/yassl/yassl.dsw
deleted file mode 100644
index 8da089fc1fa..00000000000
--- a/extra/yassl/yassl.dsw
+++ /dev/null
@@ -1,149 +0,0 @@
-Microsoft Developer Studio Workspace File, Format Version 6.00
-# WARNING: DO NOT EDIT OR DELETE THIS WORKSPACE FILE!
-
-###############################################################################
-
-Project: "benchmark"=.\taocrypt\benchmark\benchmark.dsp - Package Owner=<4>
-
-Package=<5>
-{{{
-}}}
-
-Package=<4>
-{{{
-    Begin Project Dependency
-    Project_Dep_Name taocrypt
-    End Project Dependency
-}}}
-
-###############################################################################
-
-Project: "client"=.\examples\client\client.dsp - Package Owner=<4>
-
-Package=<5>
-{{{
-}}}
-
-Package=<4>
-{{{
-    Begin Project Dependency
-    Project_Dep_Name yassl
-    End Project Dependency
-}}}
-
-###############################################################################
-
-Project: "echoclient"=.\examples\echoclient\echoclient.dsp - Package Owner=<4>
-
-Package=<5>
-{{{
-}}}
-
-Package=<4>
-{{{
-    Begin Project Dependency
-    Project_Dep_Name yassl
-    End Project Dependency
-}}}
-
-###############################################################################
-
-Project: "echoserver"=.\examples\echoserver\echoserver.dsp - Package Owner=<4>
-
-Package=<5>
-{{{
-}}}
-
-Package=<4>
-{{{
-    Begin Project Dependency
-    Project_Dep_Name yassl
-    End Project Dependency
-}}}
-
-###############################################################################
-
-Project: "server"=.\examples\server\server.dsp - Package Owner=<4>
-
-Package=<5>
-{{{
-}}}
-
-Package=<4>
-{{{
-    Begin Project Dependency
-    Project_Dep_Name yassl
-    End Project Dependency
-}}}
-
-###############################################################################
-
-Project: "taocrypt"=.\taocrypt\taocrypt.dsp - Package Owner=<4>
-
-Package=<5>
-{{{
-}}}
-
-Package=<4>
-{{{
-}}}
-
-###############################################################################
-
-Project: "test"=.\taocrypt\test\test.dsp - Package Owner=<4>
-
-Package=<5>
-{{{
-}}}
-
-Package=<4>
-{{{
-    Begin Project Dependency
-    Project_Dep_Name taocrypt
-    End Project Dependency
-}}}
-
-###############################################################################
-
-Project: "testsuite"=.\testsuite\testsuite.dsp - Package Owner=<4>
-
-Package=<5>
-{{{
-}}}
-
-Package=<4>
-{{{
-    Begin Project Dependency
-    Project_Dep_Name yassl
-    End Project Dependency
-}}}
-
-###############################################################################
-
-Project: "yassl"=.\yassl.dsp - Package Owner=<4>
-
-Package=<5>
-{{{
-}}}
-
-Package=<4>
-{{{
-    Begin Project Dependency
-    Project_Dep_Name taocrypt
-    End Project Dependency
-}}}
-
-###############################################################################
-
-Global:
-
-Package=<5>
-{{{
-}}}
-
-Package=<3>
-{{{
-}}}
-
-###############################################################################
-
diff --git a/mysys_ssl/yassl.cc b/mysys_ssl/yassl.cc
deleted file mode 100644
index 96b6f6867fe..00000000000
--- a/mysys_ssl/yassl.cc
+++ /dev/null
@@ -1,191 +0,0 @@
-/*
- Copyright (c) 2015, 2017, MariaDB Corporation.
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; version 2 of the License.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1335  USA */
-
-/*
-  The very minimal subset of OpenSSL's EVP* functions.
-  Just enough for my_crypt.cc to work.
-
-  On the other hand, where it has to implement OpenSSL functionality,
-  it tries to be compatible (e.g. same flags and struct member names).
-*/
-
-#include 
-#include "aes.hpp"
-
-using yaSSL::yaERR_remove_state;
-using yaSSL::yaRAND_bytes;
-
-#define EVP_CIPH_ECB_MODE     0x1U
-#define EVP_CIPH_CBC_MODE     0x2U
-#define EVP_CIPH_NO_PADDING 0x100U
-
-/*
-  note that TaoCrypt::AES object is not explicitly put into EVP_CIPHER_CTX.
-  That's because we need to control when TaoCrypt::AES constructor and
-  destructor are called.
-*/
-typedef struct
-{
-  ulong flags;
-  int encrypt;
-  int key_len;
-  int buf_len;
-  int final_used;
-  uchar tao_buf[sizeof(TaoCrypt::AES)];   // TaoCrypt::AES object
-  uchar buf[TaoCrypt::AES::BLOCK_SIZE];   // last partial input block
-  uchar final[TaoCrypt::AES::BLOCK_SIZE]; // last decrypted (output) block
-} EVP_CIPHER_CTX;
-
-typedef struct {
-  TaoCrypt::Mode mode;
-  TaoCrypt::word32 key_len;
-} EVP_CIPHER;
-
-#define gen_cipher(mode, MODE, len)                                     \
-  static const EVP_CIPHER *EVP_aes_ ## len ## _ ## mode()               \
-  { static const EVP_CIPHER c={TaoCrypt::MODE, len/8}; return &c; }
-
-gen_cipher(ecb,ECB,128)
-gen_cipher(ecb,ECB,192)
-gen_cipher(ecb,ECB,256)
-gen_cipher(cbc,CBC,128)
-gen_cipher(cbc,CBC,192)
-gen_cipher(cbc,CBC,256)
-
-static inline TaoCrypt::AES *TAO(EVP_CIPHER_CTX *ctx)
-{
-  return (TaoCrypt::AES *)(ctx->tao_buf);
-}
-
-static void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx)
-{
-  ctx->final_used= ctx->buf_len= ctx->flags= 0;
-}
-
-static int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *ctx)
-{
-  TAO(ctx)->~AES();
-  return 1;
-}
-
-static int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad)
-{
-  if (pad)
-    ctx->flags&= ~EVP_CIPH_NO_PADDING;
-  else
-    ctx->flags|= EVP_CIPH_NO_PADDING;
-  return 1;
-}
-
-static int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
-                             void *, const uchar *key, const uchar *iv, int enc)
-{
-  new (ctx->tao_buf) TaoCrypt::AES(enc ? TaoCrypt::ENCRYPTION
-                                       : TaoCrypt::DECRYPTION, cipher->mode);
-  TAO(ctx)->SetKey(key, cipher->key_len);
-  if (iv)
-    TAO(ctx)->SetIV(iv);
-  ctx->encrypt= enc;
-  ctx->key_len= cipher->key_len;
-  ctx->flags|= cipher->mode == TaoCrypt::CBC ? EVP_CIPH_CBC_MODE : EVP_CIPH_ECB_MODE;
-  return 1;
-}
-
-static int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
-{
-  return ctx->key_len;
-}
-
-static int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
-{
-  return ctx->flags & EVP_CIPH_ECB_MODE ? 0 : TaoCrypt::AES::BLOCK_SIZE;
-}
-
-static void do_whole_blocks(EVP_CIPHER_CTX *ctx, uchar *out, int *outl,
-                            const uchar *in, int inl)
-{
-  DBUG_ASSERT(inl);
-  DBUG_ASSERT(inl % TaoCrypt::AES::BLOCK_SIZE == 0);
-  if (ctx->encrypt || (ctx->flags & EVP_CIPH_NO_PADDING))
-  {
-    TAO(ctx)->Process(out, in, inl);
-    *outl+= inl;
-    return;
-  }
-  /* 'final' is only needed when decrypting with padding */
-  if (ctx->final_used)
-  {
-    memcpy(out, ctx->final, TaoCrypt::AES::BLOCK_SIZE);
-    *outl+= TaoCrypt::AES::BLOCK_SIZE;
-    out+= TaoCrypt::AES::BLOCK_SIZE;
-  }
-  inl-= TaoCrypt::AES::BLOCK_SIZE;
-  TAO(ctx)->Process(out, in, inl);
-  *outl+= inl;
-  TAO(ctx)->Process(ctx->final, in + inl, TaoCrypt::AES::BLOCK_SIZE);
-  ctx->final_used= 1;
-}
-
-static int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, uchar *out, int *outl,
-                            const uchar *in, int inl)
-{
-  *outl= 0;
-  if (ctx->buf_len)
-  {
-    int prefixl= TaoCrypt::AES::BLOCK_SIZE - ctx->buf_len;
-    if (prefixl > inl)
-    {
-      memcpy(ctx->buf + ctx->buf_len, in, inl);
-      ctx->buf_len+= inl;
-      return 1;
-    }
-    memcpy(ctx->buf + ctx->buf_len, in, prefixl);
-    do_whole_blocks(ctx, out, outl, ctx->buf, TaoCrypt::AES::BLOCK_SIZE);
-    in+= prefixl;
-    inl-= prefixl;
-    out+= *outl;
-  }
-  ctx->buf_len= inl % TaoCrypt::AES::BLOCK_SIZE;
-  inl-= ctx->buf_len;
-  memcpy(ctx->buf, in + inl, ctx->buf_len);
-  if (inl)
-    do_whole_blocks(ctx, out, outl, in, inl);
-  return 1;
-}
-
-static int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, uchar *out, int *outl)
-{
-  if (ctx->flags & EVP_CIPH_NO_PADDING)
-    return ctx->buf_len == 0;
-
-  // PKCS#7 padding
-  *outl= 0;
-  if (ctx->encrypt)
-  {
-    int v= TaoCrypt::AES::BLOCK_SIZE - ctx->buf_len;
-    memset(ctx->buf + ctx->buf_len, v, v);
-    do_whole_blocks(ctx, out, outl, ctx->buf, TaoCrypt::AES::BLOCK_SIZE);
-    return 1;
-  }
-  int n= ctx->final[TaoCrypt::AES::BLOCK_SIZE - 1];
-  if (ctx->buf_len || !ctx->final_used ||
-      n < 1 || n > TaoCrypt::AES::BLOCK_SIZE)
-    return 0;
-  *outl= TaoCrypt::AES::BLOCK_SIZE - n;
-  memcpy(out, ctx->final, *outl);
-  return 1;
-}
-

From 5d2619b6931a967df52acb6cb650c0619dcc70d2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marko=20M=C3=A4kel=C3=A4?= 
Date: Fri, 24 May 2019 16:19:38 +0300
Subject: [PATCH 3/6] MDEV-19584 Allocate recv_sys statically

There is only one InnoDB crash recovery subsystem.
Allocating recv_sys statically removes one level of pointer indirection
and makes code more readable, and removes the awkward initialization of
recv_sys->dblwr.

recv_sys_t::create(): Replaces recv_sys_init().

recv_sys_t::debug_free(): Replaces recv_sys_debug_free().

recv_sys_t::close(): Replaces recv_sys_close().

recv_sys_t::add(): Replaces recv_add_to_hash_table().

recv_sys_t::empty(): Replaces recv_sys_empty_hash().
---
 extra/mariabackup/xtrabackup.cc     |  20 +-
 storage/innobase/buf/buf0buf.cc     |  12 +-
 storage/innobase/buf/buf0dblwr.cc   |   4 +-
 storage/innobase/buf/buf0flu.cc     |  10 +-
 storage/innobase/fil/fil0fil.cc     |   2 +-
 storage/innobase/fsp/fsp0file.cc    |   2 +-
 storage/innobase/include/log0recv.h |  54 ++-
 storage/innobase/log/log0log.cc     |   6 +-
 storage/innobase/log/log0recv.cc    | 664 ++++++++++++++--------------
 storage/innobase/mtr/mtr0log.cc     |   8 +-
 storage/innobase/page/page0cur.cc   |   6 +-
 storage/innobase/page/page0zip.cc   |  10 +-
 storage/innobase/srv/srv0start.cc   |  22 +-
 storage/innobase/trx/trx0roll.cc    |   6 +-
 storage/innobase/trx/trx0undo.cc    |   2 +-
 15 files changed, 418 insertions(+), 410 deletions(-)

diff --git a/extra/mariabackup/xtrabackup.cc b/extra/mariabackup/xtrabackup.cc
index eda4be956dc..56653a192d3 100644
--- a/extra/mariabackup/xtrabackup.cc
+++ b/extra/mariabackup/xtrabackup.cc
@@ -2667,7 +2667,7 @@ static lsn_t xtrabackup_copy_log(lsn_t start_lsn, lsn_t end_lsn, bool last)
 				log_block,
 				scanned_lsn + data_len);
 
-		recv_sys->scanned_lsn = scanned_lsn + data_len;
+		recv_sys.scanned_lsn = scanned_lsn + data_len;
 
 		if (data_len == OS_FILE_LOG_BLOCK_SIZE) {
 			/* We got a full log block. */
@@ -2719,13 +2719,13 @@ static lsn_t xtrabackup_copy_log(lsn_t start_lsn, lsn_t end_lsn, bool last)
 static bool xtrabackup_copy_logfile(bool last = false)
 {
 	ut_a(dst_log_file != NULL);
-	ut_ad(recv_sys != NULL);
+	ut_ad(recv_sys.is_initialised());
 
 	lsn_t	start_lsn;
 	lsn_t	end_lsn;
 
-	recv_sys->parse_start_lsn = log_copy_scanned_lsn;
-	recv_sys->scanned_lsn = log_copy_scanned_lsn;
+	recv_sys.parse_start_lsn = log_copy_scanned_lsn;
+	recv_sys.scanned_lsn = log_copy_scanned_lsn;
 
 	start_lsn = ut_uint64_align_down(log_copy_scanned_lsn,
 					 OS_FILE_LOG_BLOCK_SIZE);
@@ -2748,15 +2748,15 @@ static bool xtrabackup_copy_logfile(bool last = false)
 		if (lsn == start_lsn) {
 			start_lsn = 0;
 		} else {
-			mutex_enter(&recv_sys->mutex);
+			mutex_enter(&recv_sys.mutex);
 			start_lsn = xtrabackup_copy_log(start_lsn, lsn, last);
-			mutex_exit(&recv_sys->mutex);
+			mutex_exit(&recv_sys.mutex);
 		}
 
 		log_mutex_exit();
 
 		if (!start_lsn) {
-			msg(recv_sys->found_corrupt_log
+			msg(recv_sys.found_corrupt_log
 			    ? "xtrabackup_copy_logfile() failed: corrupt log."
 			    : "xtrabackup_copy_logfile() failed.");
 			return true;
@@ -4071,7 +4071,7 @@ fail:
 
 	ut_crc32_init();
 	crc_init();
-	recv_sys_init();
+	recv_sys.create();
 
 #ifdef WITH_INNODB_DISALLOW_WRITES
 	srv_allow_writes_event = os_event_create(0);
@@ -4231,7 +4231,7 @@ fail_before_log_copying_thread_start:
 
 	/* copy log file by current position */
 	log_copy_scanned_lsn = checkpoint_lsn_start;
-	recv_sys->recovered_lsn = log_copy_scanned_lsn;
+	recv_sys.recovered_lsn = log_copy_scanned_lsn;
 	log_optimized_ddl_op = backup_optimized_ddl_op;
 
 	if (xtrabackup_copy_logfile())
@@ -5471,7 +5471,7 @@ static bool xtrabackup_prepare_func(char** argv)
 		sync_check_init();
 		ut_d(sync_check_enable());
 		ut_crc32_init();
-		recv_sys_init();
+		recv_sys.create();
 		log_sys.create();
 		recv_recovery_on = true;
 
diff --git a/storage/innobase/buf/buf0buf.cc b/storage/innobase/buf/buf0buf.cc
index 678481cab3d..02a3844cb43 100644
--- a/storage/innobase/buf/buf0buf.cc
+++ b/storage/innobase/buf/buf0buf.cc
@@ -1253,10 +1253,10 @@ buf_madvise_do_dump()
 			      srv_log_buffer_size * 2,
 			      MADV_DODUMP);
 	}
-	/* mirrors recv_sys_init() */
-	if (recv_sys->buf)
+	/* mirrors recv_sys_t::create() */
+	if (recv_sys.buf)
 	{
-		ret+= madvise(recv_sys->buf, recv_sys->len, MADV_DODUMP);
+		ret+= madvise(recv_sys.buf, recv_sys.len, MADV_DODUMP);
 	}
 
 	buf_pool_mutex_enter_all();
@@ -1770,7 +1770,7 @@ buf_chunk_not_freed(
 				      == block->page.newest_modification);
 				ut_ad(block->page.oldest_modification == 0
 				      || block->page.oldest_modification
-				      == recv_sys->recovered_lsn
+				      == recv_sys.recovered_lsn
 				      || srv_force_recovery
 				      == SRV_FORCE_NO_LOG_REDO);
 				ut_ad(block->page.buf_fix_count == 0);
@@ -5571,9 +5571,9 @@ buf_page_create(
 							  mtr);
 		}
 
-		mutex_exit(&recv_sys->mutex);
+		mutex_exit(&recv_sys.mutex);
 		block = buf_page_get_with_no_latch(page_id, zip_size, mtr);
-		mutex_enter(&recv_sys->mutex);
+		mutex_enter(&recv_sys.mutex);
 		return block;
 	}
 
diff --git a/storage/innobase/buf/buf0dblwr.cc b/storage/innobase/buf/buf0dblwr.cc
index 80c7411d48a..4c83e62dfe3 100644
--- a/storage/innobase/buf/buf0dblwr.cc
+++ b/storage/innobase/buf/buf0dblwr.cc
@@ -358,7 +358,7 @@ buf_dblwr_init_or_load_pages(
 	byte*		doublewrite;
 	byte*		unaligned_read_buf;
 	ibool		reset_space_ids = FALSE;
-	recv_dblwr_t&	recv_dblwr = recv_sys->dblwr;
+	recv_dblwr_t&	recv_dblwr = recv_sys.dblwr;
 
 	/* We do the file i/o past the buffer pool */
 
@@ -523,7 +523,7 @@ buf_dblwr_process()
 	ulint		page_no_dblwr	= 0;
 	byte*		read_buf;
 	byte*		unaligned_read_buf;
-	recv_dblwr_t&	recv_dblwr	= recv_sys->dblwr;
+	recv_dblwr_t&	recv_dblwr	= recv_sys.dblwr;
 
 	if (!buf_dblwr) {
 		return;
diff --git a/storage/innobase/buf/buf0flu.cc b/storage/innobase/buf/buf0flu.cc
index c6a1e7149ec..373f6eb4539 100644
--- a/storage/innobase/buf/buf0flu.cc
+++ b/storage/innobase/buf/buf0flu.cc
@@ -3034,7 +3034,7 @@ DECLARE_THREAD(buf_flush_page_cleaner_coordinator)(void*)
 		" See the man page of setpriority().";
 	}
 	/* Signal that setpriority() has been attempted. */
-	os_event_set(recv_sys->flush_end);
+	os_event_set(recv_sys.flush_end);
 #endif /* UNIV_LINUX */
 
 	do {
@@ -3042,13 +3042,13 @@ DECLARE_THREAD(buf_flush_page_cleaner_coordinator)(void*)
 		ulint	n_flushed_lru = 0;
 		ulint	n_flushed_list = 0;
 
-		os_event_wait(recv_sys->flush_start);
+		os_event_wait(recv_sys.flush_start);
 
 		if (!recv_writer_thread_active) {
 			break;
 		}
 
-		switch (recv_sys->flush_type) {
+		switch (recv_sys.flush_type) {
 		case BUF_FLUSH_LRU:
 			/* Flush pages from end of LRU if required */
 			pc_request(0, LSN_MAX);
@@ -3069,8 +3069,8 @@ DECLARE_THREAD(buf_flush_page_cleaner_coordinator)(void*)
 			ut_ad(0);
 		}
 
-		os_event_reset(recv_sys->flush_start);
-		os_event_set(recv_sys->flush_end);
+		os_event_reset(recv_sys.flush_start);
+		os_event_set(recv_sys.flush_end);
 	} while (recv_writer_thread_active);
 
 	os_event_wait(buf_flush_event);
diff --git a/storage/innobase/fil/fil0fil.cc b/storage/innobase/fil/fil0fil.cc
index b17ff85ae92..8e8951d0804 100644
--- a/storage/innobase/fil/fil0fil.cc
+++ b/storage/innobase/fil/fil0fil.cc
@@ -4413,7 +4413,7 @@ fil_aio_wait(
 
 		ut_ad(type.is_read());
 		if (recv_recovery_is_on() && !srv_force_recovery) {
-			recv_sys->found_corrupt_fs = true;
+			recv_sys.found_corrupt_fs = true;
 		}
 
 		if (fil_space_t* space = fil_space_acquire_for_io(space_id)) {
diff --git a/storage/innobase/fsp/fsp0file.cc b/storage/innobase/fsp/fsp0file.cc
index fd3b0bd8808..4143e246f99 100644
--- a/storage/innobase/fsp/fsp0file.cc
+++ b/storage/innobase/fsp/fsp0file.cc
@@ -777,7 +777,7 @@ Datafile::restore_from_doublewrite()
 	}
 
 	/* Find if double write buffer contains page_no of given space id. */
-	const byte*	page = recv_sys->dblwr.find_page(m_space_id, 0);
+	const byte*	page = recv_sys.dblwr.find_page(m_space_id, 0);
 	const page_id_t	page_id(m_space_id, 0);
 
 	if (page == NULL) {
diff --git a/storage/innobase/include/log0recv.h b/storage/innobase/include/log0recv.h
index 06d5561c767..e712dc0d197 100644
--- a/storage/innobase/include/log0recv.h
+++ b/storage/innobase/include/log0recv.h
@@ -69,17 +69,6 @@ Initiates the rollback of active transactions. */
 void
 recv_recovery_rollback_active(void);
 /*===============================*/
-/** Clean up after recv_sys_init() */
-void
-recv_sys_close();
-/** Initialize the redo log recovery subsystem. */
-void
-recv_sys_init();
-/********************************************************//**
-Frees the recovery system. */
-void
-recv_sys_debug_free(void);
-/*=====================*/
 
 /********************************************************//**
 Reset the state of the recovery system variables. */
@@ -105,7 +94,7 @@ enum store_t {
 
 
 /** Adds data from a new log block to the parsing buffer of recv_sys if
-recv_sys->parse_start_lsn is non-zero.
+recv_sys.parse_start_lsn is non-zero.
 @param[in]	log_block	log block to add
 @param[in]	scanned_lsn	lsn of how far we were able to find
 				data in this log block
@@ -201,14 +190,11 @@ struct recv_sys_t{
 	buf_flush_t		flush_type;/*!< type of the flush request.
 				BUF_FLUSH_LRU: flush end of LRU, keeping free blocks.
 				BUF_FLUSH_LIST: flush all of blocks. */
-	ibool		apply_log_recs;
-				/*!< this is TRUE when log rec application to
-				pages is allowed; this flag tells the
-				i/o-handler if it should do log record
-				application */
-	ibool		apply_batch_on;
-				/*!< this is TRUE when a log rec application
-				batch is running */
+	/** whether recv_recover_page(), invoked from buf_page_io_complete(),
+	should apply log records*/
+	bool		apply_log_recs;
+	/** whether recv_apply_hashed_log_recs() is running */
+	bool		apply_batch_on;
 	byte*		buf;	/*!< buffer for parsing log records */
 	size_t		buf_size;	/*!< size of buf */
 	ulint		len;	/*!< amount of data in buf */
@@ -262,6 +248,32 @@ struct recv_sys_t{
 	/** Lastly added LSN to the hash table of log records. */
 	lsn_t		last_stored_lsn;
 
+	/** Initialize the redo log recovery subsystem. */
+	void create();
+
+	/** Free most recovery data structures. */
+	void debug_free();
+
+	/** Clean up after create() */
+	void close();
+
+	bool is_initialised() const { return buf_size != 0; }
+
+	/** Store a redo log record for applying.
+	@param type	record type
+	@param space	tablespace identifier
+	@param page_no	page number
+	@param body	record body
+	@param rec_end	end of record
+	@param lsn	start LSN of the mini-transaction
+	@param end_lsn	end LSN of the mini-transaction */
+	inline void add(mlog_id_t type, ulint space, ulint page_no,
+			byte* body, byte* rec_end, lsn_t lsn,
+			lsn_t end_lsn);
+
+	/** Empty a fully processed set of stored redo log records. */
+	inline void empty();
+
 	/** Determine whether redo log recovery progress should be reported.
 	@param[in]	time	the current time
 	@return	whether progress should be reported
@@ -278,7 +290,7 @@ struct recv_sys_t{
 };
 
 /** The recovery system */
-extern recv_sys_t*	recv_sys;
+extern recv_sys_t	recv_sys;
 
 /** TRUE when applying redo log records during crash recovery; FALSE
 otherwise.  Note that this is FALSE while a background thread is
diff --git a/storage/innobase/log/log0log.cc b/storage/innobase/log/log0log.cc
index c91deae638a..c9a94f953d7 100644
--- a/storage/innobase/log/log0log.cc
+++ b/storage/innobase/log/log0log.cc
@@ -1609,11 +1609,11 @@ loop:
 		} else {
 			ut_ad(!srv_dict_stats_thread_active);
 		}
-		if (recv_sys && recv_sys->flush_start) {
+		if (recv_sys.flush_start) {
 			/* This is in case recv_writer_thread was never
 			started, or buf_flush_page_cleaner_coordinator
 			failed to notice its termination. */
-			os_event_set(recv_sys->flush_start);
+			os_event_set(recv_sys.flush_start);
 		}
 	}
 #define COUNT_INTERVAL 600U
@@ -1951,7 +1951,7 @@ void log_t::close()
   if (!srv_read_only_mode && srv_scrub_log)
     os_event_destroy(log_scrub_event);
 
-  recv_sys_close();
+  recv_sys.close();
 }
 
 /******************************************************//**
diff --git a/storage/innobase/log/log0recv.cc b/storage/innobase/log/log0recv.cc
index 2f6a09be8db..2315075cf77 100644
--- a/storage/innobase/log/log0recv.cc
+++ b/storage/innobase/log/log0recv.cc
@@ -66,7 +66,7 @@ this must be less than srv_page_size as it is stored in the buffer pool */
 #define RECV_READ_AHEAD_AREA	32
 
 /** The recovery system */
-recv_sys_t*	recv_sys;
+recv_sys_t	recv_sys;
 /** TRUE when applying redo log records during crash recovery; FALSE
 otherwise.  Note that this is FALSE while a background thread is
 rolling back incomplete transactions. */
@@ -253,7 +253,7 @@ private:
 			 ut_allocator > >
 		map;
 	/** Map of page initialization operations.
-	FIXME: Merge this to recv_sys->addr_hash! */
+	FIXME: Merge this to recv_sys.addr_hash! */
 	map inits;
 public:
 	/** Record that a page will be initialized by the redo log.
@@ -262,7 +262,7 @@ public:
 	@param[in]	lsn		log sequence number */
 	void add(ulint space, ulint page_no, lsn_t lsn)
 	{
-		ut_ad(mutex_own(&recv_sys->mutex));
+		ut_ad(mutex_own(&recv_sys.mutex));
 		const init init = { lsn, false };
 		std::pair p = inits.insert(
 			map::value_type(page_id_t(space, page_no), init));
@@ -277,17 +277,17 @@ public:
 	@param[in]	page_id	page id
 	@param[in,out]	init	initialize log or load log
 	@return the latest page initialization;
-	not valid after releasing recv_sys->mutex. */
+	not valid after releasing recv_sys.mutex. */
 	init& last(page_id_t page_id)
 	{
-		ut_ad(mutex_own(&recv_sys->mutex));
+		ut_ad(mutex_own(&recv_sys.mutex));
 		return inits.find(page_id)->second;
 	}
 
 	/** At the end of each recovery batch, reset the 'created' flags. */
 	void reset()
 	{
-		ut_ad(mutex_own(&recv_sys->mutex));
+		ut_ad(mutex_own(&recv_sys.mutex));
 		ut_ad(recv_no_ibuf_operations);
 		for (map::iterator i= inits.begin(); i != inits.end(); i++) {
 			i->second.created = false;
@@ -308,7 +308,7 @@ public:
 	@param[in,out]	mtr	dummy mini-transaction */
 	void ibuf_merge(mtr_t& mtr)
 	{
-		ut_ad(mutex_own(&recv_sys->mutex));
+		ut_ad(mutex_own(&recv_sys.mutex));
 		ut_ad(!recv_no_ibuf_operations);
 		mtr.start();
 
@@ -321,13 +321,13 @@ public:
 				    i->first, 0, RW_X_LATCH, NULL,
 				    BUF_GET_IF_IN_POOL, __FILE__, __LINE__,
 				    &mtr, NULL)) {
-				mutex_exit(&recv_sys->mutex);
+				mutex_exit(&recv_sys.mutex);
 				ibuf_merge_or_delete_for_page(
 					block, i->first,
 					block->zip_size(), true);
 				mtr.commit();
 				mtr.start();
-				mutex_enter(&recv_sys->mutex);
+				mutex_enter(&recv_sys.mutex);
 			}
 		}
 
@@ -351,10 +351,10 @@ static void recv_addr_trim(ulint space_id, unsigned pages, lsn_t lsn)
 	DBUG_LOG("ib_log",
 		 "discarding log beyond end of tablespace "
 		 << page_id_t(space_id, pages) << " before LSN " << lsn);
-	ut_ad(mutex_own(&recv_sys->mutex));
-	for (ulint i = recv_sys->addr_hash->n_cells; i--; ) {
+	ut_ad(mutex_own(&recv_sys.mutex));
+	for (ulint i = recv_sys.addr_hash->n_cells; i--; ) {
 		hash_cell_t* const cell = hash_get_nth_cell(
-			recv_sys->addr_hash, i);
+			recv_sys.addr_hash, i);
 		for (recv_addr_t* addr = static_cast(cell->node),
 			     *next;
 		     addr; addr = next) {
@@ -463,7 +463,7 @@ fil_name_process(
 					<< " has been found in two places: '"
 					<< f.name << "' and '" << name << "'."
 					" You must delete one of them.";
-				recv_sys->found_corrupt_fs = true;
+				recv_sys.found_corrupt_fs = true;
 			}
 			break;
 
@@ -486,7 +486,7 @@ fil_name_process(
 				forcing recovery. */
 
 				ib::info()
-					<< "At LSN: " << recv_sys->recovered_lsn
+					<< "At LSN: " << recv_sys.recovered_lsn
 					<< ": unable to open file " << name
 					<< " for tablespace " << space_id;
 			}
@@ -515,7 +515,7 @@ fil_name_process(
 					" disk is broken, and you cannot"
 					" remove the .ibd file, you can set"
 					" --innodb_force_recovery.";
-				recv_sys->found_corrupt_fs = true;
+				recv_sys.found_corrupt_fs = true;
 				break;
 			}
 
@@ -596,7 +596,7 @@ fil_name_parse(
 	case MLOG_FILE_NAME:
 		if (corrupt) {
 			ib::error() << "MLOG_FILE_NAME incorrect:" << ptr;
-			recv_sys->found_corrupt_log = true;
+			recv_sys.found_corrupt_log = true;
 			break;
 		}
 
@@ -606,7 +606,7 @@ fil_name_parse(
 	case MLOG_FILE_DELETE:
 		if (corrupt) {
 			ib::error() << "MLOG_FILE_DELETE incorrect:" << ptr;
-			recv_sys->found_corrupt_log = true;
+			recv_sys.found_corrupt_log = true;
 			break;
 		}
 
@@ -619,11 +619,11 @@ fil_name_parse(
 			      == SRV_UNDO_TABLESPACE_SIZE_IN_PAGES);
 			ut_a(srv_is_undo_tablespace(space_id));
 			compile_time_assert(
-				UT_ARR_SIZE(recv_sys->truncated_undo_spaces)
+				UT_ARR_SIZE(recv_sys.truncated_undo_spaces)
 				== TRX_SYS_MAX_UNDO_SPACES);
-			recv_sys_t::trunc& t = recv_sys->truncated_undo_spaces[
+			recv_sys_t::trunc& t = recv_sys.truncated_undo_spaces[
 				space_id - srv_undo_space_id_start];
-			t.lsn = recv_sys->recovered_lsn;
+			t.lsn = recv_sys.recovered_lsn;
 			t.pages = uint32_t(first_page_no);
 		} else if (log_file_op) {
 			log_file_op(space_id,
@@ -634,7 +634,7 @@ fil_name_parse(
 	case MLOG_FILE_RENAME2:
 		if (corrupt) {
 			ib::error() << "MLOG_FILE_RENAME2 incorrect:" << ptr;
-			recv_sys->found_corrupt_log = true;
+			recv_sys.found_corrupt_log = true;
 		}
 
 		/* The new name follows the old name. */
@@ -676,7 +676,7 @@ fil_name_parse(
 		if (corrupt) {
 			ib::error() << "MLOG_FILE_RENAME2 new_name incorrect:" << ptr
 				    << " new_name: " << new_name;
-			recv_sys->found_corrupt_log = true;
+			recv_sys.found_corrupt_log = true;
 			break;
 		}
 
@@ -699,47 +699,48 @@ fil_name_parse(
 			    space_id, first_page_no,
 			    reinterpret_cast(ptr),
 			    reinterpret_cast(new_name))) {
-			recv_sys->found_corrupt_fs = true;
+			recv_sys.found_corrupt_fs = true;
 		}
 	}
 
 	return(end_ptr);
 }
 
-/** Clean up after recv_sys_init() */
-void
-recv_sys_close()
+/** Clean up after recv_sys_t::create() */
+void recv_sys_t::close()
 {
-	if (recv_sys != NULL) {
-		recv_sys->dblwr.pages.clear();
+	ut_ad(this == &recv_sys);
+	ut_ad(!recv_writer_thread_active);
 
-		if (recv_sys->addr_hash != NULL) {
-			hash_table_free(recv_sys->addr_hash);
+	if (is_initialised()) {
+		dblwr.pages.clear();
+
+		if (addr_hash) {
+			hash_table_free(addr_hash);
+			addr_hash = NULL;
 		}
 
-		if (recv_sys->heap != NULL) {
-			mem_heap_free(recv_sys->heap);
+		if (heap) {
+			mem_heap_free(heap);
+			heap = NULL;
 		}
 
-		if (recv_sys->flush_start != NULL) {
-			os_event_destroy(recv_sys->flush_start);
+		if (flush_start) {
+			os_event_destroy(flush_start);
 		}
 
-		if (recv_sys->flush_end != NULL) {
-			os_event_destroy(recv_sys->flush_end);
+		if (flush_end) {
+			os_event_destroy(flush_end);
 		}
 
-		if (recv_sys->buf != NULL) {
-			ut_free_dodump(recv_sys->buf, recv_sys->buf_size);
+		if (buf) {
+			ut_free_dodump(buf, buf_size);
+			buf = NULL;
 		}
 
-		ut_ad(!recv_writer_thread_active);
-		mutex_free(&recv_sys->writer_mutex);
-
-		mutex_free(&recv_sys->mutex);
-
-		ut_free(recv_sys);
-		recv_sys = NULL;
+		buf_size = 0;
+		mutex_free(&writer_mutex);
+		mutex_free(&mutex);
 	}
 
 	recv_spaces.clear();
@@ -794,20 +795,20 @@ DECLARE_THREAD(recv_writer_thread)(
 		int64_t      sig_count = os_event_reset(buf_flush_event);
 		os_event_wait_time_low(buf_flush_event, 100000, sig_count);
 
-		mutex_enter(&recv_sys->writer_mutex);
+		mutex_enter(&recv_sys.writer_mutex);
 
 		if (!recv_recovery_is_on()) {
-			mutex_exit(&recv_sys->writer_mutex);
+			mutex_exit(&recv_sys.writer_mutex);
 			break;
 		}
 
 		/* Flush pages from end of LRU if required */
-		os_event_reset(recv_sys->flush_end);
-		recv_sys->flush_type = BUF_FLUSH_LRU;
-		os_event_set(recv_sys->flush_start);
-		os_event_wait(recv_sys->flush_end);
+		os_event_reset(recv_sys.flush_end);
+		recv_sys.flush_type = BUF_FLUSH_LRU;
+		os_event_set(recv_sys.flush_start);
+		os_event_wait(recv_sys.flush_end);
 
-		mutex_exit(&recv_sys->writer_mutex);
+		mutex_exit(&recv_sys.writer_mutex);
 	}
 
 	recv_writer_thread_active = false;
@@ -822,23 +823,26 @@ DECLARE_THREAD(recv_writer_thread)(
 }
 
 /** Initialize the redo log recovery subsystem. */
-void
-recv_sys_init()
+void recv_sys_t::create()
 {
-	ut_ad(recv_sys == NULL);
+	ut_ad(this == &recv_sys);
+	ut_ad(!is_initialised());
+	ut_ad(!flush_start);
+	ut_ad(!flush_end);
+	mutex_create(LATCH_ID_RECV_SYS, &mutex);
+	mutex_create(LATCH_ID_RECV_WRITER, &writer_mutex);
 
-	recv_sys = static_cast(ut_zalloc_nokey(sizeof(*recv_sys)));
-
-	mutex_create(LATCH_ID_RECV_SYS, &recv_sys->mutex);
-	mutex_create(LATCH_ID_RECV_WRITER, &recv_sys->writer_mutex);
-
-	recv_sys->heap = mem_heap_create_typed(256, MEM_HEAP_FOR_RECV_SYS);
+	heap = mem_heap_create_typed(256, MEM_HEAP_FOR_RECV_SYS);
 
 	if (!srv_read_only_mode) {
-		recv_sys->flush_start = os_event_create(0);
-		recv_sys->flush_end = os_event_create(0);
+		flush_start = os_event_create(0);
+		flush_end = os_event_create(0);
 	}
 
+	flush_type = BUF_FLUSH_LRU;
+	apply_log_recs = false;
+	apply_batch_on = false;
+
 	ulint size = buf_pool_get_curr_size();
 	/* Set appropriate value of recv_n_pool_free_frames. */
 	if (size >= 10 << 20) {
@@ -846,58 +850,63 @@ recv_sys_init()
 		recv_n_pool_free_frames = 512;
 	}
 
-	recv_sys->buf = static_cast(
-		ut_malloc_dontdump(RECV_PARSING_BUF_SIZE));
-	recv_sys->buf_size = RECV_PARSING_BUF_SIZE;
+	buf = static_cast(ut_malloc_dontdump(RECV_PARSING_BUF_SIZE));
+	buf_size = RECV_PARSING_BUF_SIZE;
+	len = 0;
+	parse_start_lsn = 0;
+	scanned_lsn = 0;
+	scanned_checkpoint_no = 0;
+	recovered_offset = 0;
+	recovered_lsn = 0;
+	found_corrupt_log = false;
+	found_corrupt_fs = false;
+	mlog_checkpoint_lsn = 0;
 
-	recv_sys->addr_hash = hash_create(size / 512);
-	recv_sys->progress_time = ut_time();
+	addr_hash = hash_create(size / 512);
+	n_addrs = 0;
+	progress_time = ut_time();
 	recv_max_page_lsn = 0;
 
-	/* Call the constructor for recv_sys_t::dblwr member */
-	new (&recv_sys->dblwr) recv_dblwr_t();
+	memset(truncated_undo_spaces, 0, sizeof truncated_undo_spaces);
+	last_stored_lsn = 0;
 }
 
-/** Empty a fully processed hash table. */
-static
-void
-recv_sys_empty_hash()
+/** Empty a fully processed set of stored redo log records. */
+inline void recv_sys_t::empty()
 {
-	ut_ad(mutex_own(&(recv_sys->mutex)));
-	ut_a(recv_sys->n_addrs == 0);
+	ut_ad(mutex_own(&mutex));
+	ut_a(n_addrs == 0);
 
-	hash_table_free(recv_sys->addr_hash);
-	mem_heap_empty(recv_sys->heap);
+	hash_table_free(addr_hash);
+	mem_heap_empty(heap);
 
-	recv_sys->addr_hash = hash_create(buf_pool_get_curr_size() / 512);
+	addr_hash = hash_create(buf_pool_get_curr_size() / 512);
 }
 
-/********************************************************//**
-Frees the recovery system. */
-void
-recv_sys_debug_free(void)
-/*=====================*/
+/** Free most recovery data structures. */
+void recv_sys_t::debug_free()
 {
-	mutex_enter(&(recv_sys->mutex));
+	ut_ad(this == &recv_sys);
+	ut_ad(is_initialised());
+	mutex_enter(&mutex);
 
-	hash_table_free(recv_sys->addr_hash);
-	mem_heap_free(recv_sys->heap);
-	ut_free_dodump(recv_sys->buf, recv_sys->buf_size);
+	hash_table_free(addr_hash);
+	mem_heap_free(heap);
+	ut_free_dodump(buf, buf_size);
 
-	recv_sys->buf_size = 0;
-	recv_sys->buf = NULL;
-	recv_sys->heap = NULL;
-	recv_sys->addr_hash = NULL;
+	buf = NULL;
+	heap = NULL;
+	addr_hash = NULL;
 
 	/* wake page cleaner up to progress */
 	if (!srv_read_only_mode) {
 		ut_ad(!recv_recovery_is_on());
 		ut_ad(!recv_writer_thread_active);
 		os_event_reset(buf_flush_event);
-		os_event_set(recv_sys->flush_start);
+		os_event_set(flush_start);
 	}
 
-	mutex_exit(&(recv_sys->mutex));
+	mutex_exit(&mutex);
 }
 
 /** Read a log segment to log_sys.buf.
@@ -992,12 +1001,12 @@ fail:
 		if (dl < LOG_BLOCK_HDR_SIZE
 		    || (dl != OS_FILE_LOG_BLOCK_SIZE
 			&& dl > log_sys.trailer_offset())) {
-			recv_sys->found_corrupt_log = true;
+			recv_sys.found_corrupt_log = true;
 			goto fail;
 		}
 	}
 
-	if (recv_sys->report(ut_time())) {
+	if (recv_sys.report(ut_time())) {
 		ib::info() << "Read redo log up to LSN=" << *start_lsn;
 		service_manager_extend_timeout(INNODB_EXTEND_TIMEOUT_INTERVAL,
 			"Read redo log up to LSN=" LSN_PF,
@@ -1022,7 +1031,7 @@ static
 void
 recv_synchronize_groups()
 {
-	const lsn_t recovered_lsn = recv_sys->recovered_lsn;
+	const lsn_t recovered_lsn = recv_sys.recovered_lsn;
 
 	/* Read the last recovered log block to the recovery system buffer:
 	the block is always incomplete */
@@ -1181,9 +1190,9 @@ static dberr_t recv_log_format_0_recover(lsn_t lsn, bool crypt)
 
 	/* Mark the redo log for upgrading. */
 	srv_log_file_size = 0;
-	recv_sys->parse_start_lsn = recv_sys->recovered_lsn
-		= recv_sys->scanned_lsn
-		= recv_sys->mlog_checkpoint_lsn = lsn;
+	recv_sys.parse_start_lsn = recv_sys.recovered_lsn
+		= recv_sys.scanned_lsn
+		= recv_sys.mlog_checkpoint_lsn = lsn;
 	log_sys.last_checkpoint_lsn = log_sys.next_checkpoint_lsn
 		= log_sys.lsn = log_sys.write_lsn
 		= log_sys.current_flush_lsn = log_sys.flushed_to_disk_lsn
@@ -1330,7 +1339,7 @@ recv_parse_or_apply_log_rec_body(
 	mtr_t*		mtr)
 {
 	ut_ad(!block == !mtr);
-	ut_ad(!apply || recv_sys->mlog_checkpoint_lsn != 0);
+	ut_ad(!apply || recv_sys.mlog_checkpoint_lsn);
 
 	switch (type) {
 	case MLOG_FILE_NAME:
@@ -1350,7 +1359,7 @@ recv_parse_or_apply_log_rec_body(
 	case MLOG_TRUNCATE:
 		ib::error() << "Cannot crash-upgrade from "
 			"old-style TRUNCATE TABLE";
-		recv_sys->found_corrupt_log = true;
+		recv_sys.found_corrupt_log = true;
 		return NULL;
 	default:
 		break;
@@ -1372,7 +1381,7 @@ recv_parse_or_apply_log_rec_body(
 	} else if (apply
 		   && !is_predefined_tablespace(space_id)
 		   && recv_spaces.find(space_id) == recv_spaces.end()) {
-		if (recv_sys->recovered_lsn < recv_sys->mlog_checkpoint_lsn) {
+		if (recv_sys.recovered_lsn < recv_sys.mlog_checkpoint_lsn) {
 			/* We have not seen all records between the
 			checkpoint and MLOG_CHECKPOINT. There should be
 			a MLOG_FILE_DELETE for this tablespace later. */
@@ -1385,8 +1394,8 @@ recv_parse_or_apply_log_rec_body(
 		ib::error() << "Missing MLOG_FILE_NAME or MLOG_FILE_DELETE"
 			" for redo log record " << type << " (page "
 			    << space_id << ":" << page_no << ") at "
-			    << recv_sys->recovered_lsn << ".";
-		recv_sys->found_corrupt_log = true;
+			    << recv_sys.recovered_lsn << ".";
+		recv_sys.found_corrupt_log = true;
 		return(NULL);
 	} else {
 parse_log:
@@ -1727,7 +1736,7 @@ parse_log:
 		ptr = const_cast(fil_parse_write_crypt_data(ptr, end_ptr, &err));
 
 		if (err != DB_SUCCESS) {
-			recv_sys->found_corrupt_log = TRUE;
+			recv_sys.found_corrupt_log = TRUE;
 		}
 		break;
 	default:
@@ -1735,7 +1744,7 @@ parse_log:
 		ib::error() << "Incorrect log record type "
 			<< ib::hex(unsigned(type));
 
-		recv_sys->found_corrupt_log = true;
+		recv_sys.found_corrupt_log = true;
 	}
 
 	if (index) {
@@ -1773,7 +1782,7 @@ recv_hash(
 	ulint	space,	/*!< in: space */
 	ulint	page_no)/*!< in: page number */
 {
-	return(hash_calc_hash(recv_fold(space, page_no), recv_sys->addr_hash));
+	return(hash_calc_hash(recv_fold(space, page_no), recv_sys.addr_hash));
 }
 
 /*********************************************************************//**
@@ -1786,12 +1795,12 @@ recv_get_fil_addr_struct(
 	ulint	space,	/*!< in: space id */
 	ulint	page_no)/*!< in: page number */
 {
-	ut_ad(mutex_own(&recv_sys->mutex));
+	ut_ad(mutex_own(&recv_sys.mutex));
 
 	recv_addr_t*	recv_addr;
 
 	for (recv_addr = static_cast(
-			HASH_GET_FIRST(recv_sys->addr_hash,
+			HASH_GET_FIRST(recv_sys.addr_hash,
 				       recv_hash(space, page_no)));
 	     recv_addr != 0;
 	     recv_addr = static_cast(
@@ -1807,26 +1816,18 @@ recv_get_fil_addr_struct(
 	return(NULL);
 }
 
-/*******************************************************************//**
-Adds a new log record to the hash table of log records. */
-static
-void
-recv_add_to_hash_table(
-/*===================*/
-	mlog_id_t	type,		/*!< in: log record type */
-	ulint		space,		/*!< in: space id */
-	ulint		page_no,	/*!< in: page number */
-	byte*		body,		/*!< in: log record body */
-	byte*		rec_end,	/*!< in: log record end */
-	lsn_t		start_lsn,	/*!< in: start lsn of the mtr */
-	lsn_t		end_lsn)	/*!< in: end lsn of the mtr */
+/** Store a redo log record for applying.
+@param type	record type
+@param space	tablespace identifier
+@param page_no	page number
+@param body	record body
+@param rec_end	end of record
+@param lsn	start LSN of the mini-transaction
+@param end_lsn	end LSN of the mini-transaction */
+inline void recv_sys_t::add(mlog_id_t type, ulint space, ulint page_no,
+			    byte* body, byte* rec_end, lsn_t lsn,
+			    lsn_t end_lsn)
 {
-	recv_t*		recv;
-	ulint		len;
-	recv_data_t*	recv_data;
-	recv_data_t**	prev_field;
-	recv_addr_t*	recv_addr;
-
 	ut_ad(type != MLOG_FILE_DELETE);
 	ut_ad(type != MLOG_FILE_CREATE2);
 	ut_ad(type != MLOG_FILE_RENAME2);
@@ -1836,21 +1837,18 @@ recv_add_to_hash_table(
 	ut_ad(type != MLOG_INDEX_LOAD);
 	ut_ad(type != MLOG_TRUNCATE);
 
-	len = ulint(rec_end - body);
-
-	recv = static_cast(
-		mem_heap_alloc(recv_sys->heap, sizeof(recv_t)));
+	recv_t* recv= static_cast(mem_heap_alloc(heap, sizeof *recv));
 
 	recv->type = type;
 	recv->len = ulint(rec_end - body);
-	recv->start_lsn = start_lsn;
+	recv->start_lsn = lsn;
 	recv->end_lsn = end_lsn;
 
-	recv_addr = recv_get_fil_addr_struct(space, page_no);
+	recv_addr_t* recv_addr = recv_get_fil_addr_struct(space, page_no);
 
 	if (recv_addr == NULL) {
 		recv_addr = static_cast(
-			mem_heap_alloc(recv_sys->heap, sizeof(recv_addr_t)));
+			mem_heap_alloc(heap, sizeof(recv_addr_t)));
 
 		recv_addr->space = space;
 		recv_addr->page_no = page_no;
@@ -1858,9 +1856,9 @@ recv_add_to_hash_table(
 
 		UT_LIST_INIT(recv_addr->rec_list, &recv_t::rec_list);
 
-		HASH_INSERT(recv_addr_t, addr_hash, recv_sys->addr_hash,
+		HASH_INSERT(recv_addr_t, addr_hash, addr_hash,
 			    recv_fold(space, page_no), recv_addr);
-		recv_sys->n_addrs++;
+		n_addrs++;
 	}
 
 	switch (type) {
@@ -1871,38 +1869,36 @@ recv_add_to_hash_table(
 		ut_ad(recv_addr->state == RECV_NOT_PROCESSED
 		      || recv_addr->state == RECV_WILL_NOT_READ);
 		recv_addr->state = RECV_WILL_NOT_READ;
-		mlog_init.add(space, page_no, start_lsn);
+		mlog_init.add(space, page_no, lsn);
 	default:
 		break;
 	}
 
 	UT_LIST_ADD_LAST(recv_addr->rec_list, recv);
 
-	prev_field = &(recv->data);
+	recv_data_t** prev_field = &recv->data;
 
 	/* Store the log record body in chunks of less than srv_page_size:
-	recv_sys->heap grows into the buffer pool, and bigger chunks could not
+	heap grows into the buffer pool, and bigger chunks could not
 	be allocated */
 
 	while (rec_end > body) {
+		ulint rec_len = ulint(rec_end - body);
 
-		len = ulint(rec_end - body);
-
-		if (len > RECV_DATA_BLOCK_SIZE) {
-			len = RECV_DATA_BLOCK_SIZE;
+		if (rec_len > RECV_DATA_BLOCK_SIZE) {
+			rec_len = RECV_DATA_BLOCK_SIZE;
 		}
 
-		recv_data = static_cast(
-			mem_heap_alloc(recv_sys->heap,
-				       sizeof(recv_data_t) + len));
+		recv_data_t* recv_data = static_cast(
+			mem_heap_alloc(heap, sizeof(recv_data_t) + rec_len));
 
 		*prev_field = recv_data;
 
-		memcpy(recv_data + 1, body, len);
+		memcpy(recv_data + 1, body, rec_len);
 
-		prev_field = &(recv_data->next);
+		prev_field = &recv_data->next;
 
-		body += len;
+		body += rec_len;
 	}
 
 	*prev_field = NULL;
@@ -1953,8 +1949,8 @@ static void recv_recover_page(buf_block_t* block, mtr_t& mtr,
 	page_t*		page;
 	page_zip_des_t*	page_zip;
 
-	ut_ad(mutex_own(&recv_sys->mutex));
-	ut_ad(recv_sys->apply_log_recs);
+	ut_ad(mutex_own(&recv_sys.mutex));
+	ut_ad(recv_sys.apply_log_recs);
 	ut_ad(recv_needed_recovery);
 	ut_ad(recv_addr->state != RECV_BEING_PROCESSED);
 	ut_ad(recv_addr->state != RECV_PROCESSED);
@@ -1969,7 +1965,7 @@ static void recv_recover_page(buf_block_t* block, mtr_t& mtr,
 	DBUG_LOG("ib_log", "Applying log to page " << block->page.id);
 
 	recv_addr->state = RECV_BEING_PROCESSED;
-	mutex_exit(&recv_sys->mutex);
+	mutex_exit(&recv_sys.mutex);
 
 	page = block->frame;
 	page_zip = buf_block_get_page_zip(block);
@@ -2085,7 +2081,7 @@ static void recv_recover_page(buf_block_t* block, mtr_t& mtr,
 
 	ib_time_t time = ut_time();
 
-	mutex_enter(&recv_sys->mutex);
+	mutex_enter(&recv_sys.mutex);
 
 	if (recv_max_page_lsn < page_lsn) {
 		recv_max_page_lsn = page_lsn;
@@ -2094,9 +2090,9 @@ static void recv_recover_page(buf_block_t* block, mtr_t& mtr,
 	ut_ad(recv_addr->state == RECV_BEING_PROCESSED);
 	recv_addr->state = RECV_PROCESSED;
 
-	ut_a(recv_sys->n_addrs > 0);
-	if (ulint n = --recv_sys->n_addrs) {
-		if (recv_sys->report(time)) {
+	ut_a(recv_sys.n_addrs > 0);
+	if (ulint n = --recv_sys.n_addrs) {
+		if (recv_sys.report(time)) {
 			ib::info() << "To recover: " << n << " pages from log";
 			service_manager_extend_timeout(
 				INNODB_EXTEND_TIMEOUT_INTERVAL, "To recover: " ULINTPF " pages from log", n);
@@ -2126,8 +2122,8 @@ void recv_recover_page(buf_page_t* bpage)
 		__FILE__, __LINE__, &mtr);
 	ut_a(success);
 
-	mutex_enter(&recv_sys->mutex);
-	if (!recv_sys->apply_log_recs) {
+	mutex_enter(&recv_sys.mutex);
+	if (!recv_sys.apply_log_recs) {
 	} else if (recv_addr_t* recv_addr = recv_get_fil_addr_struct(
 			   bpage->id.space(), bpage->id.page_no())) {
 		switch (recv_addr->state) {
@@ -2142,7 +2138,7 @@ void recv_recover_page(buf_page_t* bpage)
 
 	mtr.commit();
 func_exit:
-	mutex_exit(&recv_sys->mutex);
+	mutex_exit(&recv_sys.mutex);
 	ut_ad(mtr.has_committed());
 }
 
@@ -2168,10 +2164,10 @@ static void recv_read_in_area(const page_id_t page_id)
 		}
 	}
 
-	mutex_exit(&recv_sys->mutex);
+	mutex_exit(&recv_sys.mutex);
 	buf_read_recv_pages(FALSE, page_id.space(), page_nos,
 			    ulint(p - page_nos));
-	mutex_enter(&recv_sys->mutex);
+	mutex_enter(&recv_sys.mutex);
 }
 
 /** Apply the hash table of stored log records to persistent data pages.
@@ -2183,18 +2179,18 @@ void recv_apply_hashed_log_recs(bool last_batch)
 	      || srv_operation == SRV_OPERATION_RESTORE
 	      || srv_operation == SRV_OPERATION_RESTORE_EXPORT);
 
-	mutex_enter(&recv_sys->mutex);
+	mutex_enter(&recv_sys.mutex);
 
-	while (recv_sys->apply_batch_on) {
-		bool abort = recv_sys->found_corrupt_log;
-		mutex_exit(&recv_sys->mutex);
+	while (recv_sys.apply_batch_on) {
+		bool abort = recv_sys.found_corrupt_log;
+		mutex_exit(&recv_sys.mutex);
 
 		if (abort) {
 			return;
 		}
 
 		os_thread_sleep(500000);
-		mutex_enter(&recv_sys->mutex);
+		mutex_enter(&recv_sys.mutex);
 	}
 
 	ut_ad(!last_batch == log_mutex_own());
@@ -2205,15 +2201,15 @@ void recv_apply_hashed_log_recs(bool last_batch)
 
 	ut_d(recv_no_log_write = recv_no_ibuf_operations);
 
-	if (ulint n = recv_sys->n_addrs) {
+	if (ulint n = recv_sys.n_addrs) {
 		if (!log_sys.log.subformat && !srv_force_recovery
 		    && srv_undo_tablespaces_open) {
 			ib::error() << "Recovery of separately logged"
 				" TRUNCATE operations is no longer supported."
 				" Set innodb_force_recovery=1"
 				" if no *trunc.log files exist";
-			recv_sys->found_corrupt_log = true;
-			mutex_exit(&recv_sys->mutex);
+			recv_sys.found_corrupt_log = true;
+			mutex_exit(&recv_sys.mutex);
 			return;
 		}
 
@@ -2224,11 +2220,11 @@ void recv_apply_hashed_log_recs(bool last_batch)
 		sd_notifyf(0, "STATUS=%s" ULINTPF " pages from redo log",
 			   msg, n);
 	}
-	recv_sys->apply_log_recs = TRUE;
-	recv_sys->apply_batch_on = TRUE;
+	recv_sys.apply_log_recs = true;
+	recv_sys.apply_batch_on = true;
 
 	for (ulint id = srv_undo_tablespaces_open; id--; ) {
-		recv_sys_t::trunc& t = recv_sys->truncated_undo_spaces[id];
+		recv_sys_t::trunc& t = recv_sys.truncated_undo_spaces[id];
 		if (t.lsn) {
 			recv_addr_trim(id + srv_undo_space_id_start, t.pages,
 				       t.lsn);
@@ -2237,16 +2233,16 @@ void recv_apply_hashed_log_recs(bool last_batch)
 
 	mtr_t mtr;
 
-	for (ulint i = 0; i < hash_get_n_cells(recv_sys->addr_hash); i++) {
+	for (ulint i = 0; i < hash_get_n_cells(recv_sys.addr_hash); i++) {
 		for (recv_addr_t* recv_addr = static_cast(
-			     HASH_GET_FIRST(recv_sys->addr_hash, i));
+			     HASH_GET_FIRST(recv_sys.addr_hash, i));
 		     recv_addr;
 		     recv_addr = static_cast(
 				HASH_GET_NEXT(addr_hash, recv_addr))) {
 			if (!UT_LIST_GET_LEN(recv_addr->rec_list)) {
 ignore:
-				ut_a(recv_sys->n_addrs);
-				recv_sys->n_addrs--;
+				ut_a(recv_sys.n_addrs);
+				recv_sys.n_addrs--;
 				continue;
 			}
 
@@ -2361,16 +2357,16 @@ do_read:
 
 	/* Wait until all the pages have been processed */
 
-	while (recv_sys->n_addrs != 0) {
-		const bool abort = recv_sys->found_corrupt_log
-			|| recv_sys->found_corrupt_fs;
+	while (recv_sys.n_addrs != 0) {
+		const bool abort = recv_sys.found_corrupt_log
+			|| recv_sys.found_corrupt_fs;
 
-		if (recv_sys->found_corrupt_fs && !srv_force_recovery) {
+		if (recv_sys.found_corrupt_fs && !srv_force_recovery) {
 			ib::info() << "Set innodb_force_recovery=1"
 				" to ignore corrupted pages.";
 		}
 
-		mutex_exit(&(recv_sys->mutex));
+		mutex_exit(&(recv_sys.mutex));
 
 		if (abort) {
 			return;
@@ -2378,47 +2374,47 @@ do_read:
 
 		os_thread_sleep(500000);
 
-		mutex_enter(&(recv_sys->mutex));
+		mutex_enter(&(recv_sys.mutex));
 	}
 
 	if (!last_batch) {
 		/* Flush all the file pages to disk and invalidate them in
 		the buffer pool */
 
-		mutex_exit(&(recv_sys->mutex));
+		mutex_exit(&(recv_sys.mutex));
 		log_mutex_exit();
 
 		/* Stop the recv_writer thread from issuing any LRU
 		flush batches. */
-		mutex_enter(&recv_sys->writer_mutex);
+		mutex_enter(&recv_sys.writer_mutex);
 
 		/* Wait for any currently run batch to end. */
 		buf_flush_wait_LRU_batch_end();
 
-		os_event_reset(recv_sys->flush_end);
-		recv_sys->flush_type = BUF_FLUSH_LIST;
-		os_event_set(recv_sys->flush_start);
-		os_event_wait(recv_sys->flush_end);
+		os_event_reset(recv_sys.flush_end);
+		recv_sys.flush_type = BUF_FLUSH_LIST;
+		os_event_set(recv_sys.flush_start);
+		os_event_wait(recv_sys.flush_end);
 
 		buf_pool_invalidate();
 
 		/* Allow batches from recv_writer thread. */
-		mutex_exit(&recv_sys->writer_mutex);
+		mutex_exit(&recv_sys.writer_mutex);
 
 		log_mutex_enter();
-		mutex_enter(&(recv_sys->mutex));
+		mutex_enter(&(recv_sys.mutex));
 		mlog_init.reset();
 	} else if (!recv_no_ibuf_operations) {
 		/* We skipped this in buf_page_create(). */
 		mlog_init.ibuf_merge(mtr);
 	}
 
-	recv_sys->apply_log_recs = FALSE;
-	recv_sys->apply_batch_on = FALSE;
+	recv_sys.apply_log_recs = false;
+	recv_sys.apply_batch_on = false;
 
-	recv_sys_empty_hash();
+	recv_sys.empty();
 
-	mutex_exit(&recv_sys->mutex);
+	mutex_exit(&recv_sys.mutex);
 }
 
 /** Tries to parse a single log record.
@@ -2464,7 +2460,7 @@ recv_parse_log_rec(
 		if (new_ptr != NULL) {
 			const lsn_t	lsn = static_cast(
 				*space) << 32 | *page_no;
-			ut_a(lsn == recv_sys->recovered_lsn);
+			ut_a(lsn == recv_sys.recovered_lsn);
 		}
 
 		*type = MLOG_LSN;
@@ -2485,7 +2481,7 @@ recv_parse_log_rec(
 	case MLOG_CHECKPOINT | MLOG_SINGLE_REC_FLAG:
 		ib::error() << "Incorrect log record type "
 			<< ib::hex(unsigned(*ptr));
-		recv_sys->found_corrupt_log = true;
+		recv_sys.found_corrupt_log = true;
 		return(0);
 	}
 
@@ -2515,7 +2511,7 @@ recv_parse_log_rec(
 
 		recv_spaces_t::iterator it = recv_spaces.find(*space);
 
-		ut_ad(!recv_sys->mlog_checkpoint_lsn
+		ut_ad(!recv_sys.mlog_checkpoint_lsn
 		      || *space == TRX_SYS_SPACE
 		      || srv_is_undo_tablespace(*space)
 		      || it != recv_spaces.end());
@@ -2567,28 +2563,28 @@ recv_report_corrupt_log(
 	ib::error() <<
 		"############### CORRUPT LOG RECORD FOUND ##################";
 
-	const ulint ptr_offset = ulint(ptr - recv_sys->buf);
+	const ulint ptr_offset = ulint(ptr - recv_sys.buf);
 
 	ib::info() << "Log record type " << type << ", page " << space << ":"
 		<< page_no << ". Log parsing proceeded successfully up to "
-		<< recv_sys->recovered_lsn << ". Previous log record type "
+		<< recv_sys.recovered_lsn << ". Previous log record type "
 		<< recv_previous_parsed_rec_type << ", is multi "
 		<< recv_previous_parsed_rec_is_multi << " Recv offset "
 		<< ptr_offset << ", prev "
 		<< recv_previous_parsed_rec_offset;
 
-	ut_ad(ptr <= recv_sys->buf + recv_sys->len);
+	ut_ad(ptr <= recv_sys.buf + recv_sys.len);
 
 	const ulint	limit	= 100;
 	const ulint	prev_offset = std::min(recv_previous_parsed_rec_offset,
 					       ptr_offset);
 	const ulint	before = std::min(prev_offset, limit);
-	const ulint	after = std::min(recv_sys->len - ptr_offset, limit);
+	const ulint	after = std::min(recv_sys.len - ptr_offset, limit);
 
 	ib::info() << "Hex dump starting " << before << " bytes before and"
 		" ending " << after << " bytes after the corrupted record:";
 
-	const byte* start = recv_sys->buf + prev_offset - before;
+	const byte* start = recv_sys.buf + prev_offset - before;
 
 	ut_print_buf(stderr, start, ulint(ptr - start) + after);
 	putc('\n', stderr);
@@ -2644,12 +2640,12 @@ bool recv_parse_log_recs(lsn_t checkpoint_lsn, store_t store, bool apply)
 	byte*		body;
 
 	ut_ad(log_mutex_own());
-	ut_ad(mutex_own(&recv_sys->mutex));
-	ut_ad(recv_sys->parse_start_lsn != 0);
+	ut_ad(mutex_own(&recv_sys.mutex));
+	ut_ad(recv_sys.parse_start_lsn != 0);
 loop:
-	ptr = recv_sys->buf + recv_sys->recovered_offset;
+	ptr = recv_sys.buf + recv_sys.recovered_offset;
 
-	end_ptr = recv_sys->buf + recv_sys->len;
+	end_ptr = recv_sys.buf + recv_sys.len;
 
 	if (ptr == end_ptr) {
 
@@ -2671,7 +2667,7 @@ loop:
 	if (single_rec) {
 		/* The mtr did not modify multiple pages */
 
-		old_lsn = recv_sys->recovered_lsn;
+		old_lsn = recv_sys.recovered_lsn;
 
 		/* Try to parse a log record, fetching its type, space id,
 		page no, and a pointer to the body of the log record */
@@ -2679,12 +2675,12 @@ loop:
 		len = recv_parse_log_rec(&type, ptr, end_ptr, &space,
 					 &page_no, apply, &body);
 
-		if (recv_sys->found_corrupt_log) {
+		if (recv_sys.found_corrupt_log) {
 			recv_report_corrupt_log(ptr, type, space, page_no);
 			return(true);
 		}
 
-		if (recv_sys->found_corrupt_fs) {
+		if (recv_sys.found_corrupt_fs) {
 			return(true);
 		}
 
@@ -2694,7 +2690,7 @@ loop:
 
 		new_recovered_lsn = recv_calc_lsn_on_data_add(old_lsn, len);
 
-		if (new_recovered_lsn > recv_sys->scanned_lsn) {
+		if (new_recovered_lsn > recv_sys.scanned_lsn) {
 			/* The log record filled a log block, and we require
 			that also the next log block should have been scanned
 			in */
@@ -2703,11 +2699,11 @@ loop:
 		}
 
 		recv_previous_parsed_rec_type = type;
-		recv_previous_parsed_rec_offset = recv_sys->recovered_offset;
+		recv_previous_parsed_rec_offset = recv_sys.recovered_offset;
 		recv_previous_parsed_rec_is_multi = 0;
 
-		recv_sys->recovered_offset += len;
-		recv_sys->recovered_lsn = new_recovered_lsn;
+		recv_sys.recovered_offset += len;
+		recv_sys.recovered_lsn = new_recovered_lsn;
 
 		switch (type) {
 			lsn_t	lsn;
@@ -2723,9 +2719,9 @@ loop:
 					"MLOG_CHECKPOINT(" LSN_PF ") %s at "
 					LSN_PF "\n", lsn,
 					lsn != checkpoint_lsn ? "ignored"
-					: recv_sys->mlog_checkpoint_lsn
+					: recv_sys.mlog_checkpoint_lsn
 					? "reread" : "read",
-					recv_sys->recovered_lsn);
+					recv_sys.recovered_lsn);
 			}
 
 			DBUG_PRINT("ib_log",
@@ -2733,18 +2729,18 @@ loop:
 				    LSN_PF,
 				    lsn,
 				    lsn != checkpoint_lsn ? "ignored"
-				    : recv_sys->mlog_checkpoint_lsn
+				    : recv_sys.mlog_checkpoint_lsn
 				    ? "reread" : "read",
-				    recv_sys->recovered_lsn));
+				    recv_sys.recovered_lsn));
 
 			if (lsn == checkpoint_lsn) {
-				if (recv_sys->mlog_checkpoint_lsn) {
-					ut_ad(recv_sys->mlog_checkpoint_lsn
-					      <= recv_sys->recovered_lsn);
+				if (recv_sys.mlog_checkpoint_lsn) {
+					ut_ad(recv_sys.mlog_checkpoint_lsn
+					      <= recv_sys.recovered_lsn);
 					break;
 				}
-				recv_sys->mlog_checkpoint_lsn
-					= recv_sys->recovered_lsn;
+				recv_sys.mlog_checkpoint_lsn
+					= recv_sys.recovered_lsn;
 				return(true);
 			}
 			break;
@@ -2766,10 +2762,10 @@ loop:
 				}
 				/* fall through */
 			case STORE_YES:
-				recv_add_to_hash_table(
+				recv_sys.add(
 					type, space, page_no, body,
 					ptr + len, old_lsn,
-					recv_sys->recovered_lsn);
+					recv_sys.recovered_lsn);
 			}
 			/* fall through */
 		case MLOG_INDEX_LOAD:
@@ -2806,7 +2802,7 @@ loop:
 				&type, ptr, end_ptr, &space, &page_no,
 				false, &body);
 
-			if (recv_sys->found_corrupt_log) {
+			if (recv_sys.found_corrupt_log) {
 corrupted_log:
 				recv_report_corrupt_log(
 					ptr, type, space, page_no);
@@ -2816,11 +2812,11 @@ corrupted_log:
 			if (ptr == end_ptr) {
 			} else if (type == MLOG_CHECKPOINT
 				   || (*ptr & MLOG_SINGLE_REC_FLAG)) {
-				recv_sys->found_corrupt_log = true;
+				recv_sys.found_corrupt_log = true;
 				goto corrupted_log;
 			}
 
-			if (recv_sys->found_corrupt_fs) {
+			if (recv_sys.found_corrupt_fs) {
 				return(true);
 			}
 
@@ -2830,7 +2826,7 @@ corrupted_log:
 
 			recv_previous_parsed_rec_type = type;
 			recv_previous_parsed_rec_offset
-				= recv_sys->recovered_offset + total_len;
+				= recv_sys.recovered_offset + total_len;
 			recv_previous_parsed_rec_is_multi = 1;
 
 			/* MLOG_FILE_NAME redo log records doesn't make changes
@@ -2843,10 +2839,10 @@ corrupted_log:
 
 			if (only_mlog_file) {
 				new_recovered_lsn = recv_calc_lsn_on_data_add(
-					recv_sys->recovered_lsn, len);
+					recv_sys.recovered_lsn, len);
 				mlog_rec_len += len;
-				recv_sys->recovered_offset += len;
-				recv_sys->recovered_lsn = new_recovered_lsn;
+				recv_sys.recovered_offset += len;
+				recv_sys.recovered_lsn = new_recovered_lsn;
 			}
 
 			total_len += len;
@@ -2860,7 +2856,7 @@ corrupted_log:
 					    ": multi-log end"
 					    " total_len " ULINTPF
 					    " n=" ULINTPF,
-					    recv_sys->recovered_lsn,
+					    recv_sys.recovered_lsn,
 					    total_len, n_recs));
 				total_len -= mlog_rec_len;
 				break;
@@ -2870,14 +2866,14 @@ corrupted_log:
 				   ("scan " LSN_PF ": multi-log rec %s"
 				    " len " ULINTPF
 				    " page " ULINTPF ":" ULINTPF,
-				    recv_sys->recovered_lsn,
+				    recv_sys.recovered_lsn,
 				    get_mlog_string(type), len, space, page_no));
 		}
 
 		new_recovered_lsn = recv_calc_lsn_on_data_add(
-			recv_sys->recovered_lsn, total_len);
+			recv_sys.recovered_lsn, total_len);
 
-		if (new_recovered_lsn > recv_sys->scanned_lsn) {
+		if (new_recovered_lsn > recv_sys.scanned_lsn) {
 			/* The log record filled a log block, and we require
 			that also the next log block should have been scanned
 			in */
@@ -2887,10 +2883,10 @@ corrupted_log:
 
 		/* Add all the records to the hash table */
 
-		ptr = recv_sys->buf + recv_sys->recovered_offset;
+		ptr = recv_sys.buf + recv_sys.recovered_offset;
 
 		for (;;) {
-			old_lsn = recv_sys->recovered_lsn;
+			old_lsn = recv_sys.recovered_lsn;
 			/* This will apply MLOG_FILE_ records. We
 			had to skip them in the first scan, because we
 			did not know if the mini-transaction was
@@ -2899,21 +2895,21 @@ corrupted_log:
 				&type, ptr, end_ptr, &space, &page_no,
 				apply, &body);
 
-			if (recv_sys->found_corrupt_log
+			if (recv_sys.found_corrupt_log
 			    && !recv_report_corrupt_log(
 				    ptr, type, space, page_no)) {
 				return(true);
 			}
 
-			if (recv_sys->found_corrupt_fs) {
+			if (recv_sys.found_corrupt_fs) {
 				return(true);
 			}
 
 			ut_a(len != 0);
 			ut_a(!(*ptr & MLOG_SINGLE_REC_FLAG));
 
-			recv_sys->recovered_offset += len;
-			recv_sys->recovered_lsn
+			recv_sys.recovered_offset += len;
+			recv_sys.recovered_lsn
 				= recv_calc_lsn_on_data_add(old_lsn, len);
 
 			switch (type) {
@@ -2950,7 +2946,7 @@ corrupted_log:
 					}
 					/* fall through */
 				case STORE_YES:
-					recv_add_to_hash_table(
+					recv_sys.add(
 						type, space, page_no,
 						body, ptr + len,
 						old_lsn,
@@ -2966,7 +2962,7 @@ corrupted_log:
 }
 
 /** Adds data from a new log block to the parsing buffer of recv_sys if
-recv_sys->parse_start_lsn is non-zero.
+recv_sys.parse_start_lsn is non-zero.
 @param[in]	log_block	log block to add
 @param[in]	scanned_lsn	lsn of how far we were able to find
 				data in this log block
@@ -2978,9 +2974,9 @@ bool recv_sys_add_to_parsing_buf(const byte* log_block, lsn_t scanned_lsn)
 	ulint	start_offset;
 	ulint	end_offset;
 
-	ut_ad(scanned_lsn >= recv_sys->scanned_lsn);
+	ut_ad(scanned_lsn >= recv_sys.scanned_lsn);
 
-	if (!recv_sys->parse_start_lsn) {
+	if (!recv_sys.parse_start_lsn) {
 		/* Cannot start parsing yet because no start point for
 		it found */
 
@@ -2989,18 +2985,18 @@ bool recv_sys_add_to_parsing_buf(const byte* log_block, lsn_t scanned_lsn)
 
 	data_len = log_block_get_data_len(log_block);
 
-	if (recv_sys->parse_start_lsn >= scanned_lsn) {
+	if (recv_sys.parse_start_lsn >= scanned_lsn) {
 
 		return(false);
 
-	} else if (recv_sys->scanned_lsn >= scanned_lsn) {
+	} else if (recv_sys.scanned_lsn >= scanned_lsn) {
 
 		return(false);
 
-	} else if (recv_sys->parse_start_lsn > recv_sys->scanned_lsn) {
-		more_len = (ulint) (scanned_lsn - recv_sys->parse_start_lsn);
+	} else if (recv_sys.parse_start_lsn > recv_sys.scanned_lsn) {
+		more_len = (ulint) (scanned_lsn - recv_sys.parse_start_lsn);
 	} else {
-		more_len = (ulint) (scanned_lsn - recv_sys->scanned_lsn);
+		more_len = (ulint) (scanned_lsn - recv_sys.scanned_lsn);
 	}
 
 	if (more_len == 0) {
@@ -3021,12 +3017,12 @@ bool recv_sys_add_to_parsing_buf(const byte* log_block, lsn_t scanned_lsn)
 	ut_ad(start_offset <= end_offset);
 
 	if (start_offset < end_offset) {
-		ut_memcpy(recv_sys->buf + recv_sys->len,
+		ut_memcpy(recv_sys.buf + recv_sys.len,
 			  log_block + start_offset, end_offset - start_offset);
 
-		recv_sys->len += end_offset - start_offset;
+		recv_sys.len += end_offset - start_offset;
 
-		ut_a(recv_sys->len <= RECV_PARSING_BUF_SIZE);
+		ut_a(recv_sys.len <= RECV_PARSING_BUF_SIZE);
 	}
 
 	return(true);
@@ -3035,12 +3031,12 @@ bool recv_sys_add_to_parsing_buf(const byte* log_block, lsn_t scanned_lsn)
 /** Moves the parsing buffer data left to the buffer start. */
 void recv_sys_justify_left_parsing_buf()
 {
-	ut_memmove(recv_sys->buf, recv_sys->buf + recv_sys->recovered_offset,
-		   recv_sys->len - recv_sys->recovered_offset);
+	ut_memmove(recv_sys.buf, recv_sys.buf + recv_sys.recovered_offset,
+		   recv_sys.len - recv_sys.recovered_offset);
 
-	recv_sys->len -= recv_sys->recovered_offset;
+	recv_sys.len -= recv_sys.recovered_offset;
 
-	recv_sys->recovered_offset = 0;
+	recv_sys.recovered_offset = 0;
 }
 
 /** Scan redo log from a buffer and stores new log data to the parsing buffer.
@@ -3071,7 +3067,7 @@ recv_scan_log_recs(
 	bool		finished	= false;
 	ulint		data_len;
 	bool		more_data	= false;
-	bool		apply		= recv_sys->mlog_checkpoint_lsn != 0;
+	bool		apply		= recv_sys.mlog_checkpoint_lsn != 0;
 	ulint		recv_parsing_buf_size = RECV_PARSING_BUF_SIZE;
 
 	ut_ad(start_lsn % OS_FILE_LOG_BLOCK_SIZE == 0);
@@ -3099,10 +3095,10 @@ recv_scan_log_recs(
 
 		data_len = log_block_get_data_len(log_block);
 
-		if (scanned_lsn + data_len > recv_sys->scanned_lsn
+		if (scanned_lsn + data_len > recv_sys.scanned_lsn
 		    && log_block_get_checkpoint_no(log_block)
-		    < recv_sys->scanned_checkpoint_no
-		    && (recv_sys->scanned_checkpoint_no
+		    < recv_sys.scanned_checkpoint_no
+		    && (recv_sys.scanned_checkpoint_no
 			- log_block_get_checkpoint_no(log_block)
 			> 0x80000000UL)) {
 
@@ -3112,16 +3108,16 @@ recv_scan_log_recs(
 			break;
 		}
 
-		if (!recv_sys->parse_start_lsn
+		if (!recv_sys.parse_start_lsn
 		    && (log_block_get_first_rec_group(log_block) > 0)) {
 
 			/* We found a point from which to start the parsing
 			of log records */
 
-			recv_sys->parse_start_lsn = scanned_lsn
+			recv_sys.parse_start_lsn = scanned_lsn
 				+ log_block_get_first_rec_group(log_block);
-			recv_sys->scanned_lsn = recv_sys->parse_start_lsn;
-			recv_sys->recovered_lsn = recv_sys->parse_start_lsn;
+			recv_sys.scanned_lsn = recv_sys.parse_start_lsn;
+			recv_sys.recovered_lsn = recv_sys.parse_start_lsn;
 		}
 
 		scanned_lsn += data_len;
@@ -3132,17 +3128,17 @@ recv_scan_log_recs(
 		    && checkpoint_lsn == mach_read_from_8(LOG_BLOCK_HDR_SIZE
 							  + 1 + log_block)) {
 			/* The redo log is logically empty. */
-			ut_ad(recv_sys->mlog_checkpoint_lsn == 0
-			      || recv_sys->mlog_checkpoint_lsn
+			ut_ad(recv_sys.mlog_checkpoint_lsn == 0
+			      || recv_sys.mlog_checkpoint_lsn
 			      == checkpoint_lsn);
-			recv_sys->mlog_checkpoint_lsn = checkpoint_lsn;
+			recv_sys.mlog_checkpoint_lsn = checkpoint_lsn;
 			DBUG_PRINT("ib_log", ("found empty log; LSN=" LSN_PF,
 					      scanned_lsn));
 			finished = true;
 			break;
 		}
 
-		if (scanned_lsn > recv_sys->scanned_lsn) {
+		if (scanned_lsn > recv_sys.scanned_lsn) {
 			ut_ad(!srv_log_files_created);
 			if (!recv_needed_recovery) {
 				recv_needed_recovery = true;
@@ -3155,7 +3151,7 @@ recv_scan_log_recs(
 
 				ib::info() << "Starting crash recovery from"
 					" checkpoint LSN="
-					<< recv_sys->scanned_lsn;
+					<< recv_sys.scanned_lsn;
 			}
 
 			/* We were able to find more log data: add it to the
@@ -3168,12 +3164,12 @@ recv_scan_log_recs(
 					= (70 * 1024);
 				);
 
-			if (recv_sys->len + 4 * OS_FILE_LOG_BLOCK_SIZE
+			if (recv_sys.len + 4 * OS_FILE_LOG_BLOCK_SIZE
 			    >= recv_parsing_buf_size) {
 				ib::error() << "Log parsing buffer overflow."
 					" Recovery may have failed!";
 
-				recv_sys->found_corrupt_log = true;
+				recv_sys.found_corrupt_log = true;
 
 				if (!srv_force_recovery) {
 					ib::error()
@@ -3181,13 +3177,13 @@ recv_scan_log_recs(
 						" to ignore this error.";
 					return(true);
 				}
-			} else if (!recv_sys->found_corrupt_log) {
+			} else if (!recv_sys.found_corrupt_log) {
 				more_data = recv_sys_add_to_parsing_buf(
 					log_block, scanned_lsn);
 			}
 
-			recv_sys->scanned_lsn = scanned_lsn;
-			recv_sys->scanned_checkpoint_no
+			recv_sys.scanned_lsn = scanned_lsn;
+			recv_sys.scanned_checkpoint_no
 				= log_block_get_checkpoint_no(log_block);
 		}
 
@@ -3202,33 +3198,33 @@ recv_scan_log_recs(
 
 	*group_scanned_lsn = scanned_lsn;
 
-	mutex_enter(&recv_sys->mutex);
+	mutex_enter(&recv_sys.mutex);
 
-	if (more_data && !recv_sys->found_corrupt_log) {
+	if (more_data && !recv_sys.found_corrupt_log) {
 		/* Try to parse more log records */
 
 		if (recv_parse_log_recs(checkpoint_lsn,
 					*store_to_hash, apply)) {
-			ut_ad(recv_sys->found_corrupt_log
-			      || recv_sys->found_corrupt_fs
-			      || recv_sys->mlog_checkpoint_lsn
-			      == recv_sys->recovered_lsn);
+			ut_ad(recv_sys.found_corrupt_log
+			      || recv_sys.found_corrupt_fs
+			      || recv_sys.mlog_checkpoint_lsn
+			      == recv_sys.recovered_lsn);
 			finished = true;
 			goto func_exit;
 		}
 
 		if (*store_to_hash != STORE_NO
-		    && mem_heap_get_size(recv_sys->heap) > available_memory) {
+		    && mem_heap_get_size(recv_sys.heap) > available_memory) {
 
 			DBUG_PRINT("ib_log", ("Ran out of memory and last "
 					      "stored lsn " LSN_PF,
-					      recv_sys->recovered_lsn));
+					      recv_sys.recovered_lsn));
 
-			recv_sys->last_stored_lsn = recv_sys->recovered_lsn;
+			recv_sys.last_stored_lsn = recv_sys.recovered_lsn;
 			*store_to_hash = STORE_NO;
 		}
 
-		if (recv_sys->recovered_offset > recv_parsing_buf_size / 4) {
+		if (recv_sys.recovered_offset > recv_parsing_buf_size / 4) {
 			/* Move parsing buffer data to the buffer start */
 
 			recv_sys_justify_left_parsing_buf();
@@ -3236,7 +3232,7 @@ recv_scan_log_recs(
 	}
 
 func_exit:
-	mutex_exit(&recv_sys->mutex);
+	mutex_exit(&recv_sys.mutex);
 	return(finished);
 }
 
@@ -3256,28 +3252,28 @@ recv_group_scan_log_recs(
 	bool		last_phase)
 {
 	DBUG_ENTER("recv_group_scan_log_recs");
-	DBUG_ASSERT(!last_phase || recv_sys->mlog_checkpoint_lsn > 0);
+	DBUG_ASSERT(!last_phase || recv_sys.mlog_checkpoint_lsn > 0);
 
-	mutex_enter(&recv_sys->mutex);
-	recv_sys->len = 0;
-	recv_sys->recovered_offset = 0;
-	recv_sys->n_addrs = 0;
-	recv_sys_empty_hash();
+	mutex_enter(&recv_sys.mutex);
+	recv_sys.len = 0;
+	recv_sys.recovered_offset = 0;
+	recv_sys.n_addrs = 0;
+	recv_sys.empty();
 	srv_start_lsn = *contiguous_lsn;
-	recv_sys->parse_start_lsn = *contiguous_lsn;
-	recv_sys->scanned_lsn = *contiguous_lsn;
-	recv_sys->recovered_lsn = *contiguous_lsn;
-	recv_sys->scanned_checkpoint_no = 0;
+	recv_sys.parse_start_lsn = *contiguous_lsn;
+	recv_sys.scanned_lsn = *contiguous_lsn;
+	recv_sys.recovered_lsn = *contiguous_lsn;
+	recv_sys.scanned_checkpoint_no = 0;
 	recv_previous_parsed_rec_type = MLOG_SINGLE_REC_FLAG;
 	recv_previous_parsed_rec_offset	= 0;
 	recv_previous_parsed_rec_is_multi = 0;
 	ut_ad(recv_max_page_lsn == 0);
 	ut_ad(last_phase || !recv_writer_thread_active);
-	mutex_exit(&recv_sys->mutex);
+	mutex_exit(&recv_sys.mutex);
 
 	lsn_t	start_lsn;
 	lsn_t	end_lsn;
-	store_t	store_to_hash	= recv_sys->mlog_checkpoint_lsn == 0
+	store_t	store_to_hash	= recv_sys.mlog_checkpoint_lsn == 0
 		? STORE_NO : (last_phase ? STORE_IF_EXISTS : STORE_YES);
 	ulint	available_mem	= srv_page_size
 		* (buf_pool_get_n_pages()
@@ -3307,7 +3303,7 @@ recv_group_scan_log_recs(
 			 start_lsn, end_lsn,
 			 contiguous_lsn, &log_sys.log.scanned_lsn));
 
-	if (recv_sys->found_corrupt_log || recv_sys->found_corrupt_fs) {
+	if (recv_sys.found_corrupt_log || recv_sys.found_corrupt_fs) {
 		DBUG_RETURN(false);
 	}
 
@@ -3369,9 +3365,9 @@ recv_validate_tablespace(bool rescan, bool& missing_tablespace)
 {
 	dberr_t err = DB_SUCCESS;
 
-	for (ulint h = 0; h < hash_get_n_cells(recv_sys->addr_hash); h++) {
+	for (ulint h = 0; h < hash_get_n_cells(recv_sys.addr_hash); h++) {
 		for (recv_addr_t* recv_addr = static_cast(
-			     HASH_GET_FIRST(recv_sys->addr_hash, h));
+			     HASH_GET_FIRST(recv_sys.addr_hash, h));
 		     recv_addr != 0;
 		     recv_addr = static_cast(
 			     HASH_GET_NEXT(addr_hash, recv_addr))) {
@@ -3404,7 +3400,7 @@ recv_validate_tablespace(bool rescan, bool& missing_tablespace)
 		return(err);
 	}
 
-	/* When rescan is not needed then recv_sys->addr_hash will have
+	/* When rescan is not needed then recv_sys.addr_hash will have
 	all space id belongs to redo log. If rescan is needed and
 	innodb_force_recovery > 0 then InnoDB can ignore missing tablespace. */
 	for (recv_spaces_t::iterator i = recv_spaces.begin();
@@ -3472,7 +3468,7 @@ recv_init_crash_recovery_spaces(bool rescan, bool& missing_tablespace)
 				" or MLOG_FILE_DELETE"
 				" before MLOG_CHECKPOINT for tablespace "
 				<< i->first;
-			recv_sys->found_corrupt_log = true;
+			recv_sys.found_corrupt_log = true;
 			return(DB_CORRUPTION);
 		} else {
 			i->second.status = file_name_t::MISSING;
@@ -3528,7 +3524,7 @@ recv_recovery_from_checkpoint_start(lsn_t flush_lsn)
 
 	if (err != DB_SUCCESS) {
 
-		srv_start_lsn = recv_sys->recovered_lsn = log_sys.lsn;
+		srv_start_lsn = recv_sys.recovered_lsn = log_sys.lsn;
 		log_mutex_exit();
 		return(err);
 	}
@@ -3543,14 +3539,14 @@ recv_recovery_from_checkpoint_start(lsn_t flush_lsn)
 	/* Start reading the log from the checkpoint lsn. The variable
 	contiguous_lsn contains an lsn up to which the log is known to
 	be contiguously written. */
-	recv_sys->mlog_checkpoint_lsn = 0;
+	recv_sys.mlog_checkpoint_lsn = 0;
 
 	ut_ad(RECV_SCAN_SIZE <= srv_log_buffer_size);
 
 	const lsn_t	end_lsn = mach_read_from_8(
 		buf + LOG_CHECKPOINT_END_LSN);
 
-	ut_ad(recv_sys->n_addrs == 0);
+	ut_ad(recv_sys.n_addrs == 0);
 	contiguous_lsn = checkpoint_lsn;
 	switch (log_sys.log.format) {
 	case 0:
@@ -3565,7 +3561,7 @@ recv_recovery_from_checkpoint_start(lsn_t flush_lsn)
 			contiguous_lsn = end_lsn;
 			break;
 		}
-		recv_sys->found_corrupt_log = true;
+		recv_sys.found_corrupt_log = true;
 		log_mutex_exit();
 		return(DB_ERROR);
 	}
@@ -3573,21 +3569,21 @@ recv_recovery_from_checkpoint_start(lsn_t flush_lsn)
 	/* Look for MLOG_CHECKPOINT. */
 	recv_group_scan_log_recs(checkpoint_lsn, &contiguous_lsn, false);
 	/* The first scan should not have stored or applied any records. */
-	ut_ad(recv_sys->n_addrs == 0);
-	ut_ad(!recv_sys->found_corrupt_fs);
+	ut_ad(recv_sys.n_addrs == 0);
+	ut_ad(!recv_sys.found_corrupt_fs);
 
 	if (srv_read_only_mode && recv_needed_recovery) {
 		log_mutex_exit();
 		return(DB_READ_ONLY);
 	}
 
-	if (recv_sys->found_corrupt_log && !srv_force_recovery) {
+	if (recv_sys.found_corrupt_log && !srv_force_recovery) {
 		log_mutex_exit();
 		ib::warn() << "Log scan aborted at LSN " << contiguous_lsn;
 		return(DB_ERROR);
 	}
 
-	if (recv_sys->mlog_checkpoint_lsn == 0) {
+	if (recv_sys.mlog_checkpoint_lsn == 0) {
 		lsn_t scan_lsn = log_sys.log.scanned_lsn;
 		if (!srv_read_only_mode && scan_lsn != checkpoint_lsn) {
 			log_mutex_exit();
@@ -3608,8 +3604,8 @@ recv_recovery_from_checkpoint_start(lsn_t flush_lsn)
 		rescan = recv_group_scan_log_recs(
 			checkpoint_lsn, &contiguous_lsn, false);
 
-		if ((recv_sys->found_corrupt_log && !srv_force_recovery)
-		    || recv_sys->found_corrupt_fs) {
+		if ((recv_sys.found_corrupt_log && !srv_force_recovery)
+		    || recv_sys.found_corrupt_fs) {
 			log_mutex_exit();
 			return(DB_ERROR);
 		}
@@ -3620,7 +3616,7 @@ recv_recovery_from_checkpoint_start(lsn_t flush_lsn)
 	user about recovery: */
 
 	if (flush_lsn == checkpoint_lsn + SIZE_OF_MLOG_CHECKPOINT
-	    && recv_sys->mlog_checkpoint_lsn == checkpoint_lsn) {
+	    && recv_sys.mlog_checkpoint_lsn == checkpoint_lsn) {
 		/* The redo log is logically empty. */
 	} else if (checkpoint_lsn != flush_lsn) {
 		ut_ad(!srv_log_files_created);
@@ -3652,7 +3648,7 @@ recv_recovery_from_checkpoint_start(lsn_t flush_lsn)
 		}
 	}
 
-	log_sys.lsn = recv_sys->recovered_lsn;
+	log_sys.lsn = recv_sys.recovered_lsn;
 
 	if (recv_needed_recovery) {
 		bool missing_tablespace = false;
@@ -3675,17 +3671,17 @@ recv_recovery_from_checkpoint_start(lsn_t flush_lsn)
 			DBUG_PRINT("ib_log", ("Rescan of redo log to validate "
 					      "the missing tablespace. Scan "
 					      "from last stored LSN " LSN_PF,
-					      recv_sys->last_stored_lsn));
+					      recv_sys.last_stored_lsn));
 
-			lsn_t recent_stored_lsn = recv_sys->last_stored_lsn;
+			lsn_t recent_stored_lsn = recv_sys.last_stored_lsn;
 			rescan = recv_group_scan_log_recs(
 				checkpoint_lsn, &recent_stored_lsn, false);
 
-			ut_ad(!recv_sys->found_corrupt_fs);
+			ut_ad(!recv_sys.found_corrupt_fs);
 
 			missing_tablespace = false;
 
-			err = recv_sys->found_corrupt_log
+			err = recv_sys.found_corrupt_log
 				? DB_ERROR
 				: recv_validate_tablespace(
 					rescan, missing_tablespace);
@@ -3715,15 +3711,15 @@ recv_recovery_from_checkpoint_start(lsn_t flush_lsn)
 			recv_group_scan_log_recs(
 				checkpoint_lsn, &contiguous_lsn, true);
 
-			if ((recv_sys->found_corrupt_log
+			if ((recv_sys.found_corrupt_log
 			     && !srv_force_recovery)
-			    || recv_sys->found_corrupt_fs) {
+			    || recv_sys.found_corrupt_fs) {
 				log_mutex_exit();
 				return(DB_ERROR);
 			}
 		}
 	} else {
-		ut_ad(!rescan || recv_sys->n_addrs == 0);
+		ut_ad(!rescan || recv_sys.n_addrs == 0);
 	}
 
 	if (log_sys.log.scanned_lsn < checkpoint_lsn
@@ -3737,11 +3733,11 @@ recv_recovery_from_checkpoint_start(lsn_t flush_lsn)
 			" database is now corrupt!";
 	}
 
-	if (recv_sys->recovered_lsn < checkpoint_lsn) {
+	if (recv_sys.recovered_lsn < checkpoint_lsn) {
 		log_mutex_exit();
 
 		ib::error() << "Recovered only to lsn:"
-			    << recv_sys->recovered_lsn << " checkpoint_lsn: " << checkpoint_lsn;
+			    << recv_sys.recovered_lsn << " checkpoint_lsn: " << checkpoint_lsn;
 
 		return(DB_ERROR);
 	}
@@ -3752,9 +3748,9 @@ recv_recovery_from_checkpoint_start(lsn_t flush_lsn)
 	recv_synchronize_groups();
 
 	if (!recv_needed_recovery) {
-		ut_a(checkpoint_lsn == recv_sys->recovered_lsn);
+		ut_a(checkpoint_lsn == recv_sys.recovered_lsn);
 	} else {
-		srv_start_lsn = recv_sys->recovered_lsn;
+		srv_start_lsn = recv_sys.recovered_lsn;
 	}
 
 	log_sys.buf_free = ulong(log_sys.lsn % OS_FILE_LOG_BLOCK_SIZE);
@@ -3776,11 +3772,11 @@ recv_recovery_from_checkpoint_start(lsn_t flush_lsn)
 
 	log_sys.next_checkpoint_no = ++checkpoint_no;
 
-	mutex_enter(&recv_sys->mutex);
+	mutex_enter(&recv_sys.mutex);
 
-	recv_sys->apply_log_recs = TRUE;
+	recv_sys.apply_log_recs = true;
 
-	mutex_exit(&recv_sys->mutex);
+	mutex_exit(&recv_sys.mutex);
 
 	log_mutex_exit();
 
@@ -3801,7 +3797,7 @@ recv_recovery_from_checkpoint_finish(void)
 	required because it grabs various mutexes and we want to
 	ensure that when we enable sync_order_checks there is no
 	mutex currently held by any thread. */
-	mutex_enter(&recv_sys->writer_mutex);
+	mutex_enter(&recv_sys.writer_mutex);
 
 	/* Free the resources of the recovery system */
 	recv_recovery_on = false;
@@ -3811,7 +3807,7 @@ recv_recovery_from_checkpoint_finish(void)
 	in progress batches to finish. */
 	buf_flush_wait_LRU_batch_end();
 
-	mutex_exit(&recv_sys->writer_mutex);
+	mutex_exit(&recv_sys.writer_mutex);
 
 	ulint count = 0;
 	while (recv_writer_thread_active) {
@@ -3824,7 +3820,7 @@ recv_recovery_from_checkpoint_finish(void)
 		}
 	}
 
-	recv_sys_debug_free();
+	recv_sys.debug_free();
 
 	/* Free up the flush_rbt. */
 	buf_flush_free_flush_rbt();
diff --git a/storage/innobase/mtr/mtr0log.cc b/storage/innobase/mtr/mtr0log.cc
index 8ee06a9e782..e15b1a2225e 100644
--- a/storage/innobase/mtr/mtr0log.cc
+++ b/storage/innobase/mtr/mtr0log.cc
@@ -100,7 +100,7 @@ mlog_parse_initial_log_record(
 	*type = mlog_id_t(*ptr & ~MLOG_SINGLE_REC_FLAG);
 	if (UNIV_UNLIKELY(*type > MLOG_BIGGEST_TYPE
 			  && !EXTRA_CHECK_MLOG_NUMBER(*type))) {
-		recv_sys->found_corrupt_log = true;
+		recv_sys.found_corrupt_log = true;
 		return NULL;
 	}
 
@@ -234,7 +234,7 @@ mlog_parse_nbytes(
 		break;
 	default:
 	corrupt:
-		recv_sys->found_corrupt_log = true;
+		recv_sys.found_corrupt_log = true;
 		ptr = NULL;
 	}
 
@@ -401,7 +401,7 @@ mlog_parse_string(
 	ptr += 2;
 
 	if (offset >= srv_page_size || len + offset > srv_page_size) {
-		recv_sys->found_corrupt_log = TRUE;
+		recv_sys.found_corrupt_log = TRUE;
 
 		return(NULL);
 	}
@@ -641,7 +641,7 @@ mlog_parse_index(
 			n_core_fields = mach_read_from_2(ptr);
 
 			if (!n_core_fields || n_core_fields > n) {
-				recv_sys->found_corrupt_log = TRUE;
+				recv_sys.found_corrupt_log = TRUE;
 				return(NULL);
 			}
 
diff --git a/storage/innobase/page/page0cur.cc b/storage/innobase/page/page0cur.cc
index 86cd3f9d7ef..97a485810ec 100644
--- a/storage/innobase/page/page0cur.cc
+++ b/storage/innobase/page/page0cur.cc
@@ -1064,7 +1064,7 @@ page_cur_parse_insert_rec(
 
 		if (offset >= srv_page_size) {
 
-			recv_sys->found_corrupt_log = TRUE;
+			recv_sys.found_corrupt_log = TRUE;
 
 			return(NULL);
 		}
@@ -1078,7 +1078,7 @@ page_cur_parse_insert_rec(
 	}
 
 	if (end_seg_len >= srv_page_size << 1) {
-		recv_sys->found_corrupt_log = TRUE;
+		recv_sys.found_corrupt_log = TRUE;
 
 		return(NULL);
 	}
@@ -2255,7 +2255,7 @@ page_cur_parse_delete_rec(
 	ptr += 2;
 
 	if (UNIV_UNLIKELY(offset >= srv_page_size)) {
-		recv_sys->found_corrupt_log = true;
+		recv_sys.found_corrupt_log = true;
 		return NULL;
 	}
 
diff --git a/storage/innobase/page/page0zip.cc b/storage/innobase/page/page0zip.cc
index 654c472c3b5..6ad7cdcfa06 100644
--- a/storage/innobase/page/page0zip.cc
+++ b/storage/innobase/page/page0zip.cc
@@ -3841,7 +3841,7 @@ page_zip_parse_write_blob_ptr(
 	    || offset >= srv_page_size
 	    || z_offset >= srv_page_size) {
 corrupt:
-		recv_sys->found_corrupt_log = TRUE;
+		recv_sys.found_corrupt_log = TRUE;
 
 		return(NULL);
 	}
@@ -3983,7 +3983,7 @@ page_zip_parse_write_node_ptr(
 	    || offset >= srv_page_size
 	    || z_offset >= srv_page_size) {
 corrupt:
-		recv_sys->found_corrupt_log = TRUE;
+		recv_sys.found_corrupt_log = TRUE;
 
 		return(NULL);
 	}
@@ -4198,7 +4198,7 @@ page_zip_parse_write_trx_id(
 	    || offset >= srv_page_size
 	    || z_offset >= srv_page_size) {
 corrupt:
-		recv_sys->found_corrupt_log = TRUE;
+		recv_sys.found_corrupt_log = TRUE;
 
 		return(NULL);
 	}
@@ -4619,7 +4619,7 @@ page_zip_parse_write_header(
 
 	if (len == 0 || offset + len >= PAGE_DATA) {
 corrupt:
-		recv_sys->found_corrupt_log = TRUE;
+		recv_sys.found_corrupt_log = TRUE;
 
 		return(NULL);
 	}
@@ -4897,7 +4897,7 @@ byte* page_zip_parse_compress(const byte* ptr, const byte* end_ptr,
 		if (!page_zip || page_zip_get_size(page_zip) < size
 		    || block->page.id.page_no() < 3) {
 corrupt:
-			recv_sys->found_corrupt_log = TRUE;
+			recv_sys.found_corrupt_log = TRUE;
 
 			return(NULL);
 		}
diff --git a/storage/innobase/srv/srv0start.cc b/storage/innobase/srv/srv0start.cc
index bde0623c228..328f1d209a5 100644
--- a/storage/innobase/srv/srv0start.cc
+++ b/storage/innobase/srv/srv0start.cc
@@ -1107,11 +1107,11 @@ srv_shutdown_all_bg_threads()
 			ut_ad(!srv_read_only_mode);
 
 			/* e. Exit the i/o threads */
-			if (recv_sys->flush_start != NULL) {
-				os_event_set(recv_sys->flush_start);
+			if (recv_sys.flush_start != NULL) {
+				os_event_set(recv_sys.flush_start);
 			}
-			if (recv_sys->flush_end != NULL) {
-				os_event_set(recv_sys->flush_end);
+			if (recv_sys.flush_end != NULL) {
+				os_event_set(recv_sys.flush_end);
 			}
 
 			os_event_set(buf_flush_event);
@@ -1532,7 +1532,7 @@ dberr_t srv_start(bool create_new_db)
 #endif /* UNIV_DEBUG */
 
 	log_sys.create();
-	recv_sys_init();
+	recv_sys.create();
 	lock_sys.create(srv_lock_table_size);
 
 	/* Create i/o-handler threads: */
@@ -1560,7 +1560,7 @@ dberr_t srv_start(bool create_new_db)
 
 #ifdef UNIV_LINUX
 		/* Wait for the setpriority() call to finish. */
-		os_event_wait(recv_sys->flush_end);
+		os_event_wait(recv_sys.flush_end);
 #endif /* UNIV_LINUX */
 		srv_start_state_set(SRV_START_STATE_IO);
 	}
@@ -1574,7 +1574,7 @@ dberr_t srv_start(bool create_new_db)
 		if (err != DB_SUCCESS) {
 			return(srv_init_abort(DB_ERROR));
 		}
-		recv_sys_debug_free();
+		recv_sys.debug_free();
 	}
 
 	/* Open or create the data files. */
@@ -1867,7 +1867,7 @@ files_checked:
 
 		err = recv_recovery_from_checkpoint_start(flushed_lsn);
 
-		recv_sys->dblwr.pages.clear();
+		recv_sys.dblwr.pages.clear();
 
 		if (err != DB_SUCCESS) {
 			return(srv_init_abort(err));
@@ -1899,8 +1899,8 @@ files_checked:
 
 			recv_apply_hashed_log_recs(true);
 
-			if (recv_sys->found_corrupt_log
-			    || recv_sys->found_corrupt_fs) {
+			if (recv_sys.found_corrupt_log
+			    || recv_sys.found_corrupt_fs) {
 				return(srv_init_abort(DB_CORRUPTION));
 			}
 
@@ -2520,7 +2520,7 @@ void innodb_shutdown()
 	/* 4. Free all allocated memory */
 
 	pars_lexer_close();
-	recv_sys_close();
+	recv_sys.close();
 
 	ut_ad(buf_pool_ptr || !srv_was_started);
 	if (buf_pool_ptr) {
diff --git a/storage/innobase/trx/trx0roll.cc b/storage/innobase/trx/trx0roll.cc
index da0169e8a2b..310e7982352 100644
--- a/storage/innobase/trx/trx0roll.cc
+++ b/storage/innobase/trx/trx0roll.cc
@@ -727,9 +727,9 @@ static my_bool trx_roll_count_callback(rw_trx_hash_element_t *element,
 void trx_roll_report_progress()
 {
 	ib_time_t time = ut_time();
-	mutex_enter(&recv_sys->mutex);
-	bool report = recv_sys->report(time);
-	mutex_exit(&recv_sys->mutex);
+	mutex_enter(&recv_sys.mutex);
+	bool report = recv_sys.report(time);
+	mutex_exit(&recv_sys.mutex);
 
 	if (report) {
 		trx_roll_count_callback_arg arg;
diff --git a/storage/innobase/trx/trx0undo.cc b/storage/innobase/trx/trx0undo.cc
index 98130a428f5..6267a8edd53 100644
--- a/storage/innobase/trx/trx0undo.cc
+++ b/storage/innobase/trx/trx0undo.cc
@@ -388,7 +388,7 @@ trx_undo_parse_page_init(const byte* ptr, const byte* end_ptr, page_t* page)
 	const ulint type = *ptr++;
 
 	if (type > TRX_UNDO_UPDATE) {
-		recv_sys->found_corrupt_log = true;
+		recv_sys.found_corrupt_log = true;
 	} else if (page) {
 		/* Starting with MDEV-12288 in MariaDB 10.3.1, we use
 		type=0 for the combined insert/update undo log

From 88b7926ff845f4bd3d5794008ae75f35f442cfbd Mon Sep 17 00:00:00 2001
From: Vladislav Vaintroub 
Date: Sat, 25 May 2019 22:59:33 +0200
Subject: [PATCH 4/6] MDEV-19582 WolfSSL decyption function can read memory
 out-of-bounds. MDEV-19581 Valgrind error with WolfSSL and encrypted binlog

WolfSSL can read  memory out of bounds in EVP_CipherUpdate()
in decrypt/NOPAD mode, when the input length is not multiple of AES block
size.

The workaround ensures that input will have some padding at the end
by having slightly larger allocated buffer, or padding the structures
with 16 more bytes.
---
 sql/log_event.cc                  | 12 +++++++++--
 storage/innobase/log/log0crypt.cc | 34 +++++++++++++++++++------------
 storage/innobase/row/row0log.cc   | 14 ++++++++++---
 3 files changed, 42 insertions(+), 18 deletions(-)

diff --git a/sql/log_event.cc b/sql/log_event.cc
index 95d602a0d8e..d303f345949 100644
--- a/sql/log_event.cc
+++ b/sql/log_event.cc
@@ -1847,8 +1847,16 @@ int Log_event::read_log_event(IO_CACHE* file, String* packet,
   {
     uchar iv[BINLOG_IV_LENGTH];
     fdle->crypto_data.set_iv(iv, (uint32) (my_b_tell(file) - data_len));
-
-    char *newpkt= (char*)my_malloc(data_len + ev_offset + 1, MYF(MY_WME));
+    size_t sz= data_len + ev_offset + 1;
+#ifdef HAVE_WOLFSSL
+    /*
+      Workaround for MDEV-19582.
+      WolfSSL reads memory out of bounds with decryption/NOPAD)
+      We allocate a little more memory therefore.
+    */
+    sz += MY_AES_BLOCK_SIZE;
+#endif
+    char *newpkt= (char*)my_malloc(sz, MYF(MY_WME));
     if (!newpkt)
       DBUG_RETURN(LOG_READ_MEM);
     memcpy(newpkt, packet->ptr(), ev_offset);
diff --git a/storage/innobase/log/log0crypt.cc b/storage/innobase/log/log0crypt.cc
index d3843221141..b088c9af09d 100644
--- a/storage/innobase/log/log0crypt.cc
+++ b/storage/innobase/log/log0crypt.cc
@@ -39,10 +39,15 @@ my_bool srv_encrypt_log;
 /** Redo log encryption key ID */
 #define LOG_DEFAULT_ENCRYPTION_KEY 1
 
-typedef union {
-	uint32_t	words[MY_AES_BLOCK_SIZE / sizeof(uint32_t)];
+struct aes_block_t {
 	byte		bytes[MY_AES_BLOCK_SIZE];
-} aes_block_t;
+#ifdef HAVE_WOLFSSL
+	// Workaround for  MDEV-19582.
+	// WolfSSL reads memory out of bounds with decrypt/NOPAD
+	// Pad the structure to workaround
+	byte		pad[MY_AES_BLOCK_SIZE];
+#endif
+};
 
 struct crypt_info_t {
 	ulint		checkpoint_no; /*!< checkpoint no; 32 bits */
@@ -91,7 +96,8 @@ static bool init_crypt_key(crypt_info_t* info, bool upgrade = false)
 	byte	mysqld_key[MY_AES_MAX_KEY_LENGTH];
 	uint	keylen = sizeof mysqld_key;
 
-	compile_time_assert(16 == sizeof info->crypt_key);
+	compile_time_assert(16 == sizeof info->crypt_key.bytes);
+	compile_time_assert(16 == MY_AES_BLOCK_SIZE);
 
 	if (uint rc = encryption_key_get(LOG_DEFAULT_ENCRYPTION_KEY,
 					 info->key_version, mysqld_key,
@@ -113,7 +119,7 @@ static bool init_crypt_key(crypt_info_t* info, bool upgrade = false)
 	uint dst_len;
 	int err= my_aes_crypt(MY_AES_ECB,
 			      ENCRYPTION_FLAG_NOPAD | ENCRYPTION_FLAG_ENCRYPT,
-			      info->crypt_msg.bytes, sizeof info->crypt_msg,
+			      info->crypt_msg.bytes, MY_AES_BLOCK_SIZE,
 			      info->crypt_key.bytes, &dst_len,
 			      mysqld_key, keylen, NULL, 0);
 
@@ -212,7 +218,7 @@ bool log_crypt(byte* buf, lsn_t lsn, ulint size, log_crypt_t op)
 			buf + LOG_CRYPT_HDR_SIZE, dst_size,
 			reinterpret_cast(dst), &dst_len,
 			const_cast(info.crypt_key.bytes),
-			sizeof info.crypt_key,
+			MY_AES_BLOCK_SIZE,
 			reinterpret_cast(aes_ctr_iv), sizeof aes_ctr_iv,
 			op == LOG_DECRYPT
 			? ENCRYPTION_FLAG_DECRYPT | ENCRYPTION_FLAG_NOPAD
@@ -249,7 +255,7 @@ log_crypt_init()
 		return false;
 	}
 
-	if (my_random_bytes(info.crypt_msg.bytes, sizeof info.crypt_msg)
+	if (my_random_bytes(info.crypt_msg.bytes, MY_AES_BLOCK_SIZE)
 	    != MY_AES_OK
 	    || my_random_bytes(info.crypt_nonce.bytes, sizeof info.crypt_nonce)
 	    != MY_AES_OK) {
@@ -287,7 +293,7 @@ log_crypt_101_read_checkpoint(const byte* buf)
 		infos_used++;
 		info.checkpoint_no = checkpoint_no;
 		info.key_version = mach_read_from_4(buf + 4);
-		memcpy(info.crypt_msg.bytes, buf + 8, sizeof info.crypt_msg);
+		memcpy(info.crypt_msg.bytes, buf + 8, MY_AES_BLOCK_SIZE);
 		memcpy(info.crypt_nonce.bytes, buf + 24,
 		       sizeof info.crypt_nonce);
 
@@ -371,13 +377,14 @@ void
 log_crypt_write_checkpoint_buf(byte* buf)
 {
 	ut_ad(info.key_version);
-	compile_time_assert(16 == sizeof info.crypt_msg);
+	compile_time_assert(16 == sizeof info.crypt_msg.bytes);
+	compile_time_assert(16 == MY_AES_BLOCK_SIZE);
 	compile_time_assert(LOG_CHECKPOINT_CRYPT_MESSAGE
 			    - LOG_CHECKPOINT_CRYPT_NONCE
 			    == sizeof info.crypt_nonce);
 
 	memcpy(buf + LOG_CHECKPOINT_CRYPT_MESSAGE, info.crypt_msg.bytes,
-	       sizeof info.crypt_msg);
+	       MY_AES_BLOCK_SIZE);
 	memcpy(buf + LOG_CHECKPOINT_CRYPT_NONCE, info.crypt_nonce.bytes,
 	       sizeof info.crypt_nonce);
 	mach_write_to_4(buf + LOG_CHECKPOINT_CRYPT_KEY, info.key_version);
@@ -396,13 +403,14 @@ log_crypt_read_checkpoint_buf(const byte* buf)
 #if MY_AES_BLOCK_SIZE != 16
 # error "MY_AES_BLOCK_SIZE != 16; redo log checkpoint format affected"
 #endif
-	compile_time_assert(16 == sizeof info.crypt_msg);
+	compile_time_assert(16 == sizeof info.crypt_msg.bytes);
+	compile_time_assert(16 == MY_AES_BLOCK_SIZE);
 	compile_time_assert(LOG_CHECKPOINT_CRYPT_MESSAGE
 			    - LOG_CHECKPOINT_CRYPT_NONCE
 			    == sizeof info.crypt_nonce);
 
 	memcpy(info.crypt_msg.bytes, buf + LOG_CHECKPOINT_CRYPT_MESSAGE,
-	       sizeof info.crypt_msg);
+	       MY_AES_BLOCK_SIZE);
 	memcpy(info.crypt_nonce.bytes, buf + LOG_CHECKPOINT_CRYPT_NONCE,
 	       sizeof info.crypt_nonce);
 
@@ -435,7 +443,7 @@ log_tmp_block_encrypt(
 
 	int rc = encryption_crypt(
 		src, (uint)size, dst, &dst_len,
-		const_cast(info.crypt_key.bytes), (uint)(sizeof info.crypt_key),
+		info.crypt_key.bytes, MY_AES_BLOCK_SIZE,
 		reinterpret_cast(aes_ctr_iv), (uint)(sizeof aes_ctr_iv),
 		encrypt
 		? ENCRYPTION_FLAG_ENCRYPT|ENCRYPTION_FLAG_NOPAD
diff --git a/storage/innobase/row/row0log.cc b/storage/innobase/row/row0log.cc
index 8b5cdb8f9b3..7a35b4bae39 100644
--- a/storage/innobase/row/row0log.cc
+++ b/storage/innobase/row/row0log.cc
@@ -42,6 +42,14 @@ Created 2011-05-26 Marko Makela
 #include 
 #include 
 
+#ifdef HAVE_WOLFSSL
+// Workaround for MDEV-19582
+// (WolfSSL reads memory out of bounds with decryption/NOPAD)
+#define WOLFSSL_PAD_SIZE MY_AES_BLOCK_SIZE
+#else
+#define WOLFSSL_PAD_SIZE 0
+#endif
+
 Atomic_counter onlineddl_rowlog_rows;
 ulint onlineddl_rowlog_pct_used;
 ulint onlineddl_pct_progress;
@@ -3231,7 +3239,7 @@ row_log_allocate(
 	index->online_log = log;
 
 	if (log_tmp_is_encrypted()) {
-		ulint size = srv_sort_buf_size;
+		ulint size = srv_sort_buf_size + WOLFSSL_PAD_SIZE;
 		log->crypt_head = static_cast(os_mem_alloc_large(&size));
 		log->crypt_tail = static_cast(os_mem_alloc_large(&size));
 
@@ -3265,11 +3273,11 @@ row_log_free(
 	row_merge_file_destroy_low(log->fd);
 
 	if (log->crypt_head) {
-		os_mem_free_large(log->crypt_head, srv_sort_buf_size);
+		os_mem_free_large(log->crypt_head, srv_sort_buf_size + WOLFSSL_PAD_SIZE);
 	}
 
 	if (log->crypt_tail) {
-		os_mem_free_large(log->crypt_tail, srv_sort_buf_size);
+		os_mem_free_large(log->crypt_tail, srv_sort_buf_size + WOLFSSL_PAD_SIZE);
 	}
 
 	mutex_free(&log->mutex);

From f465ec8c45d1ff2371d9ccdf7144173b2797bca5 Mon Sep 17 00:00:00 2001
From: Vladislav Vaintroub 
Date: Sat, 25 May 2019 23:03:02 +0200
Subject: [PATCH 5/6] Lets pretend that WolfSSL does not support AES-CTR

In Wolfcrypt, output length after CTR encryption is not the same
as input length. This is different from openssl and this makes unit test
aes-t fail.

So disable CTR for now.
---
 cmake/ssl.cmake | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cmake/ssl.cmake b/cmake/ssl.cmake
index 0d2570f1336..7a571171eaf 100644
--- a/cmake/ssl.cmake
+++ b/cmake/ssl.cmake
@@ -56,7 +56,7 @@ MACRO (MYSQL_USE_BUNDLED_SSL)
   SET(SSL_INCLUDE_DIRS ${INC_DIRS})
   SET(SSL_DEFINES "-DHAVE_OPENSSL -DHAVE_WOLFSSL  -DOPENSSL_ALL -DWOLFSSL_MYSQL_COMPATIBLE -DWC_NO_HARDEN")
   SET(HAVE_ERR_remove_thread_state ON CACHE INTERNAL "wolfssl doesn't have ERR_remove_thread_state")
-  SET(HAVE_EncryptAes128Ctr ON CACHE INTERNAL "wolfssl does support AES-CTR")
+  SET(HAVE_EncryptAes128Ctr OFF CACHE INTERNAL "wolfssl does support AES-CTR, but differently from openssl")
   SET(HAVE_EncryptAes128Gcm OFF CACHE INTERNAL "wolfssl does not support AES-GCM")
   SET(HAVE_X509_check_host ON CACHE INTERNAL  "wolfssl does support X509_check_host")
   CHANGE_SSL_SETTINGS("bundled")

From e32212c63c9675591e9c4b15c1bce9f61ec02eb8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marko=20M=C3=A4kel=C3=A4?= 
Date: Mon, 27 May 2019 10:16:23 +0300
Subject: [PATCH 6/6] MDEV-19582 Out-of-bounds memory accesses by WolfSSL

Fix errors caught by clang-7 in the encrypted variants of the tests
innodb.innodb-table-online innodb.innodb-index-online
---
 storage/innobase/CMakeLists.txt   |  2 ++
 storage/innobase/row/row0log.cc   | 12 ++++++++----
 storage/innobase/row/row0merge.cc | 13 +++++++++++--
 3 files changed, 21 insertions(+), 6 deletions(-)

diff --git a/storage/innobase/CMakeLists.txt b/storage/innobase/CMakeLists.txt
index 0b2cdbf9474..dfa6e032176 100644
--- a/storage/innobase/CMakeLists.txt
+++ b/storage/innobase/CMakeLists.txt
@@ -161,6 +161,8 @@ IF(NOT TARGET innobase)
   RETURN()
 ENDIF()
 
+ADD_DEFINITIONS(${SSL_DEFINES})
+
 # A GCC bug causes crash when compiling these files on ARM64 with -O1+
 # Compile them with -O0 as a workaround.
 IF(CMAKE_COMPILER_IS_GNUCXX AND CMAKE_SYSTEM_PROCESSOR MATCHES "aarch64"
diff --git a/storage/innobase/row/row0log.cc b/storage/innobase/row/row0log.cc
index 7a35b4bae39..02c4d1b0d82 100644
--- a/storage/innobase/row/row0log.cc
+++ b/storage/innobase/row/row0log.cc
@@ -301,7 +301,8 @@ row_log_block_allocate(
 		);
 
 		log_buf.block = ut_allocator(mem_key_row_log_buf)
-			.allocate_large(srv_sort_buf_size, &log_buf.block_pfx);
+			.allocate_large(srv_sort_buf_size + WOLFSSL_PAD_SIZE,
+					&log_buf.block_pfx);
 
 		if (log_buf.block == NULL) {
 			DBUG_RETURN(false);
@@ -321,7 +322,8 @@ row_log_block_free(
 	DBUG_ENTER("row_log_block_free");
 	if (log_buf.block != NULL) {
 		ut_allocator(mem_key_row_log_buf).deallocate_large(
-			log_buf.block, &log_buf.block_pfx, log_buf.size);
+			log_buf.block, &log_buf.block_pfx,
+			log_buf.size + WOLFSSL_PAD_SIZE);
 		log_buf.block = NULL;
 	}
 	DBUG_VOID_RETURN;
@@ -3273,11 +3275,13 @@ row_log_free(
 	row_merge_file_destroy_low(log->fd);
 
 	if (log->crypt_head) {
-		os_mem_free_large(log->crypt_head, srv_sort_buf_size + WOLFSSL_PAD_SIZE);
+		os_mem_free_large(log->crypt_head, srv_sort_buf_size
+				  + WOLFSSL_PAD_SIZE);
 	}
 
 	if (log->crypt_tail) {
-		os_mem_free_large(log->crypt_tail, srv_sort_buf_size + WOLFSSL_PAD_SIZE);
+		os_mem_free_large(log->crypt_tail, srv_sort_buf_size
+				  + WOLFSSL_PAD_SIZE);
 	}
 
 	mutex_free(&log->mutex);
diff --git a/storage/innobase/row/row0merge.cc b/storage/innobase/row/row0merge.cc
index 087f4e89125..e2e3662f6f1 100644
--- a/storage/innobase/row/row0merge.cc
+++ b/storage/innobase/row/row0merge.cc
@@ -61,6 +61,14 @@ float my_log2f(float n)
 # define posix_fadvise(fd, offset, len, advice) /* nothing */
 #endif /* _WIN32 */
 
+#ifdef HAVE_WOLFSSL
+// Workaround for MDEV-19582
+// (WolfSSL accesses memory out of bounds)
+# define WOLFSSL_PAD_SIZE MY_AES_BLOCK_SIZE
+#else
+# define WOLFSSL_PAD_SIZE 0
+#endif
+
 /* Whether to disable file system cache */
 char	srv_disable_sort_file_cache;
 
@@ -4628,7 +4636,7 @@ row_merge_build_indexes(
 
 	if (log_tmp_is_encrypted()) {
 		crypt_block = static_cast(
-			alloc.allocate_large(block_size,
+			alloc.allocate_large(block_size + WOLFSSL_PAD_SIZE,
 					     &crypt_pfx));
 
 		if (crypt_block == NULL) {
@@ -4998,7 +5006,8 @@ func_exit:
 	alloc.deallocate_large(block, &block_pfx, block_size);
 
 	if (crypt_block) {
-		alloc.deallocate_large(crypt_block, &crypt_pfx, block_size);
+		alloc.deallocate_large(crypt_block, &crypt_pfx,
+				       block_size + WOLFSSL_PAD_SIZE);
 	}
 
 	DICT_TF2_FLAG_UNSET(new_table, DICT_TF2_FTS_ADD_DOC_ID);