From 3d88b766803ecf46cf3eb7a2acf4490b07143b90 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C3=ABl=20Zasso?= <targos@protonmail.com>
Date: Mon, 7 Oct 2019 10:20:28 +0200
Subject: [PATCH 01/65] deps: patch V8 to 7.7.299.13

Refs: https://github.com/v8/v8/compare/7.7.299.11...7.7.299.13

PR-URL: https://github.com/nodejs/node/pull/29869
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Beth Griggs <Bethany.Griggs@uk.ibm.com>
---
 deps/v8/include/v8-version.h                  |   2 +-
 deps/v8/infra/testing/builders.pyl            | 116 ++++++++++--------
 deps/v8/src/execution/frames.cc               |  11 +-
 .../test/mjsunit/regress/regress-1000635.js   |  15 +++
 4 files changed, 89 insertions(+), 55 deletions(-)
 create mode 100644 deps/v8/test/mjsunit/regress/regress-1000635.js

diff --git a/deps/v8/include/v8-version.h b/deps/v8/include/v8-version.h
index 0406f65b08e684..a87655058a058d 100644
--- a/deps/v8/include/v8-version.h
+++ b/deps/v8/include/v8-version.h
@@ -11,7 +11,7 @@
 #define V8_MAJOR_VERSION 7
 #define V8_MINOR_VERSION 7
 #define V8_BUILD_NUMBER 299
-#define V8_PATCH_LEVEL 11
+#define V8_PATCH_LEVEL 13
 
 // Use 1 for candidates and 0 otherwise.
 // (Boolean macro values are not supported by all preprocessors.)
diff --git a/deps/v8/infra/testing/builders.pyl b/deps/v8/infra/testing/builders.pyl
index 13a73f3e94cd90..965300da7735f2 100644
--- a/deps/v8/infra/testing/builders.pyl
+++ b/deps/v8/infra/testing/builders.pyl
@@ -43,7 +43,7 @@
       {'name': 'v8testing', 'variant': 'default', 'shards': 4},
       {'name': 'v8testing', 'variant': 'trusted', 'shards': 4},
       {'name': 'mozilla', 'variant': 'default'},
-      {'name': 'test262_variants', 'variant': 'default', 'shards': 7},
+      {'name': 'test262', 'variant': 'default', 'shards': 7},
     ],
   },
   ##############################################################################
@@ -59,7 +59,7 @@
       {'name': 'mjsunit_sp_frame_access'},
       {'name': 'mozilla'},
       {'name': 'mozilla', 'variant': 'extra'},
-      {'name': 'test262', 'shards': 2},
+      {'name': 'test262', 'variant': 'default', 'shards': 2},
       {'name': 'test262_variants', 'variant': 'extra', 'shards': 3},
       {'name': 'v8testing', 'shards': 3},
       {'name': 'v8testing', 'variant': 'extra', 'shards': 2},
@@ -175,6 +175,7 @@
       {
         'name': 'test262',
         'suffix': 'nosse3',
+        'variant': 'default',
         'test_args': [
           '--extra-flags',
           '--noenable-sse3 --noenable-ssse3 --noenable-sse4-1 --noenable-avx',
@@ -198,6 +199,7 @@
       {
         'name': 'test262',
         'suffix': 'nosse4',
+        'variant': 'default',
         'test_args': ['--extra-flags', '--noenable-sse4-1 --noenable-avx'],
       },
       {
@@ -225,7 +227,7 @@
     'tests': [
       {'name': 'mjsunit_sp_frame_access'},
       {'name': 'mozilla'},
-      {'name': 'test262'},
+      {'name': 'test262', 'variant': 'default'},
       {'name': 'v8testing', 'shards': 7},
       {'name': 'v8testing', 'variant': 'extra', 'shards': 3},
       {'name': 'v8testing', 'variant': 'trusted', 'shards': 2},
@@ -246,7 +248,7 @@
     'tests': [
       {'name': 'mjsunit_sp_frame_access', 'shards': 2},
       {'name': 'mozilla', 'shards': 2},
-      {'name': 'test262', 'shards': 2},
+      {'name': 'test262', 'variant': 'default', 'shards': 2},
       {'name': 'v8testing', 'shards': 10},
       {'name': 'v8testing', 'variant': 'extra', 'shards': 8},
       {'name': 'v8testing', 'variant': 'trusted', 'shards': 2},
@@ -273,7 +275,7 @@
       {'name': 'benchmarks'},
       {'name': 'mozilla'},
       {'name': 'optimize_for_size'},
-      {'name': 'test262'},
+      {'name': 'test262', 'variant': 'default'},
       {'name': 'v8testing', 'shards': 2},
     ],
   },
@@ -288,7 +290,7 @@
       {'name': 'mjsunit_sp_frame_access'},
       {'name': 'mozilla'},
       {'name': 'mozilla', 'variant': 'extra'},
-      {'name': 'test262'},
+      {'name': 'test262', 'variant': 'default'},
       {'name': 'test262_variants', 'variant': 'extra', 'shards': 3},
       {'name': 'v8testing', 'shards': 3},
       {'name': 'v8testing', 'variant': 'extra', 'shards': 2},
@@ -325,7 +327,7 @@
       'os': 'Ubuntu-16.04',
     },
     'tests': [
-      {'name': 'test262', 'shards': 2},
+      {'name': 'test262', 'variant': 'default', 'shards': 2},
       {'name': 'v8testing', 'shards': 5},
     ],
   },
@@ -413,7 +415,7 @@
     'tests': [
       {'name': 'benchmarks'},
       {'name': 'mozilla'},
-      {'name': 'test262', 'shards': 3},
+      {'name': 'test262', 'variant': 'default', 'shards': 3},
       {'name': 'v8testing', 'shards': 5},
       {'name': 'v8testing', 'variant': 'extra', 'shards': 3},
       {'name': 'v8testing', 'variant': 'slow_path'},
@@ -452,7 +454,7 @@
     'tests': [
       {'name': 'mjsunit_sp_frame_access'},
       {'name': 'mozilla', 'shards': 2},
-      {'name': 'test262', 'shards': 2},
+      {'name': 'test262', 'variant': 'default', 'shards': 2},
       {'name': 'v8testing', 'shards': 10},
       {'name': 'v8testing', 'variant': 'extra', 'shards': 6},
       {'name': 'v8testing', 'variant': 'trusted', 'shards': 3},
@@ -473,7 +475,7 @@
     'tests': [
       {'name': 'mjsunit_sp_frame_access', 'shards': 2},
       {'name': 'mozilla', 'shards': 2},
-      {'name': 'test262', 'shards': 2},
+      {'name': 'test262', 'variant': 'default', 'shards': 2},
       {'name': 'v8testing', 'shards': 12},
       {'name': 'v8testing', 'variant': 'extra', 'shards': 8},
       {'name': 'v8testing', 'variant': 'trusted', 'shards': 3},
@@ -538,7 +540,7 @@
     },
     'tests': [
       {'name': 'mozilla'},
-      {'name': 'test262', 'shards': 2},
+      {'name': 'test262', 'variant': 'default', 'shards': 2},
       {'name': 'v8testing', 'shards': 2},
     ],
   },
@@ -559,7 +561,7 @@
     },
     'tests': [
       {'name': 'mozilla'},
-      {'name': 'test262', 'shards': 2},
+      {'name': 'test262', 'variant': 'default', 'shards': 2},
       {'name': 'v8testing', 'shards': 3},
       {'name': 'v8testing', 'variant': 'extra', 'shards': 2},
     ],
@@ -571,7 +573,7 @@
     },
     'tests': [
       {'name': 'mozilla'},
-      {'name': 'test262'},
+      {'name': 'test262', 'variant': 'default'},
       {'name': 'v8testing', 'shards': 2},
     ],
   },
@@ -582,7 +584,7 @@
     },
     'tests': [
       {'name': 'mozilla'},
-      {'name': 'test262'},
+      {'name': 'test262', 'variant': 'default'},
       {'name': 'v8testing', 'shards': 2},
       {'name': 'v8testing', 'variant': 'extra'},
     ],
@@ -605,7 +607,7 @@
     },
     'tests': [
       {'name': 'mozilla'},
-      {'name': 'test262', 'shards': 2},
+      {'name': 'test262', 'variant': 'default', 'shards': 2},
       {'name': 'v8testing', 'shards': 3},
       {'name': 'v8testing', 'variant': 'extra', 'shards': 2},
     ],
@@ -626,7 +628,7 @@
     },
     'tests': [
       {'name': 'mozilla'},
-      {'name': 'test262', 'shards': 2},
+      {'name': 'test262', 'variant': 'default', 'shards': 2},
       {'name': 'v8testing', 'shards': 2},
       {'name': 'v8testing', 'variant': 'extra'},
     ],
@@ -696,7 +698,7 @@
       'os': 'Ubuntu-16.04',
     },
     'tests': [
-      {'name': 'test262', 'shards': 3},
+      {'name': 'test262', 'variant': 'default', 'shards': 3},
       {'name': 'v8testing', 'shards': 4},
     ],
   },
@@ -735,6 +737,7 @@
       {
         'name': 'test262',
         'suffix': 'nosse3',
+        'variant': 'default',
         'test_args': ['--extra-flags', '--noenable-sse3 --noenable-ssse3 --noenable-sse4-1 --noenable-avx']
       },
       {
@@ -752,6 +755,7 @@
       {
         'name': 'test262',
         'suffix': 'nosse4',
+        'variant': 'default',
         'test_args': ['--extra-flags', '--noenable-sse4-1 --noenable-avx']
       },
       {
@@ -863,7 +867,7 @@
     },
     'tests': [
       {'name': 'mozilla'},
-      {'name': 'test262'},
+      {'name': 'test262', 'variant': 'default'},
       {'name': 'v8testing'},
     ],
   },
@@ -916,6 +920,7 @@
       {
         'name': 'test262',
         'suffix': 'noavx',
+        'variant': 'default',
         'test_args': ['--extra-flags', '--noenable-avx']
       },
       {
@@ -933,7 +938,7 @@
       {'name': 'benchmarks'},
       {'name': 'mozilla'},
       {'name': 'optimize_for_size'},
-      {'name': 'test262'},
+      {'name': 'test262', 'variant': 'default'},
       {'name': 'v8testing'},
     ],
   },
@@ -972,6 +977,7 @@
       {
         'name': 'test262',
         'suffix': 'noavx',
+        'variant': 'default',
         'test_args': ['--extra-flags', '--noenable-avx']
       },
       {
@@ -1049,7 +1055,7 @@
     },
     'tests': [
       {'name': 'mozilla'},
-      {'name': 'test262'},
+      {'name': 'test262', 'variant': 'default'},
       {'name': 'v8testing'},
     ],
   },
@@ -1091,7 +1097,7 @@
     'tests': [
       {'name': 'benchmarks'},
       {'name': 'mozilla'},
-      {'name': 'test262', 'shards': 3},
+      {'name': 'test262', 'variant': 'default', 'shards': 3},
       {'name': 'v8testing', 'shards': 5},
       {'name': 'v8testing', 'variant': 'extra', 'shards': 3},
       {'name': 'v8testing', 'variant': 'slow_path', 'shards': 1},
@@ -1117,6 +1123,7 @@
       },
       {
         'name': 'test262',
+        'variant': 'default',
         'test_args': ['--extra-flags=--stress-incremental-marking'],
         'shards': 4,
       },
@@ -1141,7 +1148,7 @@
     },
     'tests': [
       {'name': 'mozilla'},
-      {'name': 'test262', 'shards': 2},
+      {'name': 'test262', 'variant': 'default', 'shards': 2},
       {'name': 'v8testing'},
       {'name': 'v8testing', 'variant': 'extra'},
     ],
@@ -1153,7 +1160,7 @@
     },
     'tests': [
       {'name': 'mozilla'},
-      {'name': 'test262', 'shards': 2},
+      {'name': 'test262', 'variant': 'default', 'shards': 2},
       {'name': 'v8testing', 'shards': 2},
       {'name': 'v8testing', 'variant': 'extra'},
     ],
@@ -1165,7 +1172,7 @@
     },
     'tests': [
       {'name': 'mozilla'},
-      {'name': 'test262', 'shards': 2},
+      {'name': 'test262', 'variant': 'default', 'shards': 2},
       {'name': 'v8testing', 'shards': 4},
       {'name': 'v8testing', 'variant': 'extra', 'shards': 2},
     ],
@@ -1195,7 +1202,7 @@
     },
     'tests': [
       {'name': 'mozilla'},
-      {'name': 'test262'},
+      {'name': 'test262', 'variant': 'default'},
       {'name': 'v8testing'},
     ],
   },
@@ -1206,7 +1213,7 @@
     },
     'tests': [
       {'name': 'mozilla'},
-      {'name': 'test262'},
+      {'name': 'test262', 'variant': 'default'},
       {'name': 'v8testing', 'shards': 5},
     ],
   },
@@ -1225,7 +1232,7 @@
     },
     'tests': [
       {'name': 'mozilla'},
-      {'name': 'test262'},
+      {'name': 'test262', 'variant': 'default'},
       {'name': 'v8testing'},
       {'name': 'v8testing', 'variant': 'extra'},
     ],
@@ -1236,7 +1243,7 @@
     },
     'tests': [
       {'name': 'mozilla'},
-      {'name': 'test262'},
+      {'name': 'test262', 'variant': 'default'},
       {'name': 'v8testing', 'shards': 4},
       {'name': 'v8testing', 'variant': 'extra', 'shards': 3},
     ],
@@ -1247,7 +1254,7 @@
     },
     'tests': [
       {'name': 'mozilla'},
-      {'name': 'test262'},
+      {'name': 'test262', 'variant': 'default'},
       {'name': 'v8testing'},
     ],
   },
@@ -1358,7 +1365,7 @@
     'tests': [
       {'name': 'mjsunit_sp_frame_access'},
       {'name': 'mozilla'},
-      {'name': 'test262'},
+      {'name': 'test262', 'variant': 'default'},
       {'name': 'v8testing', 'shards': 4},
       {'name': 'v8testing', 'variant': 'extra'},
       {'name': 'v8testing', 'variant': 'trusted'},
@@ -1371,6 +1378,7 @@
       {
         'name': 'test262',
         'suffix': 'armv8-a',
+        'variant': 'default',
         'test_args': ['--extra-flags', '--enable-armv8']
       },
       {
@@ -1380,8 +1388,17 @@
         'shards': 4
       },
       # Novfp3.
-      {'name': 'mozilla', 'suffix': 'novfp3', 'test_args': ['--novfp3']},
-      {'name': 'test262', 'suffix': 'novfp3', 'test_args': ['--novfp3']},
+      {
+        'name': 'mozilla',
+        'suffix': 'novfp3',
+        'test_args': ['--novfp3'],
+      },
+      {
+        'name': 'test262',
+        'suffix': 'novfp3',
+        'variant': 'default',
+        'test_args': ['--novfp3'],
+      },
       {
         'name': 'v8testing',
         'suffix': 'novfp3',
@@ -1397,7 +1414,7 @@
     'tests': [
       {'name': 'mjsunit_sp_frame_access'},
       {'name': 'mozilla'},
-      {'name': 'test262'},
+      {'name': 'test262', 'variant': 'default'},
       {'name': 'v8testing', 'shards': 8},
       {'name': 'v8testing', 'variant': 'extra', 'shards': 4},
       {'name': 'v8testing', 'variant': 'trusted', 'shards': 2},
@@ -1411,6 +1428,7 @@
       {
         'name': 'test262',
         'suffix': 'armv8-a',
+        'variant': 'default',
         'test_args': ['--extra-flags', '--enable-armv8'],
         'shards': 2,
       },
@@ -1465,7 +1483,7 @@
     'tests': [
       {'name': 'mjsunit_sp_frame_access'},
       {'name': 'mozilla'},
-      {'name': 'test262'},
+      {'name': 'test262', 'variant': 'default'},
       {'name': 'v8testing', 'shards': 3},
       {'name': 'v8testing', 'variant': 'extra'},
       {'name': 'v8testing', 'variant': 'trusted'},
@@ -1482,7 +1500,7 @@
     'tests': [
       {'name': 'mjsunit_sp_frame_access'},
       {'name': 'mozilla', 'shards': 2},
-      {'name': 'test262', 'shards': 2},
+      {'name': 'test262', 'variant': 'default', 'shards': 2},
       {'name': 'v8testing', 'shards': 10},
       {'name': 'v8testing', 'variant': 'extra', 'shards': 6},
       {'name': 'v8testing', 'variant': 'trusted', 'shards': 2},
@@ -1515,7 +1533,7 @@
       'priority': 35,
     },
     'tests': [
-      {'name': 'test262'},
+      {'name': 'test262', 'variant': 'default'},
       {'name': 'v8testing', 'shards': 4},
     ],
   },
@@ -1529,7 +1547,7 @@
       'priority': 35,
     },
     'tests': [
-      {'name': 'test262'},
+      {'name': 'test262', 'variant': 'default'},
       {'name': 'v8testing', 'shards': 4},
     ],
   },
@@ -1715,7 +1733,7 @@
     },
     'tests': [
       {'name': 'mozilla'},
-      {'name': 'test262'},
+      {'name': 'test262', 'variant': 'default'},
       {'name': 'v8testing'},
     ],
   },
@@ -1725,7 +1743,7 @@
     },
     'tests': [
       {'name': 'mozilla'},
-      {'name': 'test262'},
+      {'name': 'test262', 'variant': 'default'},
       {'name': 'v8testing', 'shards': 3},
     ],
   },
@@ -1735,7 +1753,7 @@
     },
     'tests': [
       {'name': 'mozilla'},
-      {'name': 'test262'},
+      {'name': 'test262', 'variant': 'default'},
       {'name': 'v8testing'},
     ],
   },
@@ -1745,7 +1763,7 @@
     },
     'tests': [
       {'name': 'mozilla'},
-      {'name': 'test262'},
+      {'name': 'test262', 'variant': 'default'},
       {'name': 'v8testing', 'shards': 3},
     ],
   },
@@ -1755,7 +1773,7 @@
     },
     'tests': [
       {'name': 'mozilla'},
-      {'name': 'test262'},
+      {'name': 'test262', 'variant': 'default'},
       {'name': 'v8testing'},
     ],
   },
@@ -1765,7 +1783,7 @@
     },
     'tests': [
       {'name': 'mozilla'},
-      {'name': 'test262'},
+      {'name': 'test262', 'variant': 'default'},
       {'name': 'v8testing', 'shards': 3},
     ],
   },
@@ -1775,7 +1793,7 @@
     },
     'tests': [
       {'name': 'mozilla'},
-      {'name': 'test262'},
+      {'name': 'test262', 'variant': 'default'},
       {'name': 'v8testing'},
     ],
   },
@@ -1785,7 +1803,7 @@
     },
     'tests': [
       {'name': 'mozilla'},
-      {'name': 'test262'},
+      {'name': 'test262', 'variant': 'default'},
       {'name': 'v8testing', 'shards': 3},
     ],
   },
@@ -1795,7 +1813,7 @@
     },
     'tests': [
       {'name': 'mozilla'},
-      {'name': 'test262'},
+      {'name': 'test262', 'variant': 'default'},
       {'name': 'v8testing', 'shards': 4},
     ],
   },
@@ -1805,7 +1823,7 @@
     },
     'tests': [
       {'name': 'mozilla'},
-      {'name': 'test262'},
+      {'name': 'test262', 'variant': 'default'},
       {'name': 'v8testing', 'shards': 8},
     ],
   },
@@ -1815,7 +1833,7 @@
     },
     'tests': [
       {'name': 'mozilla'},
-      {'name': 'test262'},
+      {'name': 'test262', 'variant': 'default'},
       {'name': 'v8testing', 'shards': 4},
     ],
   },
@@ -1825,7 +1843,7 @@
     },
     'tests': [
       {'name': 'mozilla'},
-      {'name': 'test262'},
+      {'name': 'test262', 'variant': 'default'},
       {'name': 'v8testing', 'shards': 8},
     ],
   },
diff --git a/deps/v8/src/execution/frames.cc b/deps/v8/src/execution/frames.cc
index 126cb9530ee7b9..f88e4c2788c530 100644
--- a/deps/v8/src/execution/frames.cc
+++ b/deps/v8/src/execution/frames.cc
@@ -1136,11 +1136,11 @@ void JavaScriptFrame::Summarize(std::vector<FrameSummary>* functions) const {
   DCHECK(functions->empty());
   Code code = LookupCode();
   int offset = static_cast<int>(pc() - code.InstructionStart());
-  AbstractCode abstract_code = AbstractCode::cast(code);
+  Handle<AbstractCode> abstract_code(AbstractCode::cast(code), isolate());
   Handle<FixedArray> params = GetParameters();
   FrameSummary::JavaScriptFrameSummary summary(
-      isolate(), receiver(), function(), abstract_code, offset, IsConstructor(),
-      *params);
+      isolate(), receiver(), function(), *abstract_code, offset,
+      IsConstructor(), *params);
   functions->push_back(summary);
 }
 
@@ -1813,10 +1813,11 @@ void InterpretedFrame::WriteInterpreterRegister(int register_index,
 
 void InterpretedFrame::Summarize(std::vector<FrameSummary>* functions) const {
   DCHECK(functions->empty());
-  AbstractCode abstract_code = AbstractCode::cast(GetBytecodeArray());
+  Handle<AbstractCode> abstract_code(AbstractCode::cast(GetBytecodeArray()),
+                                     isolate());
   Handle<FixedArray> params = GetParameters();
   FrameSummary::JavaScriptFrameSummary summary(
-      isolate(), receiver(), function(), abstract_code, GetBytecodeOffset(),
+      isolate(), receiver(), function(), *abstract_code, GetBytecodeOffset(),
       IsConstructor(), *params);
   functions->push_back(summary);
 }
diff --git a/deps/v8/test/mjsunit/regress/regress-1000635.js b/deps/v8/test/mjsunit/regress/regress-1000635.js
new file mode 100644
index 00000000000000..2a02774f999d2d
--- /dev/null
+++ b/deps/v8/test/mjsunit/regress/regress-1000635.js
@@ -0,0 +1,15 @@
+// Copyright 2019 the V8 project authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+//
+// Flags: --stress-compaction --detailed-error-stack-trace --gc-interval=1
+
+function add(a, b) {
+  throw new Error();
+}
+for (let i = 0; i < 100; ++i) {
+  try {
+    add(1, 2);
+  } catch (e) {
+  }
+}

From 6bfe8f47fa70c113aea024452d6af840d960a127 Mon Sep 17 00:00:00 2001
From: Shelley Vohr <shelley.vohr@gmail.com>
Date: Thu, 19 Sep 2019 22:16:04 -0700
Subject: [PATCH 02/65] src: add buildflag to force context-aware addons

PR-URL: https://github.com/nodejs/node/pull/29631
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
---
 doc/api/cli.md      | 8 ++++++++
 doc/api/errors.md   | 5 +++++
 src/node_binding.cc | 8 ++++++++
 src/node_errors.h   | 3 +++
 src/node_options.cc | 4 ++++
 src/node_options.h  | 1 +
 6 files changed, 29 insertions(+)

diff --git a/doc/api/cli.md b/doc/api/cli.md
index 0ac58dba3510fb..4753b35591113f 100644
--- a/doc/api/cli.md
+++ b/doc/api/cli.md
@@ -439,6 +439,13 @@ added: v6.0.0
 
 Silence all process warnings (including deprecations).
 
+### `--force-context-aware`
+<!-- YAML
+added: REPLACEME
+-->
+
+Disable loading non-context-aware native addons.
+
 ### `--openssl-config=file`
 <!-- YAML
 added: v6.9.0
@@ -1009,6 +1016,7 @@ Node.js options that are allowed are:
 * `--experimental-report`
 * `--experimental-vm-modules`
 * `--experimental-wasm-modules`
+* `--force-context-aware`
 * `--force-fips`
 * `--frozen-intrinsics`
 * `--heapsnapshot-signal`
diff --git a/doc/api/errors.md b/doc/api/errors.md
index 08f379afb1f633..5783724774b600 100644
--- a/doc/api/errors.md
+++ b/doc/api/errors.md
@@ -1609,6 +1609,11 @@ OpenSSL crypto support.
 An attempt was made to use features that require [ICU][], but Node.js was not
 compiled with ICU support.
 
+<a id="ERR_NON_CONTEXT_AWARE_DISABLED"></a>
+### ERR_NON_CONTEXT_AWARE_DISABLED
+
+A non-context-aware native addon was loaded in a process that disallows them.
+
 <a id="ERR_OUT_OF_RANGE"></a>
 ### ERR_OUT_OF_RANGE
 
diff --git a/src/node_binding.cc b/src/node_binding.cc
index c51a892e1bcd3d..fe077e1d92eebd 100644
--- a/src/node_binding.cc
+++ b/src/node_binding.cc
@@ -1,4 +1,5 @@
 #include "node_binding.h"
+#include "node_errors.h"
 #include <atomic>
 #include "env-inl.h"
 #include "node_native_module_env.h"
@@ -463,6 +464,13 @@ void DLOpen(const FunctionCallbackInfo<Value>& args) {
     }
 
     if (mp != nullptr) {
+      if (mp->nm_context_register_func == nullptr) {
+        if (env->options()->force_context_aware) {
+          dlib->Close();
+          THROW_ERR_NON_CONTEXT_AWARE_DISABLED(env);
+          return false;
+        }
+      }
       mp->nm_dso_handle = dlib->handle_;
       dlib->SaveInGlobalHandleMap(mp);
     } else {
diff --git a/src/node_errors.h b/src/node_errors.h
index 261c6077bb8054..f6fca6c690a1d2 100644
--- a/src/node_errors.h
+++ b/src/node_errors.h
@@ -52,6 +52,7 @@ void PrintErrorString(const char* format, ...);
   V(ERR_MISSING_MESSAGE_PORT_IN_TRANSFER_LIST, TypeError)                    \
   V(ERR_MISSING_PASSPHRASE, TypeError)                                       \
   V(ERR_MISSING_PLATFORM_FOR_WORKER, Error)                                  \
+  V(ERR_NON_CONTEXT_AWARE_DISABLED, Error)                                   \
   V(ERR_MODULE_NOT_FOUND, Error)                                             \
   V(ERR_OUT_OF_RANGE, RangeError)                                            \
   V(ERR_SCRIPT_EXECUTION_INTERRUPTED, Error)                                 \
@@ -96,6 +97,8 @@ void PrintErrorString(const char* format, ...);
   V(ERR_MISSING_PLATFORM_FOR_WORKER,                                         \
     "The V8 platform used by this instance of Node does not support "        \
     "creating Workers")                                                      \
+  V(ERR_NON_CONTEXT_AWARE_DISABLED,                                          \
+    "Loading non context-aware native modules has been disabled")            \
   V(ERR_SCRIPT_EXECUTION_INTERRUPTED,                                        \
     "Script execution was interrupted by `SIGINT`")                          \
   V(ERR_TRANSFERRING_EXTERNALIZED_SHAREDARRAYBUFFER,                         \
diff --git a/src/node_options.cc b/src/node_options.cc
index 570603140abef4..a9425c4c0862ec 100644
--- a/src/node_options.cc
+++ b/src/node_options.cc
@@ -400,6 +400,10 @@ EnvironmentOptionsParser::EnvironmentOptionsParser() {
             "silence all process warnings",
             &EnvironmentOptions::no_warnings,
             kAllowedInEnvironment);
+  AddOption("--force-context-aware",
+            "disable loading non-context-aware addons",
+            &EnvironmentOptions::force_context_aware,
+            kAllowedInEnvironment);
   AddOption("--pending-deprecation",
             "emit pending deprecation warnings",
             &EnvironmentOptions::pending_deprecation,
diff --git a/src/node_options.h b/src/node_options.h
index dbd85b2d584be5..c4d33831e02bbe 100644
--- a/src/node_options.h
+++ b/src/node_options.h
@@ -118,6 +118,7 @@ class EnvironmentOptions : public Options {
   bool no_deprecation = false;
   bool no_force_async_hooks_checks = false;
   bool no_warnings = false;
+  bool force_context_aware = false;
   bool pending_deprecation = false;
   bool preserve_symlinks = false;
   bool preserve_symlinks_main = false;

From 54ef0fd0106b4eb509c699637d8be86a7a40008f Mon Sep 17 00:00:00 2001
From: Shelley Vohr <shelley.vohr@gmail.com>
Date: Fri, 20 Sep 2019 21:01:43 -0700
Subject: [PATCH 03/65] test: --force-context-aware cli flag

PR-URL: https://github.com/nodejs/node/pull/29631
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
---
 doc/api/cli.md                              |  3 ++-
 test/addons/force-context-aware/binding.cc  |  6 ++++++
 test/addons/force-context-aware/binding.gyp |  9 +++++++++
 test/addons/force-context-aware/index.js    |  4 ++++
 test/addons/force-context-aware/test.js     | 13 +++++++++++++
 test/addons/zlib-binding/test.js            |  2 ++
 6 files changed, 36 insertions(+), 1 deletion(-)
 create mode 100644 test/addons/force-context-aware/binding.cc
 create mode 100644 test/addons/force-context-aware/binding.gyp
 create mode 100644 test/addons/force-context-aware/index.js
 create mode 100644 test/addons/force-context-aware/test.js

diff --git a/doc/api/cli.md b/doc/api/cli.md
index 4753b35591113f..e6cb4b1952f02b 100644
--- a/doc/api/cli.md
+++ b/doc/api/cli.md
@@ -444,7 +444,7 @@ Silence all process warnings (including deprecations).
 added: REPLACEME
 -->
 
-Disable loading non-context-aware native addons.
+Disable loading native addons that are not [context-aware][].
 
 ### `--openssl-config=file`
 <!-- YAML
@@ -1293,3 +1293,4 @@ greater than `4` (its current default value). For more information, see the
 [experimental ECMAScript Module]: esm.html#esm_resolve_hook
 [libuv threadpool documentation]: http://docs.libuv.org/en/latest/threadpool.html
 [remote code execution]: https://www.owasp.org/index.php/Code_Injection
+[context-aware]: addons.html#addons_context_aware_addons
diff --git a/test/addons/force-context-aware/binding.cc b/test/addons/force-context-aware/binding.cc
new file mode 100644
index 00000000000000..4f302fbd558a8a
--- /dev/null
+++ b/test/addons/force-context-aware/binding.cc
@@ -0,0 +1,6 @@
+#include <node.h>
+#include <v8.h>
+
+void init(v8::Local<v8::Object> exports) {}
+
+NODE_MODULE(NODE_GYP_MODULE_NAME, init)
diff --git a/test/addons/force-context-aware/binding.gyp b/test/addons/force-context-aware/binding.gyp
new file mode 100644
index 00000000000000..55fbe7050f18e4
--- /dev/null
+++ b/test/addons/force-context-aware/binding.gyp
@@ -0,0 +1,9 @@
+{
+  'targets': [
+    {
+      'target_name': 'binding',
+      'sources': [ 'binding.cc' ],
+      'includes': ['../common.gypi'],
+    }
+  ]
+}
diff --git a/test/addons/force-context-aware/index.js b/test/addons/force-context-aware/index.js
new file mode 100644
index 00000000000000..17b9a0ad1ef969
--- /dev/null
+++ b/test/addons/force-context-aware/index.js
@@ -0,0 +1,4 @@
+'use strict';
+const common = require('../../common');
+
+require(`./build/${common.buildType}/binding`);
diff --git a/test/addons/force-context-aware/test.js b/test/addons/force-context-aware/test.js
new file mode 100644
index 00000000000000..d5264463a79997
--- /dev/null
+++ b/test/addons/force-context-aware/test.js
@@ -0,0 +1,13 @@
+'use strict';
+const common = require('../../common');
+const childProcess = require('child_process');
+const assert = require('assert');
+const path = require('path');
+
+const mod = path.join('test', 'addons', 'force-context-aware', 'index.js');
+
+const execString = `"${process.execPath}" --force-context-aware ./${mod}`;
+childProcess.exec(execString, common.mustCall((err) => {
+  const errMsg = 'Loading non context-aware native modules has been disabled';
+  assert.strictEqual(err.message.includes(errMsg), true);
+}));
diff --git a/test/addons/zlib-binding/test.js b/test/addons/zlib-binding/test.js
index b50817aa5d4687..7fad9129cd3931 100644
--- a/test/addons/zlib-binding/test.js
+++ b/test/addons/zlib-binding/test.js
@@ -1,3 +1,5 @@
+// Flags: --force-context-aware
+
 'use strict';
 
 const common = require('../../common');

From cf7b4056ca181b36b341115e0929891df9916231 Mon Sep 17 00:00:00 2001
From: Anton Gerasimov <agerasimov@twilio.com>
Date: Mon, 5 Aug 2019 12:03:23 +0200
Subject: [PATCH 04/65] tls: add option for private keys for OpenSSL engines

Add `privateKeyIdentifier` and `privateKeyEngine` options
to get private key from an OpenSSL engine in tls.createSecureContext().

PR-URL: https://github.com/nodejs/node/pull/28973
Reviewed-By: Rod Vagg <rod@vagg.org>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
---
 doc/api/tls.md                                | 10 +++
 lib/_tls_common.js                            | 30 ++++++++
 src/node_crypto.cc                            | 56 +++++++++++++-
 src/node_crypto.h                             |  4 +
 test/addons/openssl-key-engine/binding.gyp    | 25 +++++++
 test/addons/openssl-key-engine/test.js        | 62 ++++++++++++++++
 .../openssl-key-engine/testkeyengine.cc       | 73 +++++++++++++++++++
 .../test-tls-keyengine-invalid-arg-type.js    | 23 ++++++
 .../test-tls-keyengine-unsupported.js         | 34 +++++++++
 9 files changed, 314 insertions(+), 3 deletions(-)
 create mode 100644 test/addons/openssl-key-engine/binding.gyp
 create mode 100644 test/addons/openssl-key-engine/test.js
 create mode 100644 test/addons/openssl-key-engine/testkeyengine.cc
 create mode 100644 test/parallel/test-tls-keyengine-invalid-arg-type.js
 create mode 100644 test/parallel/test-tls-keyengine-unsupported.js

diff --git a/doc/api/tls.md b/doc/api/tls.md
index 68cf5e36bc9f40..297c1e7fd460dc 100644
--- a/doc/api/tls.md
+++ b/doc/api/tls.md
@@ -1358,6 +1358,10 @@ argument.
 <!-- YAML
 added: v0.11.13
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/28973
+    description: Added `privateKeyIdentifier` and `privateKeyEngine` options
+                 to get private key from an OpenSSL engine.
   - version: v12.11.0
     pr-url: https://github.com/nodejs/node/pull/29598
     description: Added `sigalgs` option to override supported signature
@@ -1462,6 +1466,12 @@ changes:
     occur in an array. `object.passphrase` is optional. Encrypted keys will be
     decrypted with `object.passphrase` if provided, or `options.passphrase` if
     it is not.
+  * `privateKeyEngine` {string} Name of an OpenSSL engine to get private key
+    from. Should be used together with `privateKeyIdentifier`.
+  * `privateKeyIdentifier` {string} Identifier of a private key managed by
+    an OpenSSL engine. Should be used together with `privateKeyEngine`.
+    Should not be set together with `key`, because both options define a
+    private key in different ways.
   * `maxVersion` {string} Optionally set the maximum TLS version to allow. One
     of `TLSv1.3`, `TLSv1.2'`, `'TLSv1.1'`, or `'TLSv1'`. Cannot be specified
     along with the `secureProtocol` option, use one or the other.
diff --git a/lib/_tls_common.js b/lib/_tls_common.js
index f24cfcbca65ed3..6cd93036c273a0 100644
--- a/lib/_tls_common.js
+++ b/lib/_tls_common.js
@@ -166,6 +166,36 @@ exports.createSecureContext = function createSecureContext(options) {
     c.context.setSigalgs(sigalgs);
   }
 
+  const { privateKeyIdentifier, privateKeyEngine } = options;
+  if (privateKeyIdentifier !== undefined) {
+    if (privateKeyEngine === undefined) {
+      // Engine is required when privateKeyIdentifier is present
+      throw new ERR_INVALID_OPT_VALUE('privateKeyEngine',
+                                      privateKeyEngine);
+    }
+    if (key) {
+      // Both data key and engine key can't be set at the same time
+      throw new ERR_INVALID_OPT_VALUE('privateKeyIdentifier',
+                                      privateKeyIdentifier);
+    }
+
+    if (typeof privateKeyIdentifier === 'string' &&
+        typeof privateKeyEngine === 'string') {
+      if (c.context.setEngineKey)
+        c.context.setEngineKey(privateKeyIdentifier, privateKeyEngine);
+      else
+        throw new ERR_CRYPTO_CUSTOM_ENGINE_NOT_SUPPORTED();
+    } else if (typeof privateKeyIdentifier !== 'string') {
+      throw new ERR_INVALID_ARG_TYPE('options.privateKeyIdentifier',
+                                     ['string', 'undefined'],
+                                     privateKeyIdentifier);
+    } else {
+      throw new ERR_INVALID_ARG_TYPE('options.privateKeyEngine',
+                                     ['string', 'undefined'],
+                                     privateKeyEngine);
+    }
+  }
+
   if (options.ciphers && typeof options.ciphers !== 'string') {
     throw new ERR_INVALID_ARG_TYPE(
       'options.ciphers', 'string', options.ciphers);
diff --git a/src/node_crypto.cc b/src/node_crypto.cc
index d8bc794dcb8527..a666b0225ac625 100644
--- a/src/node_crypto.cc
+++ b/src/node_crypto.cc
@@ -471,6 +471,9 @@ void SecureContext::Initialize(Environment* env, Local<Object> target) {
 
   env->SetProtoMethod(t, "init", Init);
   env->SetProtoMethod(t, "setKey", SetKey);
+#ifndef OPENSSL_NO_ENGINE
+  env->SetProtoMethod(t, "setEngineKey", SetEngineKey);
+#endif  // !OPENSSL_NO_ENGINE
   env->SetProtoMethod(t, "setCert", SetCert);
   env->SetProtoMethod(t, "addCACert", AddCACert);
   env->SetProtoMethod(t, "addCRL", AddCRL);
@@ -764,6 +767,56 @@ void SecureContext::SetSigalgs(const FunctionCallbackInfo<Value>& args) {
   }
 }
 
+#ifndef OPENSSL_NO_ENGINE
+// Helpers for the smart pointer.
+void ENGINE_free_fn(ENGINE* engine) { ENGINE_free(engine); }
+
+void ENGINE_finish_and_free_fn(ENGINE* engine) {
+  ENGINE_finish(engine);
+  ENGINE_free(engine);
+}
+
+void SecureContext::SetEngineKey(const FunctionCallbackInfo<Value>& args) {
+  Environment* env = Environment::GetCurrent(args);
+
+  SecureContext* sc;
+  ASSIGN_OR_RETURN_UNWRAP(&sc, args.Holder());
+
+  CHECK_EQ(args.Length(), 2);
+
+  char errmsg[1024];
+  const node::Utf8Value engine_id(env->isolate(), args[1]);
+  std::unique_ptr<ENGINE, std::function<void(ENGINE*)>> e =
+                         { LoadEngineById(*engine_id, &errmsg),
+                           ENGINE_free_fn };
+  if (e.get() == nullptr) {
+    return env->ThrowError(errmsg);
+  }
+
+  if (!ENGINE_init(e.get())) {
+    return env->ThrowError("ENGINE_init");
+  }
+
+  e.get_deleter() = ENGINE_finish_and_free_fn;
+
+  const node::Utf8Value key_name(env->isolate(), args[0]);
+  EVPKeyPointer key(ENGINE_load_private_key(e.get(), *key_name,
+                                            nullptr, nullptr));
+
+  if (!key) {
+    return ThrowCryptoError(env, ERR_get_error(), "ENGINE_load_private_key");
+  }
+
+  int rv = SSL_CTX_use_PrivateKey(sc->ctx_.get(), key.get());
+
+  if (rv == 0) {
+    return ThrowCryptoError(env, ERR_get_error(), "SSL_CTX_use_PrivateKey");
+  }
+
+  sc->private_key_engine_ = std::move(e);
+}
+#endif  // !OPENSSL_NO_ENGINE
+
 int SSL_CTX_get_issuer(SSL_CTX* ctx, X509* cert, X509** issuer) {
   X509_STORE* store = SSL_CTX_get_cert_store(ctx);
   DeleteFnPtr<X509_STORE_CTX, X509_STORE_CTX_free> store_ctx(
@@ -1438,9 +1491,6 @@ void SecureContext::LoadPKCS12(const FunctionCallbackInfo<Value>& args) {
 
 
 #ifndef OPENSSL_NO_ENGINE
-// Helper for the smart pointer.
-void ENGINE_free_fn(ENGINE* engine) { ENGINE_free(engine); }
-
 void SecureContext::SetClientCertEngine(
     const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
diff --git a/src/node_crypto.h b/src/node_crypto.h
index 91586563f402e1..206a19119a7321 100644
--- a/src/node_crypto.h
+++ b/src/node_crypto.h
@@ -97,6 +97,7 @@ class SecureContext : public BaseObject {
   X509Pointer issuer_;
 #ifndef OPENSSL_NO_ENGINE
   bool client_cert_engine_provided_ = false;
+  std::unique_ptr<ENGINE, std::function<void(ENGINE*)>> private_key_engine_;
 #endif  // !OPENSSL_NO_ENGINE
 
   static const int kMaxSessionSize = 10 * 1024;
@@ -119,6 +120,9 @@ class SecureContext : public BaseObject {
   static void New(const v8::FunctionCallbackInfo<v8::Value>& args);
   static void Init(const v8::FunctionCallbackInfo<v8::Value>& args);
   static void SetKey(const v8::FunctionCallbackInfo<v8::Value>& args);
+#ifndef OPENSSL_NO_ENGINE
+  static void SetEngineKey(const v8::FunctionCallbackInfo<v8::Value>& args);
+#endif  // !OPENSSL_NO_ENGINE
   static void SetCert(const v8::FunctionCallbackInfo<v8::Value>& args);
   static void AddCACert(const v8::FunctionCallbackInfo<v8::Value>& args);
   static void AddCRL(const v8::FunctionCallbackInfo<v8::Value>& args);
diff --git a/test/addons/openssl-key-engine/binding.gyp b/test/addons/openssl-key-engine/binding.gyp
new file mode 100644
index 00000000000000..6f9a8c32c14e29
--- /dev/null
+++ b/test/addons/openssl-key-engine/binding.gyp
@@ -0,0 +1,25 @@
+{
+  'targets': [
+    {
+      'target_name': 'testkeyengine',
+      'type': 'none',
+      'includes': ['../common.gypi'],
+      'conditions': [
+        ['OS=="mac" and '
+         'node_use_openssl=="true" and '
+         'node_shared=="false" and '
+         'node_shared_openssl=="false"', {
+          'type': 'shared_library',
+          'sources': [ 'testkeyengine.cc' ],
+          'product_extension': 'engine',
+          'include_dirs': ['../../../deps/openssl/openssl/include'],
+          'link_settings': {
+            'libraries': [
+              '../../../../out/<(PRODUCT_DIR)/<(openssl_product)'
+            ]
+          },
+        }],
+      ]
+    }
+  ]
+}
diff --git a/test/addons/openssl-key-engine/test.js b/test/addons/openssl-key-engine/test.js
new file mode 100644
index 00000000000000..5c93e6263626bf
--- /dev/null
+++ b/test/addons/openssl-key-engine/test.js
@@ -0,0 +1,62 @@
+'use strict';
+const common = require('../../common');
+const fixture = require('../../common/fixtures');
+
+if (!common.hasCrypto)
+  common.skip('missing crypto');
+
+const fs = require('fs');
+const path = require('path');
+
+const engine = path.join(__dirname,
+                         `/build/${common.buildType}/testkeyengine.engine`);
+
+if (!fs.existsSync(engine))
+  common.skip('no client cert engine');
+
+const assert = require('assert');
+const https = require('https');
+
+const agentKey = fs.readFileSync(fixture.path('/keys/agent1-key.pem'));
+const agentCert = fs.readFileSync(fixture.path('/keys/agent1-cert.pem'));
+const agentCa = fs.readFileSync(fixture.path('/keys/ca1-cert.pem'));
+
+const serverOptions = {
+  key: agentKey,
+  cert: agentCert,
+  ca: agentCa,
+  requestCert: true,
+  rejectUnauthorized: true
+};
+
+const server = https.createServer(serverOptions, common.mustCall((req, res) => {
+  res.writeHead(200);
+  res.end('hello world');
+})).listen(0, common.localhostIPv4, common.mustCall(() => {
+  const clientOptions = {
+    method: 'GET',
+    host: common.localhostIPv4,
+    port: server.address().port,
+    path: '/test',
+    privateKeyEngine: engine,
+    privateKeyIdentifier: 'dummykey',
+    cert: agentCert,
+    rejectUnauthorized: false, // Prevent failing on self-signed certificates
+    headers: {}
+  };
+
+  const req = https.request(clientOptions, common.mustCall(function(response) {
+    let body = '';
+    response.setEncoding('utf8');
+    response.on('data', function(chunk) {
+      body += chunk;
+    });
+
+    response.on('end', common.mustCall(function() {
+      assert.strictEqual(body, 'hello world');
+      server.close();
+    }));
+  }));
+
+  req.end();
+}));
diff --git a/test/addons/openssl-key-engine/testkeyengine.cc b/test/addons/openssl-key-engine/testkeyengine.cc
new file mode 100644
index 00000000000000..78a4fc49a63e83
--- /dev/null
+++ b/test/addons/openssl-key-engine/testkeyengine.cc
@@ -0,0 +1,73 @@
+#include <assert.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include <openssl/engine.h>
+#include <openssl/pem.h>
+
+#include <fstream>
+#include <iterator>
+#include <string>
+
+#ifndef ENGINE_CMD_BASE
+# error did not get engine.h
+#endif
+
+#define TEST_ENGINE_ID      "testkeyengine"
+#define TEST_ENGINE_NAME    "dummy test key engine"
+
+#define PRIVATE_KEY           "test/fixtures/keys/agent1-key.pem"
+
+namespace {
+
+int EngineInit(ENGINE* engine) {
+  return 1;
+}
+
+int EngineFinish(ENGINE* engine) {
+  return 1;
+}
+
+int EngineDestroy(ENGINE* engine) {
+  return 1;
+}
+
+std::string LoadFile(const char* filename) {
+  std::ifstream file(filename);
+  return std::string(std::istreambuf_iterator<char>(file),
+                     std::istreambuf_iterator<char>());
+}
+
+static EVP_PKEY* EngineLoadPrivkey(ENGINE* engine, const char* name,
+                                   UI_METHOD* ui_method, void* callback_data) {
+  if (strcmp(name, "dummykey") == 0) {
+    std::string key = LoadFile(PRIVATE_KEY);
+    BIO* bio = BIO_new_mem_buf(key.data(), key.size());
+    EVP_PKEY* ret = PEM_read_bio_PrivateKey(bio, nullptr, nullptr, nullptr);
+
+    BIO_vfree(bio);
+    if (ret != nullptr) {
+      return ret;
+    }
+  }
+
+  return nullptr;
+}
+
+int bind_fn(ENGINE* engine, const char* id) {
+  ENGINE_set_id(engine, TEST_ENGINE_ID);
+  ENGINE_set_name(engine, TEST_ENGINE_NAME);
+  ENGINE_set_init_function(engine, EngineInit);
+  ENGINE_set_finish_function(engine, EngineFinish);
+  ENGINE_set_destroy_function(engine, EngineDestroy);
+  ENGINE_set_load_privkey_function(engine, EngineLoadPrivkey);
+
+  return 1;
+}
+
+extern "C" {
+  IMPLEMENT_DYNAMIC_CHECK_FN();
+  IMPLEMENT_DYNAMIC_BIND_FN(bind_fn);
+}
+
+}  // anonymous namespace
diff --git a/test/parallel/test-tls-keyengine-invalid-arg-type.js b/test/parallel/test-tls-keyengine-invalid-arg-type.js
new file mode 100644
index 00000000000000..385841a6541f94
--- /dev/null
+++ b/test/parallel/test-tls-keyengine-invalid-arg-type.js
@@ -0,0 +1,23 @@
+'use strict';
+const common = require('../common');
+
+if (!common.hasCrypto)
+  common.skip('missing crypto');
+
+const tls = require('tls');
+
+common.expectsError(
+  () => {
+    tls.createSecureContext({ privateKeyEngine: 0,
+                              privateKeyIdentifier: 'key' });
+  },
+  { code: 'ERR_INVALID_ARG_TYPE',
+    message: / Received type number$/ });
+
+common.expectsError(
+  () => {
+    tls.createSecureContext({ privateKeyEngine: 'engine',
+                              privateKeyIdentifier: 0 });
+  },
+  { code: 'ERR_INVALID_ARG_TYPE',
+    message: / Received type number$/ });
diff --git a/test/parallel/test-tls-keyengine-unsupported.js b/test/parallel/test-tls-keyengine-unsupported.js
new file mode 100644
index 00000000000000..149fc4dc316c7c
--- /dev/null
+++ b/test/parallel/test-tls-keyengine-unsupported.js
@@ -0,0 +1,34 @@
+// Flags: --expose-internals
+'use strict';
+const common = require('../common');
+
+if (!common.hasCrypto)
+  common.skip('missing crypto');
+
+// Monkey-patch SecureContext
+const { internalBinding } = require('internal/test/binding');
+const binding = internalBinding('crypto');
+const NativeSecureContext = binding.SecureContext;
+
+binding.SecureContext = function() {
+  const rv = new NativeSecureContext();
+  rv.setEngineKey = undefined;
+  return rv;
+};
+
+const tls = require('tls');
+
+{
+  common.expectsError(
+    () => {
+      tls.createSecureContext({
+        privateKeyEngine: 'engine',
+        privateKeyIdentifier: 'key'
+      });
+    },
+    {
+      code: 'ERR_CRYPTO_CUSTOM_ENGINE_NOT_SUPPORTED',
+      message: 'Custom engines not supported by this OpenSSL'
+    }
+  );
+}

From 690a863aaae16cba328d36b523558ded2a2c38e7 Mon Sep 17 00:00:00 2001
From: cjihrig <cjihrig@gmail.com>
Date: Wed, 25 Sep 2019 11:10:36 -0400
Subject: [PATCH 05/65] test: simplify force-context-aware test

PR-URL: https://github.com/nodejs/node/pull/29705
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: David Carlier <devnexen@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Shelley Vohr <codebytere@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
---
 test/addons/force-context-aware/index.js |  4 ----
 test/addons/force-context-aware/test.js  | 13 ++++---------
 2 files changed, 4 insertions(+), 13 deletions(-)
 delete mode 100644 test/addons/force-context-aware/index.js

diff --git a/test/addons/force-context-aware/index.js b/test/addons/force-context-aware/index.js
deleted file mode 100644
index 17b9a0ad1ef969..00000000000000
--- a/test/addons/force-context-aware/index.js
+++ /dev/null
@@ -1,4 +0,0 @@
-'use strict';
-const common = require('../../common');
-
-require(`./build/${common.buildType}/binding`);
diff --git a/test/addons/force-context-aware/test.js b/test/addons/force-context-aware/test.js
index d5264463a79997..cc2ed940d9223d 100644
--- a/test/addons/force-context-aware/test.js
+++ b/test/addons/force-context-aware/test.js
@@ -1,13 +1,8 @@
+// Flags: --force-context-aware
 'use strict';
 const common = require('../../common');
-const childProcess = require('child_process');
 const assert = require('assert');
-const path = require('path');
 
-const mod = path.join('test', 'addons', 'force-context-aware', 'index.js');
-
-const execString = `"${process.execPath}" --force-context-aware ./${mod}`;
-childProcess.exec(execString, common.mustCall((err) => {
-  const errMsg = 'Loading non context-aware native modules has been disabled';
-  assert.strictEqual(err.message.includes(errMsg), true);
-}));
+assert.throws(() => {
+  require(`./build/${common.buildType}/binding`);
+}, /^Error: Loading non context-aware native modules has been disabled$/);

From f39259c07967fbcbf174f32a57f2a632d5837352 Mon Sep 17 00:00:00 2001
From: XhmikosR <xhmikosr@gmail.com>
Date: Thu, 26 Sep 2019 12:00:10 +0300
Subject: [PATCH 06/65] doc: remove redundant escape

PR-URL: https://github.com/nodejs/node/pull/29716
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
---
 doc/changelogs/CHANGELOG_V12.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/changelogs/CHANGELOG_V12.md b/doc/changelogs/CHANGELOG_V12.md
index b8e28d10cbd5a8..106034f97de207 100644
--- a/doc/changelogs/CHANGELOG_V12.md
+++ b/doc/changelogs/CHANGELOG_V12.md
@@ -153,7 +153,7 @@
 * [[`19e38e0def`](https://github.com/nodejs/node/commit/19e38e0def)] - **(SEMVER-MINOR)** **deps**: V8: fix BUILDING\_V8\_SHARED issues (Refael Ackermann) [#27375](https://github.com/nodejs/node/pull/27375)
 * [[`8aaa0abd26`](https://github.com/nodejs/node/commit/8aaa0abd26)] - **(SEMVER-MINOR)** **deps**: V8: add workaround for MSVC optimizer bug (Refael Ackermann) [#28016](https://github.com/nodejs/node/pull/28016)
 * [[`07ed874446`](https://github.com/nodejs/node/commit/07ed874446)] - **(SEMVER-MINOR)** **deps**: V8: use ATOMIC\_VAR\_INIT instead of std::atomic\_init (Refael Ackermann) [#27375](https://github.com/nodejs/node/pull/27375)
-* [[`1ed3909ca3`](https://github.com/nodejs/node/commit/1ed3909ca3)] - **(SEMVER-MINOR)** **deps**: V8: forward declaration of `Rtl\*FunctionTable` (Refael Ackermann) [#27375](https://github.com/nodejs/node/pull/27375)
+* [[`1ed3909ca3`](https://github.com/nodejs/node/commit/1ed3909ca3)] - **(SEMVER-MINOR)** **deps**: V8: forward declaration of `Rtl*FunctionTable` (Refael Ackermann) [#27375](https://github.com/nodejs/node/pull/27375)
 * [[`242f6174e5`](https://github.com/nodejs/node/commit/242f6174e5)] - **(SEMVER-MINOR)** **deps**: V8: patch register-arm64.h (Refael Ackermann) [#27375](https://github.com/nodejs/node/pull/27375)
 * [[`63093e9d49`](https://github.com/nodejs/node/commit/63093e9d49)] - **(SEMVER-MINOR)** **deps**: V8: update postmortem metadata generation script (cjihrig) [#28918](https://github.com/nodejs/node/pull/28918)
 * [[`b54ee2185e`](https://github.com/nodejs/node/commit/b54ee2185e)] - **(SEMVER-MINOR)** **deps**: V8: silence irrelevant warning (Michaël Zasso) [#26685](https://github.com/nodejs/node/pull/26685)

From 0b46bcaaa5c0de977af8b68bf635c5a4361d561c Mon Sep 17 00:00:00 2001
From: Sam Roberts <vieuxtech@gmail.com>
Date: Mon, 23 Sep 2019 16:28:23 -0700
Subject: [PATCH 07/65] doc: security maintenance processes

The TSC has responsibility for Node.js security, so avoid fragmentation
of the Node.js maintenance process documentation by adding it to the
other guides.

PR-URL: https://github.com/nodejs/node/pull/29685
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
---
 doc/guides/cve_management_process.md        | 137 ++++++++++++++++++++
 doc/guides/security_announcement_process.md |  61 +++++++++
 doc/guides/security_release_process.md      |  99 ++++++++++++++
 3 files changed, 297 insertions(+)
 create mode 100644 doc/guides/cve_management_process.md
 create mode 100644 doc/guides/security_announcement_process.md
 create mode 100644 doc/guides/security_release_process.md

diff --git a/doc/guides/cve_management_process.md b/doc/guides/cve_management_process.md
new file mode 100644
index 00000000000000..1b1c4e1ec866dc
--- /dev/null
+++ b/doc/guides/cve_management_process.md
@@ -0,0 +1,137 @@
+# Node.js CVE management process
+
+The Node.js project acts as a [Common Vulnerabilities and Exposures (CVE)
+Numbering Authority (CNA)](https://cve.mitre.org/cve/cna.html).
+The current scope is for all actively developed versions of software
+developed under the Node.js project (ie.  https://github.com/nodejs).
+This means that the Node.js team reviews CVE requests and if appropriate
+assigns CVE numbers to vulnerabilities.  The scope currently **does not**
+include third party modules.
+
+More detailed information about the CNA program is available in
+[CNA_Rules_v1.1](https://cve.mitre.org/cve/cna/CNA_Rules_v1.1.pdf).
+
+## Contacts
+
+As part of the CNA program the Node.js team must provide a number
+of contact points.  Email aliases have been setup for these as follows:
+
+* **Public contact points**. Email address to which people will be directed
+  by Mitre when they are asked for a way to contact the Node.js team about
+  CVE-related issues. **cve-request@iojs.org**
+
+* **Private contact points**. Administrative contacts that Mitre can reach out
+   to directly in case there are issues that require immediate attention.
+   **cve-mitre-contact@iojs.org**
+
+* **Email addresses to add to the CNA email discussion list**. This address has
+   been added to a closed mailing list that is used for announcements,
+   sharing documents, or discussion relevant to the CNA community.
+   The list rarely has more than ten messages a week.
+   **cna-discussion-list@iojs.org**
+
+## CNA management processes
+
+### CVE Block management
+
+The CNA program allows the Node.js team to request a block of CVEs in
+advance. These CVEs are managed in a repository within the Node.js
+private organization called
+[cve-management](https://github.com/nodejs-private/cve-management).
+For each year there will be a markdown file titled "cve-management-XXXX"
+where where XXXX is the year (for example 'cve-management-2017.md').
+
+This file will have the following sections:
+
+* Available
+* Pending
+* Announced
+
+When a new block of CVEs is received from Mitre they will be listed under
+the `Available` section.
+
+These CVEs will be moved from the Available to Pending and Announced
+as outlined in the section titled `CVE Management process`.
+
+In addition, when moving a CVE from Available such that there are less
+than two remaining CVEs a new block must be requested as follows:
+
+* Use the Mitre request form https://cveform.mitre.org/ with the
+  option `Request a Block of IDs` to request a new block.
+* The new block will be sent to the requester through email.
+* Once the new block has been received, the requester will add them
+  to the Available list.
+
+All changes to the files for managing CVEs in a given year will
+be done through Pull Requests so that we have a record of how
+the CVEs have been assigned.
+
+CVEs are only valid for a specific year.  At the beginning of each
+year the old CVEs should be removed from the list. A new block
+of CVEs should then be requested using the steps listed above.
+
+### External CVE request process
+
+When a request for a CVE is received via the cve-request@iojs.org
+email alias the following process will be followed (likely updated
+after we get HackerOne up and running).
+
+* Respond to the requester indicating that we have the request
+  and will review soon.
+* Open an issue in the security repo for the request.
+* Review the request.
+  * If a CVE is appropriate then assign the
+    CVE as outline in the section titled
+    [CVE Management process for Node.js vulnerabilities](cve-management-process-for-nodejs-vulnerabilities)
+    and return the CVE number to the requester (along with the request
+    to keep it confidential until the vulnerability is announced)
+  * If a CVE is not appropriate then respond to the requester
+    with the details as to why.
+
+### Quarterly reporting
+
+* There is a requirement for quarterly reports to Mitre on CVE
+  activity.  Not sure of the specific requirements yet.  Will
+  add details on process once we've done the first one.
+
+## CVE Management process for Node.js vulnerabilities
+
+When the Node.js team is going announce a new vulnerability the
+following steps are used to assign, announce and report a CVE.
+
+* Select the next CVE in the block available from the CNA process as
+  outlined in the section above.
+* Move the CVE from the unassigned block, to the Pending section along
+  with a link to the issue in the security repo that is being used
+  to discuss the vulnerability.
+* As part of the
+  [security announcement process](https://github.com/nodejs/security-wg/blob/master/processes/security_annoucement_process.md),
+  in the security issue being used to discuss the
+  vulnerability, associate the CVE to that vulnerability. This is most
+  commonly done by including it in the draft for the announcement that
+  will go out once the associated security releases are available.
+* Once the security announcement goes out:
+  * Use the [Mitre form](https://cveform.mitre.org/) to report the
+    CVE details to Mitre using the `Notify CVE about a publication`. The
+    link to the advisory will be the for the blog announcing that security
+    releases are available. The description should be a subset of the
+    details in that blog.
+
+    Ensure that the contact address entered in the form is
+    `cve-mitre-contact@iojs.org`. Anything else may require slow, manual
+    verification of the identity of the CVE submitter.
+
+    For each CVE listed, the additional data must include the following fields
+    updated with appropriate data for the CVE
+```text
+     [CVEID]: CVE-XXXX-XXXX
+     [PRODUCT]: Node.js
+     [VERSION]: 8.x+, 9.x+, 10.x+
+     [PROBLEMTYPE]: Denial of Service
+     [REFERENCES]: Link to the blog for the final announce
+     [DESCRIPTION]: Description from final announce
+     [ASSIGNINGCNA]: Node.js Foundation
+```
+* Move the CVE from the Pending section to the Announced section along
+  with a link to the Node.js blog post announcing that releases
+  are available.
diff --git a/doc/guides/security_announcement_process.md b/doc/guides/security_announcement_process.md
new file mode 100644
index 00000000000000..86b3a81bf62889
--- /dev/null
+++ b/doc/guides/security_announcement_process.md
@@ -0,0 +1,61 @@
+The Node.js community follows a process to create/review and
+then publish vulnerability announcements. It is most often a 2 step
+process where we:
+
+* announce that releases will be made to fix an embargoed vulnerability
+* announce that the releases with the fixes are available
+
+The process is as follows:
+
+* Security vulnerabilties are initially discussed/reviewed in the private
+  security repository.
+
+* Once we are ready to release an anouncement of an upcoming fix for the
+  the vulnerability, on the issue for the security vulnerability in private
+  security repo, propose candidate text based on past announcements.
+
+* Once reviewed, agree on timing for the releases with the fix and line up
+  releasers to make sure they are available to do the release on that date.
+
+* Post to https://groups.google.com/forum/#!forum/nodejs-sec.
+  **Note** that you will need to have been given access by one of the
+  existing managers (Ben Noordhuis, Rod Vagg, Trevor Norris, Michael Dawson).
+  You will have to manually edit to add formatting and links properly.
+
+* Mirror post in vulnerabilities section of Nodejs.org blog section
+  (https://github.com/nodejs/nodejs.org/tree/master/locale/en/blog/vulnerability)
+  Submit PR and leave 1 hour for review. After one hour even if no reviews,
+  land anyway so that we don't have too big a gap between post to nodejs-sec
+  and blog. Text was already reviewed in security repo so is unlikely to
+  attract much additional comment. **The PR should also update the banner
+  on the Node.js website to indicate security releases are coming with the
+  banner linked to the blog**
+
+* In original PR for the security repository for the issue, post candidate
+  text for updates that will go out with releases that will indicates
+  releases are available and include full vulnerability details.
+
+* Once releases are made, post response to original message in
+  https://groups.google.com/forum/#!forum/nodejs-sec indicating
+  releases are available and with the full vulnerability details.
+
+* Update the blog post in
+  https://github.com/nodejs/nodejs.org/tree/master/locale/en/blog/vulnerability
+  with the information that releases are available and the full
+  vulnerability details. Keep the original blog content at the
+  bottom of the blog. This is an example:
+  https://github.com/nodejs/nodejs.org/blob/master/locale/en/blog/vulnerability/june-2016-security-releases.md.
+  Make sure to update the date in the slug so that it will move to
+  the top of the blog list. **As part of the PR, update the
+  banner on Node.js org to indicate the security release are
+  available.**
+
+  *Note*: If the release blog obviously points to the people having caused the
+  issue (for example when explicitly mentioning reverting a commit), adding
+  those people as a CC on the PR for the blog post to give them a heads up
+  might be appropriate.
+
+* Tweet out a link to the nodejs-sec announcement.
+
+* Email foundation contact to tweet out nodejs-sec announcement from
+  foundation twitter account.
diff --git a/doc/guides/security_release_process.md b/doc/guides/security_release_process.md
new file mode 100644
index 00000000000000..a3db841f51b03c
--- /dev/null
+++ b/doc/guides/security_release_process.md
@@ -0,0 +1,99 @@
+# Security Release Process
+
+The security release process covers the steps required to plan/implement
+a security release.
+
+## Planning
+
+* [ ] Open an issue in the private security repo titled `Next Security Release`
+  and add the planning checklist to the description.
+
+* [ ] Get agreement on the list of vulnerabilities to be addressed.
+
+* [ ] Get agreement on the planned date for the releases.
+
+* [ ] Once agreement on the list and date has been agreed, validate that all
+  vulnerabilities have been assigned a CVE following the
+  [cve_management_process](https://github.com/nodejs/security-wg/blob/master/processes/cve_management_process.md).
+
+* [ ] Co-ordinate with the Release team members to line up one or more releasers
+  to do the releases on the agreed date.
+
+* [ ] Prep for the pre-security announcement and final security annoucement by
+  getting agreement on drafts following the
+  [security_announcement_process](https://github.com/nodejs/security-wg/blob/master/processes/security_annoucement_process.md).
+
+## Announcement (one week in advance of the planned release)
+
+* [ ] Ensure the pre-announce is sent out as outlined in the
+  [security_announcement_process](https://github.com/nodejs/security-wg/blob/master/processes/security_annoucement_process.md).
+
+* [ ] Open an issue in the build working repository with a notification of the
+  date for the security release.  Use this issue to co-ordinate with the build
+  team to ensure there will be coverage/availability of build team resources the
+  day of the release. Those who volunteer from the build WG should be available
+  in node-build during the release in case they are needed by the individual
+  doing the release.
+
+* [ ] Send an email to the docker official image
+  [maintainers](https://github.com/docker-library/official-images/blob/master/MAINTAINERS)
+  with an FYI that security releases will be going out on the agreed date.
+
+* [ ] Open an issue in the [docker-node](https://github.com/nodejs/docker-node)
+  repo and get one or more volunteers to be available to review the PR to update
+  Node.js versions in the docker-node repo immediately after the release.
+
+* [ ] Call on the sec release volunteer(s) to start integrating the PRs, running
+  the CI jobs, and generally prepping the release.
+
+## Release day
+
+* [ ] Co-ordinate with the Release team members and keep up to date on progress.
+  Get an guesstimate of when releases may be ready and send an FYI to the docker
+  offical image
+  [maintainers](https://github.com/docker-library/official-images/blob/master/MAINTAINERS).
+
+* [ ] When the releases are promoted, ensure the final announce goes out as per
+  the
+  [security_announcement_process](https://github.com/nodejs/security-wg/blob/master/processes/security_annoucement_process.md).
+
+* [ ] Create a PR to update the Node.js version in the official docker images.
+  * Checkout the docker-node repo.
+  * Run the update.sh using the `-s` option so that ONLY the Node.js
+    versions are updated. At the request from docker (and because
+    it is good practice) we limit the changes to those necessary in
+    security updates.
+  * Open a PR and get volunteer lined up earlier to approve.
+  * Merge the PR with the merge button.
+  * Checkout the [official-images](https://github.com/docker-library/official-images)
+    repository .
+  * In the docker-node repository run the
+    [generate-stackbrew-library.sh]( https://github.com/nodejs/docker-node/blob/master/generate-stackbrew-library.sh)
+    script and replace official-images/library/node with the output generated.
+```shell
+$ ./generate-stackbrew-library.sh > .../official-images/library/node
+```
+  * Open a PR with the changes to official-images/library/node making sure to
+    @mention the official images.
+    [maintainers](https://github.com/docker-library/official-images/blob/master/MAINTAINERS).
+    In addition, make sure to prefix the PR title with `[security]`.
+  * Send an email to the
+    [maintainers](https://github.com/docker-library/official-images/blob/master/MAINTAINERS)
+    indicating that the PR is open.
+
+* [ ] Ensure that the announced CVEs are reported to Mitre as per the
+  [cve_management_process](https://github.com/nodejs/security-wg/blob/master/processes/cve_management_process.md).
+
+* [ ] Ensure that the announced CVEs are updated in the cve-management
+  repository as per the the
+  [cve_management_process](https://github.com/nodejs/security-wg/blob/master/processes/cve_management_process.md)
+  so that they are listed under Announced.
+
+* [ ] PR machine-readable JSON descriptions of the vulnerabilities to the
+  [core](https://github.com/nodejs/security-wg/tree/master/vuln/core)
+  vulnerability DB.
+
+* [ ] Make sure the PRs for the vulnerabilities are closed.
+
+* [ ] Ensure the issue in the private security repo for the release is closed
+  out.

From 1766cfcb9e3e579d5ca6cdd2aa5ed26021cf8dfd Mon Sep 17 00:00:00 2001
From: Sam Roberts <vieuxtech@gmail.com>
Date: Fri, 13 Sep 2019 08:55:54 -0700
Subject: [PATCH 08/65] deps: upgrade openssl sources to 1.1.1d

This updates all sources in deps/openssl/openssl by:
    $ cd deps/openssl/
    $ rm -rf openssl
    $ tar zxf ~/tmp/openssl-1.1.0h.tar.gz
    $ mv openssl-1.1.0h openssl
    $ git add --all openssl
    $ git commit openssl

PR-URL: https://github.com/nodejs/node/pull/29550
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
---
 deps/openssl/openssl/CHANGES                  |  111 +-
 .../Configurations/00-base-templates.conf     |    4 +-
 .../openssl/Configurations/10-main.conf       |    6 +-
 .../openssl/Configurations/15-ios.conf        |    2 +-
 .../Configurations/50-win-onecore.conf        |    2 +-
 .../openssl/Configurations/common0.tmpl       |    2 +-
 .../openssl/Configurations/unix-Makefile.tmpl |  106 +-
 deps/openssl/openssl/Configure                |    5 +-
 deps/openssl/openssl/INSTALL                  |   29 +-
 deps/openssl/openssl/NEWS                     |   19 +-
 deps/openssl/openssl/NOTES.WIN                |   15 +
 deps/openssl/openssl/README                   |    2 +-
 deps/openssl/openssl/apps/apps.c              |    9 +-
 deps/openssl/openssl/apps/apps.h              |    4 +-
 deps/openssl/openssl/apps/ca.c                |    4 +-
 deps/openssl/openssl/apps/dgst.c              |    4 +-
 deps/openssl/openssl/apps/enc.c               |    2 +-
 deps/openssl/openssl/apps/ocsp.c              |    6 +-
 deps/openssl/openssl/apps/openssl.c           |    3 +-
 deps/openssl/openssl/apps/pkcs12.c            |    2 +-
 deps/openssl/openssl/apps/req.c               |   16 +-
 deps/openssl/openssl/apps/s_apps.h            |   20 +-
 deps/openssl/openssl/apps/s_cb.c              |    3 +-
 deps/openssl/openssl/apps/s_client.c          |    2 +-
 deps/openssl/openssl/apps/speed.c             |    2 +-
 deps/openssl/openssl/apps/storeutl.c          |    4 +-
 deps/openssl/openssl/config                   |    8 +-
 .../openssl/openssl/crypto/aes/asm/aes-586.pl | 3000 ---------------
 .../openssl/crypto/aes/asm/aes-s390x.pl       |    6 +-
 .../openssl/crypto/aes/asm/aes-x86_64.pl      | 2916 ---------------
 .../openssl/crypto/aes/asm/bsaes-x86_64.pl    | 3239 -----------------
 deps/openssl/openssl/crypto/asn1/a_time.c     |   47 +-
 deps/openssl/openssl/crypto/asn1/a_type.c     |   10 +-
 deps/openssl/openssl/crypto/asn1/x_bignum.c   |   19 +-
 deps/openssl/openssl/crypto/bio/b_addr.c      |   26 +-
 deps/openssl/openssl/crypto/bio/bss_dgram.c   |    4 +-
 deps/openssl/openssl/crypto/bio/bss_file.c    |   61 +-
 deps/openssl/openssl/crypto/bio/bss_mem.c     |    4 +-
 deps/openssl/openssl/crypto/bn/asm/mips.pl    |    2 +-
 deps/openssl/openssl/crypto/bn/bn_div.c       |    4 +-
 deps/openssl/openssl/crypto/bn/bn_lcl.h       |    4 +-
 deps/openssl/openssl/crypto/bn/bn_lib.c       |  101 +-
 deps/openssl/openssl/crypto/bn/bn_prime.c     |    8 +-
 deps/openssl/openssl/crypto/bn/bn_rand.c      |    7 +-
 deps/openssl/openssl/crypto/bn/bn_sqrt.c      |    5 +-
 deps/openssl/openssl/crypto/cms/cms_att.c     |  136 +-
 deps/openssl/openssl/crypto/cms/cms_env.c     |   20 +-
 deps/openssl/openssl/crypto/cms/cms_err.c     |    5 +-
 deps/openssl/openssl/crypto/cms/cms_lcl.h     |    9 +-
 deps/openssl/openssl/crypto/cms/cms_sd.c      |   38 +-
 deps/openssl/openssl/crypto/cms/cms_smime.c   |    6 +-
 deps/openssl/openssl/crypto/conf/conf_sap.c   |    2 +-
 deps/openssl/openssl/crypto/ctype.c           |    8 +-
 deps/openssl/openssl/crypto/dh/dh_check.c     |   37 +-
 deps/openssl/openssl/crypto/dh/dh_gen.c       |   52 +-
 deps/openssl/openssl/crypto/dh/dh_key.c       |   13 +-
 deps/openssl/openssl/crypto/dh/dh_lib.c       |    6 +-
 deps/openssl/openssl/crypto/dsa/dsa_ameth.c   |    4 +-
 deps/openssl/openssl/crypto/dsa/dsa_err.c     |    4 +-
 deps/openssl/openssl/crypto/dsa/dsa_ossl.c    |   10 +-
 deps/openssl/openssl/crypto/dso/dso_dlfcn.c   |    5 +-
 .../crypto/ec/asm/ecp_nistz256-sparcv9.pl     |    3 +-
 .../crypto/ec/asm/ecp_nistz256-x86_64.pl      |    2 +-
 .../openssl/crypto/ec/asm/x25519-ppc64.pl     |    6 +-
 deps/openssl/openssl/crypto/ec/ec_asn1.c      |   73 +-
 deps/openssl/openssl/crypto/ec/ec_curve.c     |  114 +-
 deps/openssl/openssl/crypto/ec/ec_lcl.h       |    4 +-
 deps/openssl/openssl/crypto/ec/ec_lib.c       |  103 +-
 deps/openssl/openssl/crypto/ec/ecdh_ossl.c    |    2 +-
 deps/openssl/openssl/crypto/ec/ecdsa_ossl.c   |   16 +-
 deps/openssl/openssl/crypto/ec/ecp_nistp224.c |   62 +-
 deps/openssl/openssl/crypto/ec/ecp_nistp256.c |   63 +-
 deps/openssl/openssl/crypto/ec/ecp_nistp521.c |   65 +-
 .../openssl/openssl/crypto/ec/ecp_nistputil.c |   26 +-
 deps/openssl/openssl/crypto/ec/ecx_meth.c     |    2 +-
 .../openssl/crypto/engine/eng_devcrypto.c     |    2 +-
 .../openssl/crypto/engine/eng_openssl.c       |    8 +-
 deps/openssl/openssl/crypto/err/err.c         |   16 +-
 deps/openssl/openssl/crypto/err/openssl.txt   |   12 +
 deps/openssl/openssl/crypto/evp/bio_ok.c      |    6 +-
 deps/openssl/openssl/crypto/evp/e_aes.c       |   91 +-
 deps/openssl/openssl/crypto/evp/e_aria.c      |   13 +-
 .../openssl/crypto/evp/e_chacha20_poly1305.c  |    7 +-
 deps/openssl/openssl/crypto/evp/e_rc5.c       |    6 +-
 deps/openssl/openssl/crypto/evp/evp_err.c     |   11 +-
 deps/openssl/openssl/crypto/evp/evp_lib.c     |    9 +-
 deps/openssl/openssl/crypto/evp/m_sha3.c      |    5 +-
 .../openssl/crypto/include/internal/bn_conf.h |    1 -
 .../openssl/crypto/include/internal/ctype.h   |    4 +-
 .../crypto/include/internal/dso_conf.h        |    1 -
 .../crypto/include/internal/rand_int.h        |    6 +-
 .../openssl/crypto/include/internal/sm2err.h  |    6 +-
 deps/openssl/openssl/crypto/init.c            |    3 +-
 deps/openssl/openssl/crypto/lhash/lhash.c     |    8 +-
 deps/openssl/openssl/crypto/o_str.c           |    2 +-
 deps/openssl/openssl/crypto/pem/pvkfmt.c      |    5 +-
 deps/openssl/openssl/crypto/pkcs7/pk7_doit.c  |   14 +-
 deps/openssl/openssl/crypto/rand/drbg_lib.c   |   13 +-
 deps/openssl/openssl/crypto/rand/rand_err.c   |    3 +-
 deps/openssl/openssl/crypto/rand/rand_lcl.h   |   46 +-
 deps/openssl/openssl/crypto/rand/rand_lib.c   |  146 +-
 deps/openssl/openssl/crypto/rand/rand_unix.c  |  185 +-
 deps/openssl/openssl/crypto/rand/rand_win.c   |    3 +-
 deps/openssl/openssl/crypto/rsa/rsa_ameth.c   |   13 +
 deps/openssl/openssl/crypto/rsa/rsa_err.c     |    4 +-
 deps/openssl/openssl/crypto/rsa/rsa_gen.c     |    2 +-
 deps/openssl/openssl/crypto/rsa/rsa_lib.c     |   17 +-
 deps/openssl/openssl/crypto/rsa/rsa_ossl.c    |   10 +
 deps/openssl/openssl/crypto/s390xcap.c        |   12 +-
 .../crypto/sha/asm/keccak1600-armv4.pl        |  224 +-
 .../crypto/sha/asm/keccak1600-armv8.pl        |    4 +-
 .../openssl/crypto/sha/asm/sha512-sparcv9.pl  |    4 +-
 deps/openssl/openssl/crypto/sm2/sm2_sign.c    |    6 +-
 .../openssl/crypto/store/loader_file.c        |   18 +-
 deps/openssl/openssl/crypto/store/store_lib.c |    4 +-
 deps/openssl/openssl/crypto/threads_none.c    |   15 +-
 deps/openssl/openssl/crypto/threads_pthread.c |   12 +-
 deps/openssl/openssl/crypto/threads_win.c     |    4 +
 deps/openssl/openssl/crypto/ui/ui_lib.c       |    4 +-
 deps/openssl/openssl/crypto/ui/ui_openssl.c   |    2 +-
 deps/openssl/openssl/crypto/uid.c             |   12 +-
 .../openssl/crypto/whrlpool/wp_block.c        |    3 +-
 deps/openssl/openssl/crypto/x509/by_dir.c     |    6 +-
 deps/openssl/openssl/crypto/x509/t_req.c      |    6 +-
 deps/openssl/openssl/crypto/x509/x509_att.c   |    6 +-
 deps/openssl/openssl/crypto/x509/x509_cmp.c   |   12 +-
 deps/openssl/openssl/crypto/x509/x509_err.c   |    4 +-
 deps/openssl/openssl/crypto/x509/x509_lu.c    |  113 +-
 deps/openssl/openssl/crypto/x509/x509_vfy.c   |   12 +-
 deps/openssl/openssl/crypto/x509v3/v3_alt.c   |   11 +-
 deps/openssl/openssl/crypto/x509v3/v3_purp.c  |   16 +-
 deps/openssl/openssl/demos/bio/descrip.mms    |    2 +-
 deps/openssl/openssl/demos/evp/aesgcm.c       |    4 +-
 .../openssl/doc/HOWTO/proxy_certificates.txt  |    2 +-
 deps/openssl/openssl/doc/man1/engine.pod      |    4 +-
 deps/openssl/openssl/doc/man1/errstr.pod      |    4 +-
 deps/openssl/openssl/doc/man1/pkcs12.pod      |    3 +-
 deps/openssl/openssl/doc/man1/pkeyparam.pod   |    4 +-
 deps/openssl/openssl/doc/man1/s_client.pod    |    2 +-
 deps/openssl/openssl/doc/man1/s_server.pod    |    2 +-
 deps/openssl/openssl/doc/man3/ADMISSIONS.pod  |    4 +-
 .../openssl/doc/man3/ASYNC_start_job.pod      |    4 +-
 deps/openssl/openssl/doc/man3/BIO_connect.pod |    2 +-
 deps/openssl/openssl/doc/man3/BIO_f_ssl.pod   |   38 +-
 .../openssl/doc/man3/BIO_find_type.pod        |    4 +-
 deps/openssl/openssl/doc/man3/BIO_new.pod     |    4 +-
 .../openssl/openssl/doc/man3/BIO_s_accept.pod |    4 +-
 deps/openssl/openssl/doc/man3/BIO_s_bio.pod   |    6 +-
 .../openssl/doc/man3/BIO_s_connect.pod        |    4 +-
 deps/openssl/openssl/doc/man3/BIO_s_fd.pod    |    4 +-
 deps/openssl/openssl/doc/man3/BIO_s_mem.pod   |   48 +-
 .../openssl/doc/man3/BIO_set_callback.pod     |   12 +-
 .../openssl/doc/man3/BN_generate_prime.pod    |   14 +-
 .../doc/man3/BN_mod_mul_montgomery.pod        |    4 +-
 deps/openssl/openssl/doc/man3/BN_new.pod      |    4 +-
 deps/openssl/openssl/doc/man3/CMS_final.pod   |    4 +-
 .../doc/man3/CRYPTO_THREAD_run_once.pod       |    4 +-
 .../openssl/doc/man3/CRYPTO_memcmp.pod        |   39 +
 .../openssl/doc/man3/DES_random_key.pod       |    8 +-
 .../openssl/doc/man3/DSA_generate_key.pod     |    6 +-
 deps/openssl/openssl/doc/man3/DSA_sign.pod    |    9 +-
 .../openssl/doc/man3/ECDSA_SIG_new.pod        |   25 +-
 .../openssl/doc/man3/EVP_DigestInit.pod       |    4 +-
 .../openssl/doc/man3/EVP_DigestSignInit.pod   |   12 +-
 .../openssl/doc/man3/EVP_DigestVerifyInit.pod |   10 +-
 .../doc/man3/EVP_PKEY_CTX_set_hkdf_md.pod     |    4 +-
 .../doc/man3/EVP_PKEY_CTX_set_tls1_prf_md.pod |    4 +-
 .../openssl/doc/man3/EVP_PKEY_decrypt.pod     |    4 +-
 .../openssl/doc/man3/EVP_PKEY_derive.pod      |    4 +-
 .../openssl/doc/man3/EVP_PKEY_encrypt.pod     |    4 +-
 .../openssl/doc/man3/EVP_PKEY_sign.pod        |    4 +-
 .../openssl/doc/man3/EVP_PKEY_verify.pod      |    4 +-
 .../doc/man3/EVP_PKEY_verify_recover.pod      |    4 +-
 .../openssl/openssl/doc/man3/EVP_SealInit.pod |    9 +-
 .../openssl/openssl/doc/man3/EVP_SignInit.pod |    9 +-
 .../openssl/doc/man3/EVP_VerifyInit.pod       |    4 +-
 deps/openssl/openssl/doc/man3/EVP_aria.pod    |    4 +-
 deps/openssl/openssl/doc/man3/EVP_md5.pod     |    4 +-
 .../openssl/doc/man3/EVP_rc5_32_12_16_cbc.pod |   27 +-
 .../openssl/doc/man3/OCSP_REQUEST_new.pod     |    4 +-
 .../openssl/doc/man3/OPENSSL_fork_prepare.pod |    6 +-
 .../openssl/doc/man3/OSSL_STORE_LOADER.pod    |    4 +-
 .../openssl/doc/man3/OSSL_STORE_expect.pod    |    4 +-
 .../openssl/doc/man3/PKCS12_newpass.pod       |    4 +-
 .../doc/man3/RAND_DRBG_set_callbacks.pod      |    2 +-
 .../openssl/doc/man3/RAND_set_rand_method.pod |    9 +-
 .../openssl/doc/man3/RSA_blinding_on.pod      |    5 +-
 .../openssl/doc/man3/RSA_generate_key.pod     |   15 +-
 .../doc/man3/RSA_padding_add_PKCS1_type_1.pod |    7 +-
 .../openssl/doc/man3/RSA_public_encrypt.pod   |    2 +-
 .../doc/man3/RSA_sign_ASN1_OCTET_STRING.pod   |   10 +-
 .../openssl/doc/man3/SSL_CTX_config.pod       |    4 +-
 .../openssl/doc/man3/SSL_CTX_dane_enable.pod  |    4 +-
 .../openssl/doc/man3/SSL_CTX_get0_param.pod   |   16 +-
 deps/openssl/openssl/doc/man3/SSL_CTX_new.pod |   19 +-
 .../doc/man3/SSL_CTX_set_cipher_list.pod      |    4 +-
 .../man3/SSL_CTX_set_generate_session_id.pod  |    4 +-
 .../man3/SSL_CTX_set_session_id_context.pod   |    6 +-
 .../openssl/doc/man3/SSL_CTX_set_verify.pod   |   12 +-
 .../doc/man3/SSL_SESSION_get0_hostname.pod    |    4 +-
 .../openssl/doc/man3/SSL_get_error.pod        |    6 +-
 .../openssl/doc/man3/SSL_library_init.pod     |    4 +-
 .../openssl/doc/man3/SSL_set1_host.pod        |    4 +-
 deps/openssl/openssl/doc/man3/SSL_write.pod   |    2 +-
 .../doc/man3/X509_STORE_CTX_get_error.pod     |   10 +-
 .../doc/man3/X509_STORE_CTX_set_verify_cb.pod |    4 +-
 .../openssl/doc/man3/X509_STORE_add_cert.pod  |    6 +-
 .../openssl/doc/man3/X509_STORE_new.pod       |    4 +-
 .../doc/man3/X509_VERIFY_PARAM_set_flags.pod  |    4 +-
 deps/openssl/openssl/doc/man3/X509_cmp.pod    |   80 +
 .../doc/man3/X509_get_extension_flags.pod     |   14 +-
 deps/openssl/openssl/doc/man3/d2i_X509.pod    |   20 +-
 .../openssl/doc/man5/x509v3_config.pod        |    5 +-
 deps/openssl/openssl/doc/man7/Ed25519.pod     |    4 +-
 deps/openssl/openssl/doc/man7/RAND.pod        |    8 +-
 deps/openssl/openssl/doc/man7/SM2.pod         |    4 +-
 deps/openssl/openssl/doc/man7/X25519.pod      |    4 +-
 deps/openssl/openssl/doc/man7/bio.pod         |    4 +-
 deps/openssl/openssl/doc/man7/scrypt.pod      |    4 +-
 deps/openssl/openssl/e_os.h                   |   30 +-
 deps/openssl/openssl/engines/build.info       |   15 +-
 deps/openssl/openssl/engines/e_afalg.c        |   16 +-
 .../include/internal/constant_time_locl.h     |   64 +-
 .../openssl/include/internal/cryptlib.h       |    1 +
 .../openssl/openssl/include/internal/dsoerr.h |    4 +-
 .../openssl/include/internal/refcount.h       |    2 +-
 .../openssl/include/internal/thread_once.h    |    2 +-
 .../openssl/include/internal/tsan_assist.h    |    2 +-
 .../openssl/openssl/include/openssl/asn1err.h |    6 +-
 .../openssl/include/openssl/asyncerr.h        |    6 +-
 deps/openssl/openssl/include/openssl/bio.h    |    6 +-
 deps/openssl/openssl/include/openssl/bioerr.h |    6 +-
 deps/openssl/openssl/include/openssl/bnerr.h  |    6 +-
 .../openssl/include/openssl/buffererr.h       |    6 +-
 deps/openssl/openssl/include/openssl/cms.h    |    5 +-
 deps/openssl/openssl/include/openssl/cmserr.h |    8 +-
 .../openssl/openssl/include/openssl/comperr.h |    6 +-
 .../openssl/openssl/include/openssl/conferr.h |    6 +-
 .../openssl/include/openssl/cryptoerr.h       |    9 +-
 deps/openssl/openssl/include/openssl/cterr.h  |    6 +-
 deps/openssl/openssl/include/openssl/dherr.h  |    6 +-
 deps/openssl/openssl/include/openssl/dsaerr.h |    7 +-
 deps/openssl/openssl/include/openssl/ec.h     |    7 +-
 deps/openssl/openssl/include/openssl/ecerr.h  |    4 +
 .../openssl/include/openssl/engineerr.h       |    6 +-
 deps/openssl/openssl/include/openssl/evp.h    |    4 +
 deps/openssl/openssl/include/openssl/evperr.h |   12 +-
 deps/openssl/openssl/include/openssl/kdferr.h |    6 +-
 .../openssl/include/openssl/objectserr.h      |    6 +-
 .../openssl/openssl/include/openssl/ocsperr.h |    6 +-
 .../openssl/include/openssl/opensslconf.h     |    1 -
 .../openssl/include/openssl/opensslv.h        |    4 +-
 deps/openssl/openssl/include/openssl/pemerr.h |    6 +-
 .../openssl/include/openssl/pkcs12err.h       |    6 +-
 .../openssl/include/openssl/pkcs7err.h        |    6 +-
 .../openssl/openssl/include/openssl/randerr.h |    5 +-
 deps/openssl/openssl/include/openssl/rsaerr.h |    7 +-
 deps/openssl/openssl/include/openssl/ssl.h    |   60 +-
 deps/openssl/openssl/include/openssl/sslerr.h |    4 +
 deps/openssl/openssl/include/openssl/store.h  |    6 +-
 .../openssl/include/openssl/storeerr.h        |    6 +-
 deps/openssl/openssl/include/openssl/tls1.h   |    4 +-
 deps/openssl/openssl/include/openssl/tserr.h  |    6 +-
 deps/openssl/openssl/include/openssl/uierr.h  |    6 +-
 .../openssl/openssl/include/openssl/x509err.h |    7 +-
 deps/openssl/openssl/include/openssl/x509v3.h |    2 +
 .../openssl/include/openssl/x509v3err.h       |    6 +-
 deps/openssl/openssl/ssl/d1_msg.c             |    5 +-
 .../openssl/openssl/ssl/record/rec_layer_s3.c |   12 +-
 deps/openssl/openssl/ssl/s3_lib.c             |   14 +-
 deps/openssl/openssl/ssl/ssl_cert.c           |    5 +-
 deps/openssl/openssl/ssl/ssl_ciph.c           |   13 +-
 deps/openssl/openssl/ssl/ssl_lib.c            |   20 +-
 deps/openssl/openssl/ssl/ssl_locl.h           |   37 +-
 deps/openssl/openssl/ssl/ssl_sess.c           |   39 +-
 deps/openssl/openssl/ssl/statem/extensions.c  |   21 +-
 .../openssl/ssl/statem/extensions_clnt.c      |   16 +-
 .../openssl/ssl/statem/extensions_srvr.c      |   20 +-
 deps/openssl/openssl/ssl/statem/statem_clnt.c |    6 -
 deps/openssl/openssl/ssl/statem/statem_lib.c  |   19 +-
 deps/openssl/openssl/ssl/statem/statem_srvr.c |   54 +-
 deps/openssl/openssl/ssl/t1_lib.c             |  275 +-
 deps/openssl/openssl/ssl/tls13_enc.c          |   53 +-
 deps/openssl/openssl/test/bntest.c            |   47 +-
 deps/openssl/openssl/test/build.info          |    3 +-
 deps/openssl/openssl/test/certs/mkcert.sh     |   31 +-
 .../test/certs/server-pss-restrict-cert.pem   |   21 +
 .../test/certs/server-pss-restrict-key.pem    |   29 +
 deps/openssl/openssl/test/certs/setup.sh      |    6 +
 deps/openssl/openssl/test/ct_test.c           |   23 +-
 deps/openssl/openssl/test/dhtest.c            |   77 +-
 deps/openssl/openssl/test/dtlstest.c          |    2 +-
 deps/openssl/openssl/test/ectest.c            |  444 ++-
 deps/openssl/openssl/test/enginetest.c        |   19 +-
 deps/openssl/openssl/test/evp_extra_test.c    |    2 +-
 deps/openssl/openssl/test/evp_test.c          |   34 +-
 .../test/recipes/30-test_evp_data/evpciph.txt |   11 +
 .../test/recipes/70-test_sslmessages.t        |   27 +-
 .../test/recipes/70-test_tls13kexmodes.t      |   38 +-
 .../test/recipes/70-test_tls13messages.t      |   91 +-
 .../openssl/test/recipes/80-test_cms.t        |   69 +-
 .../80-test_cms_data/bad_signtime_attr.cms    |  Bin 0 -> 1524 bytes
 .../80-test_cms_data/ct_multiple_attr.cms     |  Bin 0 -> 1549 bytes
 .../recipes/80-test_cms_data/no_ct_attr.cms   |  Bin 0 -> 1496 bytes
 .../recipes/80-test_cms_data/no_md_attr.cms   |  Bin 0 -> 1473 bytes
 .../openssl/test/recipes/90-test_sslapi.t     |    7 +-
 .../test/ssl-tests/20-cert-select.conf        |  660 ++--
 .../test/ssl-tests/20-cert-select.conf.in     |   66 +
 deps/openssl/openssl/test/sslapitest.c        |  345 +-
 deps/openssl/openssl/test/ssltestlib.c        |   98 +-
 deps/openssl/openssl/test/ssltestlib.h        |    3 +
 deps/openssl/openssl/test/testutil.h          |   13 +-
 deps/openssl/openssl/test/testutil/driver.c   |   26 +-
 deps/openssl/openssl/test/testutil/random.c   |   40 +
 deps/openssl/openssl/util/find-doc-nits       |   28 +-
 deps/openssl/openssl/util/libcrypto.num       |    2 +
 deps/openssl/openssl/util/mkdef.pl            |    4 +-
 deps/openssl/openssl/util/mkerr.pl            |    8 +-
 .../openssl/openssl/util/perl/OpenSSL/Test.pm |   11 +-
 .../util/perl/TLSProxy/CertificateRequest.pm  |  105 +
 .../openssl/util/perl/TLSProxy/Message.pm     |   14 +
 .../openssl/util/perl/TLSProxy/Proxy.pm       |    1 +
 .../openssl/util/perl/checkhandshake.pm       |   20 +-
 323 files changed, 5179 insertions(+), 10941 deletions(-)
 delete mode 100755 deps/openssl/openssl/crypto/aes/asm/aes-586.pl
 delete mode 100755 deps/openssl/openssl/crypto/aes/asm/aes-x86_64.pl
 delete mode 100644 deps/openssl/openssl/crypto/aes/asm/bsaes-x86_64.pl
 delete mode 100644 deps/openssl/openssl/crypto/include/internal/bn_conf.h
 delete mode 100644 deps/openssl/openssl/crypto/include/internal/dso_conf.h
 create mode 100644 deps/openssl/openssl/doc/man3/CRYPTO_memcmp.pod
 create mode 100644 deps/openssl/openssl/doc/man3/X509_cmp.pod
 delete mode 100644 deps/openssl/openssl/include/openssl/opensslconf.h
 create mode 100644 deps/openssl/openssl/test/certs/server-pss-restrict-cert.pem
 create mode 100644 deps/openssl/openssl/test/certs/server-pss-restrict-key.pem
 create mode 100644 deps/openssl/openssl/test/recipes/80-test_cms_data/bad_signtime_attr.cms
 create mode 100644 deps/openssl/openssl/test/recipes/80-test_cms_data/ct_multiple_attr.cms
 create mode 100644 deps/openssl/openssl/test/recipes/80-test_cms_data/no_ct_attr.cms
 create mode 100644 deps/openssl/openssl/test/recipes/80-test_cms_data/no_md_attr.cms
 create mode 100644 deps/openssl/openssl/test/testutil/random.c
 create mode 100644 deps/openssl/openssl/util/perl/TLSProxy/CertificateRequest.pm

diff --git a/deps/openssl/openssl/CHANGES b/deps/openssl/openssl/CHANGES
index c8662c392a7ff9..c6ca3439480e94 100644
--- a/deps/openssl/openssl/CHANGES
+++ b/deps/openssl/openssl/CHANGES
@@ -7,6 +7,101 @@
  https://github.com/openssl/openssl/commits/ and pick the appropriate
  release branch.
 
+ Changes between 1.1.1c and 1.1.1d [10 Sep 2019]
+
+  *) Fixed a fork protection issue. OpenSSL 1.1.1 introduced a rewritten random
+     number generator (RNG). This was intended to include protection in the
+     event of a fork() system call in order to ensure that the parent and child
+     processes did not share the same RNG state. However this protection was not
+     being used in the default case.
+
+     A partial mitigation for this issue is that the output from a high
+     precision timer is mixed into the RNG state so the likelihood of a parent
+     and child process sharing state is significantly reduced.
+
+     If an application already calls OPENSSL_init_crypto() explicitly using
+     OPENSSL_INIT_ATFORK then this problem does not occur at all.
+     (CVE-2019-1549)
+     [Matthias St. Pierre]
+
+  *) For built-in EC curves, ensure an EC_GROUP built from the curve name is
+     used even when parsing explicit parameters, when loading a serialized key
+     or calling `EC_GROUP_new_from_ecpkparameters()`/
+     `EC_GROUP_new_from_ecparameters()`.
+     This prevents bypass of security hardening and performance gains,
+     especially for curves with specialized EC_METHODs.
+     By default, if a key encoded with explicit parameters is loaded and later
+     serialized, the output is still encoded with explicit parameters, even if
+     internally a "named" EC_GROUP is used for computation.
+     [Nicola Tuveri]
+
+  *) Compute ECC cofactors if not provided during EC_GROUP construction. Before
+     this change, EC_GROUP_set_generator would accept order and/or cofactor as
+     NULL. After this change, only the cofactor parameter can be NULL. It also
+     does some minimal sanity checks on the passed order.
+     (CVE-2019-1547)
+     [Billy Bob Brumley]
+
+  *) Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey.
+     An attack is simple, if the first CMS_recipientInfo is valid but the
+     second CMS_recipientInfo is chosen ciphertext. If the second
+     recipientInfo decodes to PKCS #1 v1.5 form plaintext, the correct
+     encryption key will be replaced by garbage, and the message cannot be
+     decoded, but if the RSA decryption fails, the correct encryption key is
+     used and the recipient will not notice the attack.
+     As a work around for this potential attack the length of the decrypted
+     key must be equal to the cipher default key length, in case the
+     certifiate is not given and all recipientInfo are tried out.
+     The old behaviour can be re-enabled in the CMS code by setting the
+     CMS_DEBUG_DECRYPT flag.
+     (CVE-2019-1563)
+     [Bernd Edlinger]
+
+  *) Early start up entropy quality from the DEVRANDOM seed source has been
+     improved for older Linux systems.  The RAND subsystem will wait for
+     /dev/random to be producing output before seeding from /dev/urandom.
+     The seeded state is stored for future library initialisations using
+     a system global shared memory segment.  The shared memory identifier
+     can be configured by defining OPENSSL_RAND_SEED_DEVRANDOM_SHM_ID to
+     the desired value.  The default identifier is 114.
+     [Paul Dale]
+
+  *) Correct the extended master secret constant on EBCDIC systems. Without this
+     fix TLS connections between an EBCDIC system and a non-EBCDIC system that
+     negotiate EMS will fail. Unfortunately this also means that TLS connections
+     between EBCDIC systems with this fix, and EBCDIC systems without this
+     fix will fail if they negotiate EMS.
+     [Matt Caswell]
+
+  *) Use Windows installation paths in the mingw builds
+
+     Mingw isn't a POSIX environment per se, which means that Windows
+     paths should be used for installation.
+     (CVE-2019-1552)
+     [Richard Levitte]
+
+  *) Changed DH_check to accept parameters with order q and 2q subgroups.
+     With order 2q subgroups the bit 0 of the private key is not secret
+     but DH_generate_key works around that by clearing bit 0 of the
+     private key for those. This avoids leaking bit 0 of the private key.
+     [Bernd Edlinger]
+
+  *) Significantly reduce secure memory usage by the randomness pools.
+     [Paul Dale]
+
+  *) Revert the DEVRANDOM_WAIT feature for Linux systems
+
+     The DEVRANDOM_WAIT feature added a select() call to wait for the
+     /dev/random device to become readable before reading from the
+     /dev/urandom device.
+
+     It turned out that this change had negative side effects on
+     performance which were not acceptable. After some discussion it
+     was decided to revert this feature and leave it up to the OS
+     resp. the platform maintainer to ensure a proper initialization
+     during early boot time.
+     [Matthias St. Pierre]
+
  Changes between 1.1.1b and 1.1.1c [28 May 2019]
 
   *) Add build tests for C++.  These are generated files that only do one
@@ -75,6 +170,16 @@
      (CVE-2019-1543)
      [Matt Caswell]
 
+  *) Add DEVRANDOM_WAIT feature for Linux systems
+
+     On older Linux systems where the getrandom() system call is not available,
+     OpenSSL normally uses the /dev/urandom device for seeding its CSPRNG.
+     Contrary to getrandom(), the /dev/urandom device will not block during
+     early boot when the kernel CSPRNG has not been seeded yet.
+
+     To mitigate this known weakness, use select() to wait for /dev/random to
+     become readable before reading from /dev/urandom.
+
   *) Ensure that SM2 only uses SM3 as digest algorithm
      [Paul Yang]
 
@@ -322,7 +427,7 @@
         SSL_set_ciphersuites()
      [Matt Caswell]
 
-  *) Memory allocation failures consistenly add an error to the error
+  *) Memory allocation failures consistently add an error to the error
      stack.
      [Rich Salz]
 
@@ -6860,7 +6965,7 @@
      reason texts, thereby removing some of the footprint that may not
      be interesting if those errors aren't displayed anyway.
 
-     NOTE: it's still possible for any application or module to have it's
+     NOTE: it's still possible for any application or module to have its
      own set of error texts inserted.  The routines are there, just not
      used by default when no-err is given.
      [Richard Levitte]
@@ -8826,7 +8931,7 @@ des-cbc           3624.96k     5258.21k     5530.91k     5624.30k     5628.26k
  Changes between 0.9.6g and 0.9.6h  [5 Dec 2002]
 
   *) New function OPENSSL_cleanse(), which is used to cleanse a section of
-     memory from it's contents.  This is done with a counter that will
+     memory from its contents.  This is done with a counter that will
      place alternating values in each byte.  This can be used to solve
      two issues: 1) the removal of calls to memset() by highly optimizing
      compilers, and 2) cleansing with other values than 0, since those can
diff --git a/deps/openssl/openssl/Configurations/00-base-templates.conf b/deps/openssl/openssl/Configurations/00-base-templates.conf
index 5fd995cb3392eb..e01dc63a8bf408 100644
--- a/deps/openssl/openssl/Configurations/00-base-templates.conf
+++ b/deps/openssl/openssl/Configurations/00-base-templates.conf
@@ -198,7 +198,7 @@ my %targets=(
 	bn_asm_src	=> "bn-586.s co-586.s x86-mont.s x86-gf2m.s",
 	ec_asm_src	=> "ecp_nistz256.c ecp_nistz256-x86.s",
 	des_asm_src	=> "des-586.s crypt586.s",
-	aes_asm_src	=> "aes-586.s vpaes-x86.s aesni-x86.s",
+	aes_asm_src	=> "aes_core.c aes_cbc.c vpaes-x86.s aesni-x86.s",
 	bf_asm_src	=> "bf-586.s",
 	md5_asm_src	=> "md5-586.s",
 	cast_asm_src	=> "cast-586.s",
@@ -223,7 +223,7 @@ my %targets=(
 	cpuid_asm_src   => "x86_64cpuid.s",
 	bn_asm_src      => "asm/x86_64-gcc.c x86_64-mont.s x86_64-mont5.s x86_64-gf2m.s rsaz_exp.c rsaz-x86_64.s rsaz-avx2.s",
 	ec_asm_src      => "ecp_nistz256.c ecp_nistz256-x86_64.s x25519-x86_64.s",
-	aes_asm_src     => "aes-x86_64.s vpaes-x86_64.s bsaes-x86_64.s aesni-x86_64.s aesni-sha1-x86_64.s aesni-sha256-x86_64.s aesni-mb-x86_64.s",
+	aes_asm_src     => "aes_core.c aes_cbc.c vpaes-x86_64.s aesni-x86_64.s aesni-sha1-x86_64.s aesni-sha256-x86_64.s aesni-mb-x86_64.s",
 	md5_asm_src     => "md5-x86_64.s",
 	sha1_asm_src    => "sha1-x86_64.s sha256-x86_64.s sha512-x86_64.s sha1-mb-x86_64.s sha256-mb-x86_64.s",
 	rc4_asm_src     => "rc4-x86_64.s rc4-md5-x86_64.s",
diff --git a/deps/openssl/openssl/Configurations/10-main.conf b/deps/openssl/openssl/Configurations/10-main.conf
index 930f2d3c920d7f..3c4299d2640488 100644
--- a/deps/openssl/openssl/Configurations/10-main.conf
+++ b/deps/openssl/openssl/Configurations/10-main.conf
@@ -1111,7 +1111,7 @@ my %targets = (
         thread_scheme    => "pthreads",
         dso_scheme       => "dlfcn",
         shared_target    => "self",
-        module_ldflags   => "-Wl,-G,-bsymbolic,-bexpall",
+        module_ldflags   => "-Wl,-G,-bsymbolic,-bnoentry",
         shared_ldflag    => "-Wl,-G,-bsymbolic,-bnoentry",
         shared_defflag   => "-Wl,-bE:",
         shared_extension => ".so.\$(SHLIB_VERSION_NUMBER)",
@@ -1397,6 +1397,10 @@ my %targets = (
         shared_extension => ".dll",
         multilib         => "",
         apps_aux_src     => add("win32_init.c"),
+        # "WOW" stands for "Windows on Windows", and that word engages
+        # some installation path heuristics in unix-Makefile.tmpl...
+        build_scheme     => add("WOW", { separator => undef }),
+
     },
     "mingw64" => {
         # As for OPENSSL_USE_APPLINK. Applink makes it possible to use
diff --git a/deps/openssl/openssl/Configurations/15-ios.conf b/deps/openssl/openssl/Configurations/15-ios.conf
index 1bb9f48d065052..f404077fda0370 100644
--- a/deps/openssl/openssl/Configurations/15-ios.conf
+++ b/deps/openssl/openssl/Configurations/15-ios.conf
@@ -1,6 +1,6 @@
 #### iPhoneOS/iOS
 #
-# It takes recent enough XCode to use following two targets. It shouldn't
+# It takes recent enough Xcode to use following two targets. It shouldn't
 # be a problem by now, but if they don't work, original targets below
 # that depend on manual definition of environment variables should still
 # work...
diff --git a/deps/openssl/openssl/Configurations/50-win-onecore.conf b/deps/openssl/openssl/Configurations/50-win-onecore.conf
index 51cb3819cb9907..d478f42b0f8d2b 100644
--- a/deps/openssl/openssl/Configurations/50-win-onecore.conf
+++ b/deps/openssl/openssl/Configurations/50-win-onecore.conf
@@ -1,6 +1,6 @@
 # Windows OneCore targets.
 #
-# OneCore is new API stability "contract" that transends Desktop, IoT and
+# OneCore is new API stability "contract" that transcends Desktop, IoT and
 # Mobile[?] Windows editions. It's a set up "umbrella" libraries that
 # export subset of Win32 API that are common to all Windows 10 devices.
 #
diff --git a/deps/openssl/openssl/Configurations/common0.tmpl b/deps/openssl/openssl/Configurations/common0.tmpl
index 03acb3e0b35bd9..852b1fb3e8a03c 100644
--- a/deps/openssl/openssl/Configurations/common0.tmpl
+++ b/deps/openssl/openssl/Configurations/common0.tmpl
@@ -22,7 +22,7 @@
  our @generated =
      sort ( ( grep { defined $unified_info{generate}->{$_} }
               sort keys %generatables ),
-            # Scripts are assumed to be generated, so add thhem too
+            # Scripts are assumed to be generated, so add them too
             ( grep { defined $unified_info{sources}->{$_} }
               @{$unified_info{scripts}} ) );
 
diff --git a/deps/openssl/openssl/Configurations/unix-Makefile.tmpl b/deps/openssl/openssl/Configurations/unix-Makefile.tmpl
index 1292053546f5f6..7db7578a4b64ab 100644
--- a/deps/openssl/openssl/Configurations/unix-Makefile.tmpl
+++ b/deps/openssl/openssl/Configurations/unix-Makefile.tmpl
@@ -14,6 +14,26 @@
      our $dsoext = $target{dso_extension} || ".so";
      our $makedepprog = $disabled{makedepend} ? undef : $config{makedepprog};
 
+     # $mingw_installroot and $mingw_commonroot is relevant for mingw only.
+     my $build_scheme = $target{build_scheme};
+     my $install_flavour = $build_scheme->[$#$build_scheme]; # last element
+     my $mingw_installenv = $install_flavour eq "WOW" ? "ProgramFiles(x86)"
+                                                      : "ProgramW6432";
+     my $mingw_commonenv = $install_flavour eq "WOW" ? "CommonProgramFiles(x86)"
+                                                     : "CommonProgramW6432";
+     our $mingw_installroot =
+         defined($ENV{$mingw_installenv}) ? $mingw_installenv : 'ProgramFiles';
+     our $mingw_commonroot =
+         defined($ENV{$mingw_commonenv}) ? $mingw_commonenv : 'CommonProgramFiles';
+     my $mingw_installdflt =
+         $install_flavour eq "WOW" ? "C:/Program Files (x86)"
+                                   : "C:/Program Files";
+     my $mingw_commondflt = "$mingw_installdflt/Common Files";
+
+     # expand variables early
+     $mingw_installroot = $ENV{$mingw_installroot} // $mingw_installdflt;
+     $mingw_commonroot = $ENV{$mingw_commonroot} // $mingw_commondflt;
+
      sub windowsdll { $config{target} =~ /^(?:Cygwin|mingw)/ }
 
      # Shared AIX support is special. We put libcrypto[64].so.ver into
@@ -132,6 +152,7 @@ APPS_OPENSSL={- use File::Spec::Functions;
 # Normally it is left empty.
 DESTDIR=
 
+{- output_off() if $config{target} =~ /^mingw/; "" -}
 # Do not edit these manually. Use Configure with --prefix or --openssldir
 # to change this!  Short explanation in the top comment in Configure
 INSTALLTOP={- # $prefix is used in the OPENSSLDIR perl snippet
@@ -175,6 +196,83 @@ ENGINESDIR=$(libdir)/engines-{- $sover_dirname -}
 # Convenience variable for those who want to set the rpath in shared
 # libraries and applications
 LIBRPATH=$(libdir)
+{- output_on() if $config{target} =~ /^mingw/;
+   output_off() if $config{target} !~ /^mingw/;
+   "" -}
+# Do not edit these manually. Use Configure with --prefix or --openssldir
+# to change this!  Short explanation in the top comment in Configure
+INSTALLTOP_dev={- # $prefix is used in the OPENSSLDIR perl snippet
+                  #
+                  use File::Spec::Win32;
+                  my $prefix_default = "$mingw_installroot/OpenSSL";
+                  our $prefix =
+                      File::Spec::Win32->canonpath($config{prefix}
+                                                  || $prefix_default);
+                  our ($prefix_dev, $prefix_dir, $prefix_file) =
+                      File::Spec::Win32->splitpath($prefix, 1);
+                  $prefix =~ s|\\|/|g;
+                  $prefix_dir =~ s|\\|/|g;
+                  $prefix_dev -}
+INSTALLTOP_dir={- my $x = File::Spec::Win32->canonpath($prefix_dir);
+                  $x =~ s|\\|/|g;
+                  $x -}
+OPENSSLDIR_dev={- #
+                  # The logic here is that if no --openssldir was given,
+                  # OPENSSLDIR will get the value "$mingw_commonroot/SSL".
+                  # If --openssldir was given and the value is an absolute
+                  # path, OPENSSLDIR will get its value without change.
+                  # If the value from --openssldir is a relative path,
+                  # OPENSSLDIR will get $prefix with the --openssldir
+                  # value appended as a subdirectory.
+                  #
+                  use File::Spec::Win32;
+                  our $openssldir =
+                      $config{openssldir} ?
+                          (File::Spec::Win32->file_name_is_absolute($config{openssldir}) ?
+                               File::Spec::Win32->canonpath($config{openssldir})
+                               : File::Spec::Win32->catdir($prefix, $config{openssldir}))
+                          : File::Spec::Win32->canonpath("$mingw_commonroot/SSL");
+                  our ($openssldir_dev, $openssldir_dir, $openssldir_file) =
+                      File::Spec::Win32->splitpath($openssldir, 1);
+                  $openssldir =~ s|\\|/|g;
+                  $openssldir_dir =~ s|\\|/|g;
+                  $openssldir_dev -}
+OPENSSLDIR_dir={- my $x = File::Spec::Win32->canonpath($openssldir_dir);
+                  $x =~ s|\\|/|g;
+                  $x -}
+LIBDIR={- our $libdir = $config{libdir} || "lib";
+          File::Spec::Win32->file_name_is_absolute($libdir) ? "" : $libdir -}
+ENGINESDIR_dev={- use File::Spec::Win32;
+                  our $enginesdir =
+                      File::Spec::Win32->catdir($prefix,$libdir,
+                                                "engines-$sover_dirname");
+                  our ($enginesdir_dev, $enginesdir_dir, $enginesdir_file) =
+                      File::Spec::Win32->splitpath($enginesdir, 1);
+                  $enginesdir =~ s|\\|/|g;
+                  $enginesdir_dir =~ s|\\|/|g;
+                  $enginesdir_dev -}
+ENGINESDIR_dir={- my $x = File::Spec::Win32->canonpath($enginesdir_dir);
+                  $x =~ s|\\|/|g;
+                  $x -}
+# In a Windows environment, $(DESTDIR) is harder to contatenate with other
+# directory variables, because both may contain devices.  What we do here is
+# to adapt INSTALLTOP, OPENSSLDIR and ENGINESDIR depending on if $(DESTDIR)
+# has a value or not, to ensure that concatenation will always work further
+# down.
+ifneq "$(DESTDIR)" ""
+INSTALLTOP=$(INSTALLTOP_dir)
+OPENSSLDIR=$(OPENSSLDIR_dir)
+ENGINESDIR=$(ENGINESDIR_dir)
+else
+INSTALLTOP=$(INSTALLTOP_dev)$(INSTALLTOP_dir)
+OPENSSLDIR=$(OPENSSLDIR_dev)$(OPENSSLDIR_dir)
+ENGINESDIR=$(ENGINESDIR_dev)$(ENGINESDIR_dir)
+endif
+
+# $(libdir) is chosen to be compatible with the GNU coding standards
+libdir={- File::Spec::Win32->file_name_is_absolute($libdir)
+          ? $libdir : '$(INSTALLTOP)/$(LIBDIR)' -}
+{- output_on() if $config{target} !~ /^mingw/; "" -}
 
 MANDIR=$(INSTALLTOP)/share/man
 DOCDIR=$(INSTALLTOP)/share/doc/$(BASENAME)
@@ -418,13 +516,13 @@ libclean:
 clean: libclean
 	$(RM) $(PROGRAMS) $(TESTPROGS) $(ENGINES) $(SCRIPTS)
 	$(RM) $(GENERATED_MANDATORY) $(GENERATED)
-	-$(RM) `find . -name .git -prune -o -name '*{- $depext -}' -print`
-	-$(RM) `find . -name .git -prune -o -name '*{- $objext -}' -print`
+	-$(RM) `find . -name '*{- $depext -}' \! -name '.*' -print`
+	-$(RM) `find . -name '*{- $objext -}' \! -name '.*' -print`
 	$(RM) core
 	$(RM) tags TAGS doc-nits
 	$(RM) -r test/test-runs
 	$(RM) openssl.pc libcrypto.pc libssl.pc
-	-$(RM) `find . -name .git -prune -o -type l -print`
+	-$(RM) `find . -type l \! -name '.*' -print`
 	$(RM) $(TARFILE)
 
 distclean: clean
@@ -449,7 +547,7 @@ uninstall_sw: uninstall_runtime uninstall_engines uninstall_dev
 install_docs: install_man_docs install_html_docs
 
 uninstall_docs: uninstall_man_docs uninstall_html_docs
-	$(RM) -r -v $(DESTDIR)$(DOCDIR)
+	$(RM) -r $(DESTDIR)$(DOCDIR)
 
 install_ssldirs:
 	@$(PERL) $(SRCDIR)/util/mkdir-p.pl $(DESTDIR)$(OPENSSLDIR)/certs
diff --git a/deps/openssl/openssl/Configure b/deps/openssl/openssl/Configure
index 254b04c95d95d9..5a699836f32a09 100755
--- a/deps/openssl/openssl/Configure
+++ b/deps/openssl/openssl/Configure
@@ -87,9 +87,6 @@ my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [-Dxxx] [-lx
 #               linked openssl executable has rather debugging value than
 #               production quality.
 #
-# DEBUG_SAFESTACK use type-safe stacks to enforce type-safety on stack items
-#               provided to stack calls. Generates unique stack functions for
-#               each possible stack type.
 # BN_LLONG      use the type 'long long' in crypto/bn/bn.h
 # RC4_CHAR      use 'char' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
 # Following are set automatically by this script
@@ -145,13 +142,13 @@ my @gcc_devteam_warn = qw(
 #       -Wunused-macros -- no, too tricky for BN and _XOPEN_SOURCE etc
 #       -Wextended-offsetof -- no, needed in CMS ASN1 code
 my @clang_devteam_warn = qw(
+    -Wno-unknown-warning-option
     -Wswitch-default
     -Wno-parentheses-equality
     -Wno-language-extension-token
     -Wno-extended-offsetof
     -Wconditional-uninitialized
     -Wincompatible-pointer-types-discards-qualifiers
-    -Wno-unknown-warning-option
     -Wmissing-variable-declarations
 );
 
diff --git a/deps/openssl/openssl/INSTALL b/deps/openssl/openssl/INSTALL
index 0b6a3fd1ec399a..2119cbae9e597d 100644
--- a/deps/openssl/openssl/INSTALL
+++ b/deps/openssl/openssl/INSTALL
@@ -98,6 +98,9 @@
     $ nmake test
     $ nmake install
 
+ Note that in order to perform the install step above you need to have
+ appropriate permissions to write to the installation directory.
+
  If any of these steps fails, see section Installation in Detail below.
 
  This will build and install OpenSSL in the default location, which is:
@@ -107,6 +110,12 @@
            OpenSSL version number with underscores instead of periods.
   Windows: C:\Program Files\OpenSSL or C:\Program Files (x86)\OpenSSL
 
+ The installation directory should be appropriately protected to ensure
+ unprivileged users cannot make changes to OpenSSL binaries or files, or install
+ engines. If you already have a pre-installed version of OpenSSL as part of
+ your Operating System it is recommended that you do not overwrite the system
+ version and instead install to somewhere else.
+
  If you want to install it anywhere else, run config like this:
 
   On Unix:
@@ -135,7 +144,10 @@
                    Don't build with support for deprecated APIs below the
                    specified version number. For example "--api=1.1.0" will
                    remove support for all APIS that were deprecated in OpenSSL
-                   version 1.1.0 or below.
+                   version 1.1.0 or below. This is a rather specialized option
+                   for developers. If you just intend to remove all deprecated
+                   APIs entirely (up to the current version), it is easier
+                   to add the 'no-deprecated' option instead (see below).
 
   --cross-compile-prefix=PREFIX
                    The PREFIX to include in front of commands for your
@@ -229,7 +241,7 @@
                                source exists.
                    getrandom:  Use the L<getrandom(2)> or equivalent system
                                call.
-                   devrandom:  Use the the first device from the DEVRANDOM list
+                   devrandom:  Use the first device from the DEVRANDOM list
                                which can be opened to read random bytes. The
                                DEVRANDOM preprocessor constant expands to
                                "/dev/urandom","/dev/random","/dev/srandom" on
@@ -908,8 +920,11 @@
        $ mms install                                    ! OpenVMS
        $ nmake install                                  # Windows
 
-     This will install all the software components in this directory
-     tree under PREFIX (the directory given with --prefix or its
+     Note that in order to perform the install step above you need to have
+     appropriate permissions to write to the installation directory.
+
+     The above commands will install all the software components in this
+     directory tree under PREFIX (the directory given with --prefix or its
      default):
 
        Unix:
@@ -965,6 +980,12 @@
                         for private key files.
          misc           Various scripts.
 
+     The installation directory should be appropriately protected to ensure
+     unprivileged users cannot make changes to OpenSSL binaries or files, or
+     install engines. If you already have a pre-installed version of OpenSSL as
+     part of your Operating System it is recommended that you do not overwrite
+     the system version and instead install to somewhere else.
+
      Package builders who want to configure the library for standard
      locations, but have the package installed somewhere else so that
      it can easily be packaged, can use
diff --git a/deps/openssl/openssl/NEWS b/deps/openssl/openssl/NEWS
index 0e38f69dbbaad8..1c88dee35389bb 100644
--- a/deps/openssl/openssl/NEWS
+++ b/deps/openssl/openssl/NEWS
@@ -5,6 +5,23 @@
   This file gives a brief overview of the major changes between each OpenSSL
   release. For more details please read the CHANGES file.
 
+  Major changes between OpenSSL 1.1.1c and OpenSSL 1.1.1d [10 Sep 2019]
+
+      o Fixed a fork protection issue (CVE-2019-1549)
+      o Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey
+        (CVE-2019-1563)
+      o For built-in EC curves, ensure an EC_GROUP built from the curve name is
+        used even when parsing explicit parameters
+      o Compute ECC cofactors if not provided during EC_GROUP construction
+        (CVE-2019-1547)
+      o Early start up entropy quality from the DEVRANDOM seed source has been
+        improved for older Linux systems
+      o Correct the extended master secret constant on EBCDIC systems
+      o Use Windows installation paths in the mingw builds (CVE-2019-1552)
+      o Changed DH_check to accept parameters with order q and 2q subgroups
+      o Significantly reduce secure memory usage by the randomness pools
+      o Revert the DEVRANDOM_WAIT feature for Linux systems
+
   Major changes between OpenSSL 1.1.1b and OpenSSL 1.1.1c [28 May 2019]
 
       o Prevent over long nonces in ChaCha20-Poly1305 (CVE-2019-1543)
@@ -601,7 +618,7 @@
 
   Major changes between OpenSSL 0.9.7h and OpenSSL 0.9.7i [14 Oct 2005]:
 
-      o Give EVP_MAX_MD_SIZE it's old value, except for a FIPS build.
+      o Give EVP_MAX_MD_SIZE its old value, except for a FIPS build.
 
   Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.7h [11 Oct 2005]:
 
diff --git a/deps/openssl/openssl/NOTES.WIN b/deps/openssl/openssl/NOTES.WIN
index 4d39d06f32ad10..b1cb542d09085e 100644
--- a/deps/openssl/openssl/NOTES.WIN
+++ b/deps/openssl/openssl/NOTES.WIN
@@ -109,6 +109,21 @@
    This naturally implies that you've installed corresponding add-on
    packages.
 
+ Independently of the method chosen to build for mingw, the installation
+ paths are similar to those used when building with VC-* targets, except
+ that in case the fallbacks mentioned there aren't possible (typically
+ when cross compiling on Linux), the paths will be the following:
+
+ For mingw:
+
+     PREFIX:      C:/Program Files (x86)/OpenSSL
+     OPENSSLDIR   C:/Program Files (x86)/Common Files/SSL
+
+ For mingw64:
+
+     PREFIX:      C:/Program Files/OpenSSL
+     OPENSSLDIR   C:/Program Files/Common Files/SSL
+
  Linking your application
  ========================
 
diff --git a/deps/openssl/openssl/README b/deps/openssl/openssl/README
index 29757157c3841b..51bb4789be2a9a 100644
--- a/deps/openssl/openssl/README
+++ b/deps/openssl/openssl/README
@@ -1,5 +1,5 @@
 
- OpenSSL 1.1.1c 28 May 2019
+ OpenSSL 1.1.1d 10 Sep 2019
 
  Copyright (c) 1998-2019 The OpenSSL Project
  Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
diff --git a/deps/openssl/openssl/apps/apps.c b/deps/openssl/openssl/apps/apps.c
index 36cb0b27833780..7177c5d9826612 100644
--- a/deps/openssl/openssl/apps/apps.c
+++ b/deps/openssl/openssl/apps/apps.c
@@ -40,7 +40,6 @@
 #endif
 #include <openssl/bn.h>
 #include <openssl/ssl.h>
-#include "s_apps.h"
 #include "apps.h"
 
 #ifdef _WIN32
@@ -48,6 +47,14 @@ static int WIN32_rename(const char *from, const char *to);
 # define rename(from,to) WIN32_rename((from),(to))
 #endif
 
+#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS)
+# include <conio.h>
+#endif
+
+#if defined(OPENSSL_SYS_MSDOS) && !defined(_WIN32)
+# define _kbhit kbhit
+#endif
+
 typedef struct {
     const char *name;
     unsigned long flag;
diff --git a/deps/openssl/openssl/apps/apps.h b/deps/openssl/openssl/apps/apps.h
index d9eb650eb21197..4a3e1a88573eed 100644
--- a/deps/openssl/openssl/apps/apps.h
+++ b/deps/openssl/openssl/apps/apps.h
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -444,11 +444,9 @@ void destroy_ui_method(void);
 const UI_METHOD *get_ui_method(void);
 
 int chopup_args(ARGS *arg, char *buf);
-# ifdef HEADER_X509_H
 int dump_cert_text(BIO *out, X509 *x);
 void print_name(BIO *out, const char *title, X509_NAME *nm,
                 unsigned long lflags);
-# endif
 void print_bignum_var(BIO *, const BIGNUM *, const char*,
                       int, unsigned char *);
 void print_array(BIO *, const char *, int, const unsigned char *);
diff --git a/deps/openssl/openssl/apps/ca.c b/deps/openssl/openssl/apps/ca.c
index 69207c0662ed7f..a4a77126f2f228 100644
--- a/deps/openssl/openssl/apps/ca.c
+++ b/deps/openssl/openssl/apps/ca.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -722,7 +722,7 @@ int ca_main(int argc, char **argv)
 
     /*****************************************************************/
     if (req || gencrl) {
-        if (spkac_file != NULL) {
+        if (spkac_file != NULL && outfile != NULL) {
             output_der = 1;
             batch = 1;
         }
diff --git a/deps/openssl/openssl/apps/dgst.c b/deps/openssl/openssl/apps/dgst.c
index d158a0ccb2843a..d6f5a0e2e71253 100644
--- a/deps/openssl/openssl/apps/dgst.c
+++ b/deps/openssl/openssl/apps/dgst.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -421,7 +421,7 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
     size_t len;
     int i;
 
-    for (;;) {
+    while (BIO_pending(bp) || !BIO_eof(bp)) {
         i = BIO_read(bp, (char *)buf, BUFSIZE);
         if (i < 0) {
             BIO_printf(bio_err, "Read Error in %s\n", file);
diff --git a/deps/openssl/openssl/apps/enc.c b/deps/openssl/openssl/apps/enc.c
index de33e57a5f49a5..d1772f3eb9f25e 100644
--- a/deps/openssl/openssl/apps/enc.c
+++ b/deps/openssl/openssl/apps/enc.c
@@ -586,7 +586,7 @@ int enc_main(int argc, char **argv)
     if (benc != NULL)
         wbio = BIO_push(benc, wbio);
 
-    for (;;) {
+    while (BIO_pending(rbio) || !BIO_eof(rbio)) {
         inl = BIO_read(rbio, (char *)buff, bsize);
         if (inl <= 0)
             break;
diff --git a/deps/openssl/openssl/apps/ocsp.c b/deps/openssl/openssl/apps/ocsp.c
index 066a2e43af2b1e..5d2391816995c3 100644
--- a/deps/openssl/openssl/apps/ocsp.c
+++ b/deps/openssl/openssl/apps/ocsp.c
@@ -1416,9 +1416,11 @@ static int do_responder(OCSP_REQUEST **preq, BIO **pcbio, BIO *acbio,
         *q = '\0';
 
         /*
-         * Skip "GET / HTTP..." requests often used by load-balancers
+         * Skip "GET / HTTP..." requests often used by load-balancers.  Note:
+         * 'p' was incremented above to point to the first byte *after* the
+         * leading slash, so with 'GET / ' it is now an empty string.
          */
-        if (p[1] == '\0')
+        if (p[0] == '\0')
             goto out;
 
         len = urldecode(p);
diff --git a/deps/openssl/openssl/apps/openssl.c b/deps/openssl/openssl/apps/openssl.c
index a872e2c5eeec8b..9648f35b028446 100644
--- a/deps/openssl/openssl/apps/openssl.c
+++ b/deps/openssl/openssl/apps/openssl.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -22,7 +22,6 @@
 # include <openssl/engine.h>
 #endif
 #include <openssl/err.h>
-#include "s_apps.h"
 /* Needed to get the other O_xxx flags. */
 #ifdef OPENSSL_SYS_VMS
 # include <unixio.h>
diff --git a/deps/openssl/openssl/apps/pkcs12.c b/deps/openssl/openssl/apps/pkcs12.c
index 719a309a860c3c..d0600b376043b8 100644
--- a/deps/openssl/openssl/apps/pkcs12.c
+++ b/deps/openssl/openssl/apps/pkcs12.c
@@ -838,7 +838,7 @@ static int alg_print(const X509_ALGOR *alg)
                 goto done;
             }
             BIO_printf(bio_err, ", Salt length: %d, Cost(N): %ld, "
-                       "Block size(r): %ld, Paralelizm(p): %ld",
+                       "Block size(r): %ld, Parallelism(p): %ld",
                        ASN1_STRING_length(kdf->salt),
                        ASN1_INTEGER_get(kdf->costParameter),
                        ASN1_INTEGER_get(kdf->blockSize),
diff --git a/deps/openssl/openssl/apps/req.c b/deps/openssl/openssl/apps/req.c
index 6fd28a2aba2406..f9d6fba1094da7 100644
--- a/deps/openssl/openssl/apps/req.c
+++ b/deps/openssl/openssl/apps/req.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -881,9 +881,19 @@ int req_main(int argc, char **argv)
 
     if (text) {
         if (x509)
-            X509_print_ex(out, x509ss, get_nameopt(), reqflag);
+            ret = X509_print_ex(out, x509ss, get_nameopt(), reqflag);
         else
-            X509_REQ_print_ex(out, req, get_nameopt(), reqflag);
+            ret = X509_REQ_print_ex(out, req, get_nameopt(), reqflag);
+
+        if (ret == 0) {
+            if (x509)
+              BIO_printf(bio_err, "Error printing certificate\n");
+            else
+              BIO_printf(bio_err, "Error printing certificate request\n");
+
+            ERR_print_errors(bio_err);
+            goto end;
+        }
     }
 
     if (subject) {
diff --git a/deps/openssl/openssl/apps/s_apps.h b/deps/openssl/openssl/apps/s_apps.h
index 0a3bc962808be2..f94e659e71e32e 100644
--- a/deps/openssl/openssl/apps/s_apps.h
+++ b/deps/openssl/openssl/apps/s_apps.h
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -9,13 +9,7 @@
 
 #include <openssl/opensslconf.h>
 
-#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS)
-# include <conio.h>
-#endif
-
-#if defined(OPENSSL_SYS_MSDOS) && !defined(_WIN32)
-# define _kbhit kbhit
-#endif
+#include <openssl/ssl.h>
 
 #define PORT            "4433"
 #define PROTOCOL        "tcp"
@@ -24,17 +18,15 @@ typedef int (*do_server_cb)(int s, int stype, int prot, unsigned char *context);
 int do_server(int *accept_sock, const char *host, const char *port,
               int family, int type, int protocol, do_server_cb cb,
               unsigned char *context, int naccept, BIO *bio_s_out);
-#ifdef HEADER_X509_H
+
 int verify_callback(int ok, X509_STORE_CTX *ctx);
-#endif
-#ifdef HEADER_SSL_H
+
 int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file);
 int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key,
                        STACK_OF(X509) *chain, int build_chain);
 int ssl_print_sigalgs(BIO *out, SSL *s);
 int ssl_print_point_formats(BIO *out, SSL *s);
 int ssl_print_groups(BIO *out, SSL *s, int noshared);
-#endif
 int ssl_print_tmp_key(BIO *out, SSL *s);
 int init_client(int *sock, const char *host, const char *port,
                 const char *bindhost, const char *bindport,
@@ -44,13 +36,11 @@ int should_retry(int i);
 long bio_dump_callback(BIO *bio, int cmd, const char *argp,
                        int argi, long argl, long ret);
 
-#ifdef HEADER_SSL_H
 void apps_ssl_info_callback(const SSL *s, int where, int ret);
 void msg_cb(int write_p, int version, int content_type, const void *buf,
             size_t len, SSL *ssl, void *arg);
 void tlsext_cb(SSL *s, int client_server, int type, const unsigned char *data,
                int len, void *arg);
-#endif
 
 int generate_cookie_callback(SSL *ssl, unsigned char *cookie,
                              unsigned int *cookie_len);
@@ -75,7 +65,6 @@ int args_excert(int option, SSL_EXCERT **pexc);
 int load_excert(SSL_EXCERT **pexc);
 void print_verify_detail(SSL *s, BIO *bio);
 void print_ssl_summary(SSL *s);
-#ifdef HEADER_SSL_H
 int config_ctx(SSL_CONF_CTX *cctx, STACK_OF(OPENSSL_STRING) *str, SSL_CTX *ctx);
 int ssl_ctx_add_crls(SSL_CTX *ctx, STACK_OF(X509_CRL) *crls,
                      int crl_download);
@@ -86,4 +75,3 @@ int ssl_load_stores(SSL_CTX *ctx, const char *vfyCApath,
 void ssl_ctx_security_debug(SSL_CTX *ctx, int verbose);
 int set_keylog_file(SSL_CTX *ctx, const char *keylog_file);
 void print_ca_names(BIO *bio, SSL *s);
-#endif
diff --git a/deps/openssl/openssl/apps/s_cb.c b/deps/openssl/openssl/apps/s_cb.c
index 520323c8b05cfe..5dc1d03f28837a 100644
--- a/deps/openssl/openssl/apps/s_cb.c
+++ b/deps/openssl/openssl/apps/s_cb.c
@@ -1525,7 +1525,8 @@ void print_ca_names(BIO *bio, SSL *s)
     int i;
 
     if (sk == NULL || sk_X509_NAME_num(sk) == 0) {
-        BIO_printf(bio, "---\nNo %s certificate CA names sent\n", cs);
+        if (!SSL_is_server(s))
+            BIO_printf(bio, "---\nNo %s certificate CA names sent\n", cs);
         return;
     }
 
diff --git a/deps/openssl/openssl/apps/s_client.c b/deps/openssl/openssl/apps/s_client.c
index d24d03a0166469..4873be9d00ef5f 100644
--- a/deps/openssl/openssl/apps/s_client.c
+++ b/deps/openssl/openssl/apps/s_client.c
@@ -2345,7 +2345,7 @@ int s_client_main(int argc, char **argv)
             (void)BIO_flush(fbio);
             /*
              * The first line is the HTTP response.  According to RFC 7230,
-             * it's formated exactly like this:
+             * it's formatted exactly like this:
              *
              * HTTP/d.d ddd Reason text\r\n
              */
diff --git a/deps/openssl/openssl/apps/speed.c b/deps/openssl/openssl/apps/speed.c
index 8d4b1695d8514d..20149506cc746e 100644
--- a/deps/openssl/openssl/apps/speed.c
+++ b/deps/openssl/openssl/apps/speed.c
@@ -1790,7 +1790,7 @@ int speed_main(int argc, char **argv)
         }
 
         buflen = lengths[size_num - 1];
-        if (buflen < 36)    /* size of random vector in RSA bencmark */
+        if (buflen < 36)    /* size of random vector in RSA benchmark */
             buflen = 36;
         buflen += MAX_MISALIGNMENT + 1;
         loopargs[i].buf_malloc = app_malloc(buflen, "input buffer");
diff --git a/deps/openssl/openssl/apps/storeutl.c b/deps/openssl/openssl/apps/storeutl.c
index 50007f6e8b69ee..644fe28499d67c 100644
--- a/deps/openssl/openssl/apps/storeutl.c
+++ b/deps/openssl/openssl/apps/storeutl.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -125,7 +125,7 @@ int storeutl_main(int argc, char *argv[])
                 }
                 /*
                  * If expected wasn't set at this point, it means the map
-                 * isn't syncronised with the possible options leading here.
+                 * isn't synchronised with the possible options leading here.
                  */
                 OPENSSL_assert(expected != 0);
             }
diff --git a/deps/openssl/openssl/config b/deps/openssl/openssl/config
index d0e31b6512ef0e..c1a94d4e42fae8 100755
--- a/deps/openssl/openssl/config
+++ b/deps/openssl/openssl/config
@@ -498,12 +498,12 @@ case "$GUESSOS" in
 	    OUT="darwin64-x86_64-cc"
 	fi ;;
   armv6+7-*-iphoneos)
-	__CNF_CFLAGS="$__CNF_CFLAGS -arch%20armv6 -arch%20armv7"
-	__CNF_CXXFLAGS="$__CNF_CXXFLAGS -arch%20armv6 -arch%20armv7"
+	__CNF_CFLAGS="$__CNF_CFLAGS -arch armv6 -arch armv7"
+	__CNF_CXXFLAGS="$__CNF_CXXFLAGS -arch armv6 -arch armv7"
 	OUT="iphoneos-cross" ;;
   *-*-iphoneos)
-	__CNF_CFLAGS="$__CNF_CFLAGS -arch%20${MACHINE}"
-	__CNF_CXXFLAGS="$__CNF_CXXFLAGS -arch%20${MACHINE}"
+	__CNF_CFLAGS="$__CNF_CFLAGS -arch ${MACHINE}"
+	__CNF_CXXFLAGS="$__CNF_CXXFLAGS -arch ${MACHINE}"
 	OUT="iphoneos-cross" ;;
   arm64-*-iphoneos|*-*-ios64)
 	OUT="ios64-cross" ;;
diff --git a/deps/openssl/openssl/crypto/aes/asm/aes-586.pl b/deps/openssl/openssl/crypto/aes/asm/aes-586.pl
deleted file mode 100755
index 29059edf8b7a6b..00000000000000
--- a/deps/openssl/openssl/crypto/aes/asm/aes-586.pl
+++ /dev/null
@@ -1,3000 +0,0 @@
-#! /usr/bin/env perl
-# Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
-#
-# Licensed under the OpenSSL license (the "License").  You may not use
-# this file except in compliance with the License.  You can obtain a copy
-# in the file LICENSE in the source distribution or at
-# https://www.openssl.org/source/license.html
-
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-#
-# Version 4.3.
-#
-# You might fail to appreciate this module performance from the first
-# try. If compared to "vanilla" linux-ia32-icc target, i.e. considered
-# to be *the* best Intel C compiler without -KPIC, performance appears
-# to be virtually identical... But try to re-configure with shared
-# library support... Aha! Intel compiler "suddenly" lags behind by 30%
-# [on P4, more on others]:-) And if compared to position-independent
-# code generated by GNU C, this code performs *more* than *twice* as
-# fast! Yes, all this buzz about PIC means that unlike other hand-
-# coded implementations, this one was explicitly designed to be safe
-# to use even in shared library context... This also means that this
-# code isn't necessarily absolutely fastest "ever," because in order
-# to achieve position independence an extra register has to be
-# off-loaded to stack, which affects the benchmark result.
-#
-# Special note about instruction choice. Do you recall RC4_INT code
-# performing poorly on P4? It might be the time to figure out why.
-# RC4_INT code implies effective address calculations in base+offset*4
-# form. Trouble is that it seems that offset scaling turned to be
-# critical path... At least eliminating scaling resulted in 2.8x RC4
-# performance improvement [as you might recall]. As AES code is hungry
-# for scaling too, I [try to] avoid the latter by favoring off-by-2
-# shifts and masking the result with 0xFF<<2 instead of "boring" 0xFF.
-#
-# As was shown by Dean Gaudet, the above note turned out to be
-# void. Performance improvement with off-by-2 shifts was observed on
-# intermediate implementation, which was spilling yet another register
-# to stack... Final offset*4 code below runs just a tad faster on P4,
-# but exhibits up to 10% improvement on other cores.
-#
-# Second version is "monolithic" replacement for aes_core.c, which in
-# addition to AES_[de|en]crypt implements AES_set_[de|en]cryption_key.
-# This made it possible to implement little-endian variant of the
-# algorithm without modifying the base C code. Motivating factor for
-# the undertaken effort was that it appeared that in tight IA-32
-# register window little-endian flavor could achieve slightly higher
-# Instruction Level Parallelism, and it indeed resulted in up to 15%
-# better performance on most recent µ-archs...
-#
-# Third version adds AES_cbc_encrypt implementation, which resulted in
-# up to 40% performance improvement of CBC benchmark results. 40% was
-# observed on P4 core, where "overall" improvement coefficient, i.e. if
-# compared to PIC generated by GCC and in CBC mode, was observed to be
-# as large as 4x:-) CBC performance is virtually identical to ECB now
-# and on some platforms even better, e.g. 17.6 "small" cycles/byte on
-# Opteron, because certain function prologues and epilogues are
-# effectively taken out of the loop...
-#
-# Version 3.2 implements compressed tables and prefetch of these tables
-# in CBC[!] mode. Former means that 3/4 of table references are now
-# misaligned, which unfortunately has negative impact on elder IA-32
-# implementations, Pentium suffered 30% penalty, PIII - 10%.
-#
-# Version 3.3 avoids L1 cache aliasing between stack frame and
-# S-boxes, and 3.4 - L1 cache aliasing even between key schedule. The
-# latter is achieved by copying the key schedule to controlled place in
-# stack. This unfortunately has rather strong impact on small block CBC
-# performance, ~2x deterioration on 16-byte block if compared to 3.3.
-#
-# Version 3.5 checks if there is L1 cache aliasing between user-supplied
-# key schedule and S-boxes and abstains from copying the former if
-# there is no. This allows end-user to consciously retain small block
-# performance by aligning key schedule in specific manner.
-#
-# Version 3.6 compresses Td4 to 256 bytes and prefetches it in ECB.
-#
-# Current ECB performance numbers for 128-bit key in CPU cycles per
-# processed byte [measure commonly used by AES benchmarkers] are:
-#
-#		small footprint		fully unrolled
-# P4		24			22
-# AMD K8	20			19
-# PIII		25			23
-# Pentium	81			78
-#
-# Version 3.7 reimplements outer rounds as "compact." Meaning that
-# first and last rounds reference compact 256 bytes S-box. This means
-# that first round consumes a lot more CPU cycles and that encrypt
-# and decrypt performance becomes asymmetric. Encrypt performance
-# drops by 10-12%, while decrypt - by 20-25%:-( 256 bytes S-box is
-# aggressively pre-fetched.
-#
-# Version 4.0 effectively rolls back to 3.6 and instead implements
-# additional set of functions, _[x86|sse]_AES_[en|de]crypt_compact,
-# which use exclusively 256 byte S-box. These functions are to be
-# called in modes not concealing plain text, such as ECB, or when
-# we're asked to process smaller amount of data [or unconditionally
-# on hyper-threading CPU]. Currently it's called unconditionally from
-# AES_[en|de]crypt, which affects all modes, but CBC. CBC routine
-# still needs to be modified to switch between slower and faster
-# mode when appropriate... But in either case benchmark landscape
-# changes dramatically and below numbers are CPU cycles per processed
-# byte for 128-bit key.
-#
-#		ECB encrypt	ECB decrypt	CBC large chunk
-# P4		52[54]		83[95]		23
-# AMD K8	46[41]		66[70]		18
-# PIII		41[50]		60[77]		24
-# Core 2	31[36]		45[64]		18.5
-# Atom		76[100]		96[138]		60
-# Pentium	115		150		77
-#
-# Version 4.1 switches to compact S-box even in key schedule setup.
-#
-# Version 4.2 prefetches compact S-box in every SSE round or in other
-# words every cache-line is *guaranteed* to be accessed within ~50
-# cycles window. Why just SSE? Because it's needed on hyper-threading
-# CPU! Which is also why it's prefetched with 64 byte stride. Best
-# part is that it has no negative effect on performance:-)
-#
-# Version 4.3 implements switch between compact and non-compact block
-# functions in AES_cbc_encrypt depending on how much data was asked
-# to be processed in one stroke.
-#
-######################################################################
-# Timing attacks are classified in two classes: synchronous when
-# attacker consciously initiates cryptographic operation and collects
-# timing data of various character afterwards, and asynchronous when
-# malicious code is executed on same CPU simultaneously with AES,
-# instruments itself and performs statistical analysis of this data.
-#
-# As far as synchronous attacks go the root to the AES timing
-# vulnerability is twofold. Firstly, of 256 S-box elements at most 160
-# are referred to in single 128-bit block operation. Well, in C
-# implementation with 4 distinct tables it's actually as little as 40
-# references per 256 elements table, but anyway... Secondly, even
-# though S-box elements are clustered into smaller amount of cache-
-# lines, smaller than 160 and even 40, it turned out that for certain
-# plain-text pattern[s] or simply put chosen plain-text and given key
-# few cache-lines remain unaccessed during block operation. Now, if
-# attacker can figure out this access pattern, he can deduct the key
-# [or at least part of it]. The natural way to mitigate this kind of
-# attacks is to minimize the amount of cache-lines in S-box and/or
-# prefetch them to ensure that every one is accessed for more uniform
-# timing. But note that *if* plain-text was concealed in such way that
-# input to block function is distributed *uniformly*, then attack
-# wouldn't apply. Now note that some encryption modes, most notably
-# CBC, do mask the plain-text in this exact way [secure cipher output
-# is distributed uniformly]. Yes, one still might find input that
-# would reveal the information about given key, but if amount of
-# candidate inputs to be tried is larger than amount of possible key
-# combinations then attack becomes infeasible. This is why revised
-# AES_cbc_encrypt "dares" to switch to larger S-box when larger chunk
-# of data is to be processed in one stroke. The current size limit of
-# 512 bytes is chosen to provide same [diminishingly low] probability
-# for cache-line to remain untouched in large chunk operation with
-# large S-box as for single block operation with compact S-box and
-# surely needs more careful consideration...
-#
-# As for asynchronous attacks. There are two flavours: attacker code
-# being interleaved with AES on hyper-threading CPU at *instruction*
-# level, and two processes time sharing single core. As for latter.
-# Two vectors. 1. Given that attacker process has higher priority,
-# yield execution to process performing AES just before timer fires
-# off the scheduler, immediately regain control of CPU and analyze the
-# cache state. For this attack to be efficient attacker would have to
-# effectively slow down the operation by several *orders* of magnitude,
-# by ratio of time slice to duration of handful of AES rounds, which
-# unlikely to remain unnoticed. Not to mention that this also means
-# that he would spend correspondingly more time to collect enough
-# statistical data to mount the attack. It's probably appropriate to
-# say that if adversary reckons that this attack is beneficial and
-# risks to be noticed, you probably have larger problems having him
-# mere opportunity. In other words suggested code design expects you
-# to preclude/mitigate this attack by overall system security design.
-# 2. Attacker manages to make his code interrupt driven. In order for
-# this kind of attack to be feasible, interrupt rate has to be high
-# enough, again comparable to duration of handful of AES rounds. But
-# is there interrupt source of such rate? Hardly, not even 1Gbps NIC
-# generates interrupts at such raging rate...
-#
-# And now back to the former, hyper-threading CPU or more specifically
-# Intel P4. Recall that asynchronous attack implies that malicious
-# code instruments itself. And naturally instrumentation granularity
-# has be noticeably lower than duration of codepath accessing S-box.
-# Given that all cache-lines are accessed during that time that is.
-# Current implementation accesses *all* cache-lines within ~50 cycles
-# window, which is actually *less* than RDTSC latency on Intel P4!
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-push(@INC,"${dir}","${dir}../../perlasm");
-require "x86asm.pl";
-
-$output = pop;
-open OUT,">$output";
-*STDOUT=*OUT;
-
-&asm_init($ARGV[0],$x86only = $ARGV[$#ARGV] eq "386");
-&static_label("AES_Te");
-&static_label("AES_Td");
-
-$s0="eax";
-$s1="ebx";
-$s2="ecx";
-$s3="edx";
-$key="edi";
-$acc="esi";
-$tbl="ebp";
-
-# stack frame layout in _[x86|sse]_AES_* routines, frame is allocated
-# by caller
-$__ra=&DWP(0,"esp");	# return address
-$__s0=&DWP(4,"esp");	# s0 backing store
-$__s1=&DWP(8,"esp");	# s1 backing store
-$__s2=&DWP(12,"esp");	# s2 backing store
-$__s3=&DWP(16,"esp");	# s3 backing store
-$__key=&DWP(20,"esp");	# pointer to key schedule
-$__end=&DWP(24,"esp");	# pointer to end of key schedule
-$__tbl=&DWP(28,"esp");	# %ebp backing store
-
-# stack frame layout in AES_[en|crypt] routines, which differs from
-# above by 4 and overlaps by %ebp backing store
-$_tbl=&DWP(24,"esp");
-$_esp=&DWP(28,"esp");
-
-sub _data_word() { my $i; while(defined($i=shift)) { &data_word($i,$i); } }
-
-$speed_limit=512;	# chunks smaller than $speed_limit are
-			# processed with compact routine in CBC mode
-$small_footprint=1;	# $small_footprint=1 code is ~5% slower [on
-			# recent µ-archs], but ~5 times smaller!
-			# I favor compact code to minimize cache
-			# contention and in hope to "collect" 5% back
-			# in real-life applications...
-
-$vertical_spin=0;	# shift "vertically" defaults to 0, because of
-			# its proof-of-concept status...
-# Note that there is no decvert(), as well as last encryption round is
-# performed with "horizontal" shifts. This is because this "vertical"
-# implementation [one which groups shifts on a given $s[i] to form a
-# "column," unlike "horizontal" one, which groups shifts on different
-# $s[i] to form a "row"] is work in progress. It was observed to run
-# few percents faster on Intel cores, but not AMD. On AMD K8 core it's
-# whole 12% slower:-( So we face a trade-off... Shall it be resolved
-# some day? Till then the code is considered experimental and by
-# default remains dormant...
-
-sub encvert()
-{ my ($te,@s) = @_;
-  my ($v0,$v1) = ($acc,$key);
-
-	&mov	($v0,$s[3]);				# copy s3
-	&mov	(&DWP(4,"esp"),$s[2]);			# save s2
-	&mov	($v1,$s[0]);				# copy s0
-	&mov	(&DWP(8,"esp"),$s[1]);			# save s1
-
-	&movz	($s[2],&HB($s[0]));
-	&and	($s[0],0xFF);
-	&mov	($s[0],&DWP(0,$te,$s[0],8));		# s0>>0
-	&shr	($v1,16);
-	&mov	($s[3],&DWP(3,$te,$s[2],8));		# s0>>8
-	&movz	($s[1],&HB($v1));
-	&and	($v1,0xFF);
-	&mov	($s[2],&DWP(2,$te,$v1,8));		# s0>>16
-	 &mov	($v1,$v0);
-	&mov	($s[1],&DWP(1,$te,$s[1],8));		# s0>>24
-
-	&and	($v0,0xFF);
-	&xor	($s[3],&DWP(0,$te,$v0,8));		# s3>>0
-	&movz	($v0,&HB($v1));
-	&shr	($v1,16);
-	&xor	($s[2],&DWP(3,$te,$v0,8));		# s3>>8
-	&movz	($v0,&HB($v1));
-	&and	($v1,0xFF);
-	&xor	($s[1],&DWP(2,$te,$v1,8));		# s3>>16
-	 &mov	($v1,&DWP(4,"esp"));			# restore s2
-	&xor	($s[0],&DWP(1,$te,$v0,8));		# s3>>24
-
-	&mov	($v0,$v1);
-	&and	($v1,0xFF);
-	&xor	($s[2],&DWP(0,$te,$v1,8));		# s2>>0
-	&movz	($v1,&HB($v0));
-	&shr	($v0,16);
-	&xor	($s[1],&DWP(3,$te,$v1,8));		# s2>>8
-	&movz	($v1,&HB($v0));
-	&and	($v0,0xFF);
-	&xor	($s[0],&DWP(2,$te,$v0,8));		# s2>>16
-	 &mov	($v0,&DWP(8,"esp"));			# restore s1
-	&xor	($s[3],&DWP(1,$te,$v1,8));		# s2>>24
-
-	&mov	($v1,$v0);
-	&and	($v0,0xFF);
-	&xor	($s[1],&DWP(0,$te,$v0,8));		# s1>>0
-	&movz	($v0,&HB($v1));
-	&shr	($v1,16);
-	&xor	($s[0],&DWP(3,$te,$v0,8));		# s1>>8
-	&movz	($v0,&HB($v1));
-	&and	($v1,0xFF);
-	&xor	($s[3],&DWP(2,$te,$v1,8));		# s1>>16
-	 &mov	($key,$__key);				# reincarnate v1 as key
-	&xor	($s[2],&DWP(1,$te,$v0,8));		# s1>>24
-}
-
-# Another experimental routine, which features "horizontal spin," but
-# eliminates one reference to stack. Strangely enough runs slower...
-sub enchoriz()
-{ my ($v0,$v1) = ($key,$acc);
-
-	&movz	($v0,&LB($s0));			#  3, 2, 1, 0*
-	&rotr	($s2,8);			#  8,11,10, 9
-	&mov	($v1,&DWP(0,$te,$v0,8));	#  0
-	&movz	($v0,&HB($s1));			#  7, 6, 5*, 4
-	&rotr	($s3,16);			# 13,12,15,14
-	&xor	($v1,&DWP(3,$te,$v0,8));	#  5
-	&movz	($v0,&HB($s2));			#  8,11,10*, 9
-	&rotr	($s0,16);			#  1, 0, 3, 2
-	&xor	($v1,&DWP(2,$te,$v0,8));	# 10
-	&movz	($v0,&HB($s3));			# 13,12,15*,14
-	&xor	($v1,&DWP(1,$te,$v0,8));	# 15, t[0] collected
-	&mov	($__s0,$v1);			# t[0] saved
-
-	&movz	($v0,&LB($s1));			#  7, 6, 5, 4*
-	&shr	($s1,16);			#  -, -, 7, 6
-	&mov	($v1,&DWP(0,$te,$v0,8));	#  4
-	&movz	($v0,&LB($s3));			# 13,12,15,14*
-	&xor	($v1,&DWP(2,$te,$v0,8));	# 14
-	&movz	($v0,&HB($s0));			#  1, 0, 3*, 2
-	&and	($s3,0xffff0000);		# 13,12, -, -
-	&xor	($v1,&DWP(1,$te,$v0,8));	#  3
-	&movz	($v0,&LB($s2));			#  8,11,10, 9*
-	&or	($s3,$s1);			# 13,12, 7, 6
-	&xor	($v1,&DWP(3,$te,$v0,8));	#  9, t[1] collected
-	&mov	($s1,$v1);			#  s[1]=t[1]
-
-	&movz	($v0,&LB($s0));			#  1, 0, 3, 2*
-	&shr	($s2,16);			#  -, -, 8,11
-	&mov	($v1,&DWP(2,$te,$v0,8));	#  2
-	&movz	($v0,&HB($s3));			# 13,12, 7*, 6
-	&xor	($v1,&DWP(1,$te,$v0,8));	#  7
-	&movz	($v0,&HB($s2));			#  -, -, 8*,11
-	&xor	($v1,&DWP(0,$te,$v0,8));	#  8
-	&mov	($v0,$s3);
-	&shr	($v0,24);			# 13
-	&xor	($v1,&DWP(3,$te,$v0,8));	# 13, t[2] collected
-
-	&movz	($v0,&LB($s2));			#  -, -, 8,11*
-	&shr	($s0,24);			#  1*
-	&mov	($s2,&DWP(1,$te,$v0,8));	# 11
-	&xor	($s2,&DWP(3,$te,$s0,8));	#  1
-	&mov	($s0,$__s0);			# s[0]=t[0]
-	&movz	($v0,&LB($s3));			# 13,12, 7, 6*
-	&shr	($s3,16);			#   ,  ,13,12
-	&xor	($s2,&DWP(2,$te,$v0,8));	#  6
-	&mov	($key,$__key);			# reincarnate v0 as key
-	&and	($s3,0xff);			#   ,  ,13,12*
-	&mov	($s3,&DWP(0,$te,$s3,8));	# 12
-	&xor	($s3,$s2);			# s[2]=t[3] collected
-	&mov	($s2,$v1);			# s[2]=t[2]
-}
-
-# More experimental code... SSE one... Even though this one eliminates
-# *all* references to stack, it's not faster...
-sub sse_encbody()
-{
-	&movz	($acc,&LB("eax"));		#  0
-	&mov	("ecx",&DWP(0,$tbl,$acc,8));	#  0
-	&pshufw	("mm2","mm0",0x0d);		#  7, 6, 3, 2
-	&movz	("edx",&HB("eax"));		#  1
-	&mov	("edx",&DWP(3,$tbl,"edx",8));	#  1
-	&shr	("eax",16);			#  5, 4
-
-	&movz	($acc,&LB("ebx"));		# 10
-	&xor	("ecx",&DWP(2,$tbl,$acc,8));	# 10
-	&pshufw	("mm6","mm4",0x08);		# 13,12, 9, 8
-	&movz	($acc,&HB("ebx"));		# 11
-	&xor	("edx",&DWP(1,$tbl,$acc,8));	# 11
-	&shr	("ebx",16);			# 15,14
-
-	&movz	($acc,&HB("eax"));		#  5
-	&xor	("ecx",&DWP(3,$tbl,$acc,8));	#  5
-	&movq	("mm3",QWP(16,$key));
-	&movz	($acc,&HB("ebx"));		# 15
-	&xor	("ecx",&DWP(1,$tbl,$acc,8));	# 15
-	&movd	("mm0","ecx");			# t[0] collected
-
-	&movz	($acc,&LB("eax"));		#  4
-	&mov	("ecx",&DWP(0,$tbl,$acc,8));	#  4
-	&movd	("eax","mm2");			#  7, 6, 3, 2
-	&movz	($acc,&LB("ebx"));		# 14
-	&xor	("ecx",&DWP(2,$tbl,$acc,8));	# 14
-	&movd	("ebx","mm6");			# 13,12, 9, 8
-
-	&movz	($acc,&HB("eax"));		#  3
-	&xor	("ecx",&DWP(1,$tbl,$acc,8));	#  3
-	&movz	($acc,&HB("ebx"));		#  9
-	&xor	("ecx",&DWP(3,$tbl,$acc,8));	#  9
-	&movd	("mm1","ecx");			# t[1] collected
-
-	&movz	($acc,&LB("eax"));		#  2
-	&mov	("ecx",&DWP(2,$tbl,$acc,8));	#  2
-	&shr	("eax",16);			#  7, 6
-	&punpckldq	("mm0","mm1");		# t[0,1] collected
-	&movz	($acc,&LB("ebx"));		#  8
-	&xor	("ecx",&DWP(0,$tbl,$acc,8));	#  8
-	&shr	("ebx",16);			# 13,12
-
-	&movz	($acc,&HB("eax"));		#  7
-	&xor	("ecx",&DWP(1,$tbl,$acc,8));	#  7
-	&pxor	("mm0","mm3");
-	&movz	("eax",&LB("eax"));		#  6
-	&xor	("edx",&DWP(2,$tbl,"eax",8));	#  6
-	&pshufw	("mm1","mm0",0x08);		#  5, 4, 1, 0
-	&movz	($acc,&HB("ebx"));		# 13
-	&xor	("ecx",&DWP(3,$tbl,$acc,8));	# 13
-	&xor	("ecx",&DWP(24,$key));		# t[2]
-	&movd	("mm4","ecx");			# t[2] collected
-	&movz	("ebx",&LB("ebx"));		# 12
-	&xor	("edx",&DWP(0,$tbl,"ebx",8));	# 12
-	&shr	("ecx",16);
-	&movd	("eax","mm1");			#  5, 4, 1, 0
-	&mov	("ebx",&DWP(28,$key));		# t[3]
-	&xor	("ebx","edx");
-	&movd	("mm5","ebx");			# t[3] collected
-	&and	("ebx",0xffff0000);
-	&or	("ebx","ecx");
-
-	&punpckldq	("mm4","mm5");		# t[2,3] collected
-}
-
-######################################################################
-# "Compact" block function
-######################################################################
-
-sub enccompact()
-{ my $Fn = \&mov;
-  while ($#_>5) { pop(@_); $Fn=sub{}; }
-  my ($i,$te,@s)=@_;
-  my $tmp = $key;
-  my $out = $i==3?$s[0]:$acc;
-
-	# $Fn is used in first compact round and its purpose is to
-	# void restoration of some values from stack, so that after
-	# 4xenccompact with extra argument $key value is left there...
-	if ($i==3)  {	&$Fn	($key,$__key);			}##%edx
-	else        {	&mov	($out,$s[0]);			}
-			&and	($out,0xFF);
-	if ($i==1)  {	&shr	($s[0],16);			}#%ebx[1]
-	if ($i==2)  {	&shr	($s[0],24);			}#%ecx[2]
-			&movz	($out,&BP(-128,$te,$out,1));
-
-	if ($i==3)  {	$tmp=$s[1];				}##%eax
-			&movz	($tmp,&HB($s[1]));
-			&movz	($tmp,&BP(-128,$te,$tmp,1));
-			&shl	($tmp,8);
-			&xor	($out,$tmp);
-
-	if ($i==3)  {	$tmp=$s[2]; &mov ($s[1],$__s0);		}##%ebx
-	else        {	&mov	($tmp,$s[2]);
-			&shr	($tmp,16);			}
-	if ($i==2)  {	&and	($s[1],0xFF);			}#%edx[2]
-			&and	($tmp,0xFF);
-			&movz	($tmp,&BP(-128,$te,$tmp,1));
-			&shl	($tmp,16);
-			&xor	($out,$tmp);
-
-	if ($i==3)  {	$tmp=$s[3]; &mov ($s[2],$__s1);		}##%ecx
-	elsif($i==2){	&movz	($tmp,&HB($s[3]));		}#%ebx[2]
-	else        {	&mov	($tmp,$s[3]);
-			&shr	($tmp,24);			}
-			&movz	($tmp,&BP(-128,$te,$tmp,1));
-			&shl	($tmp,24);
-			&xor	($out,$tmp);
-	if ($i<2)   {	&mov	(&DWP(4+4*$i,"esp"),$out);	}
-	if ($i==3)  {	&mov	($s[3],$acc);			}
-	&comment();
-}
-
-sub enctransform()
-{ my @s = ($s0,$s1,$s2,$s3);
-  my $i = shift;
-  my $tmp = $tbl;
-  my $r2  = $key ;
-
-	&and	($tmp,$s[$i]);
-	&lea	($r2,&DWP(0,$s[$i],$s[$i]));
-	&mov	($acc,$tmp);
-	&shr	($tmp,7);
-	&and	($r2,0xfefefefe);
-	&sub	($acc,$tmp);
-	&mov	($tmp,$s[$i]);
-	&and	($acc,0x1b1b1b1b);
-	&rotr	($tmp,16);
-	&xor	($acc,$r2);	# r2
-	&mov	($r2,$s[$i]);
-
-	&xor	($s[$i],$acc);	# r0 ^ r2
-	&rotr	($r2,16+8);
-	&xor	($acc,$tmp);
-	&rotl	($s[$i],24);
-	&xor	($acc,$r2);
-	&mov	($tmp,0x80808080)	if ($i!=1);
-	&xor	($s[$i],$acc);	# ROTATE(r2^r0,24) ^ r2
-}
-
-&function_begin_B("_x86_AES_encrypt_compact");
-	# note that caller is expected to allocate stack frame for me!
-	&mov	($__key,$key);			# save key
-
-	&xor	($s0,&DWP(0,$key));		# xor with key
-	&xor	($s1,&DWP(4,$key));
-	&xor	($s2,&DWP(8,$key));
-	&xor	($s3,&DWP(12,$key));
-
-	&mov	($acc,&DWP(240,$key));		# load key->rounds
-	&lea	($acc,&DWP(-2,$acc,$acc));
-	&lea	($acc,&DWP(0,$key,$acc,8));
-	&mov	($__end,$acc);			# end of key schedule
-
-	# prefetch Te4
-	&mov	($key,&DWP(0-128,$tbl));
-	&mov	($acc,&DWP(32-128,$tbl));
-	&mov	($key,&DWP(64-128,$tbl));
-	&mov	($acc,&DWP(96-128,$tbl));
-	&mov	($key,&DWP(128-128,$tbl));
-	&mov	($acc,&DWP(160-128,$tbl));
-	&mov	($key,&DWP(192-128,$tbl));
-	&mov	($acc,&DWP(224-128,$tbl));
-
-	&set_label("loop",16);
-
-		&enccompact(0,$tbl,$s0,$s1,$s2,$s3,1);
-		&enccompact(1,$tbl,$s1,$s2,$s3,$s0,1);
-		&enccompact(2,$tbl,$s2,$s3,$s0,$s1,1);
-		&enccompact(3,$tbl,$s3,$s0,$s1,$s2,1);
-		&mov	($tbl,0x80808080);
-		&enctransform(2);
-		&enctransform(3);
-		&enctransform(0);
-		&enctransform(1);
-		&mov 	($key,$__key);
-		&mov	($tbl,$__tbl);
-		&add	($key,16);		# advance rd_key
-		&xor	($s0,&DWP(0,$key));
-		&xor	($s1,&DWP(4,$key));
-		&xor	($s2,&DWP(8,$key));
-		&xor	($s3,&DWP(12,$key));
-
-	&cmp	($key,$__end);
-	&mov	($__key,$key);
-	&jb	(&label("loop"));
-
-	&enccompact(0,$tbl,$s0,$s1,$s2,$s3);
-	&enccompact(1,$tbl,$s1,$s2,$s3,$s0);
-	&enccompact(2,$tbl,$s2,$s3,$s0,$s1);
-	&enccompact(3,$tbl,$s3,$s0,$s1,$s2);
-
-	&xor	($s0,&DWP(16,$key));
-	&xor	($s1,&DWP(20,$key));
-	&xor	($s2,&DWP(24,$key));
-	&xor	($s3,&DWP(28,$key));
-
-	&ret	();
-&function_end_B("_x86_AES_encrypt_compact");
-
-######################################################################
-# "Compact" SSE block function.
-######################################################################
-#
-# Performance is not actually extraordinary in comparison to pure
-# x86 code. In particular encrypt performance is virtually the same.
-# Decrypt performance on the other hand is 15-20% better on newer
-# µ-archs [but we're thankful for *any* improvement here], and ~50%
-# better on PIII:-) And additionally on the pros side this code
-# eliminates redundant references to stack and thus relieves/
-# minimizes the pressure on the memory bus.
-#
-# MMX register layout                           lsb
-# +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-# |          mm4          |          mm0          |
-# +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-# |     s3    |     s2    |     s1    |     s0    |
-# +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-# |15|14|13|12|11|10| 9| 8| 7| 6| 5| 4| 3| 2| 1| 0|
-# +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
-#
-# Indexes translate as s[N/4]>>(8*(N%4)), e.g. 5 means s1>>8.
-# In this terms encryption and decryption "compact" permutation
-# matrices can be depicted as following:
-#
-# encryption              lsb	# decryption              lsb
-# +----++----+----+----+----+	# +----++----+----+----+----+
-# | t0 || 15 | 10 |  5 |  0 |	# | t0 ||  7 | 10 | 13 |  0 |
-# +----++----+----+----+----+	# +----++----+----+----+----+
-# | t1 ||  3 | 14 |  9 |  4 |	# | t1 || 11 | 14 |  1 |  4 |
-# +----++----+----+----+----+	# +----++----+----+----+----+
-# | t2 ||  7 |  2 | 13 |  8 |	# | t2 || 15 |  2 |  5 |  8 |
-# +----++----+----+----+----+	# +----++----+----+----+----+
-# | t3 || 11 |  6 |  1 | 12 |	# | t3 ||  3 |  6 |  9 | 12 |
-# +----++----+----+----+----+	# +----++----+----+----+----+
-#
-######################################################################
-# Why not xmm registers? Short answer. It was actually tested and
-# was not any faster, but *contrary*, most notably on Intel CPUs.
-# Longer answer. Main advantage of using mm registers is that movd
-# latency is lower, especially on Intel P4. While arithmetic
-# instructions are twice as many, they can be scheduled every cycle
-# and not every second one when they are operating on xmm register,
-# so that "arithmetic throughput" remains virtually the same. And
-# finally the code can be executed even on elder SSE-only CPUs:-)
-
-sub sse_enccompact()
-{
-	&pshufw	("mm1","mm0",0x08);		#  5, 4, 1, 0
-	&pshufw	("mm5","mm4",0x0d);		# 15,14,11,10
-	&movd	("eax","mm1");			#  5, 4, 1, 0
-	&movd	("ebx","mm5");			# 15,14,11,10
-	&mov	($__key,$key);
-
-	&movz	($acc,&LB("eax"));		#  0
-	&movz	("edx",&HB("eax"));		#  1
-	&pshufw	("mm2","mm0",0x0d);		#  7, 6, 3, 2
-	&movz	("ecx",&BP(-128,$tbl,$acc,1));	#  0
-	&movz	($key,&LB("ebx"));		# 10
-	&movz	("edx",&BP(-128,$tbl,"edx",1));	#  1
-	&shr	("eax",16);			#  5, 4
-	&shl	("edx",8);			#  1
-
-	&movz	($acc,&BP(-128,$tbl,$key,1));	# 10
-	&movz	($key,&HB("ebx"));		# 11
-	&shl	($acc,16);			# 10
-	&pshufw	("mm6","mm4",0x08);		# 13,12, 9, 8
-	&or	("ecx",$acc);			# 10
-	&movz	($acc,&BP(-128,$tbl,$key,1));	# 11
-	&movz	($key,&HB("eax"));		#  5
-	&shl	($acc,24);			# 11
-	&shr	("ebx",16);			# 15,14
-	&or	("edx",$acc);			# 11
-
-	&movz	($acc,&BP(-128,$tbl,$key,1));	#  5
-	&movz	($key,&HB("ebx"));		# 15
-	&shl	($acc,8);			#  5
-	&or	("ecx",$acc);			#  5
-	&movz	($acc,&BP(-128,$tbl,$key,1));	# 15
-	&movz	($key,&LB("eax"));		#  4
-	&shl	($acc,24);			# 15
-	&or	("ecx",$acc);			# 15
-
-	&movz	($acc,&BP(-128,$tbl,$key,1));	#  4
-	&movz	($key,&LB("ebx"));		# 14
-	&movd	("eax","mm2");			#  7, 6, 3, 2
-	&movd	("mm0","ecx");			# t[0] collected
-	&movz	("ecx",&BP(-128,$tbl,$key,1));	# 14
-	&movz	($key,&HB("eax"));		#  3
-	&shl	("ecx",16);			# 14
-	&movd	("ebx","mm6");			# 13,12, 9, 8
-	&or	("ecx",$acc);			# 14
-
-	&movz	($acc,&BP(-128,$tbl,$key,1));	#  3
-	&movz	($key,&HB("ebx"));		#  9
-	&shl	($acc,24);			#  3
-	&or	("ecx",$acc);			#  3
-	&movz	($acc,&BP(-128,$tbl,$key,1));	#  9
-	&movz	($key,&LB("ebx"));		#  8
-	&shl	($acc,8);			#  9
-	&shr	("ebx",16);			# 13,12
-	&or	("ecx",$acc);			#  9
-
-	&movz	($acc,&BP(-128,$tbl,$key,1));	#  8
-	&movz	($key,&LB("eax"));		#  2
-	&shr	("eax",16);			#  7, 6
-	&movd	("mm1","ecx");			# t[1] collected
-	&movz	("ecx",&BP(-128,$tbl,$key,1));	#  2
-	&movz	($key,&HB("eax"));		#  7
-	&shl	("ecx",16);			#  2
-	&and	("eax",0xff);			#  6
-	&or	("ecx",$acc);			#  2
-
-	&punpckldq	("mm0","mm1");		# t[0,1] collected
-
-	&movz	($acc,&BP(-128,$tbl,$key,1));	#  7
-	&movz	($key,&HB("ebx"));		# 13
-	&shl	($acc,24);			#  7
-	&and	("ebx",0xff);			# 12
-	&movz	("eax",&BP(-128,$tbl,"eax",1));	#  6
-	&or	("ecx",$acc);			#  7
-	&shl	("eax",16);			#  6
-	&movz	($acc,&BP(-128,$tbl,$key,1));	# 13
-	&or	("edx","eax");			#  6
-	&shl	($acc,8);			# 13
-	&movz	("ebx",&BP(-128,$tbl,"ebx",1));	# 12
-	&or	("ecx",$acc);			# 13
-	&or	("edx","ebx");			# 12
-	&mov	($key,$__key);
-	&movd	("mm4","ecx");			# t[2] collected
-	&movd	("mm5","edx");			# t[3] collected
-
-	&punpckldq	("mm4","mm5");		# t[2,3] collected
-}
-
-					if (!$x86only) {
-&function_begin_B("_sse_AES_encrypt_compact");
-	&pxor	("mm0",&QWP(0,$key));	#  7, 6, 5, 4, 3, 2, 1, 0
-	&pxor	("mm4",&QWP(8,$key));	# 15,14,13,12,11,10, 9, 8
-
-	# note that caller is expected to allocate stack frame for me!
-	&mov	($acc,&DWP(240,$key));		# load key->rounds
-	&lea	($acc,&DWP(-2,$acc,$acc));
-	&lea	($acc,&DWP(0,$key,$acc,8));
-	&mov	($__end,$acc);			# end of key schedule
-
-	&mov	($s0,0x1b1b1b1b);		# magic constant
-	&mov	(&DWP(8,"esp"),$s0);
-	&mov	(&DWP(12,"esp"),$s0);
-
-	# prefetch Te4
-	&mov	($s0,&DWP(0-128,$tbl));
-	&mov	($s1,&DWP(32-128,$tbl));
-	&mov	($s2,&DWP(64-128,$tbl));
-	&mov	($s3,&DWP(96-128,$tbl));
-	&mov	($s0,&DWP(128-128,$tbl));
-	&mov	($s1,&DWP(160-128,$tbl));
-	&mov	($s2,&DWP(192-128,$tbl));
-	&mov	($s3,&DWP(224-128,$tbl));
-
-	&set_label("loop",16);
-		&sse_enccompact();
-		&add	($key,16);
-		&cmp	($key,$__end);
-		&ja	(&label("out"));
-
-		&movq	("mm2",&QWP(8,"esp"));
-		&pxor	("mm3","mm3");		&pxor	("mm7","mm7");
-		&movq	("mm1","mm0");		&movq	("mm5","mm4");	# r0
-		&pcmpgtb("mm3","mm0");		&pcmpgtb("mm7","mm4");
-		&pand	("mm3","mm2");		&pand	("mm7","mm2");
-		&pshufw	("mm2","mm0",0xb1);	&pshufw	("mm6","mm4",0xb1);# ROTATE(r0,16)
-		&paddb	("mm0","mm0");		&paddb	("mm4","mm4");
-		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# = r2
-		&pshufw	("mm3","mm2",0xb1);	&pshufw	("mm7","mm6",0xb1);# r0
-		&pxor	("mm1","mm0");		&pxor	("mm5","mm4");	# r0^r2
-		&pxor	("mm0","mm2");		&pxor	("mm4","mm6");	# ^= ROTATE(r0,16)
-
-		&movq	("mm2","mm3");		&movq	("mm6","mm7");
-		&pslld	("mm3",8);		&pslld	("mm7",8);
-		&psrld	("mm2",24);		&psrld	("mm6",24);
-		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# ^= r0<<8
-		&pxor	("mm0","mm2");		&pxor	("mm4","mm6");	# ^= r0>>24
-
-		&movq	("mm3","mm1");		&movq	("mm7","mm5");
-		&movq	("mm2",&QWP(0,$key));	&movq	("mm6",&QWP(8,$key));
-		&psrld	("mm1",8);		&psrld	("mm5",8);
-		&mov	($s0,&DWP(0-128,$tbl));
-		&pslld	("mm3",24);		&pslld	("mm7",24);
-		&mov	($s1,&DWP(64-128,$tbl));
-		&pxor	("mm0","mm1");		&pxor	("mm4","mm5");	# ^= (r2^r0)<<8
-		&mov	($s2,&DWP(128-128,$tbl));
-		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# ^= (r2^r0)>>24
-		&mov	($s3,&DWP(192-128,$tbl));
-
-		&pxor	("mm0","mm2");		&pxor	("mm4","mm6");
-	&jmp	(&label("loop"));
-
-	&set_label("out",16);
-	&pxor	("mm0",&QWP(0,$key));
-	&pxor	("mm4",&QWP(8,$key));
-
-	&ret	();
-&function_end_B("_sse_AES_encrypt_compact");
-					}
-
-######################################################################
-# Vanilla block function.
-######################################################################
-
-sub encstep()
-{ my ($i,$te,@s) = @_;
-  my $tmp = $key;
-  my $out = $i==3?$s[0]:$acc;
-
-	# lines marked with #%e?x[i] denote "reordered" instructions...
-	if ($i==3)  {	&mov	($key,$__key);			}##%edx
-	else        {	&mov	($out,$s[0]);
-			&and	($out,0xFF);			}
-	if ($i==1)  {	&shr	($s[0],16);			}#%ebx[1]
-	if ($i==2)  {	&shr	($s[0],24);			}#%ecx[2]
-			&mov	($out,&DWP(0,$te,$out,8));
-
-	if ($i==3)  {	$tmp=$s[1];				}##%eax
-			&movz	($tmp,&HB($s[1]));
-			&xor	($out,&DWP(3,$te,$tmp,8));
-
-	if ($i==3)  {	$tmp=$s[2]; &mov ($s[1],$__s0);		}##%ebx
-	else        {	&mov	($tmp,$s[2]);
-			&shr	($tmp,16);			}
-	if ($i==2)  {	&and	($s[1],0xFF);			}#%edx[2]
-			&and	($tmp,0xFF);
-			&xor	($out,&DWP(2,$te,$tmp,8));
-
-	if ($i==3)  {	$tmp=$s[3]; &mov ($s[2],$__s1);		}##%ecx
-	elsif($i==2){	&movz	($tmp,&HB($s[3]));		}#%ebx[2]
-	else        {	&mov	($tmp,$s[3]);
-			&shr	($tmp,24)			}
-			&xor	($out,&DWP(1,$te,$tmp,8));
-	if ($i<2)   {	&mov	(&DWP(4+4*$i,"esp"),$out);	}
-	if ($i==3)  {	&mov	($s[3],$acc);			}
-			&comment();
-}
-
-sub enclast()
-{ my ($i,$te,@s)=@_;
-  my $tmp = $key;
-  my $out = $i==3?$s[0]:$acc;
-
-	if ($i==3)  {	&mov	($key,$__key);			}##%edx
-	else        {	&mov	($out,$s[0]);			}
-			&and	($out,0xFF);
-	if ($i==1)  {	&shr	($s[0],16);			}#%ebx[1]
-	if ($i==2)  {	&shr	($s[0],24);			}#%ecx[2]
-			&mov	($out,&DWP(2,$te,$out,8));
-			&and	($out,0x000000ff);
-
-	if ($i==3)  {	$tmp=$s[1];				}##%eax
-			&movz	($tmp,&HB($s[1]));
-			&mov	($tmp,&DWP(0,$te,$tmp,8));
-			&and	($tmp,0x0000ff00);
-			&xor	($out,$tmp);
-
-	if ($i==3)  {	$tmp=$s[2]; &mov ($s[1],$__s0);		}##%ebx
-	else        {	&mov	($tmp,$s[2]);
-			&shr	($tmp,16);			}
-	if ($i==2)  {	&and	($s[1],0xFF);			}#%edx[2]
-			&and	($tmp,0xFF);
-			&mov	($tmp,&DWP(0,$te,$tmp,8));
-			&and	($tmp,0x00ff0000);
-			&xor	($out,$tmp);
-
-	if ($i==3)  {	$tmp=$s[3]; &mov ($s[2],$__s1);		}##%ecx
-	elsif($i==2){	&movz	($tmp,&HB($s[3]));		}#%ebx[2]
-	else        {	&mov	($tmp,$s[3]);
-			&shr	($tmp,24);			}
-			&mov	($tmp,&DWP(2,$te,$tmp,8));
-			&and	($tmp,0xff000000);
-			&xor	($out,$tmp);
-	if ($i<2)   {	&mov	(&DWP(4+4*$i,"esp"),$out);	}
-	if ($i==3)  {	&mov	($s[3],$acc);			}
-}
-
-&function_begin_B("_x86_AES_encrypt");
-	if ($vertical_spin) {
-		# I need high parts of volatile registers to be accessible...
-		&exch	($s1="edi",$key="ebx");
-		&mov	($s2="esi",$acc="ecx");
-	}
-
-	# note that caller is expected to allocate stack frame for me!
-	&mov	($__key,$key);			# save key
-
-	&xor	($s0,&DWP(0,$key));		# xor with key
-	&xor	($s1,&DWP(4,$key));
-	&xor	($s2,&DWP(8,$key));
-	&xor	($s3,&DWP(12,$key));
-
-	&mov	($acc,&DWP(240,$key));		# load key->rounds
-
-	if ($small_footprint) {
-	    &lea	($acc,&DWP(-2,$acc,$acc));
-	    &lea	($acc,&DWP(0,$key,$acc,8));
-	    &mov	($__end,$acc);		# end of key schedule
-
-	    &set_label("loop",16);
-		if ($vertical_spin) {
-		    &encvert($tbl,$s0,$s1,$s2,$s3);
-		} else {
-		    &encstep(0,$tbl,$s0,$s1,$s2,$s3);
-		    &encstep(1,$tbl,$s1,$s2,$s3,$s0);
-		    &encstep(2,$tbl,$s2,$s3,$s0,$s1);
-		    &encstep(3,$tbl,$s3,$s0,$s1,$s2);
-		}
-		&add	($key,16);		# advance rd_key
-		&xor	($s0,&DWP(0,$key));
-		&xor	($s1,&DWP(4,$key));
-		&xor	($s2,&DWP(8,$key));
-		&xor	($s3,&DWP(12,$key));
-	    &cmp	($key,$__end);
-	    &mov	($__key,$key);
-	    &jb		(&label("loop"));
-	}
-	else {
-	    &cmp	($acc,10);
-	    &jle	(&label("10rounds"));
-	    &cmp	($acc,12);
-	    &jle	(&label("12rounds"));
-
-	&set_label("14rounds",4);
-	    for ($i=1;$i<3;$i++) {
-		if ($vertical_spin) {
-		    &encvert($tbl,$s0,$s1,$s2,$s3);
-		} else {
-		    &encstep(0,$tbl,$s0,$s1,$s2,$s3);
-		    &encstep(1,$tbl,$s1,$s2,$s3,$s0);
-		    &encstep(2,$tbl,$s2,$s3,$s0,$s1);
-		    &encstep(3,$tbl,$s3,$s0,$s1,$s2);
-		}
-		&xor	($s0,&DWP(16*$i+0,$key));
-		&xor	($s1,&DWP(16*$i+4,$key));
-		&xor	($s2,&DWP(16*$i+8,$key));
-		&xor	($s3,&DWP(16*$i+12,$key));
-	    }
-	    &add	($key,32);
-	    &mov	($__key,$key);		# advance rd_key
-	&set_label("12rounds",4);
-	    for ($i=1;$i<3;$i++) {
-		if ($vertical_spin) {
-		    &encvert($tbl,$s0,$s1,$s2,$s3);
-		} else {
-		    &encstep(0,$tbl,$s0,$s1,$s2,$s3);
-		    &encstep(1,$tbl,$s1,$s2,$s3,$s0);
-		    &encstep(2,$tbl,$s2,$s3,$s0,$s1);
-		    &encstep(3,$tbl,$s3,$s0,$s1,$s2);
-		}
-		&xor	($s0,&DWP(16*$i+0,$key));
-		&xor	($s1,&DWP(16*$i+4,$key));
-		&xor	($s2,&DWP(16*$i+8,$key));
-		&xor	($s3,&DWP(16*$i+12,$key));
-	    }
-	    &add	($key,32);
-	    &mov	($__key,$key);		# advance rd_key
-	&set_label("10rounds",4);
-	    for ($i=1;$i<10;$i++) {
-		if ($vertical_spin) {
-		    &encvert($tbl,$s0,$s1,$s2,$s3);
-		} else {
-		    &encstep(0,$tbl,$s0,$s1,$s2,$s3);
-		    &encstep(1,$tbl,$s1,$s2,$s3,$s0);
-		    &encstep(2,$tbl,$s2,$s3,$s0,$s1);
-		    &encstep(3,$tbl,$s3,$s0,$s1,$s2);
-		}
-		&xor	($s0,&DWP(16*$i+0,$key));
-		&xor	($s1,&DWP(16*$i+4,$key));
-		&xor	($s2,&DWP(16*$i+8,$key));
-		&xor	($s3,&DWP(16*$i+12,$key));
-	    }
-	}
-
-	if ($vertical_spin) {
-	    # "reincarnate" some registers for "horizontal" spin...
-	    &mov	($s1="ebx",$key="edi");
-	    &mov	($s2="ecx",$acc="esi");
-	}
-	&enclast(0,$tbl,$s0,$s1,$s2,$s3);
-	&enclast(1,$tbl,$s1,$s2,$s3,$s0);
-	&enclast(2,$tbl,$s2,$s3,$s0,$s1);
-	&enclast(3,$tbl,$s3,$s0,$s1,$s2);
-
-	&add	($key,$small_footprint?16:160);
-	&xor	($s0,&DWP(0,$key));
-	&xor	($s1,&DWP(4,$key));
-	&xor	($s2,&DWP(8,$key));
-	&xor	($s3,&DWP(12,$key));
-
-	&ret	();
-
-&set_label("AES_Te",64);	# Yes! I keep it in the code segment!
-	&_data_word(0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6);
-	&_data_word(0x0df2f2ff, 0xbd6b6bd6, 0xb16f6fde, 0x54c5c591);
-	&_data_word(0x50303060, 0x03010102, 0xa96767ce, 0x7d2b2b56);
-	&_data_word(0x19fefee7, 0x62d7d7b5, 0xe6abab4d, 0x9a7676ec);
-	&_data_word(0x45caca8f, 0x9d82821f, 0x40c9c989, 0x877d7dfa);
-	&_data_word(0x15fafaef, 0xeb5959b2, 0xc947478e, 0x0bf0f0fb);
-	&_data_word(0xecadad41, 0x67d4d4b3, 0xfda2a25f, 0xeaafaf45);
-	&_data_word(0xbf9c9c23, 0xf7a4a453, 0x967272e4, 0x5bc0c09b);
-	&_data_word(0xc2b7b775, 0x1cfdfde1, 0xae93933d, 0x6a26264c);
-	&_data_word(0x5a36366c, 0x413f3f7e, 0x02f7f7f5, 0x4fcccc83);
-	&_data_word(0x5c343468, 0xf4a5a551, 0x34e5e5d1, 0x08f1f1f9);
-	&_data_word(0x937171e2, 0x73d8d8ab, 0x53313162, 0x3f15152a);
-	&_data_word(0x0c040408, 0x52c7c795, 0x65232346, 0x5ec3c39d);
-	&_data_word(0x28181830, 0xa1969637, 0x0f05050a, 0xb59a9a2f);
-	&_data_word(0x0907070e, 0x36121224, 0x9b80801b, 0x3de2e2df);
-	&_data_word(0x26ebebcd, 0x6927274e, 0xcdb2b27f, 0x9f7575ea);
-	&_data_word(0x1b090912, 0x9e83831d, 0x742c2c58, 0x2e1a1a34);
-	&_data_word(0x2d1b1b36, 0xb26e6edc, 0xee5a5ab4, 0xfba0a05b);
-	&_data_word(0xf65252a4, 0x4d3b3b76, 0x61d6d6b7, 0xceb3b37d);
-	&_data_word(0x7b292952, 0x3ee3e3dd, 0x712f2f5e, 0x97848413);
-	&_data_word(0xf55353a6, 0x68d1d1b9, 0x00000000, 0x2cededc1);
-	&_data_word(0x60202040, 0x1ffcfce3, 0xc8b1b179, 0xed5b5bb6);
-	&_data_word(0xbe6a6ad4, 0x46cbcb8d, 0xd9bebe67, 0x4b393972);
-	&_data_word(0xde4a4a94, 0xd44c4c98, 0xe85858b0, 0x4acfcf85);
-	&_data_word(0x6bd0d0bb, 0x2aefefc5, 0xe5aaaa4f, 0x16fbfbed);
-	&_data_word(0xc5434386, 0xd74d4d9a, 0x55333366, 0x94858511);
-	&_data_word(0xcf45458a, 0x10f9f9e9, 0x06020204, 0x817f7ffe);
-	&_data_word(0xf05050a0, 0x443c3c78, 0xba9f9f25, 0xe3a8a84b);
-	&_data_word(0xf35151a2, 0xfea3a35d, 0xc0404080, 0x8a8f8f05);
-	&_data_word(0xad92923f, 0xbc9d9d21, 0x48383870, 0x04f5f5f1);
-	&_data_word(0xdfbcbc63, 0xc1b6b677, 0x75dadaaf, 0x63212142);
-	&_data_word(0x30101020, 0x1affffe5, 0x0ef3f3fd, 0x6dd2d2bf);
-	&_data_word(0x4ccdcd81, 0x140c0c18, 0x35131326, 0x2fececc3);
-	&_data_word(0xe15f5fbe, 0xa2979735, 0xcc444488, 0x3917172e);
-	&_data_word(0x57c4c493, 0xf2a7a755, 0x827e7efc, 0x473d3d7a);
-	&_data_word(0xac6464c8, 0xe75d5dba, 0x2b191932, 0x957373e6);
-	&_data_word(0xa06060c0, 0x98818119, 0xd14f4f9e, 0x7fdcdca3);
-	&_data_word(0x66222244, 0x7e2a2a54, 0xab90903b, 0x8388880b);
-	&_data_word(0xca46468c, 0x29eeeec7, 0xd3b8b86b, 0x3c141428);
-	&_data_word(0x79dedea7, 0xe25e5ebc, 0x1d0b0b16, 0x76dbdbad);
-	&_data_word(0x3be0e0db, 0x56323264, 0x4e3a3a74, 0x1e0a0a14);
-	&_data_word(0xdb494992, 0x0a06060c, 0x6c242448, 0xe45c5cb8);
-	&_data_word(0x5dc2c29f, 0x6ed3d3bd, 0xefacac43, 0xa66262c4);
-	&_data_word(0xa8919139, 0xa4959531, 0x37e4e4d3, 0x8b7979f2);
-	&_data_word(0x32e7e7d5, 0x43c8c88b, 0x5937376e, 0xb76d6dda);
-	&_data_word(0x8c8d8d01, 0x64d5d5b1, 0xd24e4e9c, 0xe0a9a949);
-	&_data_word(0xb46c6cd8, 0xfa5656ac, 0x07f4f4f3, 0x25eaeacf);
-	&_data_word(0xaf6565ca, 0x8e7a7af4, 0xe9aeae47, 0x18080810);
-	&_data_word(0xd5baba6f, 0x887878f0, 0x6f25254a, 0x722e2e5c);
-	&_data_word(0x241c1c38, 0xf1a6a657, 0xc7b4b473, 0x51c6c697);
-	&_data_word(0x23e8e8cb, 0x7cdddda1, 0x9c7474e8, 0x211f1f3e);
-	&_data_word(0xdd4b4b96, 0xdcbdbd61, 0x868b8b0d, 0x858a8a0f);
-	&_data_word(0x907070e0, 0x423e3e7c, 0xc4b5b571, 0xaa6666cc);
-	&_data_word(0xd8484890, 0x05030306, 0x01f6f6f7, 0x120e0e1c);
-	&_data_word(0xa36161c2, 0x5f35356a, 0xf95757ae, 0xd0b9b969);
-	&_data_word(0x91868617, 0x58c1c199, 0x271d1d3a, 0xb99e9e27);
-	&_data_word(0x38e1e1d9, 0x13f8f8eb, 0xb398982b, 0x33111122);
-	&_data_word(0xbb6969d2, 0x70d9d9a9, 0x898e8e07, 0xa7949433);
-	&_data_word(0xb69b9b2d, 0x221e1e3c, 0x92878715, 0x20e9e9c9);
-	&_data_word(0x49cece87, 0xff5555aa, 0x78282850, 0x7adfdfa5);
-	&_data_word(0x8f8c8c03, 0xf8a1a159, 0x80898909, 0x170d0d1a);
-	&_data_word(0xdabfbf65, 0x31e6e6d7, 0xc6424284, 0xb86868d0);
-	&_data_word(0xc3414182, 0xb0999929, 0x772d2d5a, 0x110f0f1e);
-	&_data_word(0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, 0x3a16162c);
-
-#Te4	# four copies of Te4 to choose from to avoid L1 aliasing
-	&data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
-	&data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
-	&data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
-	&data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
-	&data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
-	&data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
-	&data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
-	&data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
-	&data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
-	&data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
-	&data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
-	&data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
-	&data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
-	&data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
-	&data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
-	&data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
-	&data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
-	&data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
-	&data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
-	&data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
-	&data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
-	&data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
-	&data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
-	&data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
-	&data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
-	&data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
-	&data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
-	&data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
-	&data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
-	&data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
-	&data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
-	&data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
-
-	&data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
-	&data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
-	&data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
-	&data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
-	&data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
-	&data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
-	&data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
-	&data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
-	&data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
-	&data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
-	&data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
-	&data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
-	&data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
-	&data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
-	&data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
-	&data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
-	&data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
-	&data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
-	&data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
-	&data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
-	&data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
-	&data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
-	&data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
-	&data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
-	&data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
-	&data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
-	&data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
-	&data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
-	&data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
-	&data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
-	&data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
-	&data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
-
-	&data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
-	&data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
-	&data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
-	&data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
-	&data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
-	&data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
-	&data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
-	&data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
-	&data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
-	&data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
-	&data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
-	&data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
-	&data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
-	&data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
-	&data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
-	&data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
-	&data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
-	&data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
-	&data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
-	&data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
-	&data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
-	&data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
-	&data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
-	&data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
-	&data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
-	&data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
-	&data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
-	&data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
-	&data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
-	&data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
-	&data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
-	&data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
-
-	&data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
-	&data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
-	&data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
-	&data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
-	&data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
-	&data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
-	&data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
-	&data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
-	&data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
-	&data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
-	&data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
-	&data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
-	&data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
-	&data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
-	&data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
-	&data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
-	&data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
-	&data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
-	&data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
-	&data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
-	&data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
-	&data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
-	&data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
-	&data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
-	&data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
-	&data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
-	&data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
-	&data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
-	&data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
-	&data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
-	&data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
-	&data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
-#rcon:
-	&data_word(0x00000001, 0x00000002, 0x00000004, 0x00000008);
-	&data_word(0x00000010, 0x00000020, 0x00000040, 0x00000080);
-	&data_word(0x0000001b, 0x00000036, 0x00000000, 0x00000000);
-	&data_word(0x00000000, 0x00000000, 0x00000000, 0x00000000);
-&function_end_B("_x86_AES_encrypt");
-
-# void AES_encrypt (const void *inp,void *out,const AES_KEY *key);
-&function_begin("AES_encrypt");
-	&mov	($acc,&wparam(0));		# load inp
-	&mov	($key,&wparam(2));		# load key
-
-	&mov	($s0,"esp");
-	&sub	("esp",36);
-	&and	("esp",-64);			# align to cache-line
-
-	# place stack frame just "above" the key schedule
-	&lea	($s1,&DWP(-64-63,$key));
-	&sub	($s1,"esp");
-	&neg	($s1);
-	&and	($s1,0x3C0);	# modulo 1024, but aligned to cache-line
-	&sub	("esp",$s1);
-	&add	("esp",4);	# 4 is reserved for caller's return address
-	&mov	($_esp,$s0);			# save stack pointer
-
-	&call   (&label("pic_point"));          # make it PIC!
-	&set_label("pic_point");
-	&blindpop($tbl);
-	&picmeup($s0,"OPENSSL_ia32cap_P",$tbl,&label("pic_point")) if (!$x86only);
-	&lea    ($tbl,&DWP(&label("AES_Te")."-".&label("pic_point"),$tbl));
-
-	# pick Te4 copy which can't "overlap" with stack frame or key schedule
-	&lea	($s1,&DWP(768-4,"esp"));
-	&sub	($s1,$tbl);
-	&and	($s1,0x300);
-	&lea	($tbl,&DWP(2048+128,$tbl,$s1));
-
-					if (!$x86only) {
-	&bt	(&DWP(0,$s0),25);	# check for SSE bit
-	&jnc	(&label("x86"));
-
-	&movq	("mm0",&QWP(0,$acc));
-	&movq	("mm4",&QWP(8,$acc));
-	&call	("_sse_AES_encrypt_compact");
-	&mov	("esp",$_esp);			# restore stack pointer
-	&mov	($acc,&wparam(1));		# load out
-	&movq	(&QWP(0,$acc),"mm0");		# write output data
-	&movq	(&QWP(8,$acc),"mm4");
-	&emms	();
-	&function_end_A();
-					}
-	&set_label("x86",16);
-	&mov	($_tbl,$tbl);
-	&mov	($s0,&DWP(0,$acc));		# load input data
-	&mov	($s1,&DWP(4,$acc));
-	&mov	($s2,&DWP(8,$acc));
-	&mov	($s3,&DWP(12,$acc));
-	&call	("_x86_AES_encrypt_compact");
-	&mov	("esp",$_esp);			# restore stack pointer
-	&mov	($acc,&wparam(1));		# load out
-	&mov	(&DWP(0,$acc),$s0);		# write output data
-	&mov	(&DWP(4,$acc),$s1);
-	&mov	(&DWP(8,$acc),$s2);
-	&mov	(&DWP(12,$acc),$s3);
-&function_end("AES_encrypt");
-
-#--------------------------------------------------------------------#
-
-######################################################################
-# "Compact" block function
-######################################################################
-
-sub deccompact()
-{ my $Fn = \&mov;
-  while ($#_>5) { pop(@_); $Fn=sub{}; }
-  my ($i,$td,@s)=@_;
-  my $tmp = $key;
-  my $out = $i==3?$s[0]:$acc;
-
-	# $Fn is used in first compact round and its purpose is to
-	# void restoration of some values from stack, so that after
-	# 4xdeccompact with extra argument $key, $s0 and $s1 values
-	# are left there...
-	if($i==3)   {	&$Fn	($key,$__key);			}
-	else        {	&mov	($out,$s[0]);			}
-			&and	($out,0xFF);
-			&movz	($out,&BP(-128,$td,$out,1));
-
-	if ($i==3)  {	$tmp=$s[1];				}
-			&movz	($tmp,&HB($s[1]));
-			&movz	($tmp,&BP(-128,$td,$tmp,1));
-			&shl	($tmp,8);
-			&xor	($out,$tmp);
-
-	if ($i==3)  {	$tmp=$s[2]; &mov ($s[1],$acc);		}
-	else        {	mov	($tmp,$s[2]);			}
-			&shr	($tmp,16);
-			&and	($tmp,0xFF);
-			&movz	($tmp,&BP(-128,$td,$tmp,1));
-			&shl	($tmp,16);
-			&xor	($out,$tmp);
-
-	if ($i==3)  {	$tmp=$s[3]; &$Fn ($s[2],$__s1);		}
-	else        {	&mov	($tmp,$s[3]);			}
-			&shr	($tmp,24);
-			&movz	($tmp,&BP(-128,$td,$tmp,1));
-			&shl	($tmp,24);
-			&xor	($out,$tmp);
-	if ($i<2)   {	&mov	(&DWP(4+4*$i,"esp"),$out);	}
-	if ($i==3)  {	&$Fn	($s[3],$__s0);			}
-}
-
-# must be called with 2,3,0,1 as argument sequence!!!
-sub dectransform()
-{ my @s = ($s0,$s1,$s2,$s3);
-  my $i = shift;
-  my $tmp = $key;
-  my $tp2 = @s[($i+2)%4]; $tp2 = @s[2] if ($i==1);
-  my $tp4 = @s[($i+3)%4]; $tp4 = @s[3] if ($i==1);
-  my $tp8 = $tbl;
-
-	&mov	($tmp,0x80808080);
-	&and	($tmp,$s[$i]);
-	&mov	($acc,$tmp);
-	&shr	($tmp,7);
-	&lea	($tp2,&DWP(0,$s[$i],$s[$i]));
-	&sub	($acc,$tmp);
-	&and	($tp2,0xfefefefe);
-	&and	($acc,0x1b1b1b1b);
-	&xor	($tp2,$acc);
-	&mov	($tmp,0x80808080);
-
-	&and	($tmp,$tp2);
-	&mov	($acc,$tmp);
-	&shr	($tmp,7);
-	&lea	($tp4,&DWP(0,$tp2,$tp2));
-	&sub	($acc,$tmp);
-	&and	($tp4,0xfefefefe);
-	&and	($acc,0x1b1b1b1b);
-	 &xor	($tp2,$s[$i]);	# tp2^tp1
-	&xor	($tp4,$acc);
-	&mov	($tmp,0x80808080);
-
-	&and	($tmp,$tp4);
-	&mov	($acc,$tmp);
-	&shr	($tmp,7);
-	&lea	($tp8,&DWP(0,$tp4,$tp4));
-	&sub	($acc,$tmp);
-	&and	($tp8,0xfefefefe);
-	&and	($acc,0x1b1b1b1b);
-	 &xor	($tp4,$s[$i]);	# tp4^tp1
-	 &rotl	($s[$i],8);	# = ROTATE(tp1,8)
-	&xor	($tp8,$acc);
-
-	&xor	($s[$i],$tp2);
-	&xor	($tp2,$tp8);
-	&xor	($s[$i],$tp4);
-	&xor	($tp4,$tp8);
-	&rotl	($tp2,24);
-	&xor	($s[$i],$tp8);	# ^= tp8^(tp4^tp1)^(tp2^tp1)
-	&rotl	($tp4,16);
-	&xor	($s[$i],$tp2);	# ^= ROTATE(tp8^tp2^tp1,24)
-	&rotl	($tp8,8);
-	&xor	($s[$i],$tp4);	# ^= ROTATE(tp8^tp4^tp1,16)
-	 &mov	($s[0],$__s0)			if($i==2); #prefetch $s0
-	 &mov	($s[1],$__s1)			if($i==3); #prefetch $s1
-	 &mov	($s[2],$__s2)			if($i==1);
-	&xor	($s[$i],$tp8);	# ^= ROTATE(tp8,8)
-
-	&mov	($s[3],$__s3)			if($i==1);
-	&mov	(&DWP(4+4*$i,"esp"),$s[$i])	if($i>=2);
-}
-
-&function_begin_B("_x86_AES_decrypt_compact");
-	# note that caller is expected to allocate stack frame for me!
-	&mov	($__key,$key);			# save key
-
-	&xor	($s0,&DWP(0,$key));		# xor with key
-	&xor	($s1,&DWP(4,$key));
-	&xor	($s2,&DWP(8,$key));
-	&xor	($s3,&DWP(12,$key));
-
-	&mov	($acc,&DWP(240,$key));		# load key->rounds
-
-	&lea	($acc,&DWP(-2,$acc,$acc));
-	&lea	($acc,&DWP(0,$key,$acc,8));
-	&mov	($__end,$acc);			# end of key schedule
-
-	# prefetch Td4
-	&mov	($key,&DWP(0-128,$tbl));
-	&mov	($acc,&DWP(32-128,$tbl));
-	&mov	($key,&DWP(64-128,$tbl));
-	&mov	($acc,&DWP(96-128,$tbl));
-	&mov	($key,&DWP(128-128,$tbl));
-	&mov	($acc,&DWP(160-128,$tbl));
-	&mov	($key,&DWP(192-128,$tbl));
-	&mov	($acc,&DWP(224-128,$tbl));
-
-	&set_label("loop",16);
-
-		&deccompact(0,$tbl,$s0,$s3,$s2,$s1,1);
-		&deccompact(1,$tbl,$s1,$s0,$s3,$s2,1);
-		&deccompact(2,$tbl,$s2,$s1,$s0,$s3,1);
-		&deccompact(3,$tbl,$s3,$s2,$s1,$s0,1);
-		&dectransform(2);
-		&dectransform(3);
-		&dectransform(0);
-		&dectransform(1);
-		&mov 	($key,$__key);
-		&mov	($tbl,$__tbl);
-		&add	($key,16);		# advance rd_key
-		&xor	($s0,&DWP(0,$key));
-		&xor	($s1,&DWP(4,$key));
-		&xor	($s2,&DWP(8,$key));
-		&xor	($s3,&DWP(12,$key));
-
-	&cmp	($key,$__end);
-	&mov	($__key,$key);
-	&jb	(&label("loop"));
-
-	&deccompact(0,$tbl,$s0,$s3,$s2,$s1);
-	&deccompact(1,$tbl,$s1,$s0,$s3,$s2);
-	&deccompact(2,$tbl,$s2,$s1,$s0,$s3);
-	&deccompact(3,$tbl,$s3,$s2,$s1,$s0);
-
-	&xor	($s0,&DWP(16,$key));
-	&xor	($s1,&DWP(20,$key));
-	&xor	($s2,&DWP(24,$key));
-	&xor	($s3,&DWP(28,$key));
-
-	&ret	();
-&function_end_B("_x86_AES_decrypt_compact");
-
-######################################################################
-# "Compact" SSE block function.
-######################################################################
-
-sub sse_deccompact()
-{
-	&pshufw	("mm1","mm0",0x0c);		#  7, 6, 1, 0
-	&pshufw	("mm5","mm4",0x09);		# 13,12,11,10
-	&movd	("eax","mm1");			#  7, 6, 1, 0
-	&movd	("ebx","mm5");			# 13,12,11,10
-	&mov	($__key,$key);
-
-	&movz	($acc,&LB("eax"));		#  0
-	&movz	("edx",&HB("eax"));		#  1
-	&pshufw	("mm2","mm0",0x06);		#  3, 2, 5, 4
-	&movz	("ecx",&BP(-128,$tbl,$acc,1));	#  0
-	&movz	($key,&LB("ebx"));		# 10
-	&movz	("edx",&BP(-128,$tbl,"edx",1));	#  1
-	&shr	("eax",16);			#  7, 6
-	&shl	("edx",8);			#  1
-
-	&movz	($acc,&BP(-128,$tbl,$key,1));	# 10
-	&movz	($key,&HB("ebx"));		# 11
-	&shl	($acc,16);			# 10
-	&pshufw	("mm6","mm4",0x03);		# 9, 8,15,14
-	&or	("ecx",$acc);			# 10
-	&movz	($acc,&BP(-128,$tbl,$key,1));	# 11
-	&movz	($key,&HB("eax"));		#  7
-	&shl	($acc,24);			# 11
-	&shr	("ebx",16);			# 13,12
-	&or	("edx",$acc);			# 11
-
-	&movz	($acc,&BP(-128,$tbl,$key,1));	#  7
-	&movz	($key,&HB("ebx"));		# 13
-	&shl	($acc,24);			#  7
-	&or	("ecx",$acc);			#  7
-	&movz	($acc,&BP(-128,$tbl,$key,1));	# 13
-	&movz	($key,&LB("eax"));		#  6
-	&shl	($acc,8);			# 13
-	&movd	("eax","mm2");			#  3, 2, 5, 4
-	&or	("ecx",$acc);			# 13
-
-	&movz	($acc,&BP(-128,$tbl,$key,1));	#  6
-	&movz	($key,&LB("ebx"));		# 12
-	&shl	($acc,16);			#  6
-	&movd	("ebx","mm6");			#  9, 8,15,14
-	&movd	("mm0","ecx");			# t[0] collected
-	&movz	("ecx",&BP(-128,$tbl,$key,1));	# 12
-	&movz	($key,&LB("eax"));		#  4
-	&or	("ecx",$acc);			# 12
-
-	&movz	($acc,&BP(-128,$tbl,$key,1));	#  4
-	&movz	($key,&LB("ebx"));		# 14
-	&or	("edx",$acc);			#  4
-	&movz	($acc,&BP(-128,$tbl,$key,1));	# 14
-	&movz	($key,&HB("eax"));		#  5
-	&shl	($acc,16);			# 14
-	&shr	("eax",16);			#  3, 2
-	&or	("edx",$acc);			# 14
-
-	&movz	($acc,&BP(-128,$tbl,$key,1));	#  5
-	&movz	($key,&HB("ebx"));		# 15
-	&shr	("ebx",16);			#  9, 8
-	&shl	($acc,8);			#  5
-	&movd	("mm1","edx");			# t[1] collected
-	&movz	("edx",&BP(-128,$tbl,$key,1));	# 15
-	&movz	($key,&HB("ebx"));		#  9
-	&shl	("edx",24);			# 15
-	&and	("ebx",0xff);			#  8
-	&or	("edx",$acc);			# 15
-
-	&punpckldq	("mm0","mm1");		# t[0,1] collected
-
-	&movz	($acc,&BP(-128,$tbl,$key,1));	#  9
-	&movz	($key,&LB("eax"));		#  2
-	&shl	($acc,8);			#  9
-	&movz	("eax",&HB("eax"));		#  3
-	&movz	("ebx",&BP(-128,$tbl,"ebx",1));	#  8
-	&or	("ecx",$acc);			#  9
-	&movz	($acc,&BP(-128,$tbl,$key,1));	#  2
-	&or	("edx","ebx");			#  8
-	&shl	($acc,16);			#  2
-	&movz	("eax",&BP(-128,$tbl,"eax",1));	#  3
-	&or	("edx",$acc);			#  2
-	&shl	("eax",24);			#  3
-	&or	("ecx","eax");			#  3
-	&mov	($key,$__key);
-	&movd	("mm4","edx");			# t[2] collected
-	&movd	("mm5","ecx");			# t[3] collected
-
-	&punpckldq	("mm4","mm5");		# t[2,3] collected
-}
-
-					if (!$x86only) {
-&function_begin_B("_sse_AES_decrypt_compact");
-	&pxor	("mm0",&QWP(0,$key));	#  7, 6, 5, 4, 3, 2, 1, 0
-	&pxor	("mm4",&QWP(8,$key));	# 15,14,13,12,11,10, 9, 8
-
-	# note that caller is expected to allocate stack frame for me!
-	&mov	($acc,&DWP(240,$key));		# load key->rounds
-	&lea	($acc,&DWP(-2,$acc,$acc));
-	&lea	($acc,&DWP(0,$key,$acc,8));
-	&mov	($__end,$acc);			# end of key schedule
-
-	&mov	($s0,0x1b1b1b1b);		# magic constant
-	&mov	(&DWP(8,"esp"),$s0);
-	&mov	(&DWP(12,"esp"),$s0);
-
-	# prefetch Td4
-	&mov	($s0,&DWP(0-128,$tbl));
-	&mov	($s1,&DWP(32-128,$tbl));
-	&mov	($s2,&DWP(64-128,$tbl));
-	&mov	($s3,&DWP(96-128,$tbl));
-	&mov	($s0,&DWP(128-128,$tbl));
-	&mov	($s1,&DWP(160-128,$tbl));
-	&mov	($s2,&DWP(192-128,$tbl));
-	&mov	($s3,&DWP(224-128,$tbl));
-
-	&set_label("loop",16);
-		&sse_deccompact();
-		&add	($key,16);
-		&cmp	($key,$__end);
-		&ja	(&label("out"));
-
-		# ROTATE(x^y,N) == ROTATE(x,N)^ROTATE(y,N)
-		&movq	("mm3","mm0");		&movq	("mm7","mm4");
-		&movq	("mm2","mm0",1);	&movq	("mm6","mm4",1);
-		&movq	("mm1","mm0");		&movq	("mm5","mm4");
-		&pshufw	("mm0","mm0",0xb1);	&pshufw	("mm4","mm4",0xb1);# = ROTATE(tp0,16)
-		&pslld	("mm2",8);		&pslld	("mm6",8);
-		&psrld	("mm3",8);		&psrld	("mm7",8);
-		&pxor	("mm0","mm2");		&pxor	("mm4","mm6");	# ^= tp0<<8
-		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# ^= tp0>>8
-		&pslld	("mm2",16);		&pslld	("mm6",16);
-		&psrld	("mm3",16);		&psrld	("mm7",16);
-		&pxor	("mm0","mm2");		&pxor	("mm4","mm6");	# ^= tp0<<24
-		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# ^= tp0>>24
-
-		&movq	("mm3",&QWP(8,"esp"));
-		&pxor	("mm2","mm2");		&pxor	("mm6","mm6");
-		&pcmpgtb("mm2","mm1");		&pcmpgtb("mm6","mm5");
-		&pand	("mm2","mm3");		&pand	("mm6","mm3");
-		&paddb	("mm1","mm1");		&paddb	("mm5","mm5");
-		&pxor	("mm1","mm2");		&pxor	("mm5","mm6");	# tp2
-		&movq	("mm3","mm1");		&movq	("mm7","mm5");
-		&movq	("mm2","mm1");		&movq	("mm6","mm5");
-		&pxor	("mm0","mm1");		&pxor	("mm4","mm5");	# ^= tp2
-		&pslld	("mm3",24);		&pslld	("mm7",24);
-		&psrld	("mm2",8);		&psrld	("mm6",8);
-		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# ^= tp2<<24
-		&pxor	("mm0","mm2");		&pxor	("mm4","mm6");	# ^= tp2>>8
-
-		&movq	("mm2",&QWP(8,"esp"));
-		&pxor	("mm3","mm3");		&pxor	("mm7","mm7");
-		&pcmpgtb("mm3","mm1");		&pcmpgtb("mm7","mm5");
-		&pand	("mm3","mm2");		&pand	("mm7","mm2");
-		&paddb	("mm1","mm1");		&paddb	("mm5","mm5");
-		&pxor	("mm1","mm3");		&pxor	("mm5","mm7");	# tp4
-		&pshufw	("mm3","mm1",0xb1);	&pshufw	("mm7","mm5",0xb1);
-		&pxor	("mm0","mm1");		&pxor	("mm4","mm5");	# ^= tp4
-		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# ^= ROTATE(tp4,16)
-
-		&pxor	("mm3","mm3");		&pxor	("mm7","mm7");
-		&pcmpgtb("mm3","mm1");		&pcmpgtb("mm7","mm5");
-		&pand	("mm3","mm2");		&pand	("mm7","mm2");
-		&paddb	("mm1","mm1");		&paddb	("mm5","mm5");
-		&pxor	("mm1","mm3");		&pxor	("mm5","mm7");	# tp8
-		&pxor	("mm0","mm1");		&pxor	("mm4","mm5");	# ^= tp8
-		&movq	("mm3","mm1");		&movq	("mm7","mm5");
-		&pshufw	("mm2","mm1",0xb1);	&pshufw	("mm6","mm5",0xb1);
-		&pxor	("mm0","mm2");		&pxor	("mm4","mm6");	# ^= ROTATE(tp8,16)
-		&pslld	("mm1",8);		&pslld	("mm5",8);
-		&psrld	("mm3",8);		&psrld	("mm7",8);
-		&movq	("mm2",&QWP(0,$key));	&movq	("mm6",&QWP(8,$key));
-		&pxor	("mm0","mm1");		&pxor	("mm4","mm5");	# ^= tp8<<8
-		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# ^= tp8>>8
-		&mov	($s0,&DWP(0-128,$tbl));
-		&pslld	("mm1",16);		&pslld	("mm5",16);
-		&mov	($s1,&DWP(64-128,$tbl));
-		&psrld	("mm3",16);		&psrld	("mm7",16);
-		&mov	($s2,&DWP(128-128,$tbl));
-		&pxor	("mm0","mm1");		&pxor	("mm4","mm5");	# ^= tp8<<24
-		&mov	($s3,&DWP(192-128,$tbl));
-		&pxor	("mm0","mm3");		&pxor	("mm4","mm7");	# ^= tp8>>24
-
-		&pxor	("mm0","mm2");		&pxor	("mm4","mm6");
-	&jmp	(&label("loop"));
-
-	&set_label("out",16);
-	&pxor	("mm0",&QWP(0,$key));
-	&pxor	("mm4",&QWP(8,$key));
-
-	&ret	();
-&function_end_B("_sse_AES_decrypt_compact");
-					}
-
-######################################################################
-# Vanilla block function.
-######################################################################
-
-sub decstep()
-{ my ($i,$td,@s) = @_;
-  my $tmp = $key;
-  my $out = $i==3?$s[0]:$acc;
-
-	# no instructions are reordered, as performance appears
-	# optimal... or rather that all attempts to reorder didn't
-	# result in better performance [which by the way is not a
-	# bit lower than encryption].
-	if($i==3)   {	&mov	($key,$__key);			}
-	else        {	&mov	($out,$s[0]);			}
-			&and	($out,0xFF);
-			&mov	($out,&DWP(0,$td,$out,8));
-
-	if ($i==3)  {	$tmp=$s[1];				}
-			&movz	($tmp,&HB($s[1]));
-			&xor	($out,&DWP(3,$td,$tmp,8));
-
-	if ($i==3)  {	$tmp=$s[2]; &mov ($s[1],$acc);		}
-	else        {	&mov	($tmp,$s[2]);			}
-			&shr	($tmp,16);
-			&and	($tmp,0xFF);
-			&xor	($out,&DWP(2,$td,$tmp,8));
-
-	if ($i==3)  {	$tmp=$s[3]; &mov ($s[2],$__s1);		}
-	else        {	&mov	($tmp,$s[3]);			}
-			&shr	($tmp,24);
-			&xor	($out,&DWP(1,$td,$tmp,8));
-	if ($i<2)   {	&mov	(&DWP(4+4*$i,"esp"),$out);	}
-	if ($i==3)  {	&mov	($s[3],$__s0);			}
-			&comment();
-}
-
-sub declast()
-{ my ($i,$td,@s)=@_;
-  my $tmp = $key;
-  my $out = $i==3?$s[0]:$acc;
-
-	if($i==0)   {	&lea	($td,&DWP(2048+128,$td));
-			&mov	($tmp,&DWP(0-128,$td));
-			&mov	($acc,&DWP(32-128,$td));
-			&mov	($tmp,&DWP(64-128,$td));
-			&mov	($acc,&DWP(96-128,$td));
-			&mov	($tmp,&DWP(128-128,$td));
-			&mov	($acc,&DWP(160-128,$td));
-			&mov	($tmp,&DWP(192-128,$td));
-			&mov	($acc,&DWP(224-128,$td));
-			&lea	($td,&DWP(-128,$td));		}
-	if($i==3)   {	&mov	($key,$__key);			}
-	else        {	&mov	($out,$s[0]);			}
-			&and	($out,0xFF);
-			&movz	($out,&BP(0,$td,$out,1));
-
-	if ($i==3)  {	$tmp=$s[1];				}
-			&movz	($tmp,&HB($s[1]));
-			&movz	($tmp,&BP(0,$td,$tmp,1));
-			&shl	($tmp,8);
-			&xor	($out,$tmp);
-
-	if ($i==3)  {	$tmp=$s[2]; &mov ($s[1],$acc);		}
-	else        {	mov	($tmp,$s[2]);			}
-			&shr	($tmp,16);
-			&and	($tmp,0xFF);
-			&movz	($tmp,&BP(0,$td,$tmp,1));
-			&shl	($tmp,16);
-			&xor	($out,$tmp);
-
-	if ($i==3)  {	$tmp=$s[3]; &mov ($s[2],$__s1);		}
-	else        {	&mov	($tmp,$s[3]);			}
-			&shr	($tmp,24);
-			&movz	($tmp,&BP(0,$td,$tmp,1));
-			&shl	($tmp,24);
-			&xor	($out,$tmp);
-	if ($i<2)   {	&mov	(&DWP(4+4*$i,"esp"),$out);	}
-	if ($i==3)  {	&mov	($s[3],$__s0);
-			&lea	($td,&DWP(-2048,$td));		}
-}
-
-&function_begin_B("_x86_AES_decrypt");
-	# note that caller is expected to allocate stack frame for me!
-	&mov	($__key,$key);			# save key
-
-	&xor	($s0,&DWP(0,$key));		# xor with key
-	&xor	($s1,&DWP(4,$key));
-	&xor	($s2,&DWP(8,$key));
-	&xor	($s3,&DWP(12,$key));
-
-	&mov	($acc,&DWP(240,$key));		# load key->rounds
-
-	if ($small_footprint) {
-	    &lea	($acc,&DWP(-2,$acc,$acc));
-	    &lea	($acc,&DWP(0,$key,$acc,8));
-	    &mov	($__end,$acc);		# end of key schedule
-	    &set_label("loop",16);
-		&decstep(0,$tbl,$s0,$s3,$s2,$s1);
-		&decstep(1,$tbl,$s1,$s0,$s3,$s2);
-		&decstep(2,$tbl,$s2,$s1,$s0,$s3);
-		&decstep(3,$tbl,$s3,$s2,$s1,$s0);
-		&add	($key,16);		# advance rd_key
-		&xor	($s0,&DWP(0,$key));
-		&xor	($s1,&DWP(4,$key));
-		&xor	($s2,&DWP(8,$key));
-		&xor	($s3,&DWP(12,$key));
-	    &cmp	($key,$__end);
-	    &mov	($__key,$key);
-	    &jb		(&label("loop"));
-	}
-	else {
-	    &cmp	($acc,10);
-	    &jle	(&label("10rounds"));
-	    &cmp	($acc,12);
-	    &jle	(&label("12rounds"));
-
-	&set_label("14rounds",4);
-	    for ($i=1;$i<3;$i++) {
-		&decstep(0,$tbl,$s0,$s3,$s2,$s1);
-		&decstep(1,$tbl,$s1,$s0,$s3,$s2);
-		&decstep(2,$tbl,$s2,$s1,$s0,$s3);
-		&decstep(3,$tbl,$s3,$s2,$s1,$s0);
-		&xor	($s0,&DWP(16*$i+0,$key));
-		&xor	($s1,&DWP(16*$i+4,$key));
-		&xor	($s2,&DWP(16*$i+8,$key));
-		&xor	($s3,&DWP(16*$i+12,$key));
-	    }
-	    &add	($key,32);
-	    &mov	($__key,$key);		# advance rd_key
-	&set_label("12rounds",4);
-	    for ($i=1;$i<3;$i++) {
-		&decstep(0,$tbl,$s0,$s3,$s2,$s1);
-		&decstep(1,$tbl,$s1,$s0,$s3,$s2);
-		&decstep(2,$tbl,$s2,$s1,$s0,$s3);
-		&decstep(3,$tbl,$s3,$s2,$s1,$s0);
-		&xor	($s0,&DWP(16*$i+0,$key));
-		&xor	($s1,&DWP(16*$i+4,$key));
-		&xor	($s2,&DWP(16*$i+8,$key));
-		&xor	($s3,&DWP(16*$i+12,$key));
-	    }
-	    &add	($key,32);
-	    &mov	($__key,$key);		# advance rd_key
-	&set_label("10rounds",4);
-	    for ($i=1;$i<10;$i++) {
-		&decstep(0,$tbl,$s0,$s3,$s2,$s1);
-		&decstep(1,$tbl,$s1,$s0,$s3,$s2);
-		&decstep(2,$tbl,$s2,$s1,$s0,$s3);
-		&decstep(3,$tbl,$s3,$s2,$s1,$s0);
-		&xor	($s0,&DWP(16*$i+0,$key));
-		&xor	($s1,&DWP(16*$i+4,$key));
-		&xor	($s2,&DWP(16*$i+8,$key));
-		&xor	($s3,&DWP(16*$i+12,$key));
-	    }
-	}
-
-	&declast(0,$tbl,$s0,$s3,$s2,$s1);
-	&declast(1,$tbl,$s1,$s0,$s3,$s2);
-	&declast(2,$tbl,$s2,$s1,$s0,$s3);
-	&declast(3,$tbl,$s3,$s2,$s1,$s0);
-
-	&add	($key,$small_footprint?16:160);
-	&xor	($s0,&DWP(0,$key));
-	&xor	($s1,&DWP(4,$key));
-	&xor	($s2,&DWP(8,$key));
-	&xor	($s3,&DWP(12,$key));
-
-	&ret	();
-
-&set_label("AES_Td",64);	# Yes! I keep it in the code segment!
-	&_data_word(0x50a7f451, 0x5365417e, 0xc3a4171a, 0x965e273a);
-	&_data_word(0xcb6bab3b, 0xf1459d1f, 0xab58faac, 0x9303e34b);
-	&_data_word(0x55fa3020, 0xf66d76ad, 0x9176cc88, 0x254c02f5);
-	&_data_word(0xfcd7e54f, 0xd7cb2ac5, 0x80443526, 0x8fa362b5);
-	&_data_word(0x495ab1de, 0x671bba25, 0x980eea45, 0xe1c0fe5d);
-	&_data_word(0x02752fc3, 0x12f04c81, 0xa397468d, 0xc6f9d36b);
-	&_data_word(0xe75f8f03, 0x959c9215, 0xeb7a6dbf, 0xda595295);
-	&_data_word(0x2d83bed4, 0xd3217458, 0x2969e049, 0x44c8c98e);
-	&_data_word(0x6a89c275, 0x78798ef4, 0x6b3e5899, 0xdd71b927);
-	&_data_word(0xb64fe1be, 0x17ad88f0, 0x66ac20c9, 0xb43ace7d);
-	&_data_word(0x184adf63, 0x82311ae5, 0x60335197, 0x457f5362);
-	&_data_word(0xe07764b1, 0x84ae6bbb, 0x1ca081fe, 0x942b08f9);
-	&_data_word(0x58684870, 0x19fd458f, 0x876cde94, 0xb7f87b52);
-	&_data_word(0x23d373ab, 0xe2024b72, 0x578f1fe3, 0x2aab5566);
-	&_data_word(0x0728ebb2, 0x03c2b52f, 0x9a7bc586, 0xa50837d3);
-	&_data_word(0xf2872830, 0xb2a5bf23, 0xba6a0302, 0x5c8216ed);
-	&_data_word(0x2b1ccf8a, 0x92b479a7, 0xf0f207f3, 0xa1e2694e);
-	&_data_word(0xcdf4da65, 0xd5be0506, 0x1f6234d1, 0x8afea6c4);
-	&_data_word(0x9d532e34, 0xa055f3a2, 0x32e18a05, 0x75ebf6a4);
-	&_data_word(0x39ec830b, 0xaaef6040, 0x069f715e, 0x51106ebd);
-	&_data_word(0xf98a213e, 0x3d06dd96, 0xae053edd, 0x46bde64d);
-	&_data_word(0xb58d5491, 0x055dc471, 0x6fd40604, 0xff155060);
-	&_data_word(0x24fb9819, 0x97e9bdd6, 0xcc434089, 0x779ed967);
-	&_data_word(0xbd42e8b0, 0x888b8907, 0x385b19e7, 0xdbeec879);
-	&_data_word(0x470a7ca1, 0xe90f427c, 0xc91e84f8, 0x00000000);
-	&_data_word(0x83868009, 0x48ed2b32, 0xac70111e, 0x4e725a6c);
-	&_data_word(0xfbff0efd, 0x5638850f, 0x1ed5ae3d, 0x27392d36);
-	&_data_word(0x64d90f0a, 0x21a65c68, 0xd1545b9b, 0x3a2e3624);
-	&_data_word(0xb1670a0c, 0x0fe75793, 0xd296eeb4, 0x9e919b1b);
-	&_data_word(0x4fc5c080, 0xa220dc61, 0x694b775a, 0x161a121c);
-	&_data_word(0x0aba93e2, 0xe52aa0c0, 0x43e0223c, 0x1d171b12);
-	&_data_word(0x0b0d090e, 0xadc78bf2, 0xb9a8b62d, 0xc8a91e14);
-	&_data_word(0x8519f157, 0x4c0775af, 0xbbdd99ee, 0xfd607fa3);
-	&_data_word(0x9f2601f7, 0xbcf5725c, 0xc53b6644, 0x347efb5b);
-	&_data_word(0x7629438b, 0xdcc623cb, 0x68fcedb6, 0x63f1e4b8);
-	&_data_word(0xcadc31d7, 0x10856342, 0x40229713, 0x2011c684);
-	&_data_word(0x7d244a85, 0xf83dbbd2, 0x1132f9ae, 0x6da129c7);
-	&_data_word(0x4b2f9e1d, 0xf330b2dc, 0xec52860d, 0xd0e3c177);
-	&_data_word(0x6c16b32b, 0x99b970a9, 0xfa489411, 0x2264e947);
-	&_data_word(0xc48cfca8, 0x1a3ff0a0, 0xd82c7d56, 0xef903322);
-	&_data_word(0xc74e4987, 0xc1d138d9, 0xfea2ca8c, 0x360bd498);
-	&_data_word(0xcf81f5a6, 0x28de7aa5, 0x268eb7da, 0xa4bfad3f);
-	&_data_word(0xe49d3a2c, 0x0d927850, 0x9bcc5f6a, 0x62467e54);
-	&_data_word(0xc2138df6, 0xe8b8d890, 0x5ef7392e, 0xf5afc382);
-	&_data_word(0xbe805d9f, 0x7c93d069, 0xa92dd56f, 0xb31225cf);
-	&_data_word(0x3b99acc8, 0xa77d1810, 0x6e639ce8, 0x7bbb3bdb);
-	&_data_word(0x097826cd, 0xf418596e, 0x01b79aec, 0xa89a4f83);
-	&_data_word(0x656e95e6, 0x7ee6ffaa, 0x08cfbc21, 0xe6e815ef);
-	&_data_word(0xd99be7ba, 0xce366f4a, 0xd4099fea, 0xd67cb029);
-	&_data_word(0xafb2a431, 0x31233f2a, 0x3094a5c6, 0xc066a235);
-	&_data_word(0x37bc4e74, 0xa6ca82fc, 0xb0d090e0, 0x15d8a733);
-	&_data_word(0x4a9804f1, 0xf7daec41, 0x0e50cd7f, 0x2ff69117);
-	&_data_word(0x8dd64d76, 0x4db0ef43, 0x544daacc, 0xdf0496e4);
-	&_data_word(0xe3b5d19e, 0x1b886a4c, 0xb81f2cc1, 0x7f516546);
-	&_data_word(0x04ea5e9d, 0x5d358c01, 0x737487fa, 0x2e410bfb);
-	&_data_word(0x5a1d67b3, 0x52d2db92, 0x335610e9, 0x1347d66d);
-	&_data_word(0x8c61d79a, 0x7a0ca137, 0x8e14f859, 0x893c13eb);
-	&_data_word(0xee27a9ce, 0x35c961b7, 0xede51ce1, 0x3cb1477a);
-	&_data_word(0x59dfd29c, 0x3f73f255, 0x79ce1418, 0xbf37c773);
-	&_data_word(0xeacdf753, 0x5baafd5f, 0x146f3ddf, 0x86db4478);
-	&_data_word(0x81f3afca, 0x3ec468b9, 0x2c342438, 0x5f40a3c2);
-	&_data_word(0x72c31d16, 0x0c25e2bc, 0x8b493c28, 0x41950dff);
-	&_data_word(0x7101a839, 0xdeb30c08, 0x9ce4b4d8, 0x90c15664);
-	&_data_word(0x6184cb7b, 0x70b632d5, 0x745c6c48, 0x4257b8d0);
-
-#Td4:	# four copies of Td4 to choose from to avoid L1 aliasing
-	&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
-	&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
-	&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
-	&data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
-	&data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
-	&data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
-	&data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
-	&data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
-	&data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
-	&data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
-	&data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
-	&data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
-	&data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
-	&data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
-	&data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
-	&data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
-	&data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
-	&data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
-	&data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
-	&data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
-	&data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
-	&data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
-	&data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
-	&data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
-	&data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
-	&data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
-	&data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
-	&data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
-	&data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
-	&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
-	&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
-	&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
-
-	&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
-	&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
-	&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
-	&data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
-	&data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
-	&data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
-	&data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
-	&data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
-	&data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
-	&data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
-	&data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
-	&data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
-	&data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
-	&data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
-	&data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
-	&data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
-	&data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
-	&data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
-	&data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
-	&data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
-	&data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
-	&data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
-	&data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
-	&data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
-	&data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
-	&data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
-	&data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
-	&data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
-	&data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
-	&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
-	&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
-	&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
-
-	&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
-	&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
-	&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
-	&data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
-	&data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
-	&data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
-	&data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
-	&data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
-	&data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
-	&data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
-	&data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
-	&data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
-	&data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
-	&data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
-	&data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
-	&data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
-	&data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
-	&data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
-	&data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
-	&data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
-	&data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
-	&data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
-	&data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
-	&data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
-	&data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
-	&data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
-	&data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
-	&data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
-	&data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
-	&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
-	&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
-	&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
-
-	&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
-	&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
-	&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
-	&data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
-	&data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
-	&data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
-	&data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
-	&data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
-	&data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
-	&data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
-	&data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
-	&data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
-	&data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
-	&data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
-	&data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
-	&data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
-	&data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
-	&data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
-	&data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
-	&data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
-	&data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
-	&data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
-	&data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
-	&data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
-	&data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
-	&data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
-	&data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
-	&data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
-	&data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
-	&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
-	&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
-	&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
-&function_end_B("_x86_AES_decrypt");
-
-# void AES_decrypt (const void *inp,void *out,const AES_KEY *key);
-&function_begin("AES_decrypt");
-	&mov	($acc,&wparam(0));		# load inp
-	&mov	($key,&wparam(2));		# load key
-
-	&mov	($s0,"esp");
-	&sub	("esp",36);
-	&and	("esp",-64);			# align to cache-line
-
-	# place stack frame just "above" the key schedule
-	&lea	($s1,&DWP(-64-63,$key));
-	&sub	($s1,"esp");
-	&neg	($s1);
-	&and	($s1,0x3C0);	# modulo 1024, but aligned to cache-line
-	&sub	("esp",$s1);
-	&add	("esp",4);	# 4 is reserved for caller's return address
-	&mov	($_esp,$s0);	# save stack pointer
-
-	&call   (&label("pic_point"));          # make it PIC!
-	&set_label("pic_point");
-	&blindpop($tbl);
-	&picmeup($s0,"OPENSSL_ia32cap_P",$tbl,&label("pic_point")) if(!$x86only);
-	&lea    ($tbl,&DWP(&label("AES_Td")."-".&label("pic_point"),$tbl));
-
-	# pick Td4 copy which can't "overlap" with stack frame or key schedule
-	&lea	($s1,&DWP(768-4,"esp"));
-	&sub	($s1,$tbl);
-	&and	($s1,0x300);
-	&lea	($tbl,&DWP(2048+128,$tbl,$s1));
-
-					if (!$x86only) {
-	&bt	(&DWP(0,$s0),25);	# check for SSE bit
-	&jnc	(&label("x86"));
-
-	&movq	("mm0",&QWP(0,$acc));
-	&movq	("mm4",&QWP(8,$acc));
-	&call	("_sse_AES_decrypt_compact");
-	&mov	("esp",$_esp);			# restore stack pointer
-	&mov	($acc,&wparam(1));		# load out
-	&movq	(&QWP(0,$acc),"mm0");		# write output data
-	&movq	(&QWP(8,$acc),"mm4");
-	&emms	();
-	&function_end_A();
-					}
-	&set_label("x86",16);
-	&mov	($_tbl,$tbl);
-	&mov	($s0,&DWP(0,$acc));		# load input data
-	&mov	($s1,&DWP(4,$acc));
-	&mov	($s2,&DWP(8,$acc));
-	&mov	($s3,&DWP(12,$acc));
-	&call	("_x86_AES_decrypt_compact");
-	&mov	("esp",$_esp);			# restore stack pointer
-	&mov	($acc,&wparam(1));		# load out
-	&mov	(&DWP(0,$acc),$s0);		# write output data
-	&mov	(&DWP(4,$acc),$s1);
-	&mov	(&DWP(8,$acc),$s2);
-	&mov	(&DWP(12,$acc),$s3);
-&function_end("AES_decrypt");
-
-# void AES_cbc_encrypt (const void char *inp, unsigned char *out,
-#			size_t length, const AES_KEY *key,
-#			unsigned char *ivp,const int enc);
-{
-# stack frame layout
-#             -4(%esp)		# return address	 0(%esp)
-#              0(%esp)		# s0 backing store	 4(%esp)
-#              4(%esp)		# s1 backing store	 8(%esp)
-#              8(%esp)		# s2 backing store	12(%esp)
-#             12(%esp)		# s3 backing store	16(%esp)
-#             16(%esp)		# key backup		20(%esp)
-#             20(%esp)		# end of key schedule	24(%esp)
-#             24(%esp)		# %ebp backup		28(%esp)
-#             28(%esp)		# %esp backup
-my $_inp=&DWP(32,"esp");	# copy of wparam(0)
-my $_out=&DWP(36,"esp");	# copy of wparam(1)
-my $_len=&DWP(40,"esp");	# copy of wparam(2)
-my $_key=&DWP(44,"esp");	# copy of wparam(3)
-my $_ivp=&DWP(48,"esp");	# copy of wparam(4)
-my $_tmp=&DWP(52,"esp");	# volatile variable
-#
-my $ivec=&DWP(60,"esp");	# ivec[16]
-my $aes_key=&DWP(76,"esp");	# copy of aes_key
-my $mark=&DWP(76+240,"esp");	# copy of aes_key->rounds
-
-&function_begin("AES_cbc_encrypt");
-	&mov	($s2 eq "ecx"? $s2 : "",&wparam(2));	# load len
-	&cmp	($s2,0);
-	&je	(&label("drop_out"));
-
-	&call   (&label("pic_point"));		# make it PIC!
-	&set_label("pic_point");
-	&blindpop($tbl);
-	&picmeup($s0,"OPENSSL_ia32cap_P",$tbl,&label("pic_point")) if(!$x86only);
-
-	&cmp	(&wparam(5),0);
-	&lea    ($tbl,&DWP(&label("AES_Te")."-".&label("pic_point"),$tbl));
-	&jne	(&label("picked_te"));
-	&lea	($tbl,&DWP(&label("AES_Td")."-".&label("AES_Te"),$tbl));
-	&set_label("picked_te");
-
-	# one can argue if this is required
-	&pushf	();
-	&cld	();
-
-	&cmp	($s2,$speed_limit);
-	&jb	(&label("slow_way"));
-	&test	($s2,15);
-	&jnz	(&label("slow_way"));
-					if (!$x86only) {
-	&bt	(&DWP(0,$s0),28);	# check for hyper-threading bit
-	&jc	(&label("slow_way"));
-					}
-	# pre-allocate aligned stack frame...
-	&lea	($acc,&DWP(-80-244,"esp"));
-	&and	($acc,-64);
-
-	# ... and make sure it doesn't alias with $tbl modulo 4096
-	&mov	($s0,$tbl);
-	&lea	($s1,&DWP(2048+256,$tbl));
-	&mov	($s3,$acc);
-	&and	($s0,0xfff);		# s = %ebp&0xfff
-	&and	($s1,0xfff);		# e = (%ebp+2048+256)&0xfff
-	&and	($s3,0xfff);		# p = %esp&0xfff
-
-	&cmp	($s3,$s1);		# if (p>=e) %esp =- (p-e);
-	&jb	(&label("tbl_break_out"));
-	&sub	($s3,$s1);
-	&sub	($acc,$s3);
-	&jmp	(&label("tbl_ok"));
-	&set_label("tbl_break_out",4);	# else %esp -= (p-s)&0xfff + framesz;
-	&sub	($s3,$s0);
-	&and	($s3,0xfff);
-	&add	($s3,384);
-	&sub	($acc,$s3);
-	&set_label("tbl_ok",4);
-
-	&lea	($s3,&wparam(0));	# obtain pointer to parameter block
-	&exch	("esp",$acc);		# allocate stack frame
-	&add	("esp",4);		# reserve for return address!
-	&mov	($_tbl,$tbl);		# save %ebp
-	&mov	($_esp,$acc);		# save %esp
-
-	&mov	($s0,&DWP(0,$s3));	# load inp
-	&mov	($s1,&DWP(4,$s3));	# load out
-	#&mov	($s2,&DWP(8,$s3));	# load len
-	&mov	($key,&DWP(12,$s3));	# load key
-	&mov	($acc,&DWP(16,$s3));	# load ivp
-	&mov	($s3,&DWP(20,$s3));	# load enc flag
-
-	&mov	($_inp,$s0);		# save copy of inp
-	&mov	($_out,$s1);		# save copy of out
-	&mov	($_len,$s2);		# save copy of len
-	&mov	($_key,$key);		# save copy of key
-	&mov	($_ivp,$acc);		# save copy of ivp
-
-	&mov	($mark,0);		# copy of aes_key->rounds = 0;
-	# do we copy key schedule to stack?
-	&mov	($s1 eq "ebx" ? $s1 : "",$key);
-	&mov	($s2 eq "ecx" ? $s2 : "",244/4);
-	&sub	($s1,$tbl);
-	&mov	("esi",$key);
-	&and	($s1,0xfff);
-	&lea	("edi",$aes_key);
-	&cmp	($s1,2048+256);
-	&jb	(&label("do_copy"));
-	&cmp	($s1,4096-244);
-	&jb	(&label("skip_copy"));
-	&set_label("do_copy",4);
-		&mov	($_key,"edi");
-		&data_word(0xA5F3F689);	# rep movsd
-	&set_label("skip_copy");
-
-	&mov	($key,16);
-	&set_label("prefetch_tbl",4);
-		&mov	($s0,&DWP(0,$tbl));
-		&mov	($s1,&DWP(32,$tbl));
-		&mov	($s2,&DWP(64,$tbl));
-		&mov	($acc,&DWP(96,$tbl));
-		&lea	($tbl,&DWP(128,$tbl));
-		&sub	($key,1);
-	&jnz	(&label("prefetch_tbl"));
-	&sub	($tbl,2048);
-
-	&mov	($acc,$_inp);
-	&mov	($key,$_ivp);
-
-	&cmp	($s3,0);
-	&je	(&label("fast_decrypt"));
-
-#----------------------------- ENCRYPT -----------------------------#
-	&mov	($s0,&DWP(0,$key));		# load iv
-	&mov	($s1,&DWP(4,$key));
-
-	&set_label("fast_enc_loop",16);
-		&mov	($s2,&DWP(8,$key));
-		&mov	($s3,&DWP(12,$key));
-
-		&xor	($s0,&DWP(0,$acc));	# xor input data
-		&xor	($s1,&DWP(4,$acc));
-		&xor	($s2,&DWP(8,$acc));
-		&xor	($s3,&DWP(12,$acc));
-
-		&mov	($key,$_key);		# load key
-		&call	("_x86_AES_encrypt");
-
-		&mov	($acc,$_inp);		# load inp
-		&mov	($key,$_out);		# load out
-
-		&mov	(&DWP(0,$key),$s0);	# save output data
-		&mov	(&DWP(4,$key),$s1);
-		&mov	(&DWP(8,$key),$s2);
-		&mov	(&DWP(12,$key),$s3);
-
-		&lea	($acc,&DWP(16,$acc));	# advance inp
-		&mov	($s2,$_len);		# load len
-		&mov	($_inp,$acc);		# save inp
-		&lea	($s3,&DWP(16,$key));	# advance out
-		&mov	($_out,$s3);		# save out
-		&sub	($s2,16);		# decrease len
-		&mov	($_len,$s2);		# save len
-	&jnz	(&label("fast_enc_loop"));
-	&mov	($acc,$_ivp);		# load ivp
-	&mov	($s2,&DWP(8,$key));	# restore last 2 dwords
-	&mov	($s3,&DWP(12,$key));
-	&mov	(&DWP(0,$acc),$s0);	# save ivec
-	&mov	(&DWP(4,$acc),$s1);
-	&mov	(&DWP(8,$acc),$s2);
-	&mov	(&DWP(12,$acc),$s3);
-
-	&cmp	($mark,0);		# was the key schedule copied?
-	&mov	("edi",$_key);
-	&je	(&label("skip_ezero"));
-	# zero copy of key schedule
-	&mov	("ecx",240/4);
-	&xor	("eax","eax");
-	&align	(4);
-	&data_word(0xABF3F689);		# rep stosd
-	&set_label("skip_ezero");
-	&mov	("esp",$_esp);
-	&popf	();
-    &set_label("drop_out");
-	&function_end_A();
-	&pushf	();			# kludge, never executed
-
-#----------------------------- DECRYPT -----------------------------#
-&set_label("fast_decrypt",16);
-
-	&cmp	($acc,$_out);
-	&je	(&label("fast_dec_in_place"));	# in-place processing...
-
-	&mov	($_tmp,$key);
-
-	&align	(4);
-	&set_label("fast_dec_loop",16);
-		&mov	($s0,&DWP(0,$acc));	# read input
-		&mov	($s1,&DWP(4,$acc));
-		&mov	($s2,&DWP(8,$acc));
-		&mov	($s3,&DWP(12,$acc));
-
-		&mov	($key,$_key);		# load key
-		&call	("_x86_AES_decrypt");
-
-		&mov	($key,$_tmp);		# load ivp
-		&mov	($acc,$_len);		# load len
-		&xor	($s0,&DWP(0,$key));	# xor iv
-		&xor	($s1,&DWP(4,$key));
-		&xor	($s2,&DWP(8,$key));
-		&xor	($s3,&DWP(12,$key));
-
-		&mov	($key,$_out);		# load out
-		&mov	($acc,$_inp);		# load inp
-
-		&mov	(&DWP(0,$key),$s0);	# write output
-		&mov	(&DWP(4,$key),$s1);
-		&mov	(&DWP(8,$key),$s2);
-		&mov	(&DWP(12,$key),$s3);
-
-		&mov	($s2,$_len);		# load len
-		&mov	($_tmp,$acc);		# save ivp
-		&lea	($acc,&DWP(16,$acc));	# advance inp
-		&mov	($_inp,$acc);		# save inp
-		&lea	($key,&DWP(16,$key));	# advance out
-		&mov	($_out,$key);		# save out
-		&sub	($s2,16);		# decrease len
-		&mov	($_len,$s2);		# save len
-	&jnz	(&label("fast_dec_loop"));
-	&mov	($key,$_tmp);		# load temp ivp
-	&mov	($acc,$_ivp);		# load user ivp
-	&mov	($s0,&DWP(0,$key));	# load iv
-	&mov	($s1,&DWP(4,$key));
-	&mov	($s2,&DWP(8,$key));
-	&mov	($s3,&DWP(12,$key));
-	&mov	(&DWP(0,$acc),$s0);	# copy back to user
-	&mov	(&DWP(4,$acc),$s1);
-	&mov	(&DWP(8,$acc),$s2);
-	&mov	(&DWP(12,$acc),$s3);
-	&jmp	(&label("fast_dec_out"));
-
-    &set_label("fast_dec_in_place",16);
-	&set_label("fast_dec_in_place_loop");
-		&mov	($s0,&DWP(0,$acc));	# read input
-		&mov	($s1,&DWP(4,$acc));
-		&mov	($s2,&DWP(8,$acc));
-		&mov	($s3,&DWP(12,$acc));
-
-		&lea	($key,$ivec);
-		&mov	(&DWP(0,$key),$s0);	# copy to temp
-		&mov	(&DWP(4,$key),$s1);
-		&mov	(&DWP(8,$key),$s2);
-		&mov	(&DWP(12,$key),$s3);
-
-		&mov	($key,$_key);		# load key
-		&call	("_x86_AES_decrypt");
-
-		&mov	($key,$_ivp);		# load ivp
-		&mov	($acc,$_out);		# load out
-		&xor	($s0,&DWP(0,$key));	# xor iv
-		&xor	($s1,&DWP(4,$key));
-		&xor	($s2,&DWP(8,$key));
-		&xor	($s3,&DWP(12,$key));
-
-		&mov	(&DWP(0,$acc),$s0);	# write output
-		&mov	(&DWP(4,$acc),$s1);
-		&mov	(&DWP(8,$acc),$s2);
-		&mov	(&DWP(12,$acc),$s3);
-
-		&lea	($acc,&DWP(16,$acc));	# advance out
-		&mov	($_out,$acc);		# save out
-
-		&lea	($acc,$ivec);
-		&mov	($s0,&DWP(0,$acc));	# read temp
-		&mov	($s1,&DWP(4,$acc));
-		&mov	($s2,&DWP(8,$acc));
-		&mov	($s3,&DWP(12,$acc));
-
-		&mov	(&DWP(0,$key),$s0);	# copy iv
-		&mov	(&DWP(4,$key),$s1);
-		&mov	(&DWP(8,$key),$s2);
-		&mov	(&DWP(12,$key),$s3);
-
-		&mov	($acc,$_inp);		# load inp
-		&mov	($s2,$_len);		# load len
-		&lea	($acc,&DWP(16,$acc));	# advance inp
-		&mov	($_inp,$acc);		# save inp
-		&sub	($s2,16);		# decrease len
-		&mov	($_len,$s2);		# save len
-	&jnz	(&label("fast_dec_in_place_loop"));
-
-    &set_label("fast_dec_out",4);
-	&cmp	($mark,0);		# was the key schedule copied?
-	&mov	("edi",$_key);
-	&je	(&label("skip_dzero"));
-	# zero copy of key schedule
-	&mov	("ecx",240/4);
-	&xor	("eax","eax");
-	&align	(4);
-	&data_word(0xABF3F689);		# rep stosd
-	&set_label("skip_dzero");
-	&mov	("esp",$_esp);
-	&popf	();
-	&function_end_A();
-	&pushf	();			# kludge, never executed
-
-#--------------------------- SLOW ROUTINE ---------------------------#
-&set_label("slow_way",16);
-
-	&mov	($s0,&DWP(0,$s0)) if (!$x86only);# load OPENSSL_ia32cap
-	&mov	($key,&wparam(3));	# load key
-
-	# pre-allocate aligned stack frame...
-	&lea	($acc,&DWP(-80,"esp"));
-	&and	($acc,-64);
-
-	# ... and make sure it doesn't alias with $key modulo 1024
-	&lea	($s1,&DWP(-80-63,$key));
-	&sub	($s1,$acc);
-	&neg	($s1);
-	&and	($s1,0x3C0);	# modulo 1024, but aligned to cache-line
-	&sub	($acc,$s1);
-
-	# pick S-box copy which can't overlap with stack frame or $key
-	&lea	($s1,&DWP(768,$acc));
-	&sub	($s1,$tbl);
-	&and	($s1,0x300);
-	&lea	($tbl,&DWP(2048+128,$tbl,$s1));
-
-	&lea	($s3,&wparam(0));	# pointer to parameter block
-
-	&exch	("esp",$acc);
-	&add	("esp",4);		# reserve for return address!
-	&mov	($_tbl,$tbl);		# save %ebp
-	&mov	($_esp,$acc);		# save %esp
-	&mov	($_tmp,$s0);		# save OPENSSL_ia32cap
-
-	&mov	($s0,&DWP(0,$s3));	# load inp
-	&mov	($s1,&DWP(4,$s3));	# load out
-	#&mov	($s2,&DWP(8,$s3));	# load len
-	#&mov	($key,&DWP(12,$s3));	# load key
-	&mov	($acc,&DWP(16,$s3));	# load ivp
-	&mov	($s3,&DWP(20,$s3));	# load enc flag
-
-	&mov	($_inp,$s0);		# save copy of inp
-	&mov	($_out,$s1);		# save copy of out
-	&mov	($_len,$s2);		# save copy of len
-	&mov	($_key,$key);		# save copy of key
-	&mov	($_ivp,$acc);		# save copy of ivp
-
-	&mov	($key,$acc);
-	&mov	($acc,$s0);
-
-	&cmp	($s3,0);
-	&je	(&label("slow_decrypt"));
-
-#--------------------------- SLOW ENCRYPT ---------------------------#
-	&cmp	($s2,16);
-	&mov	($s3,$s1);
-	&jb	(&label("slow_enc_tail"));
-
-					if (!$x86only) {
-	&bt	($_tmp,25);		# check for SSE bit
-	&jnc	(&label("slow_enc_x86"));
-
-	&movq	("mm0",&QWP(0,$key));	# load iv
-	&movq	("mm4",&QWP(8,$key));
-
-	&set_label("slow_enc_loop_sse",16);
-		&pxor	("mm0",&QWP(0,$acc));	# xor input data
-		&pxor	("mm4",&QWP(8,$acc));
-
-		&mov	($key,$_key);
-		&call	("_sse_AES_encrypt_compact");
-
-		&mov	($acc,$_inp);		# load inp
-		&mov	($key,$_out);		# load out
-		&mov	($s2,$_len);		# load len
-
-		&movq	(&QWP(0,$key),"mm0");	# save output data
-		&movq	(&QWP(8,$key),"mm4");
-
-		&lea	($acc,&DWP(16,$acc));	# advance inp
-		&mov	($_inp,$acc);		# save inp
-		&lea	($s3,&DWP(16,$key));	# advance out
-		&mov	($_out,$s3);		# save out
-		&sub	($s2,16);		# decrease len
-		&cmp	($s2,16);
-		&mov	($_len,$s2);		# save len
-	&jae	(&label("slow_enc_loop_sse"));
-	&test	($s2,15);
-	&jnz	(&label("slow_enc_tail"));
-	&mov	($acc,$_ivp);		# load ivp
-	&movq	(&QWP(0,$acc),"mm0");	# save ivec
-	&movq	(&QWP(8,$acc),"mm4");
-	&emms	();
-	&mov	("esp",$_esp);
-	&popf	();
-	&function_end_A();
-	&pushf	();			# kludge, never executed
-					}
-    &set_label("slow_enc_x86",16);
-	&mov	($s0,&DWP(0,$key));	# load iv
-	&mov	($s1,&DWP(4,$key));
-
-	&set_label("slow_enc_loop_x86",4);
-		&mov	($s2,&DWP(8,$key));
-		&mov	($s3,&DWP(12,$key));
-
-		&xor	($s0,&DWP(0,$acc));	# xor input data
-		&xor	($s1,&DWP(4,$acc));
-		&xor	($s2,&DWP(8,$acc));
-		&xor	($s3,&DWP(12,$acc));
-
-		&mov	($key,$_key);		# load key
-		&call	("_x86_AES_encrypt_compact");
-
-		&mov	($acc,$_inp);		# load inp
-		&mov	($key,$_out);		# load out
-
-		&mov	(&DWP(0,$key),$s0);	# save output data
-		&mov	(&DWP(4,$key),$s1);
-		&mov	(&DWP(8,$key),$s2);
-		&mov	(&DWP(12,$key),$s3);
-
-		&mov	($s2,$_len);		# load len
-		&lea	($acc,&DWP(16,$acc));	# advance inp
-		&mov	($_inp,$acc);		# save inp
-		&lea	($s3,&DWP(16,$key));	# advance out
-		&mov	($_out,$s3);		# save out
-		&sub	($s2,16);		# decrease len
-		&cmp	($s2,16);
-		&mov	($_len,$s2);		# save len
-	&jae	(&label("slow_enc_loop_x86"));
-	&test	($s2,15);
-	&jnz	(&label("slow_enc_tail"));
-	&mov	($acc,$_ivp);		# load ivp
-	&mov	($s2,&DWP(8,$key));	# restore last dwords
-	&mov	($s3,&DWP(12,$key));
-	&mov	(&DWP(0,$acc),$s0);	# save ivec
-	&mov	(&DWP(4,$acc),$s1);
-	&mov	(&DWP(8,$acc),$s2);
-	&mov	(&DWP(12,$acc),$s3);
-
-	&mov	("esp",$_esp);
-	&popf	();
-	&function_end_A();
-	&pushf	();			# kludge, never executed
-
-    &set_label("slow_enc_tail",16);
-	&emms	()	if (!$x86only);
-	&mov	($key eq "edi"? $key:"",$s3);	# load out to edi
-	&mov	($s1,16);
-	&sub	($s1,$s2);
-	&cmp	($key,$acc eq "esi"? $acc:"");	# compare with inp
-	&je	(&label("enc_in_place"));
-	&align	(4);
-	&data_word(0xA4F3F689);	# rep movsb	# copy input
-	&jmp	(&label("enc_skip_in_place"));
-    &set_label("enc_in_place");
-	&lea	($key,&DWP(0,$key,$s2));
-    &set_label("enc_skip_in_place");
-	&mov	($s2,$s1);
-	&xor	($s0,$s0);
-	&align	(4);
-	&data_word(0xAAF3F689);	# rep stosb	# zero tail
-
-	&mov	($key,$_ivp);			# restore ivp
-	&mov	($acc,$s3);			# output as input
-	&mov	($s0,&DWP(0,$key));
-	&mov	($s1,&DWP(4,$key));
-	&mov	($_len,16);			# len=16
-	&jmp	(&label("slow_enc_loop_x86"));	# one more spin...
-
-#--------------------------- SLOW DECRYPT ---------------------------#
-&set_label("slow_decrypt",16);
-					if (!$x86only) {
-	&bt	($_tmp,25);		# check for SSE bit
-	&jnc	(&label("slow_dec_loop_x86"));
-
-	&set_label("slow_dec_loop_sse",4);
-		&movq	("mm0",&QWP(0,$acc));	# read input
-		&movq	("mm4",&QWP(8,$acc));
-
-		&mov	($key,$_key);
-		&call	("_sse_AES_decrypt_compact");
-
-		&mov	($acc,$_inp);		# load inp
-		&lea	($s0,$ivec);
-		&mov	($s1,$_out);		# load out
-		&mov	($s2,$_len);		# load len
-		&mov	($key,$_ivp);		# load ivp
-
-		&movq	("mm1",&QWP(0,$acc));	# re-read input
-		&movq	("mm5",&QWP(8,$acc));
-
-		&pxor	("mm0",&QWP(0,$key));	# xor iv
-		&pxor	("mm4",&QWP(8,$key));
-
-		&movq	(&QWP(0,$key),"mm1");	# copy input to iv
-		&movq	(&QWP(8,$key),"mm5");
-
-		&sub	($s2,16);		# decrease len
-		&jc	(&label("slow_dec_partial_sse"));
-
-		&movq	(&QWP(0,$s1),"mm0");	# write output
-		&movq	(&QWP(8,$s1),"mm4");
-
-		&lea	($s1,&DWP(16,$s1));	# advance out
-		&mov	($_out,$s1);		# save out
-		&lea	($acc,&DWP(16,$acc));	# advance inp
-		&mov	($_inp,$acc);		# save inp
-		&mov	($_len,$s2);		# save len
-	&jnz	(&label("slow_dec_loop_sse"));
-	&emms	();
-	&mov	("esp",$_esp);
-	&popf	();
-	&function_end_A();
-	&pushf	();			# kludge, never executed
-
-    &set_label("slow_dec_partial_sse",16);
-	&movq	(&QWP(0,$s0),"mm0");	# save output to temp
-	&movq	(&QWP(8,$s0),"mm4");
-	&emms	();
-
-	&add	($s2 eq "ecx" ? "ecx":"",16);
-	&mov	("edi",$s1);		# out
-	&mov	("esi",$s0);		# temp
-	&align	(4);
-	&data_word(0xA4F3F689);		# rep movsb # copy partial output
-
-	&mov	("esp",$_esp);
-	&popf	();
-	&function_end_A();
-	&pushf	();			# kludge, never executed
-					}
-	&set_label("slow_dec_loop_x86",16);
-		&mov	($s0,&DWP(0,$acc));	# read input
-		&mov	($s1,&DWP(4,$acc));
-		&mov	($s2,&DWP(8,$acc));
-		&mov	($s3,&DWP(12,$acc));
-
-		&lea	($key,$ivec);
-		&mov	(&DWP(0,$key),$s0);	# copy to temp
-		&mov	(&DWP(4,$key),$s1);
-		&mov	(&DWP(8,$key),$s2);
-		&mov	(&DWP(12,$key),$s3);
-
-		&mov	($key,$_key);		# load key
-		&call	("_x86_AES_decrypt_compact");
-
-		&mov	($key,$_ivp);		# load ivp
-		&mov	($acc,$_len);		# load len
-		&xor	($s0,&DWP(0,$key));	# xor iv
-		&xor	($s1,&DWP(4,$key));
-		&xor	($s2,&DWP(8,$key));
-		&xor	($s3,&DWP(12,$key));
-
-		&sub	($acc,16);
-		&jc	(&label("slow_dec_partial_x86"));
-
-		&mov	($_len,$acc);		# save len
-		&mov	($acc,$_out);		# load out
-
-		&mov	(&DWP(0,$acc),$s0);	# write output
-		&mov	(&DWP(4,$acc),$s1);
-		&mov	(&DWP(8,$acc),$s2);
-		&mov	(&DWP(12,$acc),$s3);
-
-		&lea	($acc,&DWP(16,$acc));	# advance out
-		&mov	($_out,$acc);		# save out
-
-		&lea	($acc,$ivec);
-		&mov	($s0,&DWP(0,$acc));	# read temp
-		&mov	($s1,&DWP(4,$acc));
-		&mov	($s2,&DWP(8,$acc));
-		&mov	($s3,&DWP(12,$acc));
-
-		&mov	(&DWP(0,$key),$s0);	# copy it to iv
-		&mov	(&DWP(4,$key),$s1);
-		&mov	(&DWP(8,$key),$s2);
-		&mov	(&DWP(12,$key),$s3);
-
-		&mov	($acc,$_inp);		# load inp
-		&lea	($acc,&DWP(16,$acc));	# advance inp
-		&mov	($_inp,$acc);		# save inp
-	&jnz	(&label("slow_dec_loop_x86"));
-	&mov	("esp",$_esp);
-	&popf	();
-	&function_end_A();
-	&pushf	();			# kludge, never executed
-
-    &set_label("slow_dec_partial_x86",16);
-	&lea	($acc,$ivec);
-	&mov	(&DWP(0,$acc),$s0);	# save output to temp
-	&mov	(&DWP(4,$acc),$s1);
-	&mov	(&DWP(8,$acc),$s2);
-	&mov	(&DWP(12,$acc),$s3);
-
-	&mov	($acc,$_inp);
-	&mov	($s0,&DWP(0,$acc));	# re-read input
-	&mov	($s1,&DWP(4,$acc));
-	&mov	($s2,&DWP(8,$acc));
-	&mov	($s3,&DWP(12,$acc));
-
-	&mov	(&DWP(0,$key),$s0);	# copy it to iv
-	&mov	(&DWP(4,$key),$s1);
-	&mov	(&DWP(8,$key),$s2);
-	&mov	(&DWP(12,$key),$s3);
-
-	&mov	("ecx",$_len);
-	&mov	("edi",$_out);
-	&lea	("esi",$ivec);
-	&align	(4);
-	&data_word(0xA4F3F689);		# rep movsb # copy partial output
-
-	&mov	("esp",$_esp);
-	&popf	();
-&function_end("AES_cbc_encrypt");
-}
-
-#------------------------------------------------------------------#
-
-sub enckey()
-{
-	&movz	("esi",&LB("edx"));		# rk[i]>>0
-	&movz	("ebx",&BP(-128,$tbl,"esi",1));
-	&movz	("esi",&HB("edx"));		# rk[i]>>8
-	&shl	("ebx",24);
-	&xor	("eax","ebx");
-
-	&movz	("ebx",&BP(-128,$tbl,"esi",1));
-	&shr	("edx",16);
-	&movz	("esi",&LB("edx"));		# rk[i]>>16
-	&xor	("eax","ebx");
-
-	&movz	("ebx",&BP(-128,$tbl,"esi",1));
-	&movz	("esi",&HB("edx"));		# rk[i]>>24
-	&shl	("ebx",8);
-	&xor	("eax","ebx");
-
-	&movz	("ebx",&BP(-128,$tbl,"esi",1));
-	&shl	("ebx",16);
-	&xor	("eax","ebx");
-
-	&xor	("eax",&DWP(1024-128,$tbl,"ecx",4));	# rcon
-}
-
-&function_begin("_x86_AES_set_encrypt_key");
-	&mov	("esi",&wparam(1));		# user supplied key
-	&mov	("edi",&wparam(3));		# private key schedule
-
-	&test	("esi",-1);
-	&jz	(&label("badpointer"));
-	&test	("edi",-1);
-	&jz	(&label("badpointer"));
-
-	&call	(&label("pic_point"));
-	&set_label("pic_point");
-	&blindpop($tbl);
-	&lea	($tbl,&DWP(&label("AES_Te")."-".&label("pic_point"),$tbl));
-	&lea	($tbl,&DWP(2048+128,$tbl));
-
-	# prefetch Te4
-	&mov	("eax",&DWP(0-128,$tbl));
-	&mov	("ebx",&DWP(32-128,$tbl));
-	&mov	("ecx",&DWP(64-128,$tbl));
-	&mov	("edx",&DWP(96-128,$tbl));
-	&mov	("eax",&DWP(128-128,$tbl));
-	&mov	("ebx",&DWP(160-128,$tbl));
-	&mov	("ecx",&DWP(192-128,$tbl));
-	&mov	("edx",&DWP(224-128,$tbl));
-
-	&mov	("ecx",&wparam(2));		# number of bits in key
-	&cmp	("ecx",128);
-	&je	(&label("10rounds"));
-	&cmp	("ecx",192);
-	&je	(&label("12rounds"));
-	&cmp	("ecx",256);
-	&je	(&label("14rounds"));
-	&mov	("eax",-2);			# invalid number of bits
-	&jmp	(&label("exit"));
-
-    &set_label("10rounds");
-	&mov	("eax",&DWP(0,"esi"));		# copy first 4 dwords
-	&mov	("ebx",&DWP(4,"esi"));
-	&mov	("ecx",&DWP(8,"esi"));
-	&mov	("edx",&DWP(12,"esi"));
-	&mov	(&DWP(0,"edi"),"eax");
-	&mov	(&DWP(4,"edi"),"ebx");
-	&mov	(&DWP(8,"edi"),"ecx");
-	&mov	(&DWP(12,"edi"),"edx");
-
-	&xor	("ecx","ecx");
-	&jmp	(&label("10shortcut"));
-
-	&align	(4);
-	&set_label("10loop");
-		&mov	("eax",&DWP(0,"edi"));		# rk[0]
-		&mov	("edx",&DWP(12,"edi"));		# rk[3]
-	&set_label("10shortcut");
-		&enckey	();
-
-		&mov	(&DWP(16,"edi"),"eax");		# rk[4]
-		&xor	("eax",&DWP(4,"edi"));
-		&mov	(&DWP(20,"edi"),"eax");		# rk[5]
-		&xor	("eax",&DWP(8,"edi"));
-		&mov	(&DWP(24,"edi"),"eax");		# rk[6]
-		&xor	("eax",&DWP(12,"edi"));
-		&mov	(&DWP(28,"edi"),"eax");		# rk[7]
-		&inc	("ecx");
-		&add	("edi",16);
-		&cmp	("ecx",10);
-	&jl	(&label("10loop"));
-
-	&mov	(&DWP(80,"edi"),10);		# setup number of rounds
-	&xor	("eax","eax");
-	&jmp	(&label("exit"));
-
-    &set_label("12rounds");
-	&mov	("eax",&DWP(0,"esi"));		# copy first 6 dwords
-	&mov	("ebx",&DWP(4,"esi"));
-	&mov	("ecx",&DWP(8,"esi"));
-	&mov	("edx",&DWP(12,"esi"));
-	&mov	(&DWP(0,"edi"),"eax");
-	&mov	(&DWP(4,"edi"),"ebx");
-	&mov	(&DWP(8,"edi"),"ecx");
-	&mov	(&DWP(12,"edi"),"edx");
-	&mov	("ecx",&DWP(16,"esi"));
-	&mov	("edx",&DWP(20,"esi"));
-	&mov	(&DWP(16,"edi"),"ecx");
-	&mov	(&DWP(20,"edi"),"edx");
-
-	&xor	("ecx","ecx");
-	&jmp	(&label("12shortcut"));
-
-	&align	(4);
-	&set_label("12loop");
-		&mov	("eax",&DWP(0,"edi"));		# rk[0]
-		&mov	("edx",&DWP(20,"edi"));		# rk[5]
-	&set_label("12shortcut");
-		&enckey	();
-
-		&mov	(&DWP(24,"edi"),"eax");		# rk[6]
-		&xor	("eax",&DWP(4,"edi"));
-		&mov	(&DWP(28,"edi"),"eax");		# rk[7]
-		&xor	("eax",&DWP(8,"edi"));
-		&mov	(&DWP(32,"edi"),"eax");		# rk[8]
-		&xor	("eax",&DWP(12,"edi"));
-		&mov	(&DWP(36,"edi"),"eax");		# rk[9]
-
-		&cmp	("ecx",7);
-		&je	(&label("12break"));
-		&inc	("ecx");
-
-		&xor	("eax",&DWP(16,"edi"));
-		&mov	(&DWP(40,"edi"),"eax");		# rk[10]
-		&xor	("eax",&DWP(20,"edi"));
-		&mov	(&DWP(44,"edi"),"eax");		# rk[11]
-
-		&add	("edi",24);
-	&jmp	(&label("12loop"));
-
-	&set_label("12break");
-	&mov	(&DWP(72,"edi"),12);		# setup number of rounds
-	&xor	("eax","eax");
-	&jmp	(&label("exit"));
-
-    &set_label("14rounds");
-	&mov	("eax",&DWP(0,"esi"));		# copy first 8 dwords
-	&mov	("ebx",&DWP(4,"esi"));
-	&mov	("ecx",&DWP(8,"esi"));
-	&mov	("edx",&DWP(12,"esi"));
-	&mov	(&DWP(0,"edi"),"eax");
-	&mov	(&DWP(4,"edi"),"ebx");
-	&mov	(&DWP(8,"edi"),"ecx");
-	&mov	(&DWP(12,"edi"),"edx");
-	&mov	("eax",&DWP(16,"esi"));
-	&mov	("ebx",&DWP(20,"esi"));
-	&mov	("ecx",&DWP(24,"esi"));
-	&mov	("edx",&DWP(28,"esi"));
-	&mov	(&DWP(16,"edi"),"eax");
-	&mov	(&DWP(20,"edi"),"ebx");
-	&mov	(&DWP(24,"edi"),"ecx");
-	&mov	(&DWP(28,"edi"),"edx");
-
-	&xor	("ecx","ecx");
-	&jmp	(&label("14shortcut"));
-
-	&align	(4);
-	&set_label("14loop");
-		&mov	("edx",&DWP(28,"edi"));		# rk[7]
-	&set_label("14shortcut");
-		&mov	("eax",&DWP(0,"edi"));		# rk[0]
-
-		&enckey	();
-
-		&mov	(&DWP(32,"edi"),"eax");		# rk[8]
-		&xor	("eax",&DWP(4,"edi"));
-		&mov	(&DWP(36,"edi"),"eax");		# rk[9]
-		&xor	("eax",&DWP(8,"edi"));
-		&mov	(&DWP(40,"edi"),"eax");		# rk[10]
-		&xor	("eax",&DWP(12,"edi"));
-		&mov	(&DWP(44,"edi"),"eax");		# rk[11]
-
-		&cmp	("ecx",6);
-		&je	(&label("14break"));
-		&inc	("ecx");
-
-		&mov	("edx","eax");
-		&mov	("eax",&DWP(16,"edi"));		# rk[4]
-		&movz	("esi",&LB("edx"));		# rk[11]>>0
-		&movz	("ebx",&BP(-128,$tbl,"esi",1));
-		&movz	("esi",&HB("edx"));		# rk[11]>>8
-		&xor	("eax","ebx");
-
-		&movz	("ebx",&BP(-128,$tbl,"esi",1));
-		&shr	("edx",16);
-		&shl	("ebx",8);
-		&movz	("esi",&LB("edx"));		# rk[11]>>16
-		&xor	("eax","ebx");
-
-		&movz	("ebx",&BP(-128,$tbl,"esi",1));
-		&movz	("esi",&HB("edx"));		# rk[11]>>24
-		&shl	("ebx",16);
-		&xor	("eax","ebx");
-
-		&movz	("ebx",&BP(-128,$tbl,"esi",1));
-		&shl	("ebx",24);
-		&xor	("eax","ebx");
-
-		&mov	(&DWP(48,"edi"),"eax");		# rk[12]
-		&xor	("eax",&DWP(20,"edi"));
-		&mov	(&DWP(52,"edi"),"eax");		# rk[13]
-		&xor	("eax",&DWP(24,"edi"));
-		&mov	(&DWP(56,"edi"),"eax");		# rk[14]
-		&xor	("eax",&DWP(28,"edi"));
-		&mov	(&DWP(60,"edi"),"eax");		# rk[15]
-
-		&add	("edi",32);
-	&jmp	(&label("14loop"));
-
-	&set_label("14break");
-	&mov	(&DWP(48,"edi"),14);		# setup number of rounds
-	&xor	("eax","eax");
-	&jmp	(&label("exit"));
-
-    &set_label("badpointer");
-	&mov	("eax",-1);
-    &set_label("exit");
-&function_end("_x86_AES_set_encrypt_key");
-
-# int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
-#                        AES_KEY *key)
-&function_begin_B("AES_set_encrypt_key");
-	&call	("_x86_AES_set_encrypt_key");
-	&ret	();
-&function_end_B("AES_set_encrypt_key");
-
-sub deckey()
-{ my ($i,$key,$tp1,$tp2,$tp4,$tp8) = @_;
-  my $tmp = $tbl;
-
-	&mov	($tmp,0x80808080);
-	&and	($tmp,$tp1);
-	&lea	($tp2,&DWP(0,$tp1,$tp1));
-	&mov	($acc,$tmp);
-	&shr	($tmp,7);
-	&sub	($acc,$tmp);
-	&and	($tp2,0xfefefefe);
-	&and	($acc,0x1b1b1b1b);
-	&xor	($tp2,$acc);
-	&mov	($tmp,0x80808080);
-
-	&and	($tmp,$tp2);
-	&lea	($tp4,&DWP(0,$tp2,$tp2));
-	&mov	($acc,$tmp);
-	&shr	($tmp,7);
-	&sub	($acc,$tmp);
-	&and	($tp4,0xfefefefe);
-	&and	($acc,0x1b1b1b1b);
-	 &xor	($tp2,$tp1);	# tp2^tp1
-	&xor	($tp4,$acc);
-	&mov	($tmp,0x80808080);
-
-	&and	($tmp,$tp4);
-	&lea	($tp8,&DWP(0,$tp4,$tp4));
-	&mov	($acc,$tmp);
-	&shr	($tmp,7);
-	 &xor	($tp4,$tp1);	# tp4^tp1
-	&sub	($acc,$tmp);
-	&and	($tp8,0xfefefefe);
-	&and	($acc,0x1b1b1b1b);
-	 &rotl	($tp1,8);	# = ROTATE(tp1,8)
-	&xor	($tp8,$acc);
-
-	&mov	($tmp,&DWP(4*($i+1),$key));	# modulo-scheduled load
-
-	&xor	($tp1,$tp2);
-	&xor	($tp2,$tp8);
-	&xor	($tp1,$tp4);
-	&rotl	($tp2,24);
-	&xor	($tp4,$tp8);
-	&xor	($tp1,$tp8);	# ^= tp8^(tp4^tp1)^(tp2^tp1)
-	&rotl	($tp4,16);
-	&xor	($tp1,$tp2);	# ^= ROTATE(tp8^tp2^tp1,24)
-	&rotl	($tp8,8);
-	&xor	($tp1,$tp4);	# ^= ROTATE(tp8^tp4^tp1,16)
-	&mov	($tp2,$tmp);
-	&xor	($tp1,$tp8);	# ^= ROTATE(tp8,8)
-
-	&mov	(&DWP(4*$i,$key),$tp1);
-}
-
-# int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
-#                        AES_KEY *key)
-&function_begin_B("AES_set_decrypt_key");
-	&call	("_x86_AES_set_encrypt_key");
-	&cmp	("eax",0);
-	&je	(&label("proceed"));
-	&ret	();
-
-    &set_label("proceed");
-	&push	("ebp");
-	&push	("ebx");
-	&push	("esi");
-	&push	("edi");
-
-	&mov	("esi",&wparam(2));
-	&mov	("ecx",&DWP(240,"esi"));	# pull number of rounds
-	&lea	("ecx",&DWP(0,"","ecx",4));
-	&lea	("edi",&DWP(0,"esi","ecx",4));	# pointer to last chunk
-
-	&set_label("invert",4);			# invert order of chunks
-		&mov	("eax",&DWP(0,"esi"));
-		&mov	("ebx",&DWP(4,"esi"));
-		&mov	("ecx",&DWP(0,"edi"));
-		&mov	("edx",&DWP(4,"edi"));
-		&mov	(&DWP(0,"edi"),"eax");
-		&mov	(&DWP(4,"edi"),"ebx");
-		&mov	(&DWP(0,"esi"),"ecx");
-		&mov	(&DWP(4,"esi"),"edx");
-		&mov	("eax",&DWP(8,"esi"));
-		&mov	("ebx",&DWP(12,"esi"));
-		&mov	("ecx",&DWP(8,"edi"));
-		&mov	("edx",&DWP(12,"edi"));
-		&mov	(&DWP(8,"edi"),"eax");
-		&mov	(&DWP(12,"edi"),"ebx");
-		&mov	(&DWP(8,"esi"),"ecx");
-		&mov	(&DWP(12,"esi"),"edx");
-		&add	("esi",16);
-		&sub	("edi",16);
-		&cmp	("esi","edi");
-	&jne	(&label("invert"));
-
-	&mov	($key,&wparam(2));
-	&mov	($acc,&DWP(240,$key));		# pull number of rounds
-	&lea	($acc,&DWP(-2,$acc,$acc));
-	&lea	($acc,&DWP(0,$key,$acc,8));
-	&mov	(&wparam(2),$acc);
-
-	&mov	($s0,&DWP(16,$key));		# modulo-scheduled load
-	&set_label("permute",4);		# permute the key schedule
-		&add	($key,16);
-		&deckey	(0,$key,$s0,$s1,$s2,$s3);
-		&deckey	(1,$key,$s1,$s2,$s3,$s0);
-		&deckey	(2,$key,$s2,$s3,$s0,$s1);
-		&deckey	(3,$key,$s3,$s0,$s1,$s2);
-		&cmp	($key,&wparam(2));
-	&jb	(&label("permute"));
-
-	&xor	("eax","eax");			# return success
-&function_end("AES_set_decrypt_key");
-&asciz("AES for x86, CRYPTOGAMS by <appro\@openssl.org>");
-
-&asm_finish();
-
-close STDOUT;
diff --git a/deps/openssl/openssl/crypto/aes/asm/aes-s390x.pl b/deps/openssl/openssl/crypto/aes/asm/aes-s390x.pl
index 0c40059066508d..815fde8fcd7e2b 100644
--- a/deps/openssl/openssl/crypto/aes/asm/aes-s390x.pl
+++ b/deps/openssl/openssl/crypto/aes/asm/aes-s390x.pl
@@ -1,5 +1,5 @@
 #! /usr/bin/env perl
-# Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2007-2019 The OpenSSL Project Authors. All Rights Reserved.
 #
 # Licensed under the OpenSSL license (the "License").  You may not use
 # this file except in compliance with the License.  You can obtain a copy
@@ -38,14 +38,14 @@
 # Implement AES_set_[en|de]crypt_key. Key schedule setup is avoided
 # for 128-bit keys, if hardware support is detected.
 
-# Januray 2009.
+# January 2009.
 #
 # Add support for hardware AES192/256 and reschedule instructions to
 # minimize/avoid Address Generation Interlock hazard and to favour
 # dual-issue z10 pipeline. This gave ~25% improvement on z10 and
 # almost 50% on z9. The gain is smaller on z10, because being dual-
 # issue z10 makes it impossible to eliminate the interlock condition:
-# critial path is not long enough. Yet it spends ~24 cycles per byte
+# critical path is not long enough. Yet it spends ~24 cycles per byte
 # processed with 128-bit key.
 #
 # Unlike previous version hardware support detection takes place only
diff --git a/deps/openssl/openssl/crypto/aes/asm/aes-x86_64.pl b/deps/openssl/openssl/crypto/aes/asm/aes-x86_64.pl
deleted file mode 100755
index d87e2011477109..00000000000000
--- a/deps/openssl/openssl/crypto/aes/asm/aes-x86_64.pl
+++ /dev/null
@@ -1,2916 +0,0 @@
-#! /usr/bin/env perl
-# Copyright 2005-2019 The OpenSSL Project Authors. All Rights Reserved.
-#
-# Licensed under the OpenSSL license (the "License").  You may not use
-# this file except in compliance with the License.  You can obtain a copy
-# in the file LICENSE in the source distribution or at
-# https://www.openssl.org/source/license.html
-
-#
-# ====================================================================
-# Written by Andy Polyakov <appro@openssl.org> for the OpenSSL
-# project. The module is, however, dual licensed under OpenSSL and
-# CRYPTOGAMS licenses depending on where you obtain it. For further
-# details see http://www.openssl.org/~appro/cryptogams/.
-# ====================================================================
-#
-# Version 2.1.
-#
-# aes-*-cbc benchmarks are improved by >70% [compared to gcc 3.3.2 on
-# Opteron 240 CPU] plus all the bells-n-whistles from 32-bit version
-# [you'll notice a lot of resemblance], such as compressed S-boxes
-# in little-endian byte order, prefetch of these tables in CBC mode,
-# as well as avoiding L1 cache aliasing between stack frame and key
-# schedule and already mentioned tables, compressed Td4...
-#
-# Performance in number of cycles per processed byte for 128-bit key:
-#
-#		ECB encrypt	ECB decrypt	CBC large chunk
-# AMD64		33		43		13.0
-# EM64T		38		56		18.6(*)
-# Core 2	30		42		14.5(*)
-# Atom		65		86		32.1(*)
-#
-# (*) with hyper-threading off
-
-$flavour = shift;
-$output  = shift;
-if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
-
-$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
-( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
-die "can't locate x86_64-xlate.pl";
-
-open OUT,"| \"$^X\" \"$xlate\" $flavour \"$output\"";
-*STDOUT=*OUT;
-
-$verticalspin=1;	# unlike 32-bit version $verticalspin performs
-			# ~15% better on both AMD and Intel cores
-$speed_limit=512;	# see aes-586.pl for details
-
-$code=".text\n";
-
-$s0="%eax";
-$s1="%ebx";
-$s2="%ecx";
-$s3="%edx";
-$acc0="%esi";	$mask80="%rsi";
-$acc1="%edi";	$maskfe="%rdi";
-$acc2="%ebp";	$mask1b="%rbp";
-$inp="%r8";
-$out="%r9";
-$t0="%r10d";
-$t1="%r11d";
-$t2="%r12d";
-$rnds="%r13d";
-$sbox="%r14";
-$key="%r15";
-
-sub hi() { my $r=shift;	$r =~ s/%[er]([a-d])x/%\1h/;	$r; }
-sub lo() { my $r=shift;	$r =~ s/%[er]([a-d])x/%\1l/;
-			$r =~ s/%[er]([sd]i)/%\1l/;
-			$r =~ s/%(r[0-9]+)[d]?/%\1b/;	$r; }
-sub LO() { my $r=shift; $r =~ s/%r([a-z]+)/%e\1/;
-			$r =~ s/%r([0-9]+)/%r\1d/;	$r; }
-sub _data_word()
-{ my $i;
-    while(defined($i=shift)) { $code.=sprintf".long\t0x%08x,0x%08x\n",$i,$i; }
-}
-sub data_word()
-{ my $i;
-  my $last=pop(@_);
-    $code.=".long\t";
-    while(defined($i=shift)) { $code.=sprintf"0x%08x,",$i; }
-    $code.=sprintf"0x%08x\n",$last;
-}
-
-sub data_byte()
-{ my $i;
-  my $last=pop(@_);
-    $code.=".byte\t";
-    while(defined($i=shift)) { $code.=sprintf"0x%02x,",$i&0xff; }
-    $code.=sprintf"0x%02x\n",$last&0xff;
-}
-
-sub encvert()
-{ my $t3="%r8d";	# zaps $inp!
-
-$code.=<<___;
-	# favor 3-way issue Opteron pipeline...
-	movzb	`&lo("$s0")`,$acc0
-	movzb	`&lo("$s1")`,$acc1
-	movzb	`&lo("$s2")`,$acc2
-	mov	0($sbox,$acc0,8),$t0
-	mov	0($sbox,$acc1,8),$t1
-	mov	0($sbox,$acc2,8),$t2
-
-	movzb	`&hi("$s1")`,$acc0
-	movzb	`&hi("$s2")`,$acc1
-	movzb	`&lo("$s3")`,$acc2
-	xor	3($sbox,$acc0,8),$t0
-	xor	3($sbox,$acc1,8),$t1
-	mov	0($sbox,$acc2,8),$t3
-
-	movzb	`&hi("$s3")`,$acc0
-	shr	\$16,$s2
-	movzb	`&hi("$s0")`,$acc2
-	xor	3($sbox,$acc0,8),$t2
-	shr	\$16,$s3
-	xor	3($sbox,$acc2,8),$t3
-
-	shr	\$16,$s1
-	lea	16($key),$key
-	shr	\$16,$s0
-
-	movzb	`&lo("$s2")`,$acc0
-	movzb	`&lo("$s3")`,$acc1
-	movzb	`&lo("$s0")`,$acc2
-	xor	2($sbox,$acc0,8),$t0
-	xor	2($sbox,$acc1,8),$t1
-	xor	2($sbox,$acc2,8),$t2
-
-	movzb	`&hi("$s3")`,$acc0
-	movzb	`&hi("$s0")`,$acc1
-	movzb	`&lo("$s1")`,$acc2
-	xor	1($sbox,$acc0,8),$t0
-	xor	1($sbox,$acc1,8),$t1
-	xor	2($sbox,$acc2,8),$t3
-
-	mov	12($key),$s3
-	movzb	`&hi("$s1")`,$acc1
-	movzb	`&hi("$s2")`,$acc2
-	mov	0($key),$s0
-	xor	1($sbox,$acc1,8),$t2
-	xor	1($sbox,$acc2,8),$t3
-
-	mov	4($key),$s1
-	mov	8($key),$s2
-	xor	$t0,$s0
-	xor	$t1,$s1
-	xor	$t2,$s2
-	xor	$t3,$s3
-___
-}
-
-sub enclastvert()
-{ my $t3="%r8d";	# zaps $inp!
-
-$code.=<<___;
-	movzb	`&lo("$s0")`,$acc0
-	movzb	`&lo("$s1")`,$acc1
-	movzb	`&lo("$s2")`,$acc2
-	movzb	2($sbox,$acc0,8),$t0
-	movzb	2($sbox,$acc1,8),$t1
-	movzb	2($sbox,$acc2,8),$t2
-
-	movzb	`&lo("$s3")`,$acc0
-	movzb	`&hi("$s1")`,$acc1
-	movzb	`&hi("$s2")`,$acc2
-	movzb	2($sbox,$acc0,8),$t3
-	mov	0($sbox,$acc1,8),$acc1	#$t0
-	mov	0($sbox,$acc2,8),$acc2	#$t1
-
-	and	\$0x0000ff00,$acc1
-	and	\$0x0000ff00,$acc2
-
-	xor	$acc1,$t0
-	xor	$acc2,$t1
-	shr	\$16,$s2
-
-	movzb	`&hi("$s3")`,$acc0
-	movzb	`&hi("$s0")`,$acc1
-	shr	\$16,$s3
-	mov	0($sbox,$acc0,8),$acc0	#$t2
-	mov	0($sbox,$acc1,8),$acc1	#$t3
-
-	and	\$0x0000ff00,$acc0
-	and	\$0x0000ff00,$acc1
-	shr	\$16,$s1
-	xor	$acc0,$t2
-	xor	$acc1,$t3
-	shr	\$16,$s0
-
-	movzb	`&lo("$s2")`,$acc0
-	movzb	`&lo("$s3")`,$acc1
-	movzb	`&lo("$s0")`,$acc2
-	mov	0($sbox,$acc0,8),$acc0	#$t0
-	mov	0($sbox,$acc1,8),$acc1	#$t1
-	mov	0($sbox,$acc2,8),$acc2	#$t2
-
-	and	\$0x00ff0000,$acc0
-	and	\$0x00ff0000,$acc1
-	and	\$0x00ff0000,$acc2
-
-	xor	$acc0,$t0
-	xor	$acc1,$t1
-	xor	$acc2,$t2
-
-	movzb	`&lo("$s1")`,$acc0
-	movzb	`&hi("$s3")`,$acc1
-	movzb	`&hi("$s0")`,$acc2
-	mov	0($sbox,$acc0,8),$acc0	#$t3
-	mov	2($sbox,$acc1,8),$acc1	#$t0
-	mov	2($sbox,$acc2,8),$acc2	#$t1
-
-	and	\$0x00ff0000,$acc0
-	and	\$0xff000000,$acc1
-	and	\$0xff000000,$acc2
-
-	xor	$acc0,$t3
-	xor	$acc1,$t0
-	xor	$acc2,$t1
-
-	movzb	`&hi("$s1")`,$acc0
-	movzb	`&hi("$s2")`,$acc1
-	mov	16+12($key),$s3
-	mov	2($sbox,$acc0,8),$acc0	#$t2
-	mov	2($sbox,$acc1,8),$acc1	#$t3
-	mov	16+0($key),$s0
-
-	and	\$0xff000000,$acc0
-	and	\$0xff000000,$acc1
-
-	xor	$acc0,$t2
-	xor	$acc1,$t3
-
-	mov	16+4($key),$s1
-	mov	16+8($key),$s2
-	xor	$t0,$s0
-	xor	$t1,$s1
-	xor	$t2,$s2
-	xor	$t3,$s3
-___
-}
-
-sub encstep()
-{ my ($i,@s) = @_;
-  my $tmp0=$acc0;
-  my $tmp1=$acc1;
-  my $tmp2=$acc2;
-  my $out=($t0,$t1,$t2,$s[0])[$i];
-
-	if ($i==3) {
-		$tmp0=$s[1];
-		$tmp1=$s[2];
-		$tmp2=$s[3];
-	}
-	$code.="	movzb	".&lo($s[0]).",$out\n";
-	$code.="	mov	$s[2],$tmp1\n"		if ($i!=3);
-	$code.="	lea	16($key),$key\n"	if ($i==0);
-
-	$code.="	movzb	".&hi($s[1]).",$tmp0\n";
-	$code.="	mov	0($sbox,$out,8),$out\n";
-
-	$code.="	shr	\$16,$tmp1\n";
-	$code.="	mov	$s[3],$tmp2\n"		if ($i!=3);
-	$code.="	xor	3($sbox,$tmp0,8),$out\n";
-
-	$code.="	movzb	".&lo($tmp1).",$tmp1\n";
-	$code.="	shr	\$24,$tmp2\n";
-	$code.="	xor	4*$i($key),$out\n";
-
-	$code.="	xor	2($sbox,$tmp1,8),$out\n";
-	$code.="	xor	1($sbox,$tmp2,8),$out\n";
-
-	$code.="	mov	$t0,$s[1]\n"		if ($i==3);
-	$code.="	mov	$t1,$s[2]\n"		if ($i==3);
-	$code.="	mov	$t2,$s[3]\n"		if ($i==3);
-	$code.="\n";
-}
-
-sub enclast()
-{ my ($i,@s)=@_;
-  my $tmp0=$acc0;
-  my $tmp1=$acc1;
-  my $tmp2=$acc2;
-  my $out=($t0,$t1,$t2,$s[0])[$i];
-
-	if ($i==3) {
-		$tmp0=$s[1];
-		$tmp1=$s[2];
-		$tmp2=$s[3];
-	}
-	$code.="	movzb	".&lo($s[0]).",$out\n";
-	$code.="	mov	$s[2],$tmp1\n"		if ($i!=3);
-
-	$code.="	mov	2($sbox,$out,8),$out\n";
-	$code.="	shr	\$16,$tmp1\n";
-	$code.="	mov	$s[3],$tmp2\n"		if ($i!=3);
-
-	$code.="	and	\$0x000000ff,$out\n";
-	$code.="	movzb	".&hi($s[1]).",$tmp0\n";
-	$code.="	movzb	".&lo($tmp1).",$tmp1\n";
-	$code.="	shr	\$24,$tmp2\n";
-
-	$code.="	mov	0($sbox,$tmp0,8),$tmp0\n";
-	$code.="	mov	0($sbox,$tmp1,8),$tmp1\n";
-	$code.="	mov	2($sbox,$tmp2,8),$tmp2\n";
-
-	$code.="	and	\$0x0000ff00,$tmp0\n";
-	$code.="	and	\$0x00ff0000,$tmp1\n";
-	$code.="	and	\$0xff000000,$tmp2\n";
-
-	$code.="	xor	$tmp0,$out\n";
-	$code.="	mov	$t0,$s[1]\n"		if ($i==3);
-	$code.="	xor	$tmp1,$out\n";
-	$code.="	mov	$t1,$s[2]\n"		if ($i==3);
-	$code.="	xor	$tmp2,$out\n";
-	$code.="	mov	$t2,$s[3]\n"		if ($i==3);
-	$code.="\n";
-}
-
-$code.=<<___;
-.type	_x86_64_AES_encrypt,\@abi-omnipotent
-.align	16
-_x86_64_AES_encrypt:
-	xor	0($key),$s0			# xor with key
-	xor	4($key),$s1
-	xor	8($key),$s2
-	xor	12($key),$s3
-
-	mov	240($key),$rnds			# load key->rounds
-	sub	\$1,$rnds
-	jmp	.Lenc_loop
-.align	16
-.Lenc_loop:
-___
-	if ($verticalspin) { &encvert(); }
-	else {	&encstep(0,$s0,$s1,$s2,$s3);
-		&encstep(1,$s1,$s2,$s3,$s0);
-		&encstep(2,$s2,$s3,$s0,$s1);
-		&encstep(3,$s3,$s0,$s1,$s2);
-	}
-$code.=<<___;
-	sub	\$1,$rnds
-	jnz	.Lenc_loop
-___
-	if ($verticalspin) { &enclastvert(); }
-	else {	&enclast(0,$s0,$s1,$s2,$s3);
-		&enclast(1,$s1,$s2,$s3,$s0);
-		&enclast(2,$s2,$s3,$s0,$s1);
-		&enclast(3,$s3,$s0,$s1,$s2);
-		$code.=<<___;
-		xor	16+0($key),$s0		# xor with key
-		xor	16+4($key),$s1
-		xor	16+8($key),$s2
-		xor	16+12($key),$s3
-___
-	}
-$code.=<<___;
-	.byte	0xf3,0xc3			# rep ret
-.size	_x86_64_AES_encrypt,.-_x86_64_AES_encrypt
-___
-
-# it's possible to implement this by shifting tN by 8, filling least
-# significant byte with byte load and finally bswap-ing at the end,
-# but such partial register load kills Core 2...
-sub enccompactvert()
-{ my ($t3,$t4,$t5)=("%r8d","%r9d","%r13d");
-
-$code.=<<___;
-	movzb	`&lo("$s0")`,$t0
-	movzb	`&lo("$s1")`,$t1
-	movzb	`&lo("$s2")`,$t2
-	movzb	`&lo("$s3")`,$t3
-	movzb	`&hi("$s1")`,$acc0
-	movzb	`&hi("$s2")`,$acc1
-	shr	\$16,$s2
-	movzb	`&hi("$s3")`,$acc2
-	movzb	($sbox,$t0,1),$t0
-	movzb	($sbox,$t1,1),$t1
-	movzb	($sbox,$t2,1),$t2
-	movzb	($sbox,$t3,1),$t3
-
-	movzb	($sbox,$acc0,1),$t4	#$t0
-	movzb	`&hi("$s0")`,$acc0
-	movzb	($sbox,$acc1,1),$t5	#$t1
-	movzb	`&lo("$s2")`,$acc1
-	movzb	($sbox,$acc2,1),$acc2	#$t2
-	movzb	($sbox,$acc0,1),$acc0	#$t3
-
-	shl	\$8,$t4
-	shr	\$16,$s3
-	shl	\$8,$t5
-	xor	$t4,$t0
-	shr	\$16,$s0
-	movzb	`&lo("$s3")`,$t4
-	shr	\$16,$s1
-	xor	$t5,$t1
-	shl	\$8,$acc2
-	movzb	`&lo("$s0")`,$t5
-	movzb	($sbox,$acc1,1),$acc1	#$t0
-	xor	$acc2,$t2
-
-	shl	\$8,$acc0
-	movzb	`&lo("$s1")`,$acc2
-	shl	\$16,$acc1
-	xor	$acc0,$t3
-	movzb	($sbox,$t4,1),$t4	#$t1
-	movzb	`&hi("$s3")`,$acc0
-	movzb	($sbox,$t5,1),$t5	#$t2
-	xor	$acc1,$t0
-
-	shr	\$8,$s2
-	movzb	`&hi("$s0")`,$acc1
-	shl	\$16,$t4
-	shr	\$8,$s1
-	shl	\$16,$t5
-	xor	$t4,$t1
-	movzb	($sbox,$acc2,1),$acc2	#$t3
-	movzb	($sbox,$acc0,1),$acc0	#$t0
-	movzb	($sbox,$acc1,1),$acc1	#$t1
-	movzb	($sbox,$s2,1),$s3	#$t3
-	movzb	($sbox,$s1,1),$s2	#$t2
-
-	shl	\$16,$acc2
-	xor	$t5,$t2
-	shl	\$24,$acc0
-	xor	$acc2,$t3
-	shl	\$24,$acc1
-	xor	$acc0,$t0
-	shl	\$24,$s3
-	xor	$acc1,$t1
-	shl	\$24,$s2
-	mov	$t0,$s0
-	mov	$t1,$s1
-	xor	$t2,$s2
-	xor	$t3,$s3
-___
-}
-
-sub enctransform_ref()
-{ my $sn = shift;
-  my ($acc,$r2,$tmp)=("%r8d","%r9d","%r13d");
-
-$code.=<<___;
-	mov	$sn,$acc
-	and	\$0x80808080,$acc
-	mov	$acc,$tmp
-	shr	\$7,$tmp
-	lea	($sn,$sn),$r2
-	sub	$tmp,$acc
-	and	\$0xfefefefe,$r2
-	and	\$0x1b1b1b1b,$acc
-	mov	$sn,$tmp
-	xor	$acc,$r2
-
-	xor	$r2,$sn
-	rol	\$24,$sn
-	xor	$r2,$sn
-	ror	\$16,$tmp
-	xor	$tmp,$sn
-	ror	\$8,$tmp
-	xor	$tmp,$sn
-___
-}
-
-# unlike decrypt case it does not pay off to parallelize enctransform
-sub enctransform()
-{ my ($t3,$r20,$r21)=($acc2,"%r8d","%r9d");
-
-$code.=<<___;
-	mov	\$0x80808080,$t0
-	mov	\$0x80808080,$t1
-	and	$s0,$t0
-	and	$s1,$t1
-	mov	$t0,$acc0
-	mov	$t1,$acc1
-	shr	\$7,$t0
-	lea	($s0,$s0),$r20
-	shr	\$7,$t1
-	lea	($s1,$s1),$r21
-	sub	$t0,$acc0
-	sub	$t1,$acc1
-	and	\$0xfefefefe,$r20
-	and	\$0xfefefefe,$r21
-	and	\$0x1b1b1b1b,$acc0
-	and	\$0x1b1b1b1b,$acc1
-	mov	$s0,$t0
-	mov	$s1,$t1
-	xor	$acc0,$r20
-	xor	$acc1,$r21
-
-	xor	$r20,$s0
-	xor	$r21,$s1
-	 mov	\$0x80808080,$t2
-	rol	\$24,$s0
-	 mov	\$0x80808080,$t3
-	rol	\$24,$s1
-	 and	$s2,$t2
-	 and	$s3,$t3
-	xor	$r20,$s0
-	xor	$r21,$s1
-	 mov	$t2,$acc0
-	ror	\$16,$t0
-	 mov	$t3,$acc1
-	ror	\$16,$t1
-	 lea	($s2,$s2),$r20
-	 shr	\$7,$t2
-	xor	$t0,$s0
-	 shr	\$7,$t3
-	xor	$t1,$s1
-	ror	\$8,$t0
-	 lea	($s3,$s3),$r21
-	ror	\$8,$t1
-	 sub	$t2,$acc0
-	 sub	$t3,$acc1
-	xor	$t0,$s0
-	xor	$t1,$s1
-
-	and	\$0xfefefefe,$r20
-	and	\$0xfefefefe,$r21
-	and	\$0x1b1b1b1b,$acc0
-	and	\$0x1b1b1b1b,$acc1
-	mov	$s2,$t2
-	mov	$s3,$t3
-	xor	$acc0,$r20
-	xor	$acc1,$r21
-
-	ror	\$16,$t2
-	xor	$r20,$s2
-	ror	\$16,$t3
-	xor	$r21,$s3
-	rol	\$24,$s2
-	mov	0($sbox),$acc0			# prefetch Te4
-	rol	\$24,$s3
-	xor	$r20,$s2
-	mov	64($sbox),$acc1
-	xor	$r21,$s3
-	mov	128($sbox),$r20
-	xor	$t2,$s2
-	ror	\$8,$t2
-	xor	$t3,$s3
-	ror	\$8,$t3
-	xor	$t2,$s2
-	mov	192($sbox),$r21
-	xor	$t3,$s3
-___
-}
-
-$code.=<<___;
-.type	_x86_64_AES_encrypt_compact,\@abi-omnipotent
-.align	16
-_x86_64_AES_encrypt_compact:
-.cfi_startproc
-	lea	128($sbox),$inp			# size optimization
-	mov	0-128($inp),$acc1		# prefetch Te4
-	mov	32-128($inp),$acc2
-	mov	64-128($inp),$t0
-	mov	96-128($inp),$t1
-	mov	128-128($inp),$acc1
-	mov	160-128($inp),$acc2
-	mov	192-128($inp),$t0
-	mov	224-128($inp),$t1
-	jmp	.Lenc_loop_compact
-.align	16
-.Lenc_loop_compact:
-		xor	0($key),$s0		# xor with key
-		xor	4($key),$s1
-		xor	8($key),$s2
-		xor	12($key),$s3
-		lea	16($key),$key
-___
-		&enccompactvert();
-$code.=<<___;
-		cmp	16(%rsp),$key
-		je	.Lenc_compact_done
-___
-		&enctransform();
-$code.=<<___;
-	jmp	.Lenc_loop_compact
-.align	16
-.Lenc_compact_done:
-	xor	0($key),$s0
-	xor	4($key),$s1
-	xor	8($key),$s2
-	xor	12($key),$s3
-	.byte	0xf3,0xc3			# rep ret
-.cfi_endproc
-.size	_x86_64_AES_encrypt_compact,.-_x86_64_AES_encrypt_compact
-___
-
-# void AES_encrypt (const void *inp,void *out,const AES_KEY *key);
-$code.=<<___;
-.globl	AES_encrypt
-.type	AES_encrypt,\@function,3
-.align	16
-.globl	asm_AES_encrypt
-.hidden	asm_AES_encrypt
-asm_AES_encrypt:
-AES_encrypt:
-.cfi_startproc
-	mov	%rsp,%rax
-.cfi_def_cfa_register	%rax
-	push	%rbx
-.cfi_push	%rbx
-	push	%rbp
-.cfi_push	%rbp
-	push	%r12
-.cfi_push	%r12
-	push	%r13
-.cfi_push	%r13
-	push	%r14
-.cfi_push	%r14
-	push	%r15
-.cfi_push	%r15
-
-	# allocate frame "above" key schedule
-	lea	-63(%rdx),%rcx	# %rdx is key argument
-	and	\$-64,%rsp
-	sub	%rsp,%rcx
-	neg	%rcx
-	and	\$0x3c0,%rcx
-	sub	%rcx,%rsp
-	sub	\$32,%rsp
-
-	mov	%rsi,16(%rsp)	# save out
-	mov	%rax,24(%rsp)	# save original stack pointer
-.cfi_cfa_expression	%rsp+24,deref,+8
-.Lenc_prologue:
-
-	mov	%rdx,$key
-	mov	240($key),$rnds	# load rounds
-
-	mov	0(%rdi),$s0	# load input vector
-	mov	4(%rdi),$s1
-	mov	8(%rdi),$s2
-	mov	12(%rdi),$s3
-
-	shl	\$4,$rnds
-	lea	($key,$rnds),%rbp
-	mov	$key,(%rsp)	# key schedule
-	mov	%rbp,8(%rsp)	# end of key schedule
-
-	# pick Te4 copy which can't "overlap" with stack frame or key schedule
-	lea	.LAES_Te+2048(%rip),$sbox
-	lea	768(%rsp),%rbp
-	sub	$sbox,%rbp
-	and	\$0x300,%rbp
-	lea	($sbox,%rbp),$sbox
-
-	call	_x86_64_AES_encrypt_compact
-
-	mov	16(%rsp),$out	# restore out
-	mov	24(%rsp),%rsi	# restore saved stack pointer
-.cfi_def_cfa	%rsi,8
-	mov	$s0,0($out)	# write output vector
-	mov	$s1,4($out)
-	mov	$s2,8($out)
-	mov	$s3,12($out)
-
-	mov	-48(%rsi),%r15
-.cfi_restore	%r15
-	mov	-40(%rsi),%r14
-.cfi_restore	%r14
-	mov	-32(%rsi),%r13
-.cfi_restore	%r13
-	mov	-24(%rsi),%r12
-.cfi_restore	%r12
-	mov	-16(%rsi),%rbp
-.cfi_restore	%rbp
-	mov	-8(%rsi),%rbx
-.cfi_restore	%rbx
-	lea	(%rsi),%rsp
-.cfi_def_cfa_register	%rsp
-.Lenc_epilogue:
-	ret
-.cfi_endproc
-.size	AES_encrypt,.-AES_encrypt
-___
-
-#------------------------------------------------------------------#
-
-sub decvert()
-{ my $t3="%r8d";	# zaps $inp!
-
-$code.=<<___;
-	# favor 3-way issue Opteron pipeline...
-	movzb	`&lo("$s0")`,$acc0
-	movzb	`&lo("$s1")`,$acc1
-	movzb	`&lo("$s2")`,$acc2
-	mov	0($sbox,$acc0,8),$t0
-	mov	0($sbox,$acc1,8),$t1
-	mov	0($sbox,$acc2,8),$t2
-
-	movzb	`&hi("$s3")`,$acc0
-	movzb	`&hi("$s0")`,$acc1
-	movzb	`&lo("$s3")`,$acc2
-	xor	3($sbox,$acc0,8),$t0
-	xor	3($sbox,$acc1,8),$t1
-	mov	0($sbox,$acc2,8),$t3
-
-	movzb	`&hi("$s1")`,$acc0
-	shr	\$16,$s0
-	movzb	`&hi("$s2")`,$acc2
-	xor	3($sbox,$acc0,8),$t2
-	shr	\$16,$s3
-	xor	3($sbox,$acc2,8),$t3
-
-	shr	\$16,$s1
-	lea	16($key),$key
-	shr	\$16,$s2
-
-	movzb	`&lo("$s2")`,$acc0
-	movzb	`&lo("$s3")`,$acc1
-	movzb	`&lo("$s0")`,$acc2
-	xor	2($sbox,$acc0,8),$t0
-	xor	2($sbox,$acc1,8),$t1
-	xor	2($sbox,$acc2,8),$t2
-
-	movzb	`&hi("$s1")`,$acc0
-	movzb	`&hi("$s2")`,$acc1
-	movzb	`&lo("$s1")`,$acc2
-	xor	1($sbox,$acc0,8),$t0
-	xor	1($sbox,$acc1,8),$t1
-	xor	2($sbox,$acc2,8),$t3
-
-	movzb	`&hi("$s3")`,$acc0
-	mov	12($key),$s3
-	movzb	`&hi("$s0")`,$acc2
-	xor	1($sbox,$acc0,8),$t2
-	mov	0($key),$s0
-	xor	1($sbox,$acc2,8),$t3
-
-	xor	$t0,$s0
-	mov	4($key),$s1
-	mov	8($key),$s2
-	xor	$t2,$s2
-	xor	$t1,$s1
-	xor	$t3,$s3
-___
-}
-
-sub declastvert()
-{ my $t3="%r8d";	# zaps $inp!
-
-$code.=<<___;
-	lea	2048($sbox),$sbox	# size optimization
-	movzb	`&lo("$s0")`,$acc0
-	movzb	`&lo("$s1")`,$acc1
-	movzb	`&lo("$s2")`,$acc2
-	movzb	($sbox,$acc0,1),$t0
-	movzb	($sbox,$acc1,1),$t1
-	movzb	($sbox,$acc2,1),$t2
-
-	movzb	`&lo("$s3")`,$acc0
-	movzb	`&hi("$s3")`,$acc1
-	movzb	`&hi("$s0")`,$acc2
-	movzb	($sbox,$acc0,1),$t3
-	movzb	($sbox,$acc1,1),$acc1	#$t0
-	movzb	($sbox,$acc2,1),$acc2	#$t1
-
-	shl	\$8,$acc1
-	shl	\$8,$acc2
-
-	xor	$acc1,$t0
-	xor	$acc2,$t1
-	shr	\$16,$s3
-
-	movzb	`&hi("$s1")`,$acc0
-	movzb	`&hi("$s2")`,$acc1
-	shr	\$16,$s0
-	movzb	($sbox,$acc0,1),$acc0	#$t2
-	movzb	($sbox,$acc1,1),$acc1	#$t3
-
-	shl	\$8,$acc0
-	shl	\$8,$acc1
-	shr	\$16,$s1
-	xor	$acc0,$t2
-	xor	$acc1,$t3
-	shr	\$16,$s2
-
-	movzb	`&lo("$s2")`,$acc0
-	movzb	`&lo("$s3")`,$acc1
-	movzb	`&lo("$s0")`,$acc2
-	movzb	($sbox,$acc0,1),$acc0	#$t0
-	movzb	($sbox,$acc1,1),$acc1	#$t1
-	movzb	($sbox,$acc2,1),$acc2	#$t2
-
-	shl	\$16,$acc0
-	shl	\$16,$acc1
-	shl	\$16,$acc2
-
-	xor	$acc0,$t0
-	xor	$acc1,$t1
-	xor	$acc2,$t2
-
-	movzb	`&lo("$s1")`,$acc0
-	movzb	`&hi("$s1")`,$acc1
-	movzb	`&hi("$s2")`,$acc2
-	movzb	($sbox,$acc0,1),$acc0	#$t3
-	movzb	($sbox,$acc1,1),$acc1	#$t0
-	movzb	($sbox,$acc2,1),$acc2	#$t1
-
-	shl	\$16,$acc0
-	shl	\$24,$acc1
-	shl	\$24,$acc2
-
-	xor	$acc0,$t3
-	xor	$acc1,$t0
-	xor	$acc2,$t1
-
-	movzb	`&hi("$s3")`,$acc0
-	movzb	`&hi("$s0")`,$acc1
-	mov	16+12($key),$s3
-	movzb	($sbox,$acc0,1),$acc0	#$t2
-	movzb	($sbox,$acc1,1),$acc1	#$t3
-	mov	16+0($key),$s0
-
-	shl	\$24,$acc0
-	shl	\$24,$acc1
-
-	xor	$acc0,$t2
-	xor	$acc1,$t3
-
-	mov	16+4($key),$s1
-	mov	16+8($key),$s2
-	lea	-2048($sbox),$sbox
-	xor	$t0,$s0
-	xor	$t1,$s1
-	xor	$t2,$s2
-	xor	$t3,$s3
-___
-}
-
-sub decstep()
-{ my ($i,@s) = @_;
-  my $tmp0=$acc0;
-  my $tmp1=$acc1;
-  my $tmp2=$acc2;
-  my $out=($t0,$t1,$t2,$s[0])[$i];
-
-	$code.="	mov	$s[0],$out\n"		if ($i!=3);
-			$tmp1=$s[2]			if ($i==3);
-	$code.="	mov	$s[2],$tmp1\n"		if ($i!=3);
-	$code.="	and	\$0xFF,$out\n";
-
-	$code.="	mov	0($sbox,$out,8),$out\n";
-	$code.="	shr	\$16,$tmp1\n";
-			$tmp2=$s[3]			if ($i==3);
-	$code.="	mov	$s[3],$tmp2\n"		if ($i!=3);
-
-			$tmp0=$s[1]			if ($i==3);
-	$code.="	movzb	".&hi($s[1]).",$tmp0\n";
-	$code.="	and	\$0xFF,$tmp1\n";
-	$code.="	shr	\$24,$tmp2\n";
-
-	$code.="	xor	3($sbox,$tmp0,8),$out\n";
-	$code.="	xor	2($sbox,$tmp1,8),$out\n";
-	$code.="	xor	1($sbox,$tmp2,8),$out\n";
-
-	$code.="	mov	$t2,$s[1]\n"		if ($i==3);
-	$code.="	mov	$t1,$s[2]\n"		if ($i==3);
-	$code.="	mov	$t0,$s[3]\n"		if ($i==3);
-	$code.="\n";
-}
-
-sub declast()
-{ my ($i,@s)=@_;
-  my $tmp0=$acc0;
-  my $tmp1=$acc1;
-  my $tmp2=$acc2;
-  my $out=($t0,$t1,$t2,$s[0])[$i];
-
-	$code.="	mov	$s[0],$out\n"		if ($i!=3);
-			$tmp1=$s[2]			if ($i==3);
-	$code.="	mov	$s[2],$tmp1\n"		if ($i!=3);
-	$code.="	and	\$0xFF,$out\n";
-
-	$code.="	movzb	2048($sbox,$out,1),$out\n";
-	$code.="	shr	\$16,$tmp1\n";
-			$tmp2=$s[3]			if ($i==3);
-	$code.="	mov	$s[3],$tmp2\n"		if ($i!=3);
-
-			$tmp0=$s[1]			if ($i==3);
-	$code.="	movzb	".&hi($s[1]).",$tmp0\n";
-	$code.="	and	\$0xFF,$tmp1\n";
-	$code.="	shr	\$24,$tmp2\n";
-
-	$code.="	movzb	2048($sbox,$tmp0,1),$tmp0\n";
-	$code.="	movzb	2048($sbox,$tmp1,1),$tmp1\n";
-	$code.="	movzb	2048($sbox,$tmp2,1),$tmp2\n";
-
-	$code.="	shl	\$8,$tmp0\n";
-	$code.="	shl	\$16,$tmp1\n";
-	$code.="	shl	\$24,$tmp2\n";
-
-	$code.="	xor	$tmp0,$out\n";
-	$code.="	mov	$t2,$s[1]\n"		if ($i==3);
-	$code.="	xor	$tmp1,$out\n";
-	$code.="	mov	$t1,$s[2]\n"		if ($i==3);
-	$code.="	xor	$tmp2,$out\n";
-	$code.="	mov	$t0,$s[3]\n"		if ($i==3);
-	$code.="\n";
-}
-
-$code.=<<___;
-.type	_x86_64_AES_decrypt,\@abi-omnipotent
-.align	16
-_x86_64_AES_decrypt:
-	xor	0($key),$s0			# xor with key
-	xor	4($key),$s1
-	xor	8($key),$s2
-	xor	12($key),$s3
-
-	mov	240($key),$rnds			# load key->rounds
-	sub	\$1,$rnds
-	jmp	.Ldec_loop
-.align	16
-.Ldec_loop:
-___
-	if ($verticalspin) { &decvert(); }
-	else {	&decstep(0,$s0,$s3,$s2,$s1);
-		&decstep(1,$s1,$s0,$s3,$s2);
-		&decstep(2,$s2,$s1,$s0,$s3);
-		&decstep(3,$s3,$s2,$s1,$s0);
-		$code.=<<___;
-		lea	16($key),$key
-		xor	0($key),$s0			# xor with key
-		xor	4($key),$s1
-		xor	8($key),$s2
-		xor	12($key),$s3
-___
-	}
-$code.=<<___;
-	sub	\$1,$rnds
-	jnz	.Ldec_loop
-___
-	if ($verticalspin) { &declastvert(); }
-	else {	&declast(0,$s0,$s3,$s2,$s1);
-		&declast(1,$s1,$s0,$s3,$s2);
-		&declast(2,$s2,$s1,$s0,$s3);
-		&declast(3,$s3,$s2,$s1,$s0);
-		$code.=<<___;
-		xor	16+0($key),$s0			# xor with key
-		xor	16+4($key),$s1
-		xor	16+8($key),$s2
-		xor	16+12($key),$s3
-___
-	}
-$code.=<<___;
-	.byte	0xf3,0xc3			# rep ret
-.size	_x86_64_AES_decrypt,.-_x86_64_AES_decrypt
-___
-
-sub deccompactvert()
-{ my ($t3,$t4,$t5)=("%r8d","%r9d","%r13d");
-
-$code.=<<___;
-	movzb	`&lo("$s0")`,$t0
-	movzb	`&lo("$s1")`,$t1
-	movzb	`&lo("$s2")`,$t2
-	movzb	`&lo("$s3")`,$t3
-	movzb	`&hi("$s3")`,$acc0
-	movzb	`&hi("$s0")`,$acc1
-	shr	\$16,$s3
-	movzb	`&hi("$s1")`,$acc2
-	movzb	($sbox,$t0,1),$t0
-	movzb	($sbox,$t1,1),$t1
-	movzb	($sbox,$t2,1),$t2
-	movzb	($sbox,$t3,1),$t3
-
-	movzb	($sbox,$acc0,1),$t4	#$t0
-	movzb	`&hi("$s2")`,$acc0
-	movzb	($sbox,$acc1,1),$t5	#$t1
-	movzb	($sbox,$acc2,1),$acc2	#$t2
-	movzb	($sbox,$acc0,1),$acc0	#$t3
-
-	shr	\$16,$s2
-	shl	\$8,$t5
-	shl	\$8,$t4
-	movzb	`&lo("$s2")`,$acc1
-	shr	\$16,$s0
-	xor	$t4,$t0
-	shr	\$16,$s1
-	movzb	`&lo("$s3")`,$t4
-
-	shl	\$8,$acc2
-	xor	$t5,$t1
-	shl	\$8,$acc0
-	movzb	`&lo("$s0")`,$t5
-	movzb	($sbox,$acc1,1),$acc1	#$t0
-	xor	$acc2,$t2
-	movzb	`&lo("$s1")`,$acc2
-
-	shl	\$16,$acc1
-	xor	$acc0,$t3
-	movzb	($sbox,$t4,1),$t4	#$t1
-	movzb	`&hi("$s1")`,$acc0
-	movzb	($sbox,$acc2,1),$acc2	#$t3
-	xor	$acc1,$t0
-	movzb	($sbox,$t5,1),$t5	#$t2
-	movzb	`&hi("$s2")`,$acc1
-
-	shl	\$16,$acc2
-	shl	\$16,$t4
-	shl	\$16,$t5
-	xor	$acc2,$t3
-	movzb	`&hi("$s3")`,$acc2
-	xor	$t4,$t1
-	shr	\$8,$s0
-	xor	$t5,$t2
-
-	movzb	($sbox,$acc0,1),$acc0	#$t0
-	movzb	($sbox,$acc1,1),$s1	#$t1
-	movzb	($sbox,$acc2,1),$s2	#$t2
-	movzb	($sbox,$s0,1),$s3	#$t3
-
-	mov	$t0,$s0
-	shl	\$24,$acc0
-	shl	\$24,$s1
-	shl	\$24,$s2
-	xor	$acc0,$s0
-	shl	\$24,$s3
-	xor	$t1,$s1
-	xor	$t2,$s2
-	xor	$t3,$s3
-___
-}
-
-# parallelized version! input is pair of 64-bit values: %rax=s1.s0
-# and %rcx=s3.s2, output is four 32-bit values in %eax=s0, %ebx=s1,
-# %ecx=s2 and %edx=s3.
-sub dectransform()
-{ my ($tp10,$tp20,$tp40,$tp80,$acc0)=("%rax","%r8", "%r9", "%r10","%rbx");
-  my ($tp18,$tp28,$tp48,$tp88,$acc8)=("%rcx","%r11","%r12","%r13","%rdx");
-  my $prefetch = shift;
-
-$code.=<<___;
-	mov	$mask80,$tp40
-	mov	$mask80,$tp48
-	and	$tp10,$tp40
-	and	$tp18,$tp48
-	mov	$tp40,$acc0
-	mov	$tp48,$acc8
-	shr	\$7,$tp40
-	lea	($tp10,$tp10),$tp20
-	shr	\$7,$tp48
-	lea	($tp18,$tp18),$tp28
-	sub	$tp40,$acc0
-	sub	$tp48,$acc8
-	and	$maskfe,$tp20
-	and	$maskfe,$tp28
-	and	$mask1b,$acc0
-	and	$mask1b,$acc8
-	xor	$acc0,$tp20
-	xor	$acc8,$tp28
-	mov	$mask80,$tp80
-	mov	$mask80,$tp88
-
-	and	$tp20,$tp80
-	and	$tp28,$tp88
-	mov	$tp80,$acc0
-	mov	$tp88,$acc8
-	shr	\$7,$tp80
-	lea	($tp20,$tp20),$tp40
-	shr	\$7,$tp88
-	lea	($tp28,$tp28),$tp48
-	sub	$tp80,$acc0
-	sub	$tp88,$acc8
-	and	$maskfe,$tp40
-	and	$maskfe,$tp48
-	and	$mask1b,$acc0
-	and	$mask1b,$acc8
-	xor	$acc0,$tp40
-	xor	$acc8,$tp48
-	mov	$mask80,$tp80
-	mov	$mask80,$tp88
-
-	and	$tp40,$tp80
-	and	$tp48,$tp88
-	mov	$tp80,$acc0
-	mov	$tp88,$acc8
-	shr	\$7,$tp80
-	 xor	$tp10,$tp20		# tp2^=tp1
-	shr	\$7,$tp88
-	 xor	$tp18,$tp28		# tp2^=tp1
-	sub	$tp80,$acc0
-	sub	$tp88,$acc8
-	lea	($tp40,$tp40),$tp80
-	lea	($tp48,$tp48),$tp88
-	 xor	$tp10,$tp40		# tp4^=tp1
-	 xor	$tp18,$tp48		# tp4^=tp1
-	and	$maskfe,$tp80
-	and	$maskfe,$tp88
-	and	$mask1b,$acc0
-	and	$mask1b,$acc8
-	xor	$acc0,$tp80
-	xor	$acc8,$tp88
-
-	xor	$tp80,$tp10		# tp1^=tp8
-	xor	$tp88,$tp18		# tp1^=tp8
-	xor	$tp80,$tp20		# tp2^tp1^=tp8
-	xor	$tp88,$tp28		# tp2^tp1^=tp8
-	mov	$tp10,$acc0
-	mov	$tp18,$acc8
-	xor	$tp80,$tp40		# tp4^tp1^=tp8
-	shr	\$32,$acc0
-	xor	$tp88,$tp48		# tp4^tp1^=tp8
-	shr	\$32,$acc8
-	xor	$tp20,$tp80		# tp8^=tp8^tp2^tp1=tp2^tp1
-	rol	\$8,`&LO("$tp10")`	# ROTATE(tp1^tp8,8)
-	xor	$tp28,$tp88		# tp8^=tp8^tp2^tp1=tp2^tp1
-	rol	\$8,`&LO("$tp18")`	# ROTATE(tp1^tp8,8)
-	xor	$tp40,$tp80		# tp2^tp1^=tp8^tp4^tp1=tp8^tp4^tp2
-	rol	\$8,`&LO("$acc0")`	# ROTATE(tp1^tp8,8)
-	xor	$tp48,$tp88		# tp2^tp1^=tp8^tp4^tp1=tp8^tp4^tp2
-
-	rol	\$8,`&LO("$acc8")`	# ROTATE(tp1^tp8,8)
-	xor	`&LO("$tp80")`,`&LO("$tp10")`
-	shr	\$32,$tp80
-	xor	`&LO("$tp88")`,`&LO("$tp18")`
-	shr	\$32,$tp88
-	xor	`&LO("$tp80")`,`&LO("$acc0")`
-	xor	`&LO("$tp88")`,`&LO("$acc8")`
-
-	mov	$tp20,$tp80
-	rol	\$24,`&LO("$tp20")`	# ROTATE(tp2^tp1^tp8,24)
-	mov	$tp28,$tp88
-	rol	\$24,`&LO("$tp28")`	# ROTATE(tp2^tp1^tp8,24)
-	shr	\$32,$tp80
-	xor	`&LO("$tp20")`,`&LO("$tp10")`
-	shr	\$32,$tp88
-	xor	`&LO("$tp28")`,`&LO("$tp18")`
-	rol	\$24,`&LO("$tp80")`	# ROTATE(tp2^tp1^tp8,24)
-	mov	$tp40,$tp20
-	rol	\$24,`&LO("$tp88")`	# ROTATE(tp2^tp1^tp8,24)
-	mov	$tp48,$tp28
-	shr	\$32,$tp20
-	xor	`&LO("$tp80")`,`&LO("$acc0")`
-	shr	\$32,$tp28
-	xor	`&LO("$tp88")`,`&LO("$acc8")`
-
-	`"mov	0($sbox),$mask80"	if ($prefetch)`
-	rol	\$16,`&LO("$tp40")`	# ROTATE(tp4^tp1^tp8,16)
-	`"mov	64($sbox),$maskfe"	if ($prefetch)`
-	rol	\$16,`&LO("$tp48")`	# ROTATE(tp4^tp1^tp8,16)
-	`"mov	128($sbox),$mask1b"	if ($prefetch)`
-	rol	\$16,`&LO("$tp20")`	# ROTATE(tp4^tp1^tp8,16)
-	`"mov	192($sbox),$tp80"	if ($prefetch)`
-	xor	`&LO("$tp40")`,`&LO("$tp10")`
-	rol	\$16,`&LO("$tp28")`	# ROTATE(tp4^tp1^tp8,16)
-	xor	`&LO("$tp48")`,`&LO("$tp18")`
-	`"mov	256($sbox),$tp88"	if ($prefetch)`
-	xor	`&LO("$tp20")`,`&LO("$acc0")`
-	xor	`&LO("$tp28")`,`&LO("$acc8")`
-___
-}
-
-$code.=<<___;
-.type	_x86_64_AES_decrypt_compact,\@abi-omnipotent
-.align	16
-_x86_64_AES_decrypt_compact:
-.cfi_startproc
-	lea	128($sbox),$inp			# size optimization
-	mov	0-128($inp),$acc1		# prefetch Td4
-	mov	32-128($inp),$acc2
-	mov	64-128($inp),$t0
-	mov	96-128($inp),$t1
-	mov	128-128($inp),$acc1
-	mov	160-128($inp),$acc2
-	mov	192-128($inp),$t0
-	mov	224-128($inp),$t1
-	jmp	.Ldec_loop_compact
-
-.align	16
-.Ldec_loop_compact:
-		xor	0($key),$s0		# xor with key
-		xor	4($key),$s1
-		xor	8($key),$s2
-		xor	12($key),$s3
-		lea	16($key),$key
-___
-		&deccompactvert();
-$code.=<<___;
-		cmp	16(%rsp),$key
-		je	.Ldec_compact_done
-
-		mov	256+0($sbox),$mask80
-		shl	\$32,%rbx
-		shl	\$32,%rdx
-		mov	256+8($sbox),$maskfe
-		or	%rbx,%rax
-		or	%rdx,%rcx
-		mov	256+16($sbox),$mask1b
-___
-		&dectransform(1);
-$code.=<<___;
-	jmp	.Ldec_loop_compact
-.align	16
-.Ldec_compact_done:
-	xor	0($key),$s0
-	xor	4($key),$s1
-	xor	8($key),$s2
-	xor	12($key),$s3
-	.byte	0xf3,0xc3			# rep ret
-.cfi_endproc
-.size	_x86_64_AES_decrypt_compact,.-_x86_64_AES_decrypt_compact
-___
-
-# void AES_decrypt (const void *inp,void *out,const AES_KEY *key);
-$code.=<<___;
-.globl	AES_decrypt
-.type	AES_decrypt,\@function,3
-.align	16
-.globl	asm_AES_decrypt
-.hidden	asm_AES_decrypt
-asm_AES_decrypt:
-AES_decrypt:
-.cfi_startproc
-	mov	%rsp,%rax
-.cfi_def_cfa_register	%rax
-	push	%rbx
-.cfi_push	%rbx
-	push	%rbp
-.cfi_push	%rbp
-	push	%r12
-.cfi_push	%r12
-	push	%r13
-.cfi_push	%r13
-	push	%r14
-.cfi_push	%r14
-	push	%r15
-.cfi_push	%r15
-
-	# allocate frame "above" key schedule
-	lea	-63(%rdx),%rcx	# %rdx is key argument
-	and	\$-64,%rsp
-	sub	%rsp,%rcx
-	neg	%rcx
-	and	\$0x3c0,%rcx
-	sub	%rcx,%rsp
-	sub	\$32,%rsp
-
-	mov	%rsi,16(%rsp)	# save out
-	mov	%rax,24(%rsp)	# save original stack pointer
-.cfi_cfa_expression	%rsp+24,deref,+8
-.Ldec_prologue:
-
-	mov	%rdx,$key
-	mov	240($key),$rnds	# load rounds
-
-	mov	0(%rdi),$s0	# load input vector
-	mov	4(%rdi),$s1
-	mov	8(%rdi),$s2
-	mov	12(%rdi),$s3
-
-	shl	\$4,$rnds
-	lea	($key,$rnds),%rbp
-	mov	$key,(%rsp)	# key schedule
-	mov	%rbp,8(%rsp)	# end of key schedule
-
-	# pick Td4 copy which can't "overlap" with stack frame or key schedule
-	lea	.LAES_Td+2048(%rip),$sbox
-	lea	768(%rsp),%rbp
-	sub	$sbox,%rbp
-	and	\$0x300,%rbp
-	lea	($sbox,%rbp),$sbox
-	shr	\$3,%rbp	# recall "magic" constants!
-	add	%rbp,$sbox
-
-	call	_x86_64_AES_decrypt_compact
-
-	mov	16(%rsp),$out	# restore out
-	mov	24(%rsp),%rsi	# restore saved stack pointer
-.cfi_def_cfa	%rsi,8
-	mov	$s0,0($out)	# write output vector
-	mov	$s1,4($out)
-	mov	$s2,8($out)
-	mov	$s3,12($out)
-
-	mov	-48(%rsi),%r15
-.cfi_restore	%r15
-	mov	-40(%rsi),%r14
-.cfi_restore	%r14
-	mov	-32(%rsi),%r13
-.cfi_restore	%r13
-	mov	-24(%rsi),%r12
-.cfi_restore	%r12
-	mov	-16(%rsi),%rbp
-.cfi_restore	%rbp
-	mov	-8(%rsi),%rbx
-.cfi_restore	%rbx
-	lea	(%rsi),%rsp
-.cfi_def_cfa_register	%rsp
-.Ldec_epilogue:
-	ret
-.cfi_endproc
-.size	AES_decrypt,.-AES_decrypt
-___
-#------------------------------------------------------------------#
-
-sub enckey()
-{
-$code.=<<___;
-	movz	%dl,%esi		# rk[i]>>0
-	movzb	-128(%rbp,%rsi),%ebx
-	movz	%dh,%esi		# rk[i]>>8
-	shl	\$24,%ebx
-	xor	%ebx,%eax
-
-	movzb	-128(%rbp,%rsi),%ebx
-	shr	\$16,%edx
-	movz	%dl,%esi		# rk[i]>>16
-	xor	%ebx,%eax
-
-	movzb	-128(%rbp,%rsi),%ebx
-	movz	%dh,%esi		# rk[i]>>24
-	shl	\$8,%ebx
-	xor	%ebx,%eax
-
-	movzb	-128(%rbp,%rsi),%ebx
-	shl	\$16,%ebx
-	xor	%ebx,%eax
-
-	xor	1024-128(%rbp,%rcx,4),%eax		# rcon
-___
-}
-
-# int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
-#                        AES_KEY *key)
-$code.=<<___;
-.globl	AES_set_encrypt_key
-.type	AES_set_encrypt_key,\@function,3
-.align	16
-AES_set_encrypt_key:
-.cfi_startproc
-	push	%rbx
-.cfi_push	%rbx
-	push	%rbp
-.cfi_push	%rbp
-	push	%r12			# redundant, but allows to share
-.cfi_push	%r12
-	push	%r13			# exception handler...
-.cfi_push	%r13
-	push	%r14
-.cfi_push	%r14
-	push	%r15
-.cfi_push	%r15
-	sub	\$8,%rsp
-.cfi_adjust_cfa_offset	8
-.Lenc_key_prologue:
-
-	call	_x86_64_AES_set_encrypt_key
-
-	mov	40(%rsp),%rbp
-.cfi_restore	%rbp
-	mov	48(%rsp),%rbx
-.cfi_restore	%rbx
-	add	\$56,%rsp
-.cfi_adjust_cfa_offset	-56
-.Lenc_key_epilogue:
-	ret
-.cfi_endproc
-.size	AES_set_encrypt_key,.-AES_set_encrypt_key
-
-.type	_x86_64_AES_set_encrypt_key,\@abi-omnipotent
-.align	16
-_x86_64_AES_set_encrypt_key:
-.cfi_startproc
-	mov	%esi,%ecx			# %ecx=bits
-	mov	%rdi,%rsi			# %rsi=userKey
-	mov	%rdx,%rdi			# %rdi=key
-
-	test	\$-1,%rsi
-	jz	.Lbadpointer
-	test	\$-1,%rdi
-	jz	.Lbadpointer
-
-	lea	.LAES_Te(%rip),%rbp
-	lea	2048+128(%rbp),%rbp
-
-	# prefetch Te4
-	mov	0-128(%rbp),%eax
-	mov	32-128(%rbp),%ebx
-	mov	64-128(%rbp),%r8d
-	mov	96-128(%rbp),%edx
-	mov	128-128(%rbp),%eax
-	mov	160-128(%rbp),%ebx
-	mov	192-128(%rbp),%r8d
-	mov	224-128(%rbp),%edx
-
-	cmp	\$128,%ecx
-	je	.L10rounds
-	cmp	\$192,%ecx
-	je	.L12rounds
-	cmp	\$256,%ecx
-	je	.L14rounds
-	mov	\$-2,%rax			# invalid number of bits
-	jmp	.Lexit
-
-.L10rounds:
-	mov	0(%rsi),%rax			# copy first 4 dwords
-	mov	8(%rsi),%rdx
-	mov	%rax,0(%rdi)
-	mov	%rdx,8(%rdi)
-
-	shr	\$32,%rdx
-	xor	%ecx,%ecx
-	jmp	.L10shortcut
-.align	4
-.L10loop:
-		mov	0(%rdi),%eax			# rk[0]
-		mov	12(%rdi),%edx			# rk[3]
-.L10shortcut:
-___
-		&enckey	();
-$code.=<<___;
-		mov	%eax,16(%rdi)			# rk[4]
-		xor	4(%rdi),%eax
-		mov	%eax,20(%rdi)			# rk[5]
-		xor	8(%rdi),%eax
-		mov	%eax,24(%rdi)			# rk[6]
-		xor	12(%rdi),%eax
-		mov	%eax,28(%rdi)			# rk[7]
-		add	\$1,%ecx
-		lea	16(%rdi),%rdi
-		cmp	\$10,%ecx
-	jl	.L10loop
-
-	movl	\$10,80(%rdi)			# setup number of rounds
-	xor	%rax,%rax
-	jmp	.Lexit
-
-.L12rounds:
-	mov	0(%rsi),%rax			# copy first 6 dwords
-	mov	8(%rsi),%rbx
-	mov	16(%rsi),%rdx
-	mov	%rax,0(%rdi)
-	mov	%rbx,8(%rdi)
-	mov	%rdx,16(%rdi)
-
-	shr	\$32,%rdx
-	xor	%ecx,%ecx
-	jmp	.L12shortcut
-.align	4
-.L12loop:
-		mov	0(%rdi),%eax			# rk[0]
-		mov	20(%rdi),%edx			# rk[5]
-.L12shortcut:
-___
-		&enckey	();
-$code.=<<___;
-		mov	%eax,24(%rdi)			# rk[6]
-		xor	4(%rdi),%eax
-		mov	%eax,28(%rdi)			# rk[7]
-		xor	8(%rdi),%eax
-		mov	%eax,32(%rdi)			# rk[8]
-		xor	12(%rdi),%eax
-		mov	%eax,36(%rdi)			# rk[9]
-
-		cmp	\$7,%ecx
-		je	.L12break
-		add	\$1,%ecx
-
-		xor	16(%rdi),%eax
-		mov	%eax,40(%rdi)			# rk[10]
-		xor	20(%rdi),%eax
-		mov	%eax,44(%rdi)			# rk[11]
-
-		lea	24(%rdi),%rdi
-	jmp	.L12loop
-.L12break:
-	movl	\$12,72(%rdi)		# setup number of rounds
-	xor	%rax,%rax
-	jmp	.Lexit
-
-.L14rounds:
-	mov	0(%rsi),%rax			# copy first 8 dwords
-	mov	8(%rsi),%rbx
-	mov	16(%rsi),%rcx
-	mov	24(%rsi),%rdx
-	mov	%rax,0(%rdi)
-	mov	%rbx,8(%rdi)
-	mov	%rcx,16(%rdi)
-	mov	%rdx,24(%rdi)
-
-	shr	\$32,%rdx
-	xor	%ecx,%ecx
-	jmp	.L14shortcut
-.align	4
-.L14loop:
-		mov	0(%rdi),%eax			# rk[0]
-		mov	28(%rdi),%edx			# rk[4]
-.L14shortcut:
-___
-		&enckey	();
-$code.=<<___;
-		mov	%eax,32(%rdi)			# rk[8]
-		xor	4(%rdi),%eax
-		mov	%eax,36(%rdi)			# rk[9]
-		xor	8(%rdi),%eax
-		mov	%eax,40(%rdi)			# rk[10]
-		xor	12(%rdi),%eax
-		mov	%eax,44(%rdi)			# rk[11]
-
-		cmp	\$6,%ecx
-		je	.L14break
-		add	\$1,%ecx
-
-		mov	%eax,%edx
-		mov	16(%rdi),%eax			# rk[4]
-		movz	%dl,%esi			# rk[11]>>0
-		movzb	-128(%rbp,%rsi),%ebx
-		movz	%dh,%esi			# rk[11]>>8
-		xor	%ebx,%eax
-
-		movzb	-128(%rbp,%rsi),%ebx
-		shr	\$16,%edx
-		shl	\$8,%ebx
-		movz	%dl,%esi			# rk[11]>>16
-		xor	%ebx,%eax
-
-		movzb	-128(%rbp,%rsi),%ebx
-		movz	%dh,%esi			# rk[11]>>24
-		shl	\$16,%ebx
-		xor	%ebx,%eax
-
-		movzb	-128(%rbp,%rsi),%ebx
-		shl	\$24,%ebx
-		xor	%ebx,%eax
-
-		mov	%eax,48(%rdi)			# rk[12]
-		xor	20(%rdi),%eax
-		mov	%eax,52(%rdi)			# rk[13]
-		xor	24(%rdi),%eax
-		mov	%eax,56(%rdi)			# rk[14]
-		xor	28(%rdi),%eax
-		mov	%eax,60(%rdi)			# rk[15]
-
-		lea	32(%rdi),%rdi
-	jmp	.L14loop
-.L14break:
-	movl	\$14,48(%rdi)		# setup number of rounds
-	xor	%rax,%rax
-	jmp	.Lexit
-
-.Lbadpointer:
-	mov	\$-1,%rax
-.Lexit:
-	.byte	0xf3,0xc3			# rep ret
-.cfi_endproc
-.size	_x86_64_AES_set_encrypt_key,.-_x86_64_AES_set_encrypt_key
-___
-
-sub deckey_ref()
-{ my ($i,$ptr,$te,$td) = @_;
-  my ($tp1,$tp2,$tp4,$tp8,$acc)=("%eax","%ebx","%edi","%edx","%r8d");
-$code.=<<___;
-	mov	$i($ptr),$tp1
-	mov	$tp1,$acc
-	and	\$0x80808080,$acc
-	mov	$acc,$tp4
-	shr	\$7,$tp4
-	lea	0($tp1,$tp1),$tp2
-	sub	$tp4,$acc
-	and	\$0xfefefefe,$tp2
-	and	\$0x1b1b1b1b,$acc
-	xor	$tp2,$acc
-	mov	$acc,$tp2
-
-	and	\$0x80808080,$acc
-	mov	$acc,$tp8
-	shr	\$7,$tp8
-	lea	0($tp2,$tp2),$tp4
-	sub	$tp8,$acc
-	and	\$0xfefefefe,$tp4
-	and	\$0x1b1b1b1b,$acc
-	 xor	$tp1,$tp2		# tp2^tp1
-	xor	$tp4,$acc
-	mov	$acc,$tp4
-
-	and	\$0x80808080,$acc
-	mov	$acc,$tp8
-	shr	\$7,$tp8
-	sub	$tp8,$acc
-	lea	0($tp4,$tp4),$tp8
-	 xor	$tp1,$tp4		# tp4^tp1
-	and	\$0xfefefefe,$tp8
-	and	\$0x1b1b1b1b,$acc
-	xor	$acc,$tp8
-
-	xor	$tp8,$tp1		# tp1^tp8
-	rol	\$8,$tp1		# ROTATE(tp1^tp8,8)
-	xor	$tp8,$tp2		# tp2^tp1^tp8
-	xor	$tp8,$tp4		# tp4^tp1^tp8
-	xor	$tp2,$tp8
-	xor	$tp4,$tp8		# tp8^(tp8^tp4^tp1)^(tp8^tp2^tp1)=tp8^tp4^tp2
-
-	xor	$tp8,$tp1
-	rol	\$24,$tp2		# ROTATE(tp2^tp1^tp8,24)
-	xor	$tp2,$tp1
-	rol	\$16,$tp4		# ROTATE(tp4^tp1^tp8,16)
-	xor	$tp4,$tp1
-
-	mov	$tp1,$i($ptr)
-___
-}
-
-# int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
-#                        AES_KEY *key)
-$code.=<<___;
-.globl	AES_set_decrypt_key
-.type	AES_set_decrypt_key,\@function,3
-.align	16
-AES_set_decrypt_key:
-.cfi_startproc
-	push	%rbx
-.cfi_push	%rbx
-	push	%rbp
-.cfi_push	%rbp
-	push	%r12
-.cfi_push	%r12
-	push	%r13
-.cfi_push	%r13
-	push	%r14
-.cfi_push	%r14
-	push	%r15
-.cfi_push	%r15
-	push	%rdx			# save key schedule
-.cfi_adjust_cfa_offset	8
-.Ldec_key_prologue:
-
-	call	_x86_64_AES_set_encrypt_key
-	mov	(%rsp),%r8		# restore key schedule
-	cmp	\$0,%eax
-	jne	.Labort
-
-	mov	240(%r8),%r14d		# pull number of rounds
-	xor	%rdi,%rdi
-	lea	(%rdi,%r14d,4),%rcx
-	mov	%r8,%rsi
-	lea	(%r8,%rcx,4),%rdi	# pointer to last chunk
-.align	4
-.Linvert:
-		mov	0(%rsi),%rax
-		mov	8(%rsi),%rbx
-		mov	0(%rdi),%rcx
-		mov	8(%rdi),%rdx
-		mov	%rax,0(%rdi)
-		mov	%rbx,8(%rdi)
-		mov	%rcx,0(%rsi)
-		mov	%rdx,8(%rsi)
-		lea	16(%rsi),%rsi
-		lea	-16(%rdi),%rdi
-		cmp	%rsi,%rdi
-	jne	.Linvert
-
-	lea	.LAES_Te+2048+1024(%rip),%rax	# rcon
-
-	mov	40(%rax),$mask80
-	mov	48(%rax),$maskfe
-	mov	56(%rax),$mask1b
-
-	mov	%r8,$key
-	sub	\$1,%r14d
-.align	4
-.Lpermute:
-		lea	16($key),$key
-		mov	0($key),%rax
-		mov	8($key),%rcx
-___
-		&dectransform ();
-$code.=<<___;
-		mov	%eax,0($key)
-		mov	%ebx,4($key)
-		mov	%ecx,8($key)
-		mov	%edx,12($key)
-		sub	\$1,%r14d
-	jnz	.Lpermute
-
-	xor	%rax,%rax
-.Labort:
-	mov	8(%rsp),%r15
-.cfi_restore	%r15
-	mov	16(%rsp),%r14
-.cfi_restore	%r14
-	mov	24(%rsp),%r13
-.cfi_restore	%r13
-	mov	32(%rsp),%r12
-.cfi_restore	%r12
-	mov	40(%rsp),%rbp
-.cfi_restore	%rbp
-	mov	48(%rsp),%rbx
-.cfi_restore	%rbx
-	add	\$56,%rsp
-.cfi_adjust_cfa_offset	-56
-.Ldec_key_epilogue:
-	ret
-.cfi_endproc
-.size	AES_set_decrypt_key,.-AES_set_decrypt_key
-___
-
-# void AES_cbc_encrypt (const void char *inp, unsigned char *out,
-#			size_t length, const AES_KEY *key,
-#			unsigned char *ivp,const int enc);
-{
-# stack frame layout
-# -8(%rsp)		return address
-my $keyp="0(%rsp)";		# one to pass as $key
-my $keyend="8(%rsp)";		# &(keyp->rd_key[4*keyp->rounds])
-my $_rsp="16(%rsp)";		# saved %rsp
-my $_inp="24(%rsp)";		# copy of 1st parameter, inp
-my $_out="32(%rsp)";		# copy of 2nd parameter, out
-my $_len="40(%rsp)";		# copy of 3rd parameter, length
-my $_key="48(%rsp)";		# copy of 4th parameter, key
-my $_ivp="56(%rsp)";		# copy of 5th parameter, ivp
-my $ivec="64(%rsp)";		# ivec[16]
-my $aes_key="80(%rsp)";		# copy of aes_key
-my $mark="80+240(%rsp)";	# copy of aes_key->rounds
-
-$code.=<<___;
-.globl	AES_cbc_encrypt
-.type	AES_cbc_encrypt,\@function,6
-.align	16
-.extern	OPENSSL_ia32cap_P
-.globl	asm_AES_cbc_encrypt
-.hidden	asm_AES_cbc_encrypt
-asm_AES_cbc_encrypt:
-AES_cbc_encrypt:
-.cfi_startproc
-	cmp	\$0,%rdx	# check length
-	je	.Lcbc_epilogue
-	pushfq
-# This could be .cfi_push 49, but libunwind fails on registers it does not
-# recognize. See https://bugzilla.redhat.com/show_bug.cgi?id=217087.
-.cfi_adjust_cfa_offset	8
-	push	%rbx
-.cfi_push	%rbx
-	push	%rbp
-.cfi_push	%rbp
-	push	%r12
-.cfi_push	%r12
-	push	%r13
-.cfi_push	%r13
-	push	%r14
-.cfi_push	%r14
-	push	%r15
-.cfi_push	%r15
-.Lcbc_prologue:
-
-	cld
-	mov	%r9d,%r9d	# clear upper half of enc
-
-	lea	.LAES_Te(%rip),$sbox
-	lea	.LAES_Td(%rip),%r10
-	cmp	\$0,%r9
-	cmoveq	%r10,$sbox
-
-.cfi_remember_state
-	mov	OPENSSL_ia32cap_P(%rip),%r10d
-	cmp	\$$speed_limit,%rdx
-	jb	.Lcbc_slow_prologue
-	test	\$15,%rdx
-	jnz	.Lcbc_slow_prologue
-	bt	\$28,%r10d
-	jc	.Lcbc_slow_prologue
-
-	# allocate aligned stack frame...
-	lea	-88-248(%rsp),$key
-	and	\$-64,$key
-
-	# ... and make sure it doesn't alias with AES_T[ed] modulo 4096
-	mov	$sbox,%r10
-	lea	2304($sbox),%r11
-	mov	$key,%r12
-	and	\$0xFFF,%r10	# s = $sbox&0xfff
-	and	\$0xFFF,%r11	# e = ($sbox+2048)&0xfff
-	and	\$0xFFF,%r12	# p = %rsp&0xfff
-
-	cmp	%r11,%r12	# if (p=>e) %rsp =- (p-e);
-	jb	.Lcbc_te_break_out
-	sub	%r11,%r12
-	sub	%r12,$key
-	jmp	.Lcbc_te_ok
-.Lcbc_te_break_out:		# else %rsp -= (p-s)&0xfff + framesz
-	sub	%r10,%r12
-	and	\$0xFFF,%r12
-	add	\$320,%r12
-	sub	%r12,$key
-.align	4
-.Lcbc_te_ok:
-
-	xchg	%rsp,$key
-.cfi_def_cfa_register	$key
-	#add	\$8,%rsp	# reserve for return address!
-	mov	$key,$_rsp	# save %rsp
-.cfi_cfa_expression	$_rsp,deref,+64
-.Lcbc_fast_body:
-	mov	%rdi,$_inp	# save copy of inp
-	mov	%rsi,$_out	# save copy of out
-	mov	%rdx,$_len	# save copy of len
-	mov	%rcx,$_key	# save copy of key
-	mov	%r8,$_ivp	# save copy of ivp
-	movl	\$0,$mark	# copy of aes_key->rounds = 0;
-	mov	%r8,%rbp	# rearrange input arguments
-	mov	%r9,%rbx
-	mov	%rsi,$out
-	mov	%rdi,$inp
-	mov	%rcx,$key
-
-	mov	240($key),%eax		# key->rounds
-	# do we copy key schedule to stack?
-	mov	$key,%r10
-	sub	$sbox,%r10
-	and	\$0xfff,%r10
-	cmp	\$2304,%r10
-	jb	.Lcbc_do_ecopy
-	cmp	\$4096-248,%r10
-	jb	.Lcbc_skip_ecopy
-.align	4
-.Lcbc_do_ecopy:
-		mov	$key,%rsi
-		lea	$aes_key,%rdi
-		lea	$aes_key,$key
-		mov	\$240/8,%ecx
-		.long	0x90A548F3	# rep movsq
-		mov	%eax,(%rdi)	# copy aes_key->rounds
-.Lcbc_skip_ecopy:
-	mov	$key,$keyp	# save key pointer
-
-	mov	\$18,%ecx
-.align	4
-.Lcbc_prefetch_te:
-		mov	0($sbox),%r10
-		mov	32($sbox),%r11
-		mov	64($sbox),%r12
-		mov	96($sbox),%r13
-		lea	128($sbox),$sbox
-		sub	\$1,%ecx
-	jnz	.Lcbc_prefetch_te
-	lea	-2304($sbox),$sbox
-
-	cmp	\$0,%rbx
-	je	.LFAST_DECRYPT
-
-#----------------------------- ENCRYPT -----------------------------#
-	mov	0(%rbp),$s0		# load iv
-	mov	4(%rbp),$s1
-	mov	8(%rbp),$s2
-	mov	12(%rbp),$s3
-
-.align	4
-.Lcbc_fast_enc_loop:
-		xor	0($inp),$s0
-		xor	4($inp),$s1
-		xor	8($inp),$s2
-		xor	12($inp),$s3
-		mov	$keyp,$key	# restore key
-		mov	$inp,$_inp	# if ($verticalspin) save inp
-
-		call	_x86_64_AES_encrypt
-
-		mov	$_inp,$inp	# if ($verticalspin) restore inp
-		mov	$_len,%r10
-		mov	$s0,0($out)
-		mov	$s1,4($out)
-		mov	$s2,8($out)
-		mov	$s3,12($out)
-
-		lea	16($inp),$inp
-		lea	16($out),$out
-		sub	\$16,%r10
-		test	\$-16,%r10
-		mov	%r10,$_len
-	jnz	.Lcbc_fast_enc_loop
-	mov	$_ivp,%rbp	# restore ivp
-	mov	$s0,0(%rbp)	# save ivec
-	mov	$s1,4(%rbp)
-	mov	$s2,8(%rbp)
-	mov	$s3,12(%rbp)
-
-	jmp	.Lcbc_fast_cleanup
-
-#----------------------------- DECRYPT -----------------------------#
-.align	16
-.LFAST_DECRYPT:
-	cmp	$inp,$out
-	je	.Lcbc_fast_dec_in_place
-
-	mov	%rbp,$ivec
-.align	4
-.Lcbc_fast_dec_loop:
-		mov	0($inp),$s0	# read input
-		mov	4($inp),$s1
-		mov	8($inp),$s2
-		mov	12($inp),$s3
-		mov	$keyp,$key	# restore key
-		mov	$inp,$_inp	# if ($verticalspin) save inp
-
-		call	_x86_64_AES_decrypt
-
-		mov	$ivec,%rbp	# load ivp
-		mov	$_inp,$inp	# if ($verticalspin) restore inp
-		mov	$_len,%r10	# load len
-		xor	0(%rbp),$s0	# xor iv
-		xor	4(%rbp),$s1
-		xor	8(%rbp),$s2
-		xor	12(%rbp),$s3
-		mov	$inp,%rbp	# current input, next iv
-
-		sub	\$16,%r10
-		mov	%r10,$_len	# update len
-		mov	%rbp,$ivec	# update ivp
-
-		mov	$s0,0($out)	# write output
-		mov	$s1,4($out)
-		mov	$s2,8($out)
-		mov	$s3,12($out)
-
-		lea	16($inp),$inp
-		lea	16($out),$out
-	jnz	.Lcbc_fast_dec_loop
-	mov	$_ivp,%r12		# load user ivp
-	mov	0(%rbp),%r10		# load iv
-	mov	8(%rbp),%r11
-	mov	%r10,0(%r12)		# copy back to user
-	mov	%r11,8(%r12)
-	jmp	.Lcbc_fast_cleanup
-
-.align	16
-.Lcbc_fast_dec_in_place:
-	mov	0(%rbp),%r10		# copy iv to stack
-	mov	8(%rbp),%r11
-	mov	%r10,0+$ivec
-	mov	%r11,8+$ivec
-.align	4
-.Lcbc_fast_dec_in_place_loop:
-		mov	0($inp),$s0	# load input
-		mov	4($inp),$s1
-		mov	8($inp),$s2
-		mov	12($inp),$s3
-		mov	$keyp,$key	# restore key
-		mov	$inp,$_inp	# if ($verticalspin) save inp
-
-		call	_x86_64_AES_decrypt
-
-		mov	$_inp,$inp	# if ($verticalspin) restore inp
-		mov	$_len,%r10
-		xor	0+$ivec,$s0
-		xor	4+$ivec,$s1
-		xor	8+$ivec,$s2
-		xor	12+$ivec,$s3
-
-		mov	0($inp),%r11	# load input
-		mov	8($inp),%r12
-		sub	\$16,%r10
-		jz	.Lcbc_fast_dec_in_place_done
-
-		mov	%r11,0+$ivec	# copy input to iv
-		mov	%r12,8+$ivec
-
-		mov	$s0,0($out)	# save output [zaps input]
-		mov	$s1,4($out)
-		mov	$s2,8($out)
-		mov	$s3,12($out)
-
-		lea	16($inp),$inp
-		lea	16($out),$out
-		mov	%r10,$_len
-	jmp	.Lcbc_fast_dec_in_place_loop
-.Lcbc_fast_dec_in_place_done:
-	mov	$_ivp,%rdi
-	mov	%r11,0(%rdi)	# copy iv back to user
-	mov	%r12,8(%rdi)
-
-	mov	$s0,0($out)	# save output [zaps input]
-	mov	$s1,4($out)
-	mov	$s2,8($out)
-	mov	$s3,12($out)
-
-.align	4
-.Lcbc_fast_cleanup:
-	cmpl	\$0,$mark	# was the key schedule copied?
-	lea	$aes_key,%rdi
-	je	.Lcbc_exit
-		mov	\$240/8,%ecx
-		xor	%rax,%rax
-		.long	0x90AB48F3	# rep stosq
-
-	jmp	.Lcbc_exit
-
-#--------------------------- SLOW ROUTINE ---------------------------#
-.align	16
-.Lcbc_slow_prologue:
-.cfi_restore_state
-	# allocate aligned stack frame...
-	lea	-88(%rsp),%rbp
-	and	\$-64,%rbp
-	# ... just "above" key schedule
-	lea	-88-63(%rcx),%r10
-	sub	%rbp,%r10
-	neg	%r10
-	and	\$0x3c0,%r10
-	sub	%r10,%rbp
-
-	xchg	%rsp,%rbp
-.cfi_def_cfa_register	%rbp
-	#add	\$8,%rsp	# reserve for return address!
-	mov	%rbp,$_rsp	# save %rsp
-.cfi_cfa_expression	$_rsp,deref,+64
-.Lcbc_slow_body:
-	#mov	%rdi,$_inp	# save copy of inp
-	#mov	%rsi,$_out	# save copy of out
-	#mov	%rdx,$_len	# save copy of len
-	#mov	%rcx,$_key	# save copy of key
-	mov	%r8,$_ivp	# save copy of ivp
-	mov	%r8,%rbp	# rearrange input arguments
-	mov	%r9,%rbx
-	mov	%rsi,$out
-	mov	%rdi,$inp
-	mov	%rcx,$key
-	mov	%rdx,%r10
-
-	mov	240($key),%eax
-	mov	$key,$keyp	# save key pointer
-	shl	\$4,%eax
-	lea	($key,%rax),%rax
-	mov	%rax,$keyend
-
-	# pick Te4 copy which can't "overlap" with stack frame or key schedule
-	lea	2048($sbox),$sbox
-	lea	768-8(%rsp),%rax
-	sub	$sbox,%rax
-	and	\$0x300,%rax
-	lea	($sbox,%rax),$sbox
-
-	cmp	\$0,%rbx
-	je	.LSLOW_DECRYPT
-
-#--------------------------- SLOW ENCRYPT ---------------------------#
-	test	\$-16,%r10		# check upon length
-	mov	0(%rbp),$s0		# load iv
-	mov	4(%rbp),$s1
-	mov	8(%rbp),$s2
-	mov	12(%rbp),$s3
-	jz	.Lcbc_slow_enc_tail	# short input...
-
-.align	4
-.Lcbc_slow_enc_loop:
-		xor	0($inp),$s0
-		xor	4($inp),$s1
-		xor	8($inp),$s2
-		xor	12($inp),$s3
-		mov	$keyp,$key	# restore key
-		mov	$inp,$_inp	# save inp
-		mov	$out,$_out	# save out
-		mov	%r10,$_len	# save len
-
-		call	_x86_64_AES_encrypt_compact
-
-		mov	$_inp,$inp	# restore inp
-		mov	$_out,$out	# restore out
-		mov	$_len,%r10	# restore len
-		mov	$s0,0($out)
-		mov	$s1,4($out)
-		mov	$s2,8($out)
-		mov	$s3,12($out)
-
-		lea	16($inp),$inp
-		lea	16($out),$out
-		sub	\$16,%r10
-		test	\$-16,%r10
-	jnz	.Lcbc_slow_enc_loop
-	test	\$15,%r10
-	jnz	.Lcbc_slow_enc_tail
-	mov	$_ivp,%rbp	# restore ivp
-	mov	$s0,0(%rbp)	# save ivec
-	mov	$s1,4(%rbp)
-	mov	$s2,8(%rbp)
-	mov	$s3,12(%rbp)
-
-	jmp	.Lcbc_exit
-
-.align	4
-.Lcbc_slow_enc_tail:
-	mov	%rax,%r11
-	mov	%rcx,%r12
-	mov	%r10,%rcx
-	mov	$inp,%rsi
-	mov	$out,%rdi
-	.long	0x9066A4F3		# rep movsb
-	mov	\$16,%rcx		# zero tail
-	sub	%r10,%rcx
-	xor	%rax,%rax
-	.long	0x9066AAF3		# rep stosb
-	mov	$out,$inp		# this is not a mistake!
-	mov	\$16,%r10		# len=16
-	mov	%r11,%rax
-	mov	%r12,%rcx
-	jmp	.Lcbc_slow_enc_loop	# one more spin...
-#--------------------------- SLOW DECRYPT ---------------------------#
-.align	16
-.LSLOW_DECRYPT:
-	shr	\$3,%rax
-	add	%rax,$sbox		# recall "magic" constants!
-
-	mov	0(%rbp),%r11		# copy iv to stack
-	mov	8(%rbp),%r12
-	mov	%r11,0+$ivec
-	mov	%r12,8+$ivec
-
-.align	4
-.Lcbc_slow_dec_loop:
-		mov	0($inp),$s0	# load input
-		mov	4($inp),$s1
-		mov	8($inp),$s2
-		mov	12($inp),$s3
-		mov	$keyp,$key	# restore key
-		mov	$inp,$_inp	# save inp
-		mov	$out,$_out	# save out
-		mov	%r10,$_len	# save len
-
-		call	_x86_64_AES_decrypt_compact
-
-		mov	$_inp,$inp	# restore inp
-		mov	$_out,$out	# restore out
-		mov	$_len,%r10
-		xor	0+$ivec,$s0
-		xor	4+$ivec,$s1
-		xor	8+$ivec,$s2
-		xor	12+$ivec,$s3
-
-		mov	0($inp),%r11	# load input
-		mov	8($inp),%r12
-		sub	\$16,%r10
-		jc	.Lcbc_slow_dec_partial
-		jz	.Lcbc_slow_dec_done
-
-		mov	%r11,0+$ivec	# copy input to iv
-		mov	%r12,8+$ivec
-
-		mov	$s0,0($out)	# save output [can zap input]
-		mov	$s1,4($out)
-		mov	$s2,8($out)
-		mov	$s3,12($out)
-
-		lea	16($inp),$inp
-		lea	16($out),$out
-	jmp	.Lcbc_slow_dec_loop
-.Lcbc_slow_dec_done:
-	mov	$_ivp,%rdi
-	mov	%r11,0(%rdi)		# copy iv back to user
-	mov	%r12,8(%rdi)
-
-	mov	$s0,0($out)		# save output [can zap input]
-	mov	$s1,4($out)
-	mov	$s2,8($out)
-	mov	$s3,12($out)
-
-	jmp	.Lcbc_exit
-
-.align	4
-.Lcbc_slow_dec_partial:
-	mov	$_ivp,%rdi
-	mov	%r11,0(%rdi)		# copy iv back to user
-	mov	%r12,8(%rdi)
-
-	mov	$s0,0+$ivec		# save output to stack
-	mov	$s1,4+$ivec
-	mov	$s2,8+$ivec
-	mov	$s3,12+$ivec
-
-	mov	$out,%rdi
-	lea	$ivec,%rsi
-	lea	16(%r10),%rcx
-	.long	0x9066A4F3	# rep movsb
-	jmp	.Lcbc_exit
-
-.align	16
-.Lcbc_exit:
-	mov	$_rsp,%rsi
-.cfi_def_cfa	%rsi,64
-	mov	(%rsi),%r15
-.cfi_restore	%r15
-	mov	8(%rsi),%r14
-.cfi_restore	%r14
-	mov	16(%rsi),%r13
-.cfi_restore	%r13
-	mov	24(%rsi),%r12
-.cfi_restore	%r12
-	mov	32(%rsi),%rbp
-.cfi_restore	%rbp
-	mov	40(%rsi),%rbx
-.cfi_restore	%rbx
-	lea	48(%rsi),%rsp
-.cfi_def_cfa	%rsp,16
-.Lcbc_popfq:
-	popfq
-# This could be .cfi_pop 49, but libunwind fails on registers it does not
-# recognize. See https://bugzilla.redhat.com/show_bug.cgi?id=217087.
-.cfi_adjust_cfa_offset	-8
-.Lcbc_epilogue:
-	ret
-.cfi_endproc
-.size	AES_cbc_encrypt,.-AES_cbc_encrypt
-___
-}
-
-$code.=<<___;
-.align	64
-.LAES_Te:
-___
-	&_data_word(0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6);
-	&_data_word(0x0df2f2ff, 0xbd6b6bd6, 0xb16f6fde, 0x54c5c591);
-	&_data_word(0x50303060, 0x03010102, 0xa96767ce, 0x7d2b2b56);
-	&_data_word(0x19fefee7, 0x62d7d7b5, 0xe6abab4d, 0x9a7676ec);
-	&_data_word(0x45caca8f, 0x9d82821f, 0x40c9c989, 0x877d7dfa);
-	&_data_word(0x15fafaef, 0xeb5959b2, 0xc947478e, 0x0bf0f0fb);
-	&_data_word(0xecadad41, 0x67d4d4b3, 0xfda2a25f, 0xeaafaf45);
-	&_data_word(0xbf9c9c23, 0xf7a4a453, 0x967272e4, 0x5bc0c09b);
-	&_data_word(0xc2b7b775, 0x1cfdfde1, 0xae93933d, 0x6a26264c);
-	&_data_word(0x5a36366c, 0x413f3f7e, 0x02f7f7f5, 0x4fcccc83);
-	&_data_word(0x5c343468, 0xf4a5a551, 0x34e5e5d1, 0x08f1f1f9);
-	&_data_word(0x937171e2, 0x73d8d8ab, 0x53313162, 0x3f15152a);
-	&_data_word(0x0c040408, 0x52c7c795, 0x65232346, 0x5ec3c39d);
-	&_data_word(0x28181830, 0xa1969637, 0x0f05050a, 0xb59a9a2f);
-	&_data_word(0x0907070e, 0x36121224, 0x9b80801b, 0x3de2e2df);
-	&_data_word(0x26ebebcd, 0x6927274e, 0xcdb2b27f, 0x9f7575ea);
-	&_data_word(0x1b090912, 0x9e83831d, 0x742c2c58, 0x2e1a1a34);
-	&_data_word(0x2d1b1b36, 0xb26e6edc, 0xee5a5ab4, 0xfba0a05b);
-	&_data_word(0xf65252a4, 0x4d3b3b76, 0x61d6d6b7, 0xceb3b37d);
-	&_data_word(0x7b292952, 0x3ee3e3dd, 0x712f2f5e, 0x97848413);
-	&_data_word(0xf55353a6, 0x68d1d1b9, 0x00000000, 0x2cededc1);
-	&_data_word(0x60202040, 0x1ffcfce3, 0xc8b1b179, 0xed5b5bb6);
-	&_data_word(0xbe6a6ad4, 0x46cbcb8d, 0xd9bebe67, 0x4b393972);
-	&_data_word(0xde4a4a94, 0xd44c4c98, 0xe85858b0, 0x4acfcf85);
-	&_data_word(0x6bd0d0bb, 0x2aefefc5, 0xe5aaaa4f, 0x16fbfbed);
-	&_data_word(0xc5434386, 0xd74d4d9a, 0x55333366, 0x94858511);
-	&_data_word(0xcf45458a, 0x10f9f9e9, 0x06020204, 0x817f7ffe);
-	&_data_word(0xf05050a0, 0x443c3c78, 0xba9f9f25, 0xe3a8a84b);
-	&_data_word(0xf35151a2, 0xfea3a35d, 0xc0404080, 0x8a8f8f05);
-	&_data_word(0xad92923f, 0xbc9d9d21, 0x48383870, 0x04f5f5f1);
-	&_data_word(0xdfbcbc63, 0xc1b6b677, 0x75dadaaf, 0x63212142);
-	&_data_word(0x30101020, 0x1affffe5, 0x0ef3f3fd, 0x6dd2d2bf);
-	&_data_word(0x4ccdcd81, 0x140c0c18, 0x35131326, 0x2fececc3);
-	&_data_word(0xe15f5fbe, 0xa2979735, 0xcc444488, 0x3917172e);
-	&_data_word(0x57c4c493, 0xf2a7a755, 0x827e7efc, 0x473d3d7a);
-	&_data_word(0xac6464c8, 0xe75d5dba, 0x2b191932, 0x957373e6);
-	&_data_word(0xa06060c0, 0x98818119, 0xd14f4f9e, 0x7fdcdca3);
-	&_data_word(0x66222244, 0x7e2a2a54, 0xab90903b, 0x8388880b);
-	&_data_word(0xca46468c, 0x29eeeec7, 0xd3b8b86b, 0x3c141428);
-	&_data_word(0x79dedea7, 0xe25e5ebc, 0x1d0b0b16, 0x76dbdbad);
-	&_data_word(0x3be0e0db, 0x56323264, 0x4e3a3a74, 0x1e0a0a14);
-	&_data_word(0xdb494992, 0x0a06060c, 0x6c242448, 0xe45c5cb8);
-	&_data_word(0x5dc2c29f, 0x6ed3d3bd, 0xefacac43, 0xa66262c4);
-	&_data_word(0xa8919139, 0xa4959531, 0x37e4e4d3, 0x8b7979f2);
-	&_data_word(0x32e7e7d5, 0x43c8c88b, 0x5937376e, 0xb76d6dda);
-	&_data_word(0x8c8d8d01, 0x64d5d5b1, 0xd24e4e9c, 0xe0a9a949);
-	&_data_word(0xb46c6cd8, 0xfa5656ac, 0x07f4f4f3, 0x25eaeacf);
-	&_data_word(0xaf6565ca, 0x8e7a7af4, 0xe9aeae47, 0x18080810);
-	&_data_word(0xd5baba6f, 0x887878f0, 0x6f25254a, 0x722e2e5c);
-	&_data_word(0x241c1c38, 0xf1a6a657, 0xc7b4b473, 0x51c6c697);
-	&_data_word(0x23e8e8cb, 0x7cdddda1, 0x9c7474e8, 0x211f1f3e);
-	&_data_word(0xdd4b4b96, 0xdcbdbd61, 0x868b8b0d, 0x858a8a0f);
-	&_data_word(0x907070e0, 0x423e3e7c, 0xc4b5b571, 0xaa6666cc);
-	&_data_word(0xd8484890, 0x05030306, 0x01f6f6f7, 0x120e0e1c);
-	&_data_word(0xa36161c2, 0x5f35356a, 0xf95757ae, 0xd0b9b969);
-	&_data_word(0x91868617, 0x58c1c199, 0x271d1d3a, 0xb99e9e27);
-	&_data_word(0x38e1e1d9, 0x13f8f8eb, 0xb398982b, 0x33111122);
-	&_data_word(0xbb6969d2, 0x70d9d9a9, 0x898e8e07, 0xa7949433);
-	&_data_word(0xb69b9b2d, 0x221e1e3c, 0x92878715, 0x20e9e9c9);
-	&_data_word(0x49cece87, 0xff5555aa, 0x78282850, 0x7adfdfa5);
-	&_data_word(0x8f8c8c03, 0xf8a1a159, 0x80898909, 0x170d0d1a);
-	&_data_word(0xdabfbf65, 0x31e6e6d7, 0xc6424284, 0xb86868d0);
-	&_data_word(0xc3414182, 0xb0999929, 0x772d2d5a, 0x110f0f1e);
-	&_data_word(0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, 0x3a16162c);
-
-#Te4	# four copies of Te4 to choose from to avoid L1 aliasing
-	&data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
-	&data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
-	&data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
-	&data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
-	&data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
-	&data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
-	&data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
-	&data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
-	&data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
-	&data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
-	&data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
-	&data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
-	&data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
-	&data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
-	&data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
-	&data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
-	&data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
-	&data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
-	&data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
-	&data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
-	&data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
-	&data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
-	&data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
-	&data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
-	&data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
-	&data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
-	&data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
-	&data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
-	&data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
-	&data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
-	&data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
-	&data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
-
-	&data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
-	&data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
-	&data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
-	&data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
-	&data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
-	&data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
-	&data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
-	&data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
-	&data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
-	&data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
-	&data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
-	&data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
-	&data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
-	&data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
-	&data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
-	&data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
-	&data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
-	&data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
-	&data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
-	&data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
-	&data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
-	&data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
-	&data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
-	&data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
-	&data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
-	&data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
-	&data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
-	&data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
-	&data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
-	&data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
-	&data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
-	&data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
-
-	&data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
-	&data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
-	&data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
-	&data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
-	&data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
-	&data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
-	&data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
-	&data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
-	&data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
-	&data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
-	&data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
-	&data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
-	&data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
-	&data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
-	&data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
-	&data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
-	&data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
-	&data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
-	&data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
-	&data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
-	&data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
-	&data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
-	&data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
-	&data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
-	&data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
-	&data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
-	&data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
-	&data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
-	&data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
-	&data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
-	&data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
-	&data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
-
-	&data_byte(0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5);
-	&data_byte(0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76);
-	&data_byte(0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0);
-	&data_byte(0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0);
-	&data_byte(0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc);
-	&data_byte(0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15);
-	&data_byte(0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a);
-	&data_byte(0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75);
-	&data_byte(0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0);
-	&data_byte(0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84);
-	&data_byte(0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b);
-	&data_byte(0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf);
-	&data_byte(0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85);
-	&data_byte(0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8);
-	&data_byte(0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5);
-	&data_byte(0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2);
-	&data_byte(0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17);
-	&data_byte(0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73);
-	&data_byte(0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88);
-	&data_byte(0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb);
-	&data_byte(0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c);
-	&data_byte(0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79);
-	&data_byte(0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9);
-	&data_byte(0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08);
-	&data_byte(0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6);
-	&data_byte(0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a);
-	&data_byte(0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e);
-	&data_byte(0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e);
-	&data_byte(0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94);
-	&data_byte(0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf);
-	&data_byte(0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68);
-	&data_byte(0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16);
-#rcon:
-$code.=<<___;
-	.long	0x00000001, 0x00000002, 0x00000004, 0x00000008
-	.long	0x00000010, 0x00000020, 0x00000040, 0x00000080
-	.long	0x0000001b, 0x00000036, 0x80808080, 0x80808080
-	.long	0xfefefefe, 0xfefefefe, 0x1b1b1b1b, 0x1b1b1b1b
-___
-$code.=<<___;
-.align	64
-.LAES_Td:
-___
-	&_data_word(0x50a7f451, 0x5365417e, 0xc3a4171a, 0x965e273a);
-	&_data_word(0xcb6bab3b, 0xf1459d1f, 0xab58faac, 0x9303e34b);
-	&_data_word(0x55fa3020, 0xf66d76ad, 0x9176cc88, 0x254c02f5);
-	&_data_word(0xfcd7e54f, 0xd7cb2ac5, 0x80443526, 0x8fa362b5);
-	&_data_word(0x495ab1de, 0x671bba25, 0x980eea45, 0xe1c0fe5d);
-	&_data_word(0x02752fc3, 0x12f04c81, 0xa397468d, 0xc6f9d36b);
-	&_data_word(0xe75f8f03, 0x959c9215, 0xeb7a6dbf, 0xda595295);
-	&_data_word(0x2d83bed4, 0xd3217458, 0x2969e049, 0x44c8c98e);
-	&_data_word(0x6a89c275, 0x78798ef4, 0x6b3e5899, 0xdd71b927);
-	&_data_word(0xb64fe1be, 0x17ad88f0, 0x66ac20c9, 0xb43ace7d);
-	&_data_word(0x184adf63, 0x82311ae5, 0x60335197, 0x457f5362);
-	&_data_word(0xe07764b1, 0x84ae6bbb, 0x1ca081fe, 0x942b08f9);
-	&_data_word(0x58684870, 0x19fd458f, 0x876cde94, 0xb7f87b52);
-	&_data_word(0x23d373ab, 0xe2024b72, 0x578f1fe3, 0x2aab5566);
-	&_data_word(0x0728ebb2, 0x03c2b52f, 0x9a7bc586, 0xa50837d3);
-	&_data_word(0xf2872830, 0xb2a5bf23, 0xba6a0302, 0x5c8216ed);
-	&_data_word(0x2b1ccf8a, 0x92b479a7, 0xf0f207f3, 0xa1e2694e);
-	&_data_word(0xcdf4da65, 0xd5be0506, 0x1f6234d1, 0x8afea6c4);
-	&_data_word(0x9d532e34, 0xa055f3a2, 0x32e18a05, 0x75ebf6a4);
-	&_data_word(0x39ec830b, 0xaaef6040, 0x069f715e, 0x51106ebd);
-	&_data_word(0xf98a213e, 0x3d06dd96, 0xae053edd, 0x46bde64d);
-	&_data_word(0xb58d5491, 0x055dc471, 0x6fd40604, 0xff155060);
-	&_data_word(0x24fb9819, 0x97e9bdd6, 0xcc434089, 0x779ed967);
-	&_data_word(0xbd42e8b0, 0x888b8907, 0x385b19e7, 0xdbeec879);
-	&_data_word(0x470a7ca1, 0xe90f427c, 0xc91e84f8, 0x00000000);
-	&_data_word(0x83868009, 0x48ed2b32, 0xac70111e, 0x4e725a6c);
-	&_data_word(0xfbff0efd, 0x5638850f, 0x1ed5ae3d, 0x27392d36);
-	&_data_word(0x64d90f0a, 0x21a65c68, 0xd1545b9b, 0x3a2e3624);
-	&_data_word(0xb1670a0c, 0x0fe75793, 0xd296eeb4, 0x9e919b1b);
-	&_data_word(0x4fc5c080, 0xa220dc61, 0x694b775a, 0x161a121c);
-	&_data_word(0x0aba93e2, 0xe52aa0c0, 0x43e0223c, 0x1d171b12);
-	&_data_word(0x0b0d090e, 0xadc78bf2, 0xb9a8b62d, 0xc8a91e14);
-	&_data_word(0x8519f157, 0x4c0775af, 0xbbdd99ee, 0xfd607fa3);
-	&_data_word(0x9f2601f7, 0xbcf5725c, 0xc53b6644, 0x347efb5b);
-	&_data_word(0x7629438b, 0xdcc623cb, 0x68fcedb6, 0x63f1e4b8);
-	&_data_word(0xcadc31d7, 0x10856342, 0x40229713, 0x2011c684);
-	&_data_word(0x7d244a85, 0xf83dbbd2, 0x1132f9ae, 0x6da129c7);
-	&_data_word(0x4b2f9e1d, 0xf330b2dc, 0xec52860d, 0xd0e3c177);
-	&_data_word(0x6c16b32b, 0x99b970a9, 0xfa489411, 0x2264e947);
-	&_data_word(0xc48cfca8, 0x1a3ff0a0, 0xd82c7d56, 0xef903322);
-	&_data_word(0xc74e4987, 0xc1d138d9, 0xfea2ca8c, 0x360bd498);
-	&_data_word(0xcf81f5a6, 0x28de7aa5, 0x268eb7da, 0xa4bfad3f);
-	&_data_word(0xe49d3a2c, 0x0d927850, 0x9bcc5f6a, 0x62467e54);
-	&_data_word(0xc2138df6, 0xe8b8d890, 0x5ef7392e, 0xf5afc382);
-	&_data_word(0xbe805d9f, 0x7c93d069, 0xa92dd56f, 0xb31225cf);
-	&_data_word(0x3b99acc8, 0xa77d1810, 0x6e639ce8, 0x7bbb3bdb);
-	&_data_word(0x097826cd, 0xf418596e, 0x01b79aec, 0xa89a4f83);
-	&_data_word(0x656e95e6, 0x7ee6ffaa, 0x08cfbc21, 0xe6e815ef);
-	&_data_word(0xd99be7ba, 0xce366f4a, 0xd4099fea, 0xd67cb029);
-	&_data_word(0xafb2a431, 0x31233f2a, 0x3094a5c6, 0xc066a235);
-	&_data_word(0x37bc4e74, 0xa6ca82fc, 0xb0d090e0, 0x15d8a733);
-	&_data_word(0x4a9804f1, 0xf7daec41, 0x0e50cd7f, 0x2ff69117);
-	&_data_word(0x8dd64d76, 0x4db0ef43, 0x544daacc, 0xdf0496e4);
-	&_data_word(0xe3b5d19e, 0x1b886a4c, 0xb81f2cc1, 0x7f516546);
-	&_data_word(0x04ea5e9d, 0x5d358c01, 0x737487fa, 0x2e410bfb);
-	&_data_word(0x5a1d67b3, 0x52d2db92, 0x335610e9, 0x1347d66d);
-	&_data_word(0x8c61d79a, 0x7a0ca137, 0x8e14f859, 0x893c13eb);
-	&_data_word(0xee27a9ce, 0x35c961b7, 0xede51ce1, 0x3cb1477a);
-	&_data_word(0x59dfd29c, 0x3f73f255, 0x79ce1418, 0xbf37c773);
-	&_data_word(0xeacdf753, 0x5baafd5f, 0x146f3ddf, 0x86db4478);
-	&_data_word(0x81f3afca, 0x3ec468b9, 0x2c342438, 0x5f40a3c2);
-	&_data_word(0x72c31d16, 0x0c25e2bc, 0x8b493c28, 0x41950dff);
-	&_data_word(0x7101a839, 0xdeb30c08, 0x9ce4b4d8, 0x90c15664);
-	&_data_word(0x6184cb7b, 0x70b632d5, 0x745c6c48, 0x4257b8d0);
-
-#Td4:	# four copies of Td4 to choose from to avoid L1 aliasing
-	&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
-	&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
-	&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
-	&data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
-	&data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
-	&data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
-	&data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
-	&data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
-	&data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
-	&data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
-	&data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
-	&data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
-	&data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
-	&data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
-	&data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
-	&data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
-	&data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
-	&data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
-	&data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
-	&data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
-	&data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
-	&data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
-	&data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
-	&data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
-	&data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
-	&data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
-	&data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
-	&data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
-	&data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
-	&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
-	&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
-	&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
-$code.=<<___;
-	.long	0x80808080, 0x80808080, 0xfefefefe, 0xfefefefe
-	.long	0x1b1b1b1b, 0x1b1b1b1b, 0, 0
-___
-	&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
-	&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
-	&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
-	&data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
-	&data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
-	&data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
-	&data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
-	&data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
-	&data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
-	&data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
-	&data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
-	&data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
-	&data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
-	&data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
-	&data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
-	&data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
-	&data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
-	&data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
-	&data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
-	&data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
-	&data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
-	&data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
-	&data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
-	&data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
-	&data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
-	&data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
-	&data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
-	&data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
-	&data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
-	&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
-	&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
-	&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
-$code.=<<___;
-	.long	0x80808080, 0x80808080, 0xfefefefe, 0xfefefefe
-	.long	0x1b1b1b1b, 0x1b1b1b1b, 0, 0
-___
-	&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
-	&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
-	&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
-	&data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
-	&data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
-	&data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
-	&data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
-	&data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
-	&data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
-	&data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
-	&data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
-	&data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
-	&data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
-	&data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
-	&data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
-	&data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
-	&data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
-	&data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
-	&data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
-	&data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
-	&data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
-	&data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
-	&data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
-	&data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
-	&data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
-	&data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
-	&data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
-	&data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
-	&data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
-	&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
-	&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
-	&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
-$code.=<<___;
-	.long	0x80808080, 0x80808080, 0xfefefefe, 0xfefefefe
-	.long	0x1b1b1b1b, 0x1b1b1b1b, 0, 0
-___
-	&data_byte(0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38);
-	&data_byte(0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb);
-	&data_byte(0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87);
-	&data_byte(0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb);
-	&data_byte(0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d);
-	&data_byte(0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e);
-	&data_byte(0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2);
-	&data_byte(0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25);
-	&data_byte(0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16);
-	&data_byte(0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92);
-	&data_byte(0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda);
-	&data_byte(0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84);
-	&data_byte(0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a);
-	&data_byte(0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06);
-	&data_byte(0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02);
-	&data_byte(0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b);
-	&data_byte(0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea);
-	&data_byte(0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73);
-	&data_byte(0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85);
-	&data_byte(0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e);
-	&data_byte(0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89);
-	&data_byte(0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b);
-	&data_byte(0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20);
-	&data_byte(0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4);
-	&data_byte(0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31);
-	&data_byte(0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f);
-	&data_byte(0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d);
-	&data_byte(0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef);
-	&data_byte(0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0);
-	&data_byte(0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61);
-	&data_byte(0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26);
-	&data_byte(0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d);
-$code.=<<___;
-	.long	0x80808080, 0x80808080, 0xfefefefe, 0xfefefefe
-	.long	0x1b1b1b1b, 0x1b1b1b1b, 0, 0
-.asciz  "AES for x86_64, CRYPTOGAMS by <appro\@openssl.org>"
-.align	64
-___
-
-# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
-#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
-if ($win64) {
-$rec="%rcx";
-$frame="%rdx";
-$context="%r8";
-$disp="%r9";
-
-$code.=<<___;
-.extern	__imp_RtlVirtualUnwind
-.type	block_se_handler,\@abi-omnipotent
-.align	16
-block_se_handler:
-	push	%rsi
-	push	%rdi
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-	pushfq
-	sub	\$64,%rsp
-
-	mov	120($context),%rax	# pull context->Rax
-	mov	248($context),%rbx	# pull context->Rip
-
-	mov	8($disp),%rsi		# disp->ImageBase
-	mov	56($disp),%r11		# disp->HandlerData
-
-	mov	0(%r11),%r10d		# HandlerData[0]
-	lea	(%rsi,%r10),%r10	# prologue label
-	cmp	%r10,%rbx		# context->Rip<prologue label
-	jb	.Lin_block_prologue
-
-	mov	152($context),%rax	# pull context->Rsp
-
-	mov	4(%r11),%r10d		# HandlerData[1]
-	lea	(%rsi,%r10),%r10	# epilogue label
-	cmp	%r10,%rbx		# context->Rip>=epilogue label
-	jae	.Lin_block_prologue
-
-	mov	24(%rax),%rax		# pull saved real stack pointer
-
-	mov	-8(%rax),%rbx
-	mov	-16(%rax),%rbp
-	mov	-24(%rax),%r12
-	mov	-32(%rax),%r13
-	mov	-40(%rax),%r14
-	mov	-48(%rax),%r15
-	mov	%rbx,144($context)	# restore context->Rbx
-	mov	%rbp,160($context)	# restore context->Rbp
-	mov	%r12,216($context)	# restore context->R12
-	mov	%r13,224($context)	# restore context->R13
-	mov	%r14,232($context)	# restore context->R14
-	mov	%r15,240($context)	# restore context->R15
-
-.Lin_block_prologue:
-	mov	8(%rax),%rdi
-	mov	16(%rax),%rsi
-	mov	%rax,152($context)	# restore context->Rsp
-	mov	%rsi,168($context)	# restore context->Rsi
-	mov	%rdi,176($context)	# restore context->Rdi
-
-	jmp	.Lcommon_seh_exit
-.size	block_se_handler,.-block_se_handler
-
-.type	key_se_handler,\@abi-omnipotent
-.align	16
-key_se_handler:
-	push	%rsi
-	push	%rdi
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-	pushfq
-	sub	\$64,%rsp
-
-	mov	120($context),%rax	# pull context->Rax
-	mov	248($context),%rbx	# pull context->Rip
-
-	mov	8($disp),%rsi		# disp->ImageBase
-	mov	56($disp),%r11		# disp->HandlerData
-
-	mov	0(%r11),%r10d		# HandlerData[0]
-	lea	(%rsi,%r10),%r10	# prologue label
-	cmp	%r10,%rbx		# context->Rip<prologue label
-	jb	.Lin_key_prologue
-
-	mov	152($context),%rax	# pull context->Rsp
-
-	mov	4(%r11),%r10d		# HandlerData[1]
-	lea	(%rsi,%r10),%r10	# epilogue label
-	cmp	%r10,%rbx		# context->Rip>=epilogue label
-	jae	.Lin_key_prologue
-
-	lea	56(%rax),%rax
-
-	mov	-8(%rax),%rbx
-	mov	-16(%rax),%rbp
-	mov	-24(%rax),%r12
-	mov	-32(%rax),%r13
-	mov	-40(%rax),%r14
-	mov	-48(%rax),%r15
-	mov	%rbx,144($context)	# restore context->Rbx
-	mov	%rbp,160($context)	# restore context->Rbp
-	mov	%r12,216($context)	# restore context->R12
-	mov	%r13,224($context)	# restore context->R13
-	mov	%r14,232($context)	# restore context->R14
-	mov	%r15,240($context)	# restore context->R15
-
-.Lin_key_prologue:
-	mov	8(%rax),%rdi
-	mov	16(%rax),%rsi
-	mov	%rax,152($context)	# restore context->Rsp
-	mov	%rsi,168($context)	# restore context->Rsi
-	mov	%rdi,176($context)	# restore context->Rdi
-
-	jmp	.Lcommon_seh_exit
-.size	key_se_handler,.-key_se_handler
-
-.type	cbc_se_handler,\@abi-omnipotent
-.align	16
-cbc_se_handler:
-	push	%rsi
-	push	%rdi
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-	pushfq
-	sub	\$64,%rsp
-
-	mov	120($context),%rax	# pull context->Rax
-	mov	248($context),%rbx	# pull context->Rip
-
-	lea	.Lcbc_prologue(%rip),%r10
-	cmp	%r10,%rbx		# context->Rip<.Lcbc_prologue
-	jb	.Lin_cbc_prologue
-
-	lea	.Lcbc_fast_body(%rip),%r10
-	cmp	%r10,%rbx		# context->Rip<.Lcbc_fast_body
-	jb	.Lin_cbc_frame_setup
-
-	lea	.Lcbc_slow_prologue(%rip),%r10
-	cmp	%r10,%rbx		# context->Rip<.Lcbc_slow_prologue
-	jb	.Lin_cbc_body
-
-	lea	.Lcbc_slow_body(%rip),%r10
-	cmp	%r10,%rbx		# context->Rip<.Lcbc_slow_body
-	jb	.Lin_cbc_frame_setup
-
-.Lin_cbc_body:
-	mov	152($context),%rax	# pull context->Rsp
-
-	lea	.Lcbc_epilogue(%rip),%r10
-	cmp	%r10,%rbx		# context->Rip>=.Lcbc_epilogue
-	jae	.Lin_cbc_prologue
-
-	lea	8(%rax),%rax
-
-	lea	.Lcbc_popfq(%rip),%r10
-	cmp	%r10,%rbx		# context->Rip>=.Lcbc_popfq
-	jae	.Lin_cbc_prologue
-
-	mov	`16-8`(%rax),%rax	# biased $_rsp
-	lea	56(%rax),%rax
-
-.Lin_cbc_frame_setup:
-	mov	-16(%rax),%rbx
-	mov	-24(%rax),%rbp
-	mov	-32(%rax),%r12
-	mov	-40(%rax),%r13
-	mov	-48(%rax),%r14
-	mov	-56(%rax),%r15
-	mov	%rbx,144($context)	# restore context->Rbx
-	mov	%rbp,160($context)	# restore context->Rbp
-	mov	%r12,216($context)	# restore context->R12
-	mov	%r13,224($context)	# restore context->R13
-	mov	%r14,232($context)	# restore context->R14
-	mov	%r15,240($context)	# restore context->R15
-
-.Lin_cbc_prologue:
-	mov	8(%rax),%rdi
-	mov	16(%rax),%rsi
-	mov	%rax,152($context)	# restore context->Rsp
-	mov	%rsi,168($context)	# restore context->Rsi
-	mov	%rdi,176($context)	# restore context->Rdi
-
-.Lcommon_seh_exit:
-
-	mov	40($disp),%rdi		# disp->ContextRecord
-	mov	$context,%rsi		# context
-	mov	\$`1232/8`,%ecx		# sizeof(CONTEXT)
-	.long	0xa548f3fc		# cld; rep movsq
-
-	mov	$disp,%rsi
-	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
-	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
-	mov	0(%rsi),%r8		# arg3, disp->ControlPc
-	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
-	mov	40(%rsi),%r10		# disp->ContextRecord
-	lea	56(%rsi),%r11		# &disp->HandlerData
-	lea	24(%rsi),%r12		# &disp->EstablisherFrame
-	mov	%r10,32(%rsp)		# arg5
-	mov	%r11,40(%rsp)		# arg6
-	mov	%r12,48(%rsp)		# arg7
-	mov	%rcx,56(%rsp)		# arg8, (NULL)
-	call	*__imp_RtlVirtualUnwind(%rip)
-
-	mov	\$1,%eax		# ExceptionContinueSearch
-	add	\$64,%rsp
-	popfq
-	pop	%r15
-	pop	%r14
-	pop	%r13
-	pop	%r12
-	pop	%rbp
-	pop	%rbx
-	pop	%rdi
-	pop	%rsi
-	ret
-.size	cbc_se_handler,.-cbc_se_handler
-
-.section	.pdata
-.align	4
-	.rva	.LSEH_begin_AES_encrypt
-	.rva	.LSEH_end_AES_encrypt
-	.rva	.LSEH_info_AES_encrypt
-
-	.rva	.LSEH_begin_AES_decrypt
-	.rva	.LSEH_end_AES_decrypt
-	.rva	.LSEH_info_AES_decrypt
-
-	.rva	.LSEH_begin_AES_set_encrypt_key
-	.rva	.LSEH_end_AES_set_encrypt_key
-	.rva	.LSEH_info_AES_set_encrypt_key
-
-	.rva	.LSEH_begin_AES_set_decrypt_key
-	.rva	.LSEH_end_AES_set_decrypt_key
-	.rva	.LSEH_info_AES_set_decrypt_key
-
-	.rva	.LSEH_begin_AES_cbc_encrypt
-	.rva	.LSEH_end_AES_cbc_encrypt
-	.rva	.LSEH_info_AES_cbc_encrypt
-
-.section	.xdata
-.align	8
-.LSEH_info_AES_encrypt:
-	.byte	9,0,0,0
-	.rva	block_se_handler
-	.rva	.Lenc_prologue,.Lenc_epilogue	# HandlerData[]
-.LSEH_info_AES_decrypt:
-	.byte	9,0,0,0
-	.rva	block_se_handler
-	.rva	.Ldec_prologue,.Ldec_epilogue	# HandlerData[]
-.LSEH_info_AES_set_encrypt_key:
-	.byte	9,0,0,0
-	.rva	key_se_handler
-	.rva	.Lenc_key_prologue,.Lenc_key_epilogue	# HandlerData[]
-.LSEH_info_AES_set_decrypt_key:
-	.byte	9,0,0,0
-	.rva	key_se_handler
-	.rva	.Ldec_key_prologue,.Ldec_key_epilogue	# HandlerData[]
-.LSEH_info_AES_cbc_encrypt:
-	.byte	9,0,0,0
-	.rva	cbc_se_handler
-___
-}
-
-$code =~ s/\`([^\`]*)\`/eval($1)/gem;
-
-print $code;
-
-close STDOUT;
diff --git a/deps/openssl/openssl/crypto/aes/asm/bsaes-x86_64.pl b/deps/openssl/openssl/crypto/aes/asm/bsaes-x86_64.pl
deleted file mode 100644
index e62342729e7fa5..00000000000000
--- a/deps/openssl/openssl/crypto/aes/asm/bsaes-x86_64.pl
+++ /dev/null
@@ -1,3239 +0,0 @@
-#! /usr/bin/env perl
-# Copyright 2011-2019 The OpenSSL Project Authors. All Rights Reserved.
-#
-# Licensed under the OpenSSL license (the "License").  You may not use
-# this file except in compliance with the License.  You can obtain a copy
-# in the file LICENSE in the source distribution or at
-# https://www.openssl.org/source/license.html
-
-
-###################################################################
-### AES-128 [originally in CTR mode]				###
-### bitsliced implementation for Intel Core 2 processors	###
-### requires support of SSE extensions up to SSSE3		###
-### Author: Emilia Käsper and Peter Schwabe			###
-### Date: 2009-03-19						###
-### Public domain						###
-###								###
-### See http://homes.esat.kuleuven.be/~ekasper/#software for	###
-### further information.					###
-###################################################################
-#
-# September 2011.
-#
-# Started as transliteration to "perlasm" the original code has
-# undergone following changes:
-#
-# - code was made position-independent;
-# - rounds were folded into a loop resulting in >5x size reduction
-#   from 12.5KB to 2.2KB;
-# - above was possibile thanks to mixcolumns() modification that
-#   allowed to feed its output back to aesenc[last], this was
-#   achieved at cost of two additional inter-registers moves;
-# - some instruction reordering and interleaving;
-# - this module doesn't implement key setup subroutine, instead it
-#   relies on conversion of "conventional" key schedule as returned
-#   by AES_set_encrypt_key (see discussion below);
-# - first and last round keys are treated differently, which allowed
-#   to skip one shiftrows(), reduce bit-sliced key schedule and
-#   speed-up conversion by 22%;
-# - support for 192- and 256-bit keys was added;
-#
-# Resulting performance in CPU cycles spent to encrypt one byte out
-# of 4096-byte buffer with 128-bit key is:
-#
-#		Emilia's	this(*)		difference
-#
-# Core 2    	9.30		8.69		+7%
-# Nehalem(**) 	7.63		6.88		+11%
-# Atom	    	17.1		16.4		+4%
-# Silvermont	-		12.9
-# Goldmont	-		8.85
-#
-# (*)	Comparison is not completely fair, because "this" is ECB,
-#	i.e. no extra processing such as counter values calculation
-#	and xor-ing input as in Emilia's CTR implementation is
-#	performed. However, the CTR calculations stand for not more
-#	than 1% of total time, so comparison is *rather* fair.
-#
-# (**)	Results were collected on Westmere, which is considered to
-#	be equivalent to Nehalem for this code.
-#
-# As for key schedule conversion subroutine. Interface to OpenSSL
-# relies on per-invocation on-the-fly conversion. This naturally
-# has impact on performance, especially for short inputs. Conversion
-# time in CPU cycles and its ratio to CPU cycles spent in 8x block
-# function is:
-#
-# 		conversion	conversion/8x block
-# Core 2	240		0.22
-# Nehalem	180		0.20
-# Atom		430		0.20
-#
-# The ratio values mean that 128-byte blocks will be processed
-# 16-18% slower, 256-byte blocks - 9-10%, 384-byte blocks - 6-7%,
-# etc. Then keep in mind that input sizes not divisible by 128 are
-# *effectively* slower, especially shortest ones, e.g. consecutive
-# 144-byte blocks are processed 44% slower than one would expect,
-# 272 - 29%, 400 - 22%, etc. Yet, despite all these "shortcomings"
-# it's still faster than ["hyper-threading-safe" code path in]
-# aes-x86_64.pl on all lengths above 64 bytes...
-#
-# October 2011.
-#
-# Add decryption procedure. Performance in CPU cycles spent to decrypt
-# one byte out of 4096-byte buffer with 128-bit key is:
-#
-# Core 2	9.98
-# Nehalem	7.80
-# Atom		17.9
-# Silvermont	14.0
-# Goldmont	10.2
-#
-# November 2011.
-#
-# Add bsaes_xts_[en|de]crypt. Less-than-80-bytes-block performance is
-# suboptimal, but XTS is meant to be used with larger blocks...
-#
-#						<appro@openssl.org>
-
-$flavour = shift;
-$output  = shift;
-if ($flavour =~ /\./) { $output = $flavour; undef $flavour; }
-
-$win64=0; $win64=1 if ($flavour =~ /[nm]asm|mingw64/ || $output =~ /\.asm$/);
-
-$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
-( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or
-( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
-die "can't locate x86_64-xlate.pl";
-
-open OUT,"| \"$^X\" \"$xlate\" $flavour \"$output\"";
-*STDOUT=*OUT;
-
-my ($inp,$out,$len,$key,$ivp)=("%rdi","%rsi","%rdx","%rcx");
-my @XMM=map("%xmm$_",(15,0..14));	# best on Atom, +10% over (0..15)
-my $ecb=0;	# suppress unreferenced ECB subroutines, spare some space...
-
-{
-my ($key,$rounds,$const)=("%rax","%r10d","%r11");
-
-sub Sbox {
-# input in  lsb > [b0, b1, b2, b3, b4, b5, b6, b7] < msb
-# output in lsb > [b0, b1, b4, b6, b3, b7, b2, b5] < msb
-my @b=@_[0..7];
-my @t=@_[8..11];
-my @s=@_[12..15];
-	&InBasisChange	(@b);
-	&Inv_GF256	(@b[6,5,0,3,7,1,4,2],@t,@s);
-	&OutBasisChange	(@b[7,1,4,2,6,5,0,3]);
-}
-
-sub InBasisChange {
-# input in  lsb > [b0, b1, b2, b3, b4, b5, b6, b7] < msb
-# output in lsb > [b6, b5, b0, b3, b7, b1, b4, b2] < msb
-my @b=@_[0..7];
-$code.=<<___;
-	pxor	@b[6], @b[5]
-	pxor	@b[1], @b[2]
-	pxor	@b[0], @b[3]
-	pxor	@b[2], @b[6]
-	pxor 	@b[0], @b[5]
-
-	pxor	@b[3], @b[6]
-	pxor	@b[7], @b[3]
-	pxor	@b[5], @b[7]
-	pxor	@b[4], @b[3]
-	pxor	@b[5], @b[4]
-	pxor	@b[1], @b[3]
-
-	pxor	@b[7], @b[2]
-	pxor	@b[5], @b[1]
-___
-}
-
-sub OutBasisChange {
-# input in  lsb > [b0, b1, b2, b3, b4, b5, b6, b7] < msb
-# output in lsb > [b6, b1, b2, b4, b7, b0, b3, b5] < msb
-my @b=@_[0..7];
-$code.=<<___;
-	pxor	@b[6], @b[0]
-	pxor	@b[4], @b[1]
-	pxor	@b[0], @b[2]
-	pxor	@b[6], @b[4]
-	pxor	@b[1], @b[6]
-
-	pxor	@b[5], @b[1]
-	pxor	@b[3], @b[5]
-	pxor	@b[7], @b[3]
-	pxor	@b[5], @b[7]
-	pxor	@b[5], @b[2]
-
-	pxor	@b[7], @b[4]
-___
-}
-
-sub InvSbox {
-# input in lsb 	> [b0, b1, b2, b3, b4, b5, b6, b7] < msb
-# output in lsb	> [b0, b1, b6, b4, b2, b7, b3, b5] < msb
-my @b=@_[0..7];
-my @t=@_[8..11];
-my @s=@_[12..15];
-	&InvInBasisChange	(@b);
-	&Inv_GF256		(@b[5,1,2,6,3,7,0,4],@t,@s);
-	&InvOutBasisChange	(@b[3,7,0,4,5,1,2,6]);
-}
-
-sub InvInBasisChange {		# OutBasisChange in reverse
-my @b=@_[5,1,2,6,3,7,0,4];
-$code.=<<___
-	pxor	@b[7], @b[4]
-
-	pxor	@b[5], @b[7]
-	pxor	@b[5], @b[2]
-	pxor	@b[7], @b[3]
-	pxor	@b[3], @b[5]
-	pxor	@b[5], @b[1]
-
-	pxor	@b[1], @b[6]
-	pxor	@b[0], @b[2]
-	pxor	@b[6], @b[4]
-	pxor	@b[6], @b[0]
-	pxor	@b[4], @b[1]
-___
-}
-
-sub InvOutBasisChange {		# InBasisChange in reverse
-my @b=@_[2,5,7,3,6,1,0,4];
-$code.=<<___;
-	pxor	@b[5], @b[1]
-	pxor	@b[7], @b[2]
-
-	pxor	@b[1], @b[3]
-	pxor	@b[5], @b[4]
-	pxor	@b[5], @b[7]
-	pxor	@b[4], @b[3]
-	 pxor 	@b[0], @b[5]
-	pxor	@b[7], @b[3]
-	 pxor	@b[2], @b[6]
-	 pxor	@b[1], @b[2]
-	pxor	@b[3], @b[6]
-
-	pxor	@b[0], @b[3]
-	pxor	@b[6], @b[5]
-___
-}
-
-sub Mul_GF4 {
-#;*************************************************************
-#;* Mul_GF4: Input x0-x1,y0-y1 Output x0-x1 Temp t0 (8) *
-#;*************************************************************
-my ($x0,$x1,$y0,$y1,$t0)=@_;
-$code.=<<___;
-	movdqa	$y0, $t0
-	pxor 	$y1, $t0
-	pand	$x0, $t0
-	pxor	$x1, $x0
-	pand	$y0, $x1
-	pand	$y1, $x0
-	pxor	$x1, $x0
-	pxor	$t0, $x1
-___
-}
-
-sub Mul_GF4_N {				# not used, see next subroutine
-# multiply and scale by N
-my ($x0,$x1,$y0,$y1,$t0)=@_;
-$code.=<<___;
-	movdqa	$y0, $t0
-	pxor	$y1, $t0
-	pand	$x0, $t0
-	pxor	$x1, $x0
-	pand	$y0, $x1
-	pand	$y1, $x0
-	pxor	$x0, $x1
-	pxor	$t0, $x0
-___
-}
-
-sub Mul_GF4_N_GF4 {
-# interleaved Mul_GF4_N and Mul_GF4
-my ($x0,$x1,$y0,$y1,$t0,
-    $x2,$x3,$y2,$y3,$t1)=@_;
-$code.=<<___;
-	movdqa	$y0, $t0
-	 movdqa	$y2, $t1
-	pxor	$y1, $t0
-	 pxor 	$y3, $t1
-	pand	$x0, $t0
-	 pand	$x2, $t1
-	pxor	$x1, $x0
-	 pxor	$x3, $x2
-	pand	$y0, $x1
-	 pand	$y2, $x3
-	pand	$y1, $x0
-	 pand	$y3, $x2
-	pxor	$x0, $x1
-	 pxor	$x3, $x2
-	pxor	$t0, $x0
-	 pxor	$t1, $x3
-___
-}
-sub Mul_GF16_2 {
-my @x=@_[0..7];
-my @y=@_[8..11];
-my @t=@_[12..15];
-$code.=<<___;
-	movdqa	@x[0], @t[0]
-	movdqa	@x[1], @t[1]
-___
-	&Mul_GF4  	(@x[0], @x[1], @y[0], @y[1], @t[2]);
-$code.=<<___;
-	pxor	@x[2], @t[0]
-	pxor	@x[3], @t[1]
-	pxor	@y[2], @y[0]
-	pxor	@y[3], @y[1]
-___
-	Mul_GF4_N_GF4	(@t[0], @t[1], @y[0], @y[1], @t[3],
-			 @x[2], @x[3], @y[2], @y[3], @t[2]);
-$code.=<<___;
-	pxor	@t[0], @x[0]
-	pxor	@t[0], @x[2]
-	pxor	@t[1], @x[1]
-	pxor	@t[1], @x[3]
-
-	movdqa	@x[4], @t[0]
-	movdqa	@x[5], @t[1]
-	pxor	@x[6], @t[0]
-	pxor	@x[7], @t[1]
-___
-	&Mul_GF4_N_GF4	(@t[0], @t[1], @y[0], @y[1], @t[3],
-			 @x[6], @x[7], @y[2], @y[3], @t[2]);
-$code.=<<___;
-	pxor	@y[2], @y[0]
-	pxor	@y[3], @y[1]
-___
-	&Mul_GF4  	(@x[4], @x[5], @y[0], @y[1], @t[3]);
-$code.=<<___;
-	pxor	@t[0], @x[4]
-	pxor	@t[0], @x[6]
-	pxor	@t[1], @x[5]
-	pxor	@t[1], @x[7]
-___
-}
-sub Inv_GF256 {
-#;********************************************************************
-#;* Inv_GF256: Input x0-x7 Output x0-x7 Temp t0-t3,s0-s3 (144)       *
-#;********************************************************************
-my @x=@_[0..7];
-my @t=@_[8..11];
-my @s=@_[12..15];
-# direct optimizations from hardware
-$code.=<<___;
-	movdqa	@x[4], @t[3]
-	movdqa	@x[5], @t[2]
-	movdqa	@x[1], @t[1]
-	movdqa	@x[7], @s[1]
-	movdqa	@x[0], @s[0]
-
-	pxor	@x[6], @t[3]
-	pxor	@x[7], @t[2]
-	pxor	@x[3], @t[1]
-	 movdqa	@t[3], @s[2]
-	pxor	@x[6], @s[1]
-	 movdqa	@t[2], @t[0]
-	pxor	@x[2], @s[0]
-	 movdqa	@t[3], @s[3]
-
-	por	@t[1], @t[2]
-	por	@s[0], @t[3]
-	pxor	@t[0], @s[3]
-	pand	@s[0], @s[2]
-	pxor	@t[1], @s[0]
-	pand	@t[1], @t[0]
-	pand	@s[0], @s[3]
-	movdqa	@x[3], @s[0]
-	pxor	@x[2], @s[0]
-	pand	@s[0], @s[1]
-	pxor	@s[1], @t[3]
-	pxor	@s[1], @t[2]
-	movdqa	@x[4], @s[1]
-	movdqa	@x[1], @s[0]
-	pxor	@x[5], @s[1]
-	pxor	@x[0], @s[0]
-	movdqa	@s[1], @t[1]
-	pand	@s[0], @s[1]
-	por	@s[0], @t[1]
-	pxor	@s[1], @t[0]
-	pxor	@s[3], @t[3]
-	pxor	@s[2], @t[2]
-	pxor	@s[3], @t[1]
-	movdqa	@x[7], @s[0]
-	pxor	@s[2], @t[0]
-	movdqa	@x[6], @s[1]
-	pxor	@s[2], @t[1]
-	movdqa	@x[5], @s[2]
-	pand	@x[3], @s[0]
-	movdqa	@x[4], @s[3]
-	pand	@x[2], @s[1]
-	pand	@x[1], @s[2]
-	por	@x[0], @s[3]
-	pxor	@s[0], @t[3]
-	pxor	@s[1], @t[2]
-	pxor	@s[2], @t[1]
-	pxor	@s[3], @t[0]
-
-	#Inv_GF16 \t0, \t1, \t2, \t3, \s0, \s1, \s2, \s3
-
-	# new smaller inversion
-
-	movdqa	@t[3], @s[0]
-	pand	@t[1], @t[3]
-	pxor	@t[2], @s[0]
-
-	movdqa	@t[0], @s[2]
-	movdqa	@s[0], @s[3]
-	pxor	@t[3], @s[2]
-	pand	@s[2], @s[3]
-
-	movdqa	@t[1], @s[1]
-	pxor	@t[2], @s[3]
-	pxor	@t[0], @s[1]
-
-	pxor	@t[2], @t[3]
-
-	pand	@t[3], @s[1]
-
-	movdqa	@s[2], @t[2]
-	pxor	@t[0], @s[1]
-
-	pxor	@s[1], @t[2]
-	pxor	@s[1], @t[1]
-
-	pand	@t[0], @t[2]
-
-	pxor	@t[2], @s[2]
-	pxor	@t[2], @t[1]
-
-	pand	@s[3], @s[2]
-
-	pxor	@s[0], @s[2]
-___
-# output in s3, s2, s1, t1
-
-# Mul_GF16_2 \x0, \x1, \x2, \x3, \x4, \x5, \x6, \x7, \t2, \t3, \t0, \t1, \s0, \s1, \s2, \s3
-
-# Mul_GF16_2 \x0, \x1, \x2, \x3, \x4, \x5, \x6, \x7, \s3, \s2, \s1, \t1, \s0, \t0, \t2, \t3
-	&Mul_GF16_2(@x,@s[3,2,1],@t[1],@s[0],@t[0,2,3]);
-
-### output msb > [x3,x2,x1,x0,x7,x6,x5,x4] < lsb
-}
-
-# AES linear components
-
-sub ShiftRows {
-my @x=@_[0..7];
-my $mask=pop;
-$code.=<<___;
-	pxor	0x00($key),@x[0]
-	pxor	0x10($key),@x[1]
-	pxor	0x20($key),@x[2]
-	pxor	0x30($key),@x[3]
-	pshufb	$mask,@x[0]
-	pshufb	$mask,@x[1]
-	pxor	0x40($key),@x[4]
-	pxor	0x50($key),@x[5]
-	pshufb	$mask,@x[2]
-	pshufb	$mask,@x[3]
-	pxor	0x60($key),@x[6]
-	pxor	0x70($key),@x[7]
-	pshufb	$mask,@x[4]
-	pshufb	$mask,@x[5]
-	pshufb	$mask,@x[6]
-	pshufb	$mask,@x[7]
-	lea	0x80($key),$key
-___
-}
-
-sub MixColumns {
-# modified to emit output in order suitable for feeding back to aesenc[last]
-my @x=@_[0..7];
-my @t=@_[8..15];
-my $inv=@_[16];	# optional
-$code.=<<___;
-	pshufd	\$0x93, @x[0], @t[0]	# x0 <<< 32
-	pshufd	\$0x93, @x[1], @t[1]
-	 pxor	@t[0], @x[0]		# x0 ^ (x0 <<< 32)
-	pshufd	\$0x93, @x[2], @t[2]
-	 pxor	@t[1], @x[1]
-	pshufd	\$0x93, @x[3], @t[3]
-	 pxor	@t[2], @x[2]
-	pshufd	\$0x93, @x[4], @t[4]
-	 pxor	@t[3], @x[3]
-	pshufd	\$0x93, @x[5], @t[5]
-	 pxor	@t[4], @x[4]
-	pshufd	\$0x93, @x[6], @t[6]
-	 pxor	@t[5], @x[5]
-	pshufd	\$0x93, @x[7], @t[7]
-	 pxor	@t[6], @x[6]
-	 pxor	@t[7], @x[7]
-
-	pxor	@x[0], @t[1]
-	pxor	@x[7], @t[0]
-	pxor	@x[7], @t[1]
-	 pshufd	\$0x4E, @x[0], @x[0] 	# (x0 ^ (x0 <<< 32)) <<< 64)
-	pxor	@x[1], @t[2]
-	 pshufd	\$0x4E, @x[1], @x[1]
-	pxor	@x[4], @t[5]
-	 pxor	@t[0], @x[0]
-	pxor	@x[5], @t[6]
-	 pxor	@t[1], @x[1]
-	pxor	@x[3], @t[4]
-	 pshufd	\$0x4E, @x[4], @t[0]
-	pxor	@x[6], @t[7]
-	 pshufd	\$0x4E, @x[5], @t[1]
-	pxor	@x[2], @t[3]
-	 pshufd	\$0x4E, @x[3], @x[4]
-	pxor	@x[7], @t[3]
-	 pshufd	\$0x4E, @x[7], @x[5]
-	pxor	@x[7], @t[4]
-	 pshufd	\$0x4E, @x[6], @x[3]
-	pxor	@t[4], @t[0]
-	 pshufd	\$0x4E, @x[2], @x[6]
-	pxor	@t[5], @t[1]
-___
-$code.=<<___ if (!$inv);
-	pxor	@t[3], @x[4]
-	pxor	@t[7], @x[5]
-	pxor	@t[6], @x[3]
-	 movdqa	@t[0], @x[2]
-	pxor	@t[2], @x[6]
-	 movdqa	@t[1], @x[7]
-___
-$code.=<<___ if ($inv);
-	pxor	@x[4], @t[3]
-	pxor	@t[7], @x[5]
-	pxor	@x[3], @t[6]
-	 movdqa	@t[0], @x[3]
-	pxor	@t[2], @x[6]
-	 movdqa	@t[6], @x[2]
-	 movdqa	@t[1], @x[7]
-	 movdqa	@x[6], @x[4]
-	 movdqa	@t[3], @x[6]
-___
-}
-
-sub InvMixColumns_orig {
-my @x=@_[0..7];
-my @t=@_[8..15];
-
-$code.=<<___;
-	# multiplication by 0x0e
-	pshufd	\$0x93, @x[7], @t[7]
-	movdqa	@x[2], @t[2]
-	pxor	@x[5], @x[7]		# 7 5
-	pxor	@x[5], @x[2]		# 2 5
-	pshufd	\$0x93, @x[0], @t[0]
-	movdqa	@x[5], @t[5]
-	pxor	@x[0], @x[5]		# 5 0		[1]
-	pxor	@x[1], @x[0]		# 0 1
-	pshufd	\$0x93, @x[1], @t[1]
-	pxor	@x[2], @x[1]		# 1 25
-	pxor	@x[6], @x[0]		# 01 6		[2]
-	pxor	@x[3], @x[1]		# 125 3		[4]
-	pshufd	\$0x93, @x[3], @t[3]
-	pxor	@x[0], @x[2]		# 25 016	[3]
-	pxor	@x[7], @x[3]		# 3 75
-	pxor	@x[6], @x[7]		# 75 6		[0]
-	pshufd	\$0x93, @x[6], @t[6]
-	movdqa	@x[4], @t[4]
-	pxor	@x[4], @x[6]		# 6 4
-	pxor	@x[3], @x[4]		# 4 375		[6]
-	pxor	@x[7], @x[3]		# 375 756=36
-	pxor	@t[5], @x[6]		# 64 5		[7]
-	pxor	@t[2], @x[3]		# 36 2
-	pxor	@t[4], @x[3]		# 362 4		[5]
-	pshufd	\$0x93, @t[5], @t[5]
-___
-					my @y = @x[7,5,0,2,1,3,4,6];
-$code.=<<___;
-	# multiplication by 0x0b
-	pxor	@y[0], @y[1]
-	pxor	@t[0], @y[0]
-	pxor	@t[1], @y[1]
-	pshufd	\$0x93, @t[2], @t[2]
-	pxor	@t[5], @y[0]
-	pxor	@t[6], @y[1]
-	pxor	@t[7], @y[0]
-	pshufd	\$0x93, @t[4], @t[4]
-	pxor	@t[6], @t[7]		# clobber t[7]
-	pxor	@y[0], @y[1]
-
-	pxor	@t[0], @y[3]
-	pshufd	\$0x93, @t[0], @t[0]
-	pxor	@t[1], @y[2]
-	pxor	@t[1], @y[4]
-	pxor	@t[2], @y[2]
-	pshufd	\$0x93, @t[1], @t[1]
-	pxor	@t[2], @y[3]
-	pxor	@t[2], @y[5]
-	pxor	@t[7], @y[2]
-	pshufd	\$0x93, @t[2], @t[2]
-	pxor	@t[3], @y[3]
-	pxor	@t[3], @y[6]
-	pxor	@t[3], @y[4]
-	pshufd	\$0x93, @t[3], @t[3]
-	pxor	@t[4], @y[7]
-	pxor	@t[4], @y[5]
-	pxor	@t[7], @y[7]
-	pxor	@t[5], @y[3]
-	pxor	@t[4], @y[4]
-	pxor	@t[5], @t[7]		# clobber t[7] even more
-
-	pxor	@t[7], @y[5]
-	pshufd	\$0x93, @t[4], @t[4]
-	pxor	@t[7], @y[6]
-	pxor	@t[7], @y[4]
-
-	pxor	@t[5], @t[7]
-	pshufd	\$0x93, @t[5], @t[5]
-	pxor	@t[6], @t[7]		# restore t[7]
-
-	# multiplication by 0x0d
-	pxor	@y[7], @y[4]
-	pxor	@t[4], @y[7]
-	pshufd	\$0x93, @t[6], @t[6]
-	pxor	@t[0], @y[2]
-	pxor	@t[5], @y[7]
-	pxor	@t[2], @y[2]
-	pshufd	\$0x93, @t[7], @t[7]
-
-	pxor	@y[1], @y[3]
-	pxor	@t[1], @y[1]
-	pxor	@t[0], @y[0]
-	pxor	@t[0], @y[3]
-	pxor	@t[5], @y[1]
-	pxor	@t[5], @y[0]
-	pxor	@t[7], @y[1]
-	pshufd	\$0x93, @t[0], @t[0]
-	pxor	@t[6], @y[0]
-	pxor	@y[1], @y[3]
-	pxor	@t[1], @y[4]
-	pshufd	\$0x93, @t[1], @t[1]
-
-	pxor	@t[7], @y[7]
-	pxor	@t[2], @y[4]
-	pxor	@t[2], @y[5]
-	pshufd	\$0x93, @t[2], @t[2]
-	pxor	@t[6], @y[2]
-	pxor	@t[3], @t[6]		# clobber t[6]
-	pxor	@y[7], @y[4]
-	pxor	@t[6], @y[3]
-
-	pxor	@t[6], @y[6]
-	pxor	@t[5], @y[5]
-	pxor	@t[4], @y[6]
-	pshufd	\$0x93, @t[4], @t[4]
-	pxor	@t[6], @y[5]
-	pxor	@t[7], @y[6]
-	pxor	@t[3], @t[6]		# restore t[6]
-
-	pshufd	\$0x93, @t[5], @t[5]
-	pshufd	\$0x93, @t[6], @t[6]
-	pshufd	\$0x93, @t[7], @t[7]
-	pshufd	\$0x93, @t[3], @t[3]
-
-	# multiplication by 0x09
-	pxor	@y[1], @y[4]
-	pxor	@y[1], @t[1]		# t[1]=y[1]
-	pxor	@t[5], @t[0]		# clobber t[0]
-	pxor	@t[5], @t[1]
-	pxor	@t[0], @y[3]
-	pxor	@y[0], @t[0]		# t[0]=y[0]
-	pxor	@t[6], @t[1]
-	pxor	@t[7], @t[6]		# clobber t[6]
-	pxor	@t[1], @y[4]
-	pxor	@t[4], @y[7]
-	pxor	@y[4], @t[4]		# t[4]=y[4]
-	pxor	@t[3], @y[6]
-	pxor	@y[3], @t[3]		# t[3]=y[3]
-	pxor	@t[2], @y[5]
-	pxor	@y[2], @t[2]		# t[2]=y[2]
-	pxor	@t[7], @t[3]
-	pxor	@y[5], @t[5]		# t[5]=y[5]
-	pxor	@t[6], @t[2]
-	pxor	@t[6], @t[5]
-	pxor	@y[6], @t[6]		# t[6]=y[6]
-	pxor	@y[7], @t[7]		# t[7]=y[7]
-
-	movdqa	@t[0],@XMM[0]
-	movdqa	@t[1],@XMM[1]
-	movdqa	@t[2],@XMM[2]
-	movdqa	@t[3],@XMM[3]
-	movdqa	@t[4],@XMM[4]
-	movdqa	@t[5],@XMM[5]
-	movdqa	@t[6],@XMM[6]
-	movdqa	@t[7],@XMM[7]
-___
-}
-
-sub InvMixColumns {
-my @x=@_[0..7];
-my @t=@_[8..15];
-
-# Thanks to Jussi Kivilinna for providing pointer to
-#
-# | 0e 0b 0d 09 |   | 02 03 01 01 |   | 05 00 04 00 |
-# | 09 0e 0b 0d | = | 01 02 03 01 | x | 00 05 00 04 |
-# | 0d 09 0e 0b |   | 01 01 02 03 |   | 04 00 05 00 |
-# | 0b 0d 09 0e |   | 03 01 01 02 |   | 00 04 00 05 |
-
-$code.=<<___;
-	# multiplication by 0x05-0x00-0x04-0x00
-	pshufd	\$0x4E, @x[0], @t[0]
-	pshufd	\$0x4E, @x[6], @t[6]
-	pxor	@x[0], @t[0]
-	pshufd	\$0x4E, @x[7], @t[7]
-	pxor	@x[6], @t[6]
-	pshufd	\$0x4E, @x[1], @t[1]
-	pxor	@x[7], @t[7]
-	pshufd	\$0x4E, @x[2], @t[2]
-	pxor	@x[1], @t[1]
-	pshufd	\$0x4E, @x[3], @t[3]
-	pxor	@x[2], @t[2]
-	 pxor	@t[6], @x[0]
-	 pxor	@t[6], @x[1]
-	pshufd	\$0x4E, @x[4], @t[4]
-	pxor	@x[3], @t[3]
-	 pxor	@t[0], @x[2]
-	 pxor	@t[1], @x[3]
-	pshufd	\$0x4E, @x[5], @t[5]
-	pxor	@x[4], @t[4]
-	 pxor	@t[7], @x[1]
-	 pxor	@t[2], @x[4]
-	pxor	@x[5], @t[5]
-
-	 pxor	@t[7], @x[2]
-	 pxor	@t[6], @x[3]
-	 pxor	@t[6], @x[4]
-	 pxor	@t[3], @x[5]
-	 pxor	@t[4], @x[6]
-	 pxor	@t[7], @x[4]
-	 pxor	@t[7], @x[5]
-	 pxor	@t[5], @x[7]
-___
-	&MixColumns	(@x,@t,1);	# flipped 2<->3 and 4<->6
-}
-
-sub aesenc {				# not used
-my @b=@_[0..7];
-my @t=@_[8..15];
-$code.=<<___;
-	movdqa	0x30($const),@t[0]	# .LSR
-___
-	&ShiftRows	(@b,@t[0]);
-	&Sbox		(@b,@t);
-	&MixColumns	(@b[0,1,4,6,3,7,2,5],@t);
-}
-
-sub aesenclast {			# not used
-my @b=@_[0..7];
-my @t=@_[8..15];
-$code.=<<___;
-	movdqa	0x40($const),@t[0]	# .LSRM0
-___
-	&ShiftRows	(@b,@t[0]);
-	&Sbox		(@b,@t);
-$code.=<<___
-	pxor	0x00($key),@b[0]
-	pxor	0x10($key),@b[1]
-	pxor	0x20($key),@b[4]
-	pxor	0x30($key),@b[6]
-	pxor	0x40($key),@b[3]
-	pxor	0x50($key),@b[7]
-	pxor	0x60($key),@b[2]
-	pxor	0x70($key),@b[5]
-___
-}
-
-sub swapmove {
-my ($a,$b,$n,$mask,$t)=@_;
-$code.=<<___;
-	movdqa	$b,$t
-	psrlq	\$$n,$b
-	pxor  	$a,$b
-	pand	$mask,$b
-	pxor	$b,$a
-	psllq	\$$n,$b
-	pxor	$t,$b
-___
-}
-sub swapmove2x {
-my ($a0,$b0,$a1,$b1,$n,$mask,$t0,$t1)=@_;
-$code.=<<___;
-	movdqa	$b0,$t0
-	psrlq	\$$n,$b0
-	 movdqa	$b1,$t1
-	 psrlq	\$$n,$b1
-	pxor  	$a0,$b0
-	 pxor  	$a1,$b1
-	pand	$mask,$b0
-	 pand	$mask,$b1
-	pxor	$b0,$a0
-	psllq	\$$n,$b0
-	 pxor	$b1,$a1
-	 psllq	\$$n,$b1
-	pxor	$t0,$b0
-	 pxor	$t1,$b1
-___
-}
-
-sub bitslice {
-my @x=reverse(@_[0..7]);
-my ($t0,$t1,$t2,$t3)=@_[8..11];
-$code.=<<___;
-	movdqa	0x00($const),$t0	# .LBS0
-	movdqa	0x10($const),$t1	# .LBS1
-___
-	&swapmove2x(@x[0,1,2,3],1,$t0,$t2,$t3);
-	&swapmove2x(@x[4,5,6,7],1,$t0,$t2,$t3);
-$code.=<<___;
-	movdqa	0x20($const),$t0	# .LBS2
-___
-	&swapmove2x(@x[0,2,1,3],2,$t1,$t2,$t3);
-	&swapmove2x(@x[4,6,5,7],2,$t1,$t2,$t3);
-
-	&swapmove2x(@x[0,4,1,5],4,$t0,$t2,$t3);
-	&swapmove2x(@x[2,6,3,7],4,$t0,$t2,$t3);
-}
-
-$code.=<<___;
-.text
-
-.extern	asm_AES_encrypt
-.extern	asm_AES_decrypt
-
-.type	_bsaes_encrypt8,\@abi-omnipotent
-.align	64
-_bsaes_encrypt8:
-.cfi_startproc
-	lea	.LBS0(%rip), $const	# constants table
-
-	movdqa	($key), @XMM[9]		# round 0 key
-	lea	0x10($key), $key
-	movdqa	0x50($const), @XMM[8]	# .LM0SR
-	pxor	@XMM[9], @XMM[0]	# xor with round0 key
-	pxor	@XMM[9], @XMM[1]
-	pxor	@XMM[9], @XMM[2]
-	pxor	@XMM[9], @XMM[3]
-	 pshufb	@XMM[8], @XMM[0]
-	 pshufb	@XMM[8], @XMM[1]
-	pxor	@XMM[9], @XMM[4]
-	pxor	@XMM[9], @XMM[5]
-	 pshufb	@XMM[8], @XMM[2]
-	 pshufb	@XMM[8], @XMM[3]
-	pxor	@XMM[9], @XMM[6]
-	pxor	@XMM[9], @XMM[7]
-	 pshufb	@XMM[8], @XMM[4]
-	 pshufb	@XMM[8], @XMM[5]
-	 pshufb	@XMM[8], @XMM[6]
-	 pshufb	@XMM[8], @XMM[7]
-_bsaes_encrypt8_bitslice:
-___
-	&bitslice	(@XMM[0..7, 8..11]);
-$code.=<<___;
-	dec	$rounds
-	jmp	.Lenc_sbox
-.align	16
-.Lenc_loop:
-___
-	&ShiftRows	(@XMM[0..7, 8]);
-$code.=".Lenc_sbox:\n";
-	&Sbox		(@XMM[0..7, 8..15]);
-$code.=<<___;
-	dec	$rounds
-	jl	.Lenc_done
-___
-	&MixColumns	(@XMM[0,1,4,6,3,7,2,5, 8..15]);
-$code.=<<___;
-	movdqa	0x30($const), @XMM[8]	# .LSR
-	jnz	.Lenc_loop
-	movdqa	0x40($const), @XMM[8]	# .LSRM0
-	jmp	.Lenc_loop
-.align	16
-.Lenc_done:
-___
-	# output in lsb > [t0, t1, t4, t6, t3, t7, t2, t5] < msb
-	&bitslice	(@XMM[0,1,4,6,3,7,2,5, 8..11]);
-$code.=<<___;
-	movdqa	($key), @XMM[8]		# last round key
-	pxor	@XMM[8], @XMM[4]
-	pxor	@XMM[8], @XMM[6]
-	pxor	@XMM[8], @XMM[3]
-	pxor	@XMM[8], @XMM[7]
-	pxor	@XMM[8], @XMM[2]
-	pxor	@XMM[8], @XMM[5]
-	pxor	@XMM[8], @XMM[0]
-	pxor	@XMM[8], @XMM[1]
-	ret
-.cfi_endproc
-.size	_bsaes_encrypt8,.-_bsaes_encrypt8
-
-.type	_bsaes_decrypt8,\@abi-omnipotent
-.align	64
-_bsaes_decrypt8:
-.cfi_startproc
-	lea	.LBS0(%rip), $const	# constants table
-
-	movdqa	($key), @XMM[9]		# round 0 key
-	lea	0x10($key), $key
-	movdqa	-0x30($const), @XMM[8]	# .LM0ISR
-	pxor	@XMM[9], @XMM[0]	# xor with round0 key
-	pxor	@XMM[9], @XMM[1]
-	pxor	@XMM[9], @XMM[2]
-	pxor	@XMM[9], @XMM[3]
-	 pshufb	@XMM[8], @XMM[0]
-	 pshufb	@XMM[8], @XMM[1]
-	pxor	@XMM[9], @XMM[4]
-	pxor	@XMM[9], @XMM[5]
-	 pshufb	@XMM[8], @XMM[2]
-	 pshufb	@XMM[8], @XMM[3]
-	pxor	@XMM[9], @XMM[6]
-	pxor	@XMM[9], @XMM[7]
-	 pshufb	@XMM[8], @XMM[4]
-	 pshufb	@XMM[8], @XMM[5]
-	 pshufb	@XMM[8], @XMM[6]
-	 pshufb	@XMM[8], @XMM[7]
-___
-	&bitslice	(@XMM[0..7, 8..11]);
-$code.=<<___;
-	dec	$rounds
-	jmp	.Ldec_sbox
-.align	16
-.Ldec_loop:
-___
-	&ShiftRows	(@XMM[0..7, 8]);
-$code.=".Ldec_sbox:\n";
-	&InvSbox	(@XMM[0..7, 8..15]);
-$code.=<<___;
-	dec	$rounds
-	jl	.Ldec_done
-___
-	&InvMixColumns	(@XMM[0,1,6,4,2,7,3,5, 8..15]);
-$code.=<<___;
-	movdqa	-0x10($const), @XMM[8]	# .LISR
-	jnz	.Ldec_loop
-	movdqa	-0x20($const), @XMM[8]	# .LISRM0
-	jmp	.Ldec_loop
-.align	16
-.Ldec_done:
-___
-	&bitslice	(@XMM[0,1,6,4,2,7,3,5, 8..11]);
-$code.=<<___;
-	movdqa	($key), @XMM[8]		# last round key
-	pxor	@XMM[8], @XMM[6]
-	pxor	@XMM[8], @XMM[4]
-	pxor	@XMM[8], @XMM[2]
-	pxor	@XMM[8], @XMM[7]
-	pxor	@XMM[8], @XMM[3]
-	pxor	@XMM[8], @XMM[5]
-	pxor	@XMM[8], @XMM[0]
-	pxor	@XMM[8], @XMM[1]
-	ret
-.cfi_endproc
-.size	_bsaes_decrypt8,.-_bsaes_decrypt8
-___
-}
-{
-my ($out,$inp,$rounds,$const)=("%rax","%rcx","%r10d","%r11");
-
-sub bitslice_key {
-my @x=reverse(@_[0..7]);
-my ($bs0,$bs1,$bs2,$t2,$t3)=@_[8..12];
-
-	&swapmove	(@x[0,1],1,$bs0,$t2,$t3);
-$code.=<<___;
-	#&swapmove(@x[2,3],1,$t0,$t2,$t3);
-	movdqa	@x[0], @x[2]
-	movdqa	@x[1], @x[3]
-___
-	#&swapmove2x(@x[4,5,6,7],1,$t0,$t2,$t3);
-
-	&swapmove2x	(@x[0,2,1,3],2,$bs1,$t2,$t3);
-$code.=<<___;
-	#&swapmove2x(@x[4,6,5,7],2,$t1,$t2,$t3);
-	movdqa	@x[0], @x[4]
-	movdqa	@x[2], @x[6]
-	movdqa	@x[1], @x[5]
-	movdqa	@x[3], @x[7]
-___
-	&swapmove2x	(@x[0,4,1,5],4,$bs2,$t2,$t3);
-	&swapmove2x	(@x[2,6,3,7],4,$bs2,$t2,$t3);
-}
-
-$code.=<<___;
-.type	_bsaes_key_convert,\@abi-omnipotent
-.align	16
-_bsaes_key_convert:
-.cfi_startproc
-	lea	.Lmasks(%rip), $const
-	movdqu	($inp), %xmm7		# load round 0 key
-	lea	0x10($inp), $inp
-	movdqa	0x00($const), %xmm0	# 0x01...
-	movdqa	0x10($const), %xmm1	# 0x02...
-	movdqa	0x20($const), %xmm2	# 0x04...
-	movdqa	0x30($const), %xmm3	# 0x08...
-	movdqa	0x40($const), %xmm4	# .LM0
-	pcmpeqd	%xmm5, %xmm5		# .LNOT
-
-	movdqu	($inp), %xmm6		# load round 1 key
-	movdqa	%xmm7, ($out)		# save round 0 key
-	lea	0x10($out), $out
-	dec	$rounds
-	jmp	.Lkey_loop
-.align	16
-.Lkey_loop:
-	pshufb	%xmm4, %xmm6		# .LM0
-
-	movdqa	%xmm0,	%xmm8
-	movdqa	%xmm1,	%xmm9
-
-	pand	%xmm6,	%xmm8
-	pand	%xmm6,	%xmm9
-	movdqa	%xmm2,	%xmm10
-	pcmpeqb	%xmm0,	%xmm8
-	psllq	\$4,	%xmm0		# 0x10...
-	movdqa	%xmm3,	%xmm11
-	pcmpeqb	%xmm1,	%xmm9
-	psllq	\$4,	%xmm1		# 0x20...
-
-	pand	%xmm6,	%xmm10
-	pand	%xmm6,	%xmm11
-	movdqa	%xmm0,	%xmm12
-	pcmpeqb	%xmm2,	%xmm10
-	psllq	\$4,	%xmm2		# 0x40...
-	movdqa	%xmm1,	%xmm13
-	pcmpeqb	%xmm3,	%xmm11
-	psllq	\$4,	%xmm3		# 0x80...
-
-	movdqa	%xmm2,	%xmm14
-	movdqa	%xmm3,	%xmm15
-	 pxor	%xmm5,	%xmm8		# "pnot"
-	 pxor	%xmm5,	%xmm9
-
-	pand	%xmm6,	%xmm12
-	pand	%xmm6,	%xmm13
-	 movdqa	%xmm8, 0x00($out)	# write bit-sliced round key
-	pcmpeqb	%xmm0,	%xmm12
-	psrlq	\$4,	%xmm0		# 0x01...
-	 movdqa	%xmm9, 0x10($out)
-	pcmpeqb	%xmm1,	%xmm13
-	psrlq	\$4,	%xmm1		# 0x02...
-	 lea	0x10($inp), $inp
-
-	pand	%xmm6,	%xmm14
-	pand	%xmm6,	%xmm15
-	 movdqa	%xmm10, 0x20($out)
-	pcmpeqb	%xmm2,	%xmm14
-	psrlq	\$4,	%xmm2		# 0x04...
-	 movdqa	%xmm11, 0x30($out)
-	pcmpeqb	%xmm3,	%xmm15
-	psrlq	\$4,	%xmm3		# 0x08...
-	 movdqu	($inp), %xmm6		# load next round key
-
-	pxor	%xmm5, %xmm13		# "pnot"
-	pxor	%xmm5, %xmm14
-	movdqa	%xmm12, 0x40($out)
-	movdqa	%xmm13, 0x50($out)
-	movdqa	%xmm14, 0x60($out)
-	movdqa	%xmm15, 0x70($out)
-	lea	0x80($out),$out
-	dec	$rounds
-	jnz	.Lkey_loop
-
-	movdqa	0x50($const), %xmm7	# .L63
-	#movdqa	%xmm6, ($out)		# don't save last round key
-	ret
-.cfi_endproc
-.size	_bsaes_key_convert,.-_bsaes_key_convert
-___
-}
-
-if (0 && !$win64) {	# following four functions are unsupported interface
-			# used for benchmarking...
-$code.=<<___;
-.globl	bsaes_enc_key_convert
-.type	bsaes_enc_key_convert,\@function,2
-.align	16
-bsaes_enc_key_convert:
-	mov	240($inp),%r10d		# pass rounds
-	mov	$inp,%rcx		# pass key
-	mov	$out,%rax		# pass key schedule
-	call	_bsaes_key_convert
-	pxor	%xmm6,%xmm7		# fix up last round key
-	movdqa	%xmm7,(%rax)		# save last round key
-	ret
-.size	bsaes_enc_key_convert,.-bsaes_enc_key_convert
-
-.globl	bsaes_encrypt_128
-.type	bsaes_encrypt_128,\@function,4
-.align	16
-bsaes_encrypt_128:
-.Lenc128_loop:
-	movdqu	0x00($inp), @XMM[0]	# load input
-	movdqu	0x10($inp), @XMM[1]
-	movdqu	0x20($inp), @XMM[2]
-	movdqu	0x30($inp), @XMM[3]
-	movdqu	0x40($inp), @XMM[4]
-	movdqu	0x50($inp), @XMM[5]
-	movdqu	0x60($inp), @XMM[6]
-	movdqu	0x70($inp), @XMM[7]
-	mov	$key, %rax		# pass the $key
-	lea	0x80($inp), $inp
-	mov	\$10,%r10d
-
-	call	_bsaes_encrypt8
-
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[4], 0x20($out)
-	movdqu	@XMM[6], 0x30($out)
-	movdqu	@XMM[3], 0x40($out)
-	movdqu	@XMM[7], 0x50($out)
-	movdqu	@XMM[2], 0x60($out)
-	movdqu	@XMM[5], 0x70($out)
-	lea	0x80($out), $out
-	sub	\$0x80,$len
-	ja	.Lenc128_loop
-	ret
-.size	bsaes_encrypt_128,.-bsaes_encrypt_128
-
-.globl	bsaes_dec_key_convert
-.type	bsaes_dec_key_convert,\@function,2
-.align	16
-bsaes_dec_key_convert:
-	mov	240($inp),%r10d		# pass rounds
-	mov	$inp,%rcx		# pass key
-	mov	$out,%rax		# pass key schedule
-	call	_bsaes_key_convert
-	pxor	($out),%xmm7		# fix up round 0 key
-	movdqa	%xmm6,(%rax)		# save last round key
-	movdqa	%xmm7,($out)
-	ret
-.size	bsaes_dec_key_convert,.-bsaes_dec_key_convert
-
-.globl	bsaes_decrypt_128
-.type	bsaes_decrypt_128,\@function,4
-.align	16
-bsaes_decrypt_128:
-.Ldec128_loop:
-	movdqu	0x00($inp), @XMM[0]	# load input
-	movdqu	0x10($inp), @XMM[1]
-	movdqu	0x20($inp), @XMM[2]
-	movdqu	0x30($inp), @XMM[3]
-	movdqu	0x40($inp), @XMM[4]
-	movdqu	0x50($inp), @XMM[5]
-	movdqu	0x60($inp), @XMM[6]
-	movdqu	0x70($inp), @XMM[7]
-	mov	$key, %rax		# pass the $key
-	lea	0x80($inp), $inp
-	mov	\$10,%r10d
-
-	call	_bsaes_decrypt8
-
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[6], 0x20($out)
-	movdqu	@XMM[4], 0x30($out)
-	movdqu	@XMM[2], 0x40($out)
-	movdqu	@XMM[7], 0x50($out)
-	movdqu	@XMM[3], 0x60($out)
-	movdqu	@XMM[5], 0x70($out)
-	lea	0x80($out), $out
-	sub	\$0x80,$len
-	ja	.Ldec128_loop
-	ret
-.size	bsaes_decrypt_128,.-bsaes_decrypt_128
-___
-}
-{
-######################################################################
-#
-# OpenSSL interface
-#
-my ($arg1,$arg2,$arg3,$arg4,$arg5,$arg6)=$win64	? ("%rcx","%rdx","%r8","%r9","%r10","%r11d")
-						: ("%rdi","%rsi","%rdx","%rcx","%r8","%r9d");
-my ($inp,$out,$len,$key)=("%r12","%r13","%r14","%r15");
-
-if ($ecb) {
-$code.=<<___;
-.globl	bsaes_ecb_encrypt_blocks
-.type	bsaes_ecb_encrypt_blocks,\@abi-omnipotent
-.align	16
-bsaes_ecb_encrypt_blocks:
-.cfi_startproc
-	mov	%rsp, %rax
-.Lecb_enc_prologue:
-	push	%rbp
-.cfi_push	%rbp
-	push	%rbx
-.cfi_push	%rbx
-	push	%r12
-.cfi_push	%r12
-	push	%r13
-.cfi_push	%r13
-	push	%r14
-.cfi_push	%r14
-	push	%r15
-.cfi_push	%r15
-	lea	-0x48(%rsp),%rsp
-.cfi_adjust_cfa_offset	0x48
-___
-$code.=<<___ if ($win64);
-	lea	-0xa0(%rsp), %rsp
-	movaps	%xmm6, 0x40(%rsp)
-	movaps	%xmm7, 0x50(%rsp)
-	movaps	%xmm8, 0x60(%rsp)
-	movaps	%xmm9, 0x70(%rsp)
-	movaps	%xmm10, 0x80(%rsp)
-	movaps	%xmm11, 0x90(%rsp)
-	movaps	%xmm12, 0xa0(%rsp)
-	movaps	%xmm13, 0xb0(%rsp)
-	movaps	%xmm14, 0xc0(%rsp)
-	movaps	%xmm15, 0xd0(%rsp)
-.Lecb_enc_body:
-___
-$code.=<<___;
-	mov	%rsp,%rbp		# backup %rsp
-.cfi_def_cfa_register	%rbp
-	mov	240($arg4),%eax		# rounds
-	mov	$arg1,$inp		# backup arguments
-	mov	$arg2,$out
-	mov	$arg3,$len
-	mov	$arg4,$key
-	cmp	\$8,$arg3
-	jb	.Lecb_enc_short
-
-	mov	%eax,%ebx		# backup rounds
-	shl	\$7,%rax		# 128 bytes per inner round key
-	sub	\$`128-32`,%rax		# size of bit-sliced key schedule
-	sub	%rax,%rsp
-	mov	%rsp,%rax		# pass key schedule
-	mov	$key,%rcx		# pass key
-	mov	%ebx,%r10d		# pass rounds
-	call	_bsaes_key_convert
-	pxor	%xmm6,%xmm7		# fix up last round key
-	movdqa	%xmm7,(%rax)		# save last round key
-
-	sub	\$8,$len
-.Lecb_enc_loop:
-	movdqu	0x00($inp), @XMM[0]	# load input
-	movdqu	0x10($inp), @XMM[1]
-	movdqu	0x20($inp), @XMM[2]
-	movdqu	0x30($inp), @XMM[3]
-	movdqu	0x40($inp), @XMM[4]
-	movdqu	0x50($inp), @XMM[5]
-	mov	%rsp, %rax		# pass key schedule
-	movdqu	0x60($inp), @XMM[6]
-	mov	%ebx,%r10d		# pass rounds
-	movdqu	0x70($inp), @XMM[7]
-	lea	0x80($inp), $inp
-
-	call	_bsaes_encrypt8
-
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[4], 0x20($out)
-	movdqu	@XMM[6], 0x30($out)
-	movdqu	@XMM[3], 0x40($out)
-	movdqu	@XMM[7], 0x50($out)
-	movdqu	@XMM[2], 0x60($out)
-	movdqu	@XMM[5], 0x70($out)
-	lea	0x80($out), $out
-	sub	\$8,$len
-	jnc	.Lecb_enc_loop
-
-	add	\$8,$len
-	jz	.Lecb_enc_done
-
-	movdqu	0x00($inp), @XMM[0]	# load input
-	mov	%rsp, %rax		# pass key schedule
-	mov	%ebx,%r10d		# pass rounds
-	cmp	\$2,$len
-	jb	.Lecb_enc_one
-	movdqu	0x10($inp), @XMM[1]
-	je	.Lecb_enc_two
-	movdqu	0x20($inp), @XMM[2]
-	cmp	\$4,$len
-	jb	.Lecb_enc_three
-	movdqu	0x30($inp), @XMM[3]
-	je	.Lecb_enc_four
-	movdqu	0x40($inp), @XMM[4]
-	cmp	\$6,$len
-	jb	.Lecb_enc_five
-	movdqu	0x50($inp), @XMM[5]
-	je	.Lecb_enc_six
-	movdqu	0x60($inp), @XMM[6]
-	call	_bsaes_encrypt8
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[4], 0x20($out)
-	movdqu	@XMM[6], 0x30($out)
-	movdqu	@XMM[3], 0x40($out)
-	movdqu	@XMM[7], 0x50($out)
-	movdqu	@XMM[2], 0x60($out)
-	jmp	.Lecb_enc_done
-.align	16
-.Lecb_enc_six:
-	call	_bsaes_encrypt8
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[4], 0x20($out)
-	movdqu	@XMM[6], 0x30($out)
-	movdqu	@XMM[3], 0x40($out)
-	movdqu	@XMM[7], 0x50($out)
-	jmp	.Lecb_enc_done
-.align	16
-.Lecb_enc_five:
-	call	_bsaes_encrypt8
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[4], 0x20($out)
-	movdqu	@XMM[6], 0x30($out)
-	movdqu	@XMM[3], 0x40($out)
-	jmp	.Lecb_enc_done
-.align	16
-.Lecb_enc_four:
-	call	_bsaes_encrypt8
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[4], 0x20($out)
-	movdqu	@XMM[6], 0x30($out)
-	jmp	.Lecb_enc_done
-.align	16
-.Lecb_enc_three:
-	call	_bsaes_encrypt8
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[4], 0x20($out)
-	jmp	.Lecb_enc_done
-.align	16
-.Lecb_enc_two:
-	call	_bsaes_encrypt8
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	jmp	.Lecb_enc_done
-.align	16
-.Lecb_enc_one:
-	call	_bsaes_encrypt8
-	movdqu	@XMM[0], 0x00($out)	# write output
-	jmp	.Lecb_enc_done
-.align	16
-.Lecb_enc_short:
-	lea	($inp), $arg1
-	lea	($out), $arg2
-	lea	($key), $arg3
-	call	asm_AES_encrypt
-	lea	16($inp), $inp
-	lea	16($out), $out
-	dec	$len
-	jnz	.Lecb_enc_short
-
-.Lecb_enc_done:
-	lea	(%rsp),%rax
-	pxor	%xmm0, %xmm0
-.Lecb_enc_bzero:			# wipe key schedule [if any]
-	movdqa	%xmm0, 0x00(%rax)
-	movdqa	%xmm0, 0x10(%rax)
-	lea	0x20(%rax), %rax
-	cmp	%rax, %rbp
-	jb	.Lecb_enc_bzero
-
-	lea	0x78(%rbp),%rax
-.cfi_def_cfa	%rax,8
-___
-$code.=<<___ if ($win64);
-	movaps	0x40(%rbp), %xmm6
-	movaps	0x50(%rbp), %xmm7
-	movaps	0x60(%rbp), %xmm8
-	movaps	0x70(%rbp), %xmm9
-	movaps	0x80(%rbp), %xmm10
-	movaps	0x90(%rbp), %xmm11
-	movaps	0xa0(%rbp), %xmm12
-	movaps	0xb0(%rbp), %xmm13
-	movaps	0xc0(%rbp), %xmm14
-	movaps	0xd0(%rbp), %xmm15
-	lea	0xa0(%rax), %rax
-.Lecb_enc_tail:
-___
-$code.=<<___;
-	mov	-48(%rax), %r15
-.cfi_restore	%r15
-	mov	-40(%rax), %r14
-.cfi_restore	%r14
-	mov	-32(%rax), %r13
-.cfi_restore	%r13
-	mov	-24(%rax), %r12
-.cfi_restore	%r12
-	mov	-16(%rax), %rbx
-.cfi_restore	%rbx
-	mov	-8(%rax), %rbp
-.cfi_restore	%rbp
-	lea	(%rax), %rsp		# restore %rsp
-.cfi_def_cfa_register	%rsp
-.Lecb_enc_epilogue:
-	ret
-.cfi_endproc
-.size	bsaes_ecb_encrypt_blocks,.-bsaes_ecb_encrypt_blocks
-
-.globl	bsaes_ecb_decrypt_blocks
-.type	bsaes_ecb_decrypt_blocks,\@abi-omnipotent
-.align	16
-bsaes_ecb_decrypt_blocks:
-.cfi_startproc
-	mov	%rsp, %rax
-.Lecb_dec_prologue:
-	push	%rbp
-.cfi_push	%rbp
-	push	%rbx
-.cfi_push	%rbx
-	push	%r12
-.cfi_push	%r12
-	push	%r13
-.cfi_push	%r13
-	push	%r14
-.cfi_push	%r14
-	push	%r15
-.cfi_push	%r15
-	lea	-0x48(%rsp),%rsp
-.cfi_adjust_cfa_offset	0x48
-___
-$code.=<<___ if ($win64);
-	lea	-0xa0(%rsp), %rsp
-	movaps	%xmm6, 0x40(%rsp)
-	movaps	%xmm7, 0x50(%rsp)
-	movaps	%xmm8, 0x60(%rsp)
-	movaps	%xmm9, 0x70(%rsp)
-	movaps	%xmm10, 0x80(%rsp)
-	movaps	%xmm11, 0x90(%rsp)
-	movaps	%xmm12, 0xa0(%rsp)
-	movaps	%xmm13, 0xb0(%rsp)
-	movaps	%xmm14, 0xc0(%rsp)
-	movaps	%xmm15, 0xd0(%rsp)
-.Lecb_dec_body:
-___
-$code.=<<___;
-	mov	%rsp,%rbp		# backup %rsp
-.cfi_def_cfa_register	%rbp
-	mov	240($arg4),%eax		# rounds
-	mov	$arg1,$inp		# backup arguments
-	mov	$arg2,$out
-	mov	$arg3,$len
-	mov	$arg4,$key
-	cmp	\$8,$arg3
-	jb	.Lecb_dec_short
-
-	mov	%eax,%ebx		# backup rounds
-	shl	\$7,%rax		# 128 bytes per inner round key
-	sub	\$`128-32`,%rax		# size of bit-sliced key schedule
-	sub	%rax,%rsp
-	mov	%rsp,%rax		# pass key schedule
-	mov	$key,%rcx		# pass key
-	mov	%ebx,%r10d		# pass rounds
-	call	_bsaes_key_convert
-	pxor	(%rsp),%xmm7		# fix up 0 round key
-	movdqa	%xmm6,(%rax)		# save last round key
-	movdqa	%xmm7,(%rsp)
-
-	sub	\$8,$len
-.Lecb_dec_loop:
-	movdqu	0x00($inp), @XMM[0]	# load input
-	movdqu	0x10($inp), @XMM[1]
-	movdqu	0x20($inp), @XMM[2]
-	movdqu	0x30($inp), @XMM[3]
-	movdqu	0x40($inp), @XMM[4]
-	movdqu	0x50($inp), @XMM[5]
-	mov	%rsp, %rax		# pass key schedule
-	movdqu	0x60($inp), @XMM[6]
-	mov	%ebx,%r10d		# pass rounds
-	movdqu	0x70($inp), @XMM[7]
-	lea	0x80($inp), $inp
-
-	call	_bsaes_decrypt8
-
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[6], 0x20($out)
-	movdqu	@XMM[4], 0x30($out)
-	movdqu	@XMM[2], 0x40($out)
-	movdqu	@XMM[7], 0x50($out)
-	movdqu	@XMM[3], 0x60($out)
-	movdqu	@XMM[5], 0x70($out)
-	lea	0x80($out), $out
-	sub	\$8,$len
-	jnc	.Lecb_dec_loop
-
-	add	\$8,$len
-	jz	.Lecb_dec_done
-
-	movdqu	0x00($inp), @XMM[0]	# load input
-	mov	%rsp, %rax		# pass key schedule
-	mov	%ebx,%r10d		# pass rounds
-	cmp	\$2,$len
-	jb	.Lecb_dec_one
-	movdqu	0x10($inp), @XMM[1]
-	je	.Lecb_dec_two
-	movdqu	0x20($inp), @XMM[2]
-	cmp	\$4,$len
-	jb	.Lecb_dec_three
-	movdqu	0x30($inp), @XMM[3]
-	je	.Lecb_dec_four
-	movdqu	0x40($inp), @XMM[4]
-	cmp	\$6,$len
-	jb	.Lecb_dec_five
-	movdqu	0x50($inp), @XMM[5]
-	je	.Lecb_dec_six
-	movdqu	0x60($inp), @XMM[6]
-	call	_bsaes_decrypt8
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[6], 0x20($out)
-	movdqu	@XMM[4], 0x30($out)
-	movdqu	@XMM[2], 0x40($out)
-	movdqu	@XMM[7], 0x50($out)
-	movdqu	@XMM[3], 0x60($out)
-	jmp	.Lecb_dec_done
-.align	16
-.Lecb_dec_six:
-	call	_bsaes_decrypt8
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[6], 0x20($out)
-	movdqu	@XMM[4], 0x30($out)
-	movdqu	@XMM[2], 0x40($out)
-	movdqu	@XMM[7], 0x50($out)
-	jmp	.Lecb_dec_done
-.align	16
-.Lecb_dec_five:
-	call	_bsaes_decrypt8
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[6], 0x20($out)
-	movdqu	@XMM[4], 0x30($out)
-	movdqu	@XMM[2], 0x40($out)
-	jmp	.Lecb_dec_done
-.align	16
-.Lecb_dec_four:
-	call	_bsaes_decrypt8
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[6], 0x20($out)
-	movdqu	@XMM[4], 0x30($out)
-	jmp	.Lecb_dec_done
-.align	16
-.Lecb_dec_three:
-	call	_bsaes_decrypt8
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[6], 0x20($out)
-	jmp	.Lecb_dec_done
-.align	16
-.Lecb_dec_two:
-	call	_bsaes_decrypt8
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	jmp	.Lecb_dec_done
-.align	16
-.Lecb_dec_one:
-	call	_bsaes_decrypt8
-	movdqu	@XMM[0], 0x00($out)	# write output
-	jmp	.Lecb_dec_done
-.align	16
-.Lecb_dec_short:
-	lea	($inp), $arg1
-	lea	($out), $arg2
-	lea	($key), $arg3
-	call	asm_AES_decrypt
-	lea	16($inp), $inp
-	lea	16($out), $out
-	dec	$len
-	jnz	.Lecb_dec_short
-
-.Lecb_dec_done:
-	lea	(%rsp),%rax
-	pxor	%xmm0, %xmm0
-.Lecb_dec_bzero:			# wipe key schedule [if any]
-	movdqa	%xmm0, 0x00(%rax)
-	movdqa	%xmm0, 0x10(%rax)
-	lea	0x20(%rax), %rax
-	cmp	%rax, %rbp
-	jb	.Lecb_dec_bzero
-
-	lea	0x78(%rbp),%rax
-.cfi_def_cfa	%rax,8
-___
-$code.=<<___ if ($win64);
-	movaps	0x40(%rbp), %xmm6
-	movaps	0x50(%rbp), %xmm7
-	movaps	0x60(%rbp), %xmm8
-	movaps	0x70(%rbp), %xmm9
-	movaps	0x80(%rbp), %xmm10
-	movaps	0x90(%rbp), %xmm11
-	movaps	0xa0(%rbp), %xmm12
-	movaps	0xb0(%rbp), %xmm13
-	movaps	0xc0(%rbp), %xmm14
-	movaps	0xd0(%rbp), %xmm15
-	lea	0xa0(%rax), %rax
-.Lecb_dec_tail:
-___
-$code.=<<___;
-	mov	-48(%rax), %r15
-.cfi_restore	%r15
-	mov	-40(%rax), %r14
-.cfi_restore	%r14
-	mov	-32(%rax), %r13
-.cfi_restore	%r13
-	mov	-24(%rax), %r12
-.cfi_restore	%r12
-	mov	-16(%rax), %rbx
-.cfi_restore	%rbx
-	mov	-8(%rax), %rbp
-.cfi_restore	%rbp
-	lea	(%rax), %rsp		# restore %rsp
-.cfi_def_cfa_register	%rsp
-.Lecb_dec_epilogue:
-	ret
-.cfi_endproc
-.size	bsaes_ecb_decrypt_blocks,.-bsaes_ecb_decrypt_blocks
-___
-}
-$code.=<<___;
-.extern	asm_AES_cbc_encrypt
-.globl	bsaes_cbc_encrypt
-.type	bsaes_cbc_encrypt,\@abi-omnipotent
-.align	16
-bsaes_cbc_encrypt:
-.cfi_startproc
-___
-$code.=<<___ if ($win64);
-	mov	48(%rsp),$arg6		# pull direction flag
-___
-$code.=<<___;
-	cmp	\$0,$arg6
-	jne	asm_AES_cbc_encrypt
-	cmp	\$128,$arg3
-	jb	asm_AES_cbc_encrypt
-
-	mov	%rsp, %rax
-.Lcbc_dec_prologue:
-	push	%rbp
-.cfi_push	%rbp
-	push	%rbx
-.cfi_push	%rbx
-	push	%r12
-.cfi_push	%r12
-	push	%r13
-.cfi_push	%r13
-	push	%r14
-.cfi_push	%r14
-	push	%r15
-.cfi_push	%r15
-	lea	-0x48(%rsp), %rsp
-.cfi_adjust_cfa_offset	0x48
-___
-$code.=<<___ if ($win64);
-	mov	0xa0(%rsp),$arg5	# pull ivp
-	lea	-0xa0(%rsp), %rsp
-	movaps	%xmm6, 0x40(%rsp)
-	movaps	%xmm7, 0x50(%rsp)
-	movaps	%xmm8, 0x60(%rsp)
-	movaps	%xmm9, 0x70(%rsp)
-	movaps	%xmm10, 0x80(%rsp)
-	movaps	%xmm11, 0x90(%rsp)
-	movaps	%xmm12, 0xa0(%rsp)
-	movaps	%xmm13, 0xb0(%rsp)
-	movaps	%xmm14, 0xc0(%rsp)
-	movaps	%xmm15, 0xd0(%rsp)
-.Lcbc_dec_body:
-___
-$code.=<<___;
-	mov	%rsp, %rbp		# backup %rsp
-.cfi_def_cfa_register	%rbp
-	mov	240($arg4), %eax	# rounds
-	mov	$arg1, $inp		# backup arguments
-	mov	$arg2, $out
-	mov	$arg3, $len
-	mov	$arg4, $key
-	mov	$arg5, %rbx
-	shr	\$4, $len		# bytes to blocks
-
-	mov	%eax, %edx		# rounds
-	shl	\$7, %rax		# 128 bytes per inner round key
-	sub	\$`128-32`, %rax	# size of bit-sliced key schedule
-	sub	%rax, %rsp
-
-	mov	%rsp, %rax		# pass key schedule
-	mov	$key, %rcx		# pass key
-	mov	%edx, %r10d		# pass rounds
-	call	_bsaes_key_convert
-	pxor	(%rsp),%xmm7		# fix up 0 round key
-	movdqa	%xmm6,(%rax)		# save last round key
-	movdqa	%xmm7,(%rsp)
-
-	movdqu	(%rbx), @XMM[15]	# load IV
-	sub	\$8,$len
-.Lcbc_dec_loop:
-	movdqu	0x00($inp), @XMM[0]	# load input
-	movdqu	0x10($inp), @XMM[1]
-	movdqu	0x20($inp), @XMM[2]
-	movdqu	0x30($inp), @XMM[3]
-	movdqu	0x40($inp), @XMM[4]
-	movdqu	0x50($inp), @XMM[5]
-	mov	%rsp, %rax		# pass key schedule
-	movdqu	0x60($inp), @XMM[6]
-	mov	%edx,%r10d		# pass rounds
-	movdqu	0x70($inp), @XMM[7]
-	movdqa	@XMM[15], 0x20(%rbp)	# put aside IV
-
-	call	_bsaes_decrypt8
-
-	pxor	0x20(%rbp), @XMM[0]	# ^= IV
-	movdqu	0x00($inp), @XMM[8]	# re-load input
-	movdqu	0x10($inp), @XMM[9]
-	pxor	@XMM[8], @XMM[1]
-	movdqu	0x20($inp), @XMM[10]
-	pxor	@XMM[9], @XMM[6]
-	movdqu	0x30($inp), @XMM[11]
-	pxor	@XMM[10], @XMM[4]
-	movdqu	0x40($inp), @XMM[12]
-	pxor	@XMM[11], @XMM[2]
-	movdqu	0x50($inp), @XMM[13]
-	pxor	@XMM[12], @XMM[7]
-	movdqu	0x60($inp), @XMM[14]
-	pxor	@XMM[13], @XMM[3]
-	movdqu	0x70($inp), @XMM[15]	# IV
-	pxor	@XMM[14], @XMM[5]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	lea	0x80($inp), $inp
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[6], 0x20($out)
-	movdqu	@XMM[4], 0x30($out)
-	movdqu	@XMM[2], 0x40($out)
-	movdqu	@XMM[7], 0x50($out)
-	movdqu	@XMM[3], 0x60($out)
-	movdqu	@XMM[5], 0x70($out)
-	lea	0x80($out), $out
-	sub	\$8,$len
-	jnc	.Lcbc_dec_loop
-
-	add	\$8,$len
-	jz	.Lcbc_dec_done
-
-	movdqu	0x00($inp), @XMM[0]	# load input
-	mov	%rsp, %rax		# pass key schedule
-	mov	%edx, %r10d		# pass rounds
-	cmp	\$2,$len
-	jb	.Lcbc_dec_one
-	movdqu	0x10($inp), @XMM[1]
-	je	.Lcbc_dec_two
-	movdqu	0x20($inp), @XMM[2]
-	cmp	\$4,$len
-	jb	.Lcbc_dec_three
-	movdqu	0x30($inp), @XMM[3]
-	je	.Lcbc_dec_four
-	movdqu	0x40($inp), @XMM[4]
-	cmp	\$6,$len
-	jb	.Lcbc_dec_five
-	movdqu	0x50($inp), @XMM[5]
-	je	.Lcbc_dec_six
-	movdqu	0x60($inp), @XMM[6]
-	movdqa	@XMM[15], 0x20(%rbp)	# put aside IV
-	call	_bsaes_decrypt8
-	pxor	0x20(%rbp), @XMM[0]	# ^= IV
-	movdqu	0x00($inp), @XMM[8]	# re-load input
-	movdqu	0x10($inp), @XMM[9]
-	pxor	@XMM[8], @XMM[1]
-	movdqu	0x20($inp), @XMM[10]
-	pxor	@XMM[9], @XMM[6]
-	movdqu	0x30($inp), @XMM[11]
-	pxor	@XMM[10], @XMM[4]
-	movdqu	0x40($inp), @XMM[12]
-	pxor	@XMM[11], @XMM[2]
-	movdqu	0x50($inp), @XMM[13]
-	pxor	@XMM[12], @XMM[7]
-	movdqu	0x60($inp), @XMM[15]	# IV
-	pxor	@XMM[13], @XMM[3]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[6], 0x20($out)
-	movdqu	@XMM[4], 0x30($out)
-	movdqu	@XMM[2], 0x40($out)
-	movdqu	@XMM[7], 0x50($out)
-	movdqu	@XMM[3], 0x60($out)
-	jmp	.Lcbc_dec_done
-.align	16
-.Lcbc_dec_six:
-	movdqa	@XMM[15], 0x20(%rbp)	# put aside IV
-	call	_bsaes_decrypt8
-	pxor	0x20(%rbp), @XMM[0]	# ^= IV
-	movdqu	0x00($inp), @XMM[8]	# re-load input
-	movdqu	0x10($inp), @XMM[9]
-	pxor	@XMM[8], @XMM[1]
-	movdqu	0x20($inp), @XMM[10]
-	pxor	@XMM[9], @XMM[6]
-	movdqu	0x30($inp), @XMM[11]
-	pxor	@XMM[10], @XMM[4]
-	movdqu	0x40($inp), @XMM[12]
-	pxor	@XMM[11], @XMM[2]
-	movdqu	0x50($inp), @XMM[15]	# IV
-	pxor	@XMM[12], @XMM[7]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[6], 0x20($out)
-	movdqu	@XMM[4], 0x30($out)
-	movdqu	@XMM[2], 0x40($out)
-	movdqu	@XMM[7], 0x50($out)
-	jmp	.Lcbc_dec_done
-.align	16
-.Lcbc_dec_five:
-	movdqa	@XMM[15], 0x20(%rbp)	# put aside IV
-	call	_bsaes_decrypt8
-	pxor	0x20(%rbp), @XMM[0]	# ^= IV
-	movdqu	0x00($inp), @XMM[8]	# re-load input
-	movdqu	0x10($inp), @XMM[9]
-	pxor	@XMM[8], @XMM[1]
-	movdqu	0x20($inp), @XMM[10]
-	pxor	@XMM[9], @XMM[6]
-	movdqu	0x30($inp), @XMM[11]
-	pxor	@XMM[10], @XMM[4]
-	movdqu	0x40($inp), @XMM[15]	# IV
-	pxor	@XMM[11], @XMM[2]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[6], 0x20($out)
-	movdqu	@XMM[4], 0x30($out)
-	movdqu	@XMM[2], 0x40($out)
-	jmp	.Lcbc_dec_done
-.align	16
-.Lcbc_dec_four:
-	movdqa	@XMM[15], 0x20(%rbp)	# put aside IV
-	call	_bsaes_decrypt8
-	pxor	0x20(%rbp), @XMM[0]	# ^= IV
-	movdqu	0x00($inp), @XMM[8]	# re-load input
-	movdqu	0x10($inp), @XMM[9]
-	pxor	@XMM[8], @XMM[1]
-	movdqu	0x20($inp), @XMM[10]
-	pxor	@XMM[9], @XMM[6]
-	movdqu	0x30($inp), @XMM[15]	# IV
-	pxor	@XMM[10], @XMM[4]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[6], 0x20($out)
-	movdqu	@XMM[4], 0x30($out)
-	jmp	.Lcbc_dec_done
-.align	16
-.Lcbc_dec_three:
-	movdqa	@XMM[15], 0x20(%rbp)	# put aside IV
-	call	_bsaes_decrypt8
-	pxor	0x20(%rbp), @XMM[0]	# ^= IV
-	movdqu	0x00($inp), @XMM[8]	# re-load input
-	movdqu	0x10($inp), @XMM[9]
-	pxor	@XMM[8], @XMM[1]
-	movdqu	0x20($inp), @XMM[15]	# IV
-	pxor	@XMM[9], @XMM[6]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[6], 0x20($out)
-	jmp	.Lcbc_dec_done
-.align	16
-.Lcbc_dec_two:
-	movdqa	@XMM[15], 0x20(%rbp)	# put aside IV
-	call	_bsaes_decrypt8
-	pxor	0x20(%rbp), @XMM[0]	# ^= IV
-	movdqu	0x00($inp), @XMM[8]	# re-load input
-	movdqu	0x10($inp), @XMM[15]	# IV
-	pxor	@XMM[8], @XMM[1]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	jmp	.Lcbc_dec_done
-.align	16
-.Lcbc_dec_one:
-	lea	($inp), $arg1
-	lea	0x20(%rbp), $arg2	# buffer output
-	lea	($key), $arg3
-	call	asm_AES_decrypt		# doesn't touch %xmm
-	pxor	0x20(%rbp), @XMM[15]	# ^= IV
-	movdqu	@XMM[15], ($out)	# write output
-	movdqa	@XMM[0], @XMM[15]	# IV
-
-.Lcbc_dec_done:
-	movdqu	@XMM[15], (%rbx)	# return IV
-	lea	(%rsp), %rax
-	pxor	%xmm0, %xmm0
-.Lcbc_dec_bzero:			# wipe key schedule [if any]
-	movdqa	%xmm0, 0x00(%rax)
-	movdqa	%xmm0, 0x10(%rax)
-	lea	0x20(%rax), %rax
-	cmp	%rax, %rbp
-	ja	.Lcbc_dec_bzero
-
-	lea	0x78(%rbp),%rax
-.cfi_def_cfa	%rax,8
-___
-$code.=<<___ if ($win64);
-	movaps	0x40(%rbp), %xmm6
-	movaps	0x50(%rbp), %xmm7
-	movaps	0x60(%rbp), %xmm8
-	movaps	0x70(%rbp), %xmm9
-	movaps	0x80(%rbp), %xmm10
-	movaps	0x90(%rbp), %xmm11
-	movaps	0xa0(%rbp), %xmm12
-	movaps	0xb0(%rbp), %xmm13
-	movaps	0xc0(%rbp), %xmm14
-	movaps	0xd0(%rbp), %xmm15
-	lea	0xa0(%rax), %rax
-.Lcbc_dec_tail:
-___
-$code.=<<___;
-	mov	-48(%rax), %r15
-.cfi_restore	%r15
-	mov	-40(%rax), %r14
-.cfi_restore	%r14
-	mov	-32(%rax), %r13
-.cfi_restore	%r13
-	mov	-24(%rax), %r12
-.cfi_restore	%r12
-	mov	-16(%rax), %rbx
-.cfi_restore	%rbx
-	mov	-8(%rax), %rbp
-.cfi_restore	%rbp
-	lea	(%rax), %rsp		# restore %rsp
-.cfi_def_cfa_register	%rsp
-.Lcbc_dec_epilogue:
-	ret
-.cfi_endproc
-.size	bsaes_cbc_encrypt,.-bsaes_cbc_encrypt
-
-.globl	bsaes_ctr32_encrypt_blocks
-.type	bsaes_ctr32_encrypt_blocks,\@abi-omnipotent
-.align	16
-bsaes_ctr32_encrypt_blocks:
-.cfi_startproc
-	mov	%rsp, %rax
-.Lctr_enc_prologue:
-	push	%rbp
-.cfi_push	%rbp
-	push	%rbx
-.cfi_push	%rbx
-	push	%r12
-.cfi_push	%r12
-	push	%r13
-.cfi_push	%r13
-	push	%r14
-.cfi_push	%r14
-	push	%r15
-.cfi_push	%r15
-	lea	-0x48(%rsp), %rsp
-.cfi_adjust_cfa_offset	0x48
-___
-$code.=<<___ if ($win64);
-	mov	0xa0(%rsp),$arg5	# pull ivp
-	lea	-0xa0(%rsp), %rsp
-	movaps	%xmm6, 0x40(%rsp)
-	movaps	%xmm7, 0x50(%rsp)
-	movaps	%xmm8, 0x60(%rsp)
-	movaps	%xmm9, 0x70(%rsp)
-	movaps	%xmm10, 0x80(%rsp)
-	movaps	%xmm11, 0x90(%rsp)
-	movaps	%xmm12, 0xa0(%rsp)
-	movaps	%xmm13, 0xb0(%rsp)
-	movaps	%xmm14, 0xc0(%rsp)
-	movaps	%xmm15, 0xd0(%rsp)
-.Lctr_enc_body:
-___
-$code.=<<___;
-	mov	%rsp, %rbp		# backup %rsp
-.cfi_def_cfa_register	%rbp
-	movdqu	($arg5), %xmm0		# load counter
-	mov	240($arg4), %eax	# rounds
-	mov	$arg1, $inp		# backup arguments
-	mov	$arg2, $out
-	mov	$arg3, $len
-	mov	$arg4, $key
-	movdqa	%xmm0, 0x20(%rbp)	# copy counter
-	cmp	\$8, $arg3
-	jb	.Lctr_enc_short
-
-	mov	%eax, %ebx		# rounds
-	shl	\$7, %rax		# 128 bytes per inner round key
-	sub	\$`128-32`, %rax	# size of bit-sliced key schedule
-	sub	%rax, %rsp
-
-	mov	%rsp, %rax		# pass key schedule
-	mov	$key, %rcx		# pass key
-	mov	%ebx, %r10d		# pass rounds
-	call	_bsaes_key_convert
-	pxor	%xmm6,%xmm7		# fix up last round key
-	movdqa	%xmm7,(%rax)		# save last round key
-
-	movdqa	(%rsp), @XMM[9]		# load round0 key
-	lea	.LADD1(%rip), %r11
-	movdqa	0x20(%rbp), @XMM[0]	# counter copy
-	movdqa	-0x20(%r11), @XMM[8]	# .LSWPUP
-	pshufb	@XMM[8], @XMM[9]	# byte swap upper part
-	pshufb	@XMM[8], @XMM[0]
-	movdqa	@XMM[9], (%rsp)		# save adjusted round0 key
-	jmp	.Lctr_enc_loop
-.align	16
-.Lctr_enc_loop:
-	movdqa	@XMM[0], 0x20(%rbp)	# save counter
-	movdqa	@XMM[0], @XMM[1]	# prepare 8 counter values
-	movdqa	@XMM[0], @XMM[2]
-	paddd	0x00(%r11), @XMM[1]	# .LADD1
-	movdqa	@XMM[0], @XMM[3]
-	paddd	0x10(%r11), @XMM[2]	# .LADD2
-	movdqa	@XMM[0], @XMM[4]
-	paddd	0x20(%r11), @XMM[3]	# .LADD3
-	movdqa	@XMM[0], @XMM[5]
-	paddd	0x30(%r11), @XMM[4]	# .LADD4
-	movdqa	@XMM[0], @XMM[6]
-	paddd	0x40(%r11), @XMM[5]	# .LADD5
-	movdqa	@XMM[0], @XMM[7]
-	paddd	0x50(%r11), @XMM[6]	# .LADD6
-	paddd	0x60(%r11), @XMM[7]	# .LADD7
-
-	# Borrow prologue from _bsaes_encrypt8 to use the opportunity
-	# to flip byte order in 32-bit counter
-	movdqa	(%rsp), @XMM[9]		# round 0 key
-	lea	0x10(%rsp), %rax	# pass key schedule
-	movdqa	-0x10(%r11), @XMM[8]	# .LSWPUPM0SR
-	pxor	@XMM[9], @XMM[0]	# xor with round0 key
-	pxor	@XMM[9], @XMM[1]
-	pxor	@XMM[9], @XMM[2]
-	pxor	@XMM[9], @XMM[3]
-	 pshufb	@XMM[8], @XMM[0]
-	 pshufb	@XMM[8], @XMM[1]
-	pxor	@XMM[9], @XMM[4]
-	pxor	@XMM[9], @XMM[5]
-	 pshufb	@XMM[8], @XMM[2]
-	 pshufb	@XMM[8], @XMM[3]
-	pxor	@XMM[9], @XMM[6]
-	pxor	@XMM[9], @XMM[7]
-	 pshufb	@XMM[8], @XMM[4]
-	 pshufb	@XMM[8], @XMM[5]
-	 pshufb	@XMM[8], @XMM[6]
-	 pshufb	@XMM[8], @XMM[7]
-	lea	.LBS0(%rip), %r11	# constants table
-	mov	%ebx,%r10d		# pass rounds
-
-	call	_bsaes_encrypt8_bitslice
-
-	sub	\$8,$len
-	jc	.Lctr_enc_loop_done
-
-	movdqu	0x00($inp), @XMM[8]	# load input
-	movdqu	0x10($inp), @XMM[9]
-	movdqu	0x20($inp), @XMM[10]
-	movdqu	0x30($inp), @XMM[11]
-	movdqu	0x40($inp), @XMM[12]
-	movdqu	0x50($inp), @XMM[13]
-	movdqu	0x60($inp), @XMM[14]
-	movdqu	0x70($inp), @XMM[15]
-	lea	0x80($inp),$inp
-	pxor	@XMM[0], @XMM[8]
-	movdqa	0x20(%rbp), @XMM[0]	# load counter
-	pxor	@XMM[9], @XMM[1]
-	movdqu	@XMM[8], 0x00($out)	# write output
-	pxor	@XMM[10], @XMM[4]
-	movdqu	@XMM[1], 0x10($out)
-	pxor	@XMM[11], @XMM[6]
-	movdqu	@XMM[4], 0x20($out)
-	pxor	@XMM[12], @XMM[3]
-	movdqu	@XMM[6], 0x30($out)
-	pxor	@XMM[13], @XMM[7]
-	movdqu	@XMM[3], 0x40($out)
-	pxor	@XMM[14], @XMM[2]
-	movdqu	@XMM[7], 0x50($out)
-	pxor	@XMM[15], @XMM[5]
-	movdqu	@XMM[2], 0x60($out)
-	lea	.LADD1(%rip), %r11
-	movdqu	@XMM[5], 0x70($out)
-	lea	0x80($out), $out
-	paddd	0x70(%r11), @XMM[0]	# .LADD8
-	jnz	.Lctr_enc_loop
-
-	jmp	.Lctr_enc_done
-.align	16
-.Lctr_enc_loop_done:
-	add	\$8, $len
-	movdqu	0x00($inp), @XMM[8]	# load input
-	pxor	@XMM[8], @XMM[0]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	cmp	\$2,$len
-	jb	.Lctr_enc_done
-	movdqu	0x10($inp), @XMM[9]
-	pxor	@XMM[9], @XMM[1]
-	movdqu	@XMM[1], 0x10($out)
-	je	.Lctr_enc_done
-	movdqu	0x20($inp), @XMM[10]
-	pxor	@XMM[10], @XMM[4]
-	movdqu	@XMM[4], 0x20($out)
-	cmp	\$4,$len
-	jb	.Lctr_enc_done
-	movdqu	0x30($inp), @XMM[11]
-	pxor	@XMM[11], @XMM[6]
-	movdqu	@XMM[6], 0x30($out)
-	je	.Lctr_enc_done
-	movdqu	0x40($inp), @XMM[12]
-	pxor	@XMM[12], @XMM[3]
-	movdqu	@XMM[3], 0x40($out)
-	cmp	\$6,$len
-	jb	.Lctr_enc_done
-	movdqu	0x50($inp), @XMM[13]
-	pxor	@XMM[13], @XMM[7]
-	movdqu	@XMM[7], 0x50($out)
-	je	.Lctr_enc_done
-	movdqu	0x60($inp), @XMM[14]
-	pxor	@XMM[14], @XMM[2]
-	movdqu	@XMM[2], 0x60($out)
-	jmp	.Lctr_enc_done
-
-.align	16
-.Lctr_enc_short:
-	lea	0x20(%rbp), $arg1
-	lea	0x30(%rbp), $arg2
-	lea	($key), $arg3
-	call	asm_AES_encrypt
-	movdqu	($inp), @XMM[1]
-	lea	16($inp), $inp
-	mov	0x2c(%rbp), %eax	# load 32-bit counter
-	bswap	%eax
-	pxor	0x30(%rbp), @XMM[1]
-	inc	%eax			# increment
-	movdqu	@XMM[1], ($out)
-	bswap	%eax
-	lea	16($out), $out
-	mov	%eax, 0x2c(%rsp)	# save 32-bit counter
-	dec	$len
-	jnz	.Lctr_enc_short
-
-.Lctr_enc_done:
-	lea	(%rsp), %rax
-	pxor	%xmm0, %xmm0
-.Lctr_enc_bzero:			# wipe key schedule [if any]
-	movdqa	%xmm0, 0x00(%rax)
-	movdqa	%xmm0, 0x10(%rax)
-	lea	0x20(%rax), %rax
-	cmp	%rax, %rbp
-	ja	.Lctr_enc_bzero
-
-	lea	0x78(%rbp),%rax
-.cfi_def_cfa	%rax,8
-___
-$code.=<<___ if ($win64);
-	movaps	0x40(%rbp), %xmm6
-	movaps	0x50(%rbp), %xmm7
-	movaps	0x60(%rbp), %xmm8
-	movaps	0x70(%rbp), %xmm9
-	movaps	0x80(%rbp), %xmm10
-	movaps	0x90(%rbp), %xmm11
-	movaps	0xa0(%rbp), %xmm12
-	movaps	0xb0(%rbp), %xmm13
-	movaps	0xc0(%rbp), %xmm14
-	movaps	0xd0(%rbp), %xmm15
-	lea	0xa0(%rax), %rax
-.Lctr_enc_tail:
-___
-$code.=<<___;
-	mov	-48(%rax), %r15
-.cfi_restore	%r15
-	mov	-40(%rax), %r14
-.cfi_restore	%r14
-	mov	-32(%rax), %r13
-.cfi_restore	%r13
-	mov	-24(%rax), %r12
-.cfi_restore	%r12
-	mov	-16(%rax), %rbx
-.cfi_restore	%rbx
-	mov	-8(%rax), %rbp
-.cfi_restore	%rbp
-	lea	(%rax), %rsp		# restore %rsp
-.cfi_def_cfa_register	%rsp
-.Lctr_enc_epilogue:
-	ret
-.cfi_endproc
-.size	bsaes_ctr32_encrypt_blocks,.-bsaes_ctr32_encrypt_blocks
-___
-######################################################################
-# void bsaes_xts_[en|de]crypt(const char *inp,char *out,size_t len,
-#	const AES_KEY *key1, const AES_KEY *key2,
-#	const unsigned char iv[16]);
-#
-my ($twmask,$twres,$twtmp)=@XMM[13..15];
-$arg6=~s/d$//;
-
-$code.=<<___;
-.globl	bsaes_xts_encrypt
-.type	bsaes_xts_encrypt,\@abi-omnipotent
-.align	16
-bsaes_xts_encrypt:
-.cfi_startproc
-	mov	%rsp, %rax
-.Lxts_enc_prologue:
-	push	%rbp
-.cfi_push	%rbp
-	push	%rbx
-.cfi_push	%rbx
-	push	%r12
-.cfi_push	%r12
-	push	%r13
-.cfi_push	%r13
-	push	%r14
-.cfi_push	%r14
-	push	%r15
-.cfi_push	%r15
-	lea	-0x48(%rsp), %rsp
-.cfi_adjust_cfa_offset	0x48
-___
-$code.=<<___ if ($win64);
-	mov	0xa0(%rsp),$arg5	# pull key2
-	mov	0xa8(%rsp),$arg6	# pull ivp
-	lea	-0xa0(%rsp), %rsp
-	movaps	%xmm6, 0x40(%rsp)
-	movaps	%xmm7, 0x50(%rsp)
-	movaps	%xmm8, 0x60(%rsp)
-	movaps	%xmm9, 0x70(%rsp)
-	movaps	%xmm10, 0x80(%rsp)
-	movaps	%xmm11, 0x90(%rsp)
-	movaps	%xmm12, 0xa0(%rsp)
-	movaps	%xmm13, 0xb0(%rsp)
-	movaps	%xmm14, 0xc0(%rsp)
-	movaps	%xmm15, 0xd0(%rsp)
-.Lxts_enc_body:
-___
-$code.=<<___;
-	mov	%rsp, %rbp		# backup %rsp
-.cfi_def_cfa_register	%rbp
-	mov	$arg1, $inp		# backup arguments
-	mov	$arg2, $out
-	mov	$arg3, $len
-	mov	$arg4, $key
-
-	lea	($arg6), $arg1
-	lea	0x20(%rbp), $arg2
-	lea	($arg5), $arg3
-	call	asm_AES_encrypt		# generate initial tweak
-
-	mov	240($key), %eax		# rounds
-	mov	$len, %rbx		# backup $len
-
-	mov	%eax, %edx		# rounds
-	shl	\$7, %rax		# 128 bytes per inner round key
-	sub	\$`128-32`, %rax	# size of bit-sliced key schedule
-	sub	%rax, %rsp
-
-	mov	%rsp, %rax		# pass key schedule
-	mov	$key, %rcx		# pass key
-	mov	%edx, %r10d		# pass rounds
-	call	_bsaes_key_convert
-	pxor	%xmm6, %xmm7		# fix up last round key
-	movdqa	%xmm7, (%rax)		# save last round key
-
-	and	\$-16, $len
-	sub	\$0x80, %rsp		# place for tweak[8]
-	movdqa	0x20(%rbp), @XMM[7]	# initial tweak
-
-	pxor	$twtmp, $twtmp
-	movdqa	.Lxts_magic(%rip), $twmask
-	pcmpgtd	@XMM[7], $twtmp		# broadcast upper bits
-
-	sub	\$0x80, $len
-	jc	.Lxts_enc_short
-	jmp	.Lxts_enc_loop
-
-.align	16
-.Lxts_enc_loop:
-___
-    for ($i=0;$i<7;$i++) {
-    $code.=<<___;
-	pshufd	\$0x13, $twtmp, $twres
-	pxor	$twtmp, $twtmp
-	movdqa	@XMM[7], @XMM[$i]
-	movdqa	@XMM[7], `0x10*$i`(%rsp)# save tweak[$i]
-	paddq	@XMM[7], @XMM[7]	# psllq	1,$tweak
-	pand	$twmask, $twres		# isolate carry and residue
-	pcmpgtd	@XMM[7], $twtmp		# broadcast upper bits
-	pxor	$twres, @XMM[7]
-___
-    $code.=<<___ if ($i>=1);
-	movdqu	`0x10*($i-1)`($inp), @XMM[8+$i-1]
-___
-    $code.=<<___ if ($i>=2);
-	pxor	@XMM[8+$i-2], @XMM[$i-2]# input[] ^ tweak[]
-___
-    }
-$code.=<<___;
-	movdqu	0x60($inp), @XMM[8+6]
-	pxor	@XMM[8+5], @XMM[5]
-	movdqu	0x70($inp), @XMM[8+7]
-	lea	0x80($inp), $inp
-	movdqa	@XMM[7], 0x70(%rsp)
-	pxor	@XMM[8+6], @XMM[6]
-	lea	0x80(%rsp), %rax	# pass key schedule
-	pxor	@XMM[8+7], @XMM[7]
-	mov	%edx, %r10d		# pass rounds
-
-	call	_bsaes_encrypt8
-
-	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
-	pxor	0x10(%rsp), @XMM[1]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	pxor	0x20(%rsp), @XMM[4]
-	movdqu	@XMM[1], 0x10($out)
-	pxor	0x30(%rsp), @XMM[6]
-	movdqu	@XMM[4], 0x20($out)
-	pxor	0x40(%rsp), @XMM[3]
-	movdqu	@XMM[6], 0x30($out)
-	pxor	0x50(%rsp), @XMM[7]
-	movdqu	@XMM[3], 0x40($out)
-	pxor	0x60(%rsp), @XMM[2]
-	movdqu	@XMM[7], 0x50($out)
-	pxor	0x70(%rsp), @XMM[5]
-	movdqu	@XMM[2], 0x60($out)
-	movdqu	@XMM[5], 0x70($out)
-	lea	0x80($out), $out
-
-	movdqa	0x70(%rsp), @XMM[7]	# prepare next iteration tweak
-	pxor	$twtmp, $twtmp
-	movdqa	.Lxts_magic(%rip), $twmask
-	pcmpgtd	@XMM[7], $twtmp
-	pshufd	\$0x13, $twtmp, $twres
-	pxor	$twtmp, $twtmp
-	paddq	@XMM[7], @XMM[7]	# psllq	1,$tweak
-	pand	$twmask, $twres		# isolate carry and residue
-	pcmpgtd	@XMM[7], $twtmp		# broadcast upper bits
-	pxor	$twres, @XMM[7]
-
-	sub	\$0x80,$len
-	jnc	.Lxts_enc_loop
-
-.Lxts_enc_short:
-	add	\$0x80, $len
-	jz	.Lxts_enc_done
-___
-    for ($i=0;$i<7;$i++) {
-    $code.=<<___;
-	pshufd	\$0x13, $twtmp, $twres
-	pxor	$twtmp, $twtmp
-	movdqa	@XMM[7], @XMM[$i]
-	movdqa	@XMM[7], `0x10*$i`(%rsp)# save tweak[$i]
-	paddq	@XMM[7], @XMM[7]	# psllq	1,$tweak
-	pand	$twmask, $twres		# isolate carry and residue
-	pcmpgtd	@XMM[7], $twtmp		# broadcast upper bits
-	pxor	$twres, @XMM[7]
-___
-    $code.=<<___ if ($i>=1);
-	movdqu	`0x10*($i-1)`($inp), @XMM[8+$i-1]
-	cmp	\$`0x10*$i`,$len
-	je	.Lxts_enc_$i
-___
-    $code.=<<___ if ($i>=2);
-	pxor	@XMM[8+$i-2], @XMM[$i-2]# input[] ^ tweak[]
-___
-    }
-$code.=<<___;
-	movdqu	0x60($inp), @XMM[8+6]
-	pxor	@XMM[8+5], @XMM[5]
-	movdqa	@XMM[7], 0x70(%rsp)
-	lea	0x70($inp), $inp
-	pxor	@XMM[8+6], @XMM[6]
-	lea	0x80(%rsp), %rax	# pass key schedule
-	mov	%edx, %r10d		# pass rounds
-
-	call	_bsaes_encrypt8
-
-	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
-	pxor	0x10(%rsp), @XMM[1]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	pxor	0x20(%rsp), @XMM[4]
-	movdqu	@XMM[1], 0x10($out)
-	pxor	0x30(%rsp), @XMM[6]
-	movdqu	@XMM[4], 0x20($out)
-	pxor	0x40(%rsp), @XMM[3]
-	movdqu	@XMM[6], 0x30($out)
-	pxor	0x50(%rsp), @XMM[7]
-	movdqu	@XMM[3], 0x40($out)
-	pxor	0x60(%rsp), @XMM[2]
-	movdqu	@XMM[7], 0x50($out)
-	movdqu	@XMM[2], 0x60($out)
-	lea	0x70($out), $out
-
-	movdqa	0x70(%rsp), @XMM[7]	# next iteration tweak
-	jmp	.Lxts_enc_done
-.align	16
-.Lxts_enc_6:
-	pxor	@XMM[8+4], @XMM[4]
-	lea	0x60($inp), $inp
-	pxor	@XMM[8+5], @XMM[5]
-	lea	0x80(%rsp), %rax	# pass key schedule
-	mov	%edx, %r10d		# pass rounds
-
-	call	_bsaes_encrypt8
-
-	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
-	pxor	0x10(%rsp), @XMM[1]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	pxor	0x20(%rsp), @XMM[4]
-	movdqu	@XMM[1], 0x10($out)
-	pxor	0x30(%rsp), @XMM[6]
-	movdqu	@XMM[4], 0x20($out)
-	pxor	0x40(%rsp), @XMM[3]
-	movdqu	@XMM[6], 0x30($out)
-	pxor	0x50(%rsp), @XMM[7]
-	movdqu	@XMM[3], 0x40($out)
-	movdqu	@XMM[7], 0x50($out)
-	lea	0x60($out), $out
-
-	movdqa	0x60(%rsp), @XMM[7]	# next iteration tweak
-	jmp	.Lxts_enc_done
-.align	16
-.Lxts_enc_5:
-	pxor	@XMM[8+3], @XMM[3]
-	lea	0x50($inp), $inp
-	pxor	@XMM[8+4], @XMM[4]
-	lea	0x80(%rsp), %rax	# pass key schedule
-	mov	%edx, %r10d		# pass rounds
-
-	call	_bsaes_encrypt8
-
-	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
-	pxor	0x10(%rsp), @XMM[1]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	pxor	0x20(%rsp), @XMM[4]
-	movdqu	@XMM[1], 0x10($out)
-	pxor	0x30(%rsp), @XMM[6]
-	movdqu	@XMM[4], 0x20($out)
-	pxor	0x40(%rsp), @XMM[3]
-	movdqu	@XMM[6], 0x30($out)
-	movdqu	@XMM[3], 0x40($out)
-	lea	0x50($out), $out
-
-	movdqa	0x50(%rsp), @XMM[7]	# next iteration tweak
-	jmp	.Lxts_enc_done
-.align	16
-.Lxts_enc_4:
-	pxor	@XMM[8+2], @XMM[2]
-	lea	0x40($inp), $inp
-	pxor	@XMM[8+3], @XMM[3]
-	lea	0x80(%rsp), %rax	# pass key schedule
-	mov	%edx, %r10d		# pass rounds
-
-	call	_bsaes_encrypt8
-
-	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
-	pxor	0x10(%rsp), @XMM[1]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	pxor	0x20(%rsp), @XMM[4]
-	movdqu	@XMM[1], 0x10($out)
-	pxor	0x30(%rsp), @XMM[6]
-	movdqu	@XMM[4], 0x20($out)
-	movdqu	@XMM[6], 0x30($out)
-	lea	0x40($out), $out
-
-	movdqa	0x40(%rsp), @XMM[7]	# next iteration tweak
-	jmp	.Lxts_enc_done
-.align	16
-.Lxts_enc_3:
-	pxor	@XMM[8+1], @XMM[1]
-	lea	0x30($inp), $inp
-	pxor	@XMM[8+2], @XMM[2]
-	lea	0x80(%rsp), %rax	# pass key schedule
-	mov	%edx, %r10d		# pass rounds
-
-	call	_bsaes_encrypt8
-
-	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
-	pxor	0x10(%rsp), @XMM[1]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	pxor	0x20(%rsp), @XMM[4]
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[4], 0x20($out)
-	lea	0x30($out), $out
-
-	movdqa	0x30(%rsp), @XMM[7]	# next iteration tweak
-	jmp	.Lxts_enc_done
-.align	16
-.Lxts_enc_2:
-	pxor	@XMM[8+0], @XMM[0]
-	lea	0x20($inp), $inp
-	pxor	@XMM[8+1], @XMM[1]
-	lea	0x80(%rsp), %rax	# pass key schedule
-	mov	%edx, %r10d		# pass rounds
-
-	call	_bsaes_encrypt8
-
-	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
-	pxor	0x10(%rsp), @XMM[1]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	lea	0x20($out), $out
-
-	movdqa	0x20(%rsp), @XMM[7]	# next iteration tweak
-	jmp	.Lxts_enc_done
-.align	16
-.Lxts_enc_1:
-	pxor	@XMM[0], @XMM[8]
-	lea	0x10($inp), $inp
-	movdqa	@XMM[8], 0x20(%rbp)
-	lea	0x20(%rbp), $arg1
-	lea	0x20(%rbp), $arg2
-	lea	($key), $arg3
-	call	asm_AES_encrypt		# doesn't touch %xmm
-	pxor	0x20(%rbp), @XMM[0]	# ^= tweak[]
-	#pxor	@XMM[8], @XMM[0]
-	#lea	0x80(%rsp), %rax	# pass key schedule
-	#mov	%edx, %r10d		# pass rounds
-	#call	_bsaes_encrypt8
-	#pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	lea	0x10($out), $out
-
-	movdqa	0x10(%rsp), @XMM[7]	# next iteration tweak
-
-.Lxts_enc_done:
-	and	\$15, %ebx
-	jz	.Lxts_enc_ret
-	mov	$out, %rdx
-
-.Lxts_enc_steal:
-	movzb	($inp), %eax
-	movzb	-16(%rdx), %ecx
-	lea	1($inp), $inp
-	mov	%al, -16(%rdx)
-	mov	%cl, 0(%rdx)
-	lea	1(%rdx), %rdx
-	sub	\$1,%ebx
-	jnz	.Lxts_enc_steal
-
-	movdqu	-16($out), @XMM[0]
-	lea	0x20(%rbp), $arg1
-	pxor	@XMM[7], @XMM[0]
-	lea	0x20(%rbp), $arg2
-	movdqa	@XMM[0], 0x20(%rbp)
-	lea	($key), $arg3
-	call	asm_AES_encrypt		# doesn't touch %xmm
-	pxor	0x20(%rbp), @XMM[7]
-	movdqu	@XMM[7], -16($out)
-
-.Lxts_enc_ret:
-	lea	(%rsp), %rax
-	pxor	%xmm0, %xmm0
-.Lxts_enc_bzero:			# wipe key schedule [if any]
-	movdqa	%xmm0, 0x00(%rax)
-	movdqa	%xmm0, 0x10(%rax)
-	lea	0x20(%rax), %rax
-	cmp	%rax, %rbp
-	ja	.Lxts_enc_bzero
-
-	lea	0x78(%rbp),%rax
-.cfi_def_cfa	%rax,8
-___
-$code.=<<___ if ($win64);
-	movaps	0x40(%rbp), %xmm6
-	movaps	0x50(%rbp), %xmm7
-	movaps	0x60(%rbp), %xmm8
-	movaps	0x70(%rbp), %xmm9
-	movaps	0x80(%rbp), %xmm10
-	movaps	0x90(%rbp), %xmm11
-	movaps	0xa0(%rbp), %xmm12
-	movaps	0xb0(%rbp), %xmm13
-	movaps	0xc0(%rbp), %xmm14
-	movaps	0xd0(%rbp), %xmm15
-	lea	0xa0(%rax), %rax
-.Lxts_enc_tail:
-___
-$code.=<<___;
-	mov	-48(%rax), %r15
-.cfi_restore	%r15
-	mov	-40(%rax), %r14
-.cfi_restore	%r14
-	mov	-32(%rax), %r13
-.cfi_restore	%r13
-	mov	-24(%rax), %r12
-.cfi_restore	%r12
-	mov	-16(%rax), %rbx
-.cfi_restore	%rbx
-	mov	-8(%rax), %rbp
-.cfi_restore	%rbp
-	lea	(%rax), %rsp		# restore %rsp
-.cfi_def_cfa_register	%rsp
-.Lxts_enc_epilogue:
-	ret
-.cfi_endproc
-.size	bsaes_xts_encrypt,.-bsaes_xts_encrypt
-
-.globl	bsaes_xts_decrypt
-.type	bsaes_xts_decrypt,\@abi-omnipotent
-.align	16
-bsaes_xts_decrypt:
-.cfi_startproc
-	mov	%rsp, %rax
-.Lxts_dec_prologue:
-	push	%rbp
-.cfi_push	%rbp
-	push	%rbx
-.cfi_push	%rbx
-	push	%r12
-.cfi_push	%r12
-	push	%r13
-.cfi_push	%r13
-	push	%r14
-.cfi_push	%r14
-	push	%r15
-.cfi_push	%r15
-	lea	-0x48(%rsp), %rsp
-.cfi_adjust_cfa_offset	0x48
-___
-$code.=<<___ if ($win64);
-	mov	0xa0(%rsp),$arg5	# pull key2
-	mov	0xa8(%rsp),$arg6	# pull ivp
-	lea	-0xa0(%rsp), %rsp
-	movaps	%xmm6, 0x40(%rsp)
-	movaps	%xmm7, 0x50(%rsp)
-	movaps	%xmm8, 0x60(%rsp)
-	movaps	%xmm9, 0x70(%rsp)
-	movaps	%xmm10, 0x80(%rsp)
-	movaps	%xmm11, 0x90(%rsp)
-	movaps	%xmm12, 0xa0(%rsp)
-	movaps	%xmm13, 0xb0(%rsp)
-	movaps	%xmm14, 0xc0(%rsp)
-	movaps	%xmm15, 0xd0(%rsp)
-.Lxts_dec_body:
-___
-$code.=<<___;
-	mov	%rsp, %rbp		# backup %rsp
-	mov	$arg1, $inp		# backup arguments
-	mov	$arg2, $out
-	mov	$arg3, $len
-	mov	$arg4, $key
-
-	lea	($arg6), $arg1
-	lea	0x20(%rbp), $arg2
-	lea	($arg5), $arg3
-	call	asm_AES_encrypt		# generate initial tweak
-
-	mov	240($key), %eax		# rounds
-	mov	$len, %rbx		# backup $len
-
-	mov	%eax, %edx		# rounds
-	shl	\$7, %rax		# 128 bytes per inner round key
-	sub	\$`128-32`, %rax	# size of bit-sliced key schedule
-	sub	%rax, %rsp
-
-	mov	%rsp, %rax		# pass key schedule
-	mov	$key, %rcx		# pass key
-	mov	%edx, %r10d		# pass rounds
-	call	_bsaes_key_convert
-	pxor	(%rsp), %xmm7		# fix up round 0 key
-	movdqa	%xmm6, (%rax)		# save last round key
-	movdqa	%xmm7, (%rsp)
-
-	xor	%eax, %eax		# if ($len%16) len-=16;
-	and	\$-16, $len
-	test	\$15, %ebx
-	setnz	%al
-	shl	\$4, %rax
-	sub	%rax, $len
-
-	sub	\$0x80, %rsp		# place for tweak[8]
-	movdqa	0x20(%rbp), @XMM[7]	# initial tweak
-
-	pxor	$twtmp, $twtmp
-	movdqa	.Lxts_magic(%rip), $twmask
-	pcmpgtd	@XMM[7], $twtmp		# broadcast upper bits
-
-	sub	\$0x80, $len
-	jc	.Lxts_dec_short
-	jmp	.Lxts_dec_loop
-
-.align	16
-.Lxts_dec_loop:
-___
-    for ($i=0;$i<7;$i++) {
-    $code.=<<___;
-	pshufd	\$0x13, $twtmp, $twres
-	pxor	$twtmp, $twtmp
-	movdqa	@XMM[7], @XMM[$i]
-	movdqa	@XMM[7], `0x10*$i`(%rsp)# save tweak[$i]
-	paddq	@XMM[7], @XMM[7]	# psllq	1,$tweak
-	pand	$twmask, $twres		# isolate carry and residue
-	pcmpgtd	@XMM[7], $twtmp		# broadcast upper bits
-	pxor	$twres, @XMM[7]
-___
-    $code.=<<___ if ($i>=1);
-	movdqu	`0x10*($i-1)`($inp), @XMM[8+$i-1]
-___
-    $code.=<<___ if ($i>=2);
-	pxor	@XMM[8+$i-2], @XMM[$i-2]# input[] ^ tweak[]
-___
-    }
-$code.=<<___;
-	movdqu	0x60($inp), @XMM[8+6]
-	pxor	@XMM[8+5], @XMM[5]
-	movdqu	0x70($inp), @XMM[8+7]
-	lea	0x80($inp), $inp
-	movdqa	@XMM[7], 0x70(%rsp)
-	pxor	@XMM[8+6], @XMM[6]
-	lea	0x80(%rsp), %rax	# pass key schedule
-	pxor	@XMM[8+7], @XMM[7]
-	mov	%edx, %r10d		# pass rounds
-
-	call	_bsaes_decrypt8
-
-	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
-	pxor	0x10(%rsp), @XMM[1]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	pxor	0x20(%rsp), @XMM[6]
-	movdqu	@XMM[1], 0x10($out)
-	pxor	0x30(%rsp), @XMM[4]
-	movdqu	@XMM[6], 0x20($out)
-	pxor	0x40(%rsp), @XMM[2]
-	movdqu	@XMM[4], 0x30($out)
-	pxor	0x50(%rsp), @XMM[7]
-	movdqu	@XMM[2], 0x40($out)
-	pxor	0x60(%rsp), @XMM[3]
-	movdqu	@XMM[7], 0x50($out)
-	pxor	0x70(%rsp), @XMM[5]
-	movdqu	@XMM[3], 0x60($out)
-	movdqu	@XMM[5], 0x70($out)
-	lea	0x80($out), $out
-
-	movdqa	0x70(%rsp), @XMM[7]	# prepare next iteration tweak
-	pxor	$twtmp, $twtmp
-	movdqa	.Lxts_magic(%rip), $twmask
-	pcmpgtd	@XMM[7], $twtmp
-	pshufd	\$0x13, $twtmp, $twres
-	pxor	$twtmp, $twtmp
-	paddq	@XMM[7], @XMM[7]	# psllq	1,$tweak
-	pand	$twmask, $twres		# isolate carry and residue
-	pcmpgtd	@XMM[7], $twtmp		# broadcast upper bits
-	pxor	$twres, @XMM[7]
-
-	sub	\$0x80,$len
-	jnc	.Lxts_dec_loop
-
-.Lxts_dec_short:
-	add	\$0x80, $len
-	jz	.Lxts_dec_done
-___
-    for ($i=0;$i<7;$i++) {
-    $code.=<<___;
-	pshufd	\$0x13, $twtmp, $twres
-	pxor	$twtmp, $twtmp
-	movdqa	@XMM[7], @XMM[$i]
-	movdqa	@XMM[7], `0x10*$i`(%rsp)# save tweak[$i]
-	paddq	@XMM[7], @XMM[7]	# psllq	1,$tweak
-	pand	$twmask, $twres		# isolate carry and residue
-	pcmpgtd	@XMM[7], $twtmp		# broadcast upper bits
-	pxor	$twres, @XMM[7]
-___
-    $code.=<<___ if ($i>=1);
-	movdqu	`0x10*($i-1)`($inp), @XMM[8+$i-1]
-	cmp	\$`0x10*$i`,$len
-	je	.Lxts_dec_$i
-___
-    $code.=<<___ if ($i>=2);
-	pxor	@XMM[8+$i-2], @XMM[$i-2]# input[] ^ tweak[]
-___
-    }
-$code.=<<___;
-	movdqu	0x60($inp), @XMM[8+6]
-	pxor	@XMM[8+5], @XMM[5]
-	movdqa	@XMM[7], 0x70(%rsp)
-	lea	0x70($inp), $inp
-	pxor	@XMM[8+6], @XMM[6]
-	lea	0x80(%rsp), %rax	# pass key schedule
-	mov	%edx, %r10d		# pass rounds
-
-	call	_bsaes_decrypt8
-
-	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
-	pxor	0x10(%rsp), @XMM[1]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	pxor	0x20(%rsp), @XMM[6]
-	movdqu	@XMM[1], 0x10($out)
-	pxor	0x30(%rsp), @XMM[4]
-	movdqu	@XMM[6], 0x20($out)
-	pxor	0x40(%rsp), @XMM[2]
-	movdqu	@XMM[4], 0x30($out)
-	pxor	0x50(%rsp), @XMM[7]
-	movdqu	@XMM[2], 0x40($out)
-	pxor	0x60(%rsp), @XMM[3]
-	movdqu	@XMM[7], 0x50($out)
-	movdqu	@XMM[3], 0x60($out)
-	lea	0x70($out), $out
-
-	movdqa	0x70(%rsp), @XMM[7]	# next iteration tweak
-	jmp	.Lxts_dec_done
-.align	16
-.Lxts_dec_6:
-	pxor	@XMM[8+4], @XMM[4]
-	lea	0x60($inp), $inp
-	pxor	@XMM[8+5], @XMM[5]
-	lea	0x80(%rsp), %rax	# pass key schedule
-	mov	%edx, %r10d		# pass rounds
-
-	call	_bsaes_decrypt8
-
-	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
-	pxor	0x10(%rsp), @XMM[1]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	pxor	0x20(%rsp), @XMM[6]
-	movdqu	@XMM[1], 0x10($out)
-	pxor	0x30(%rsp), @XMM[4]
-	movdqu	@XMM[6], 0x20($out)
-	pxor	0x40(%rsp), @XMM[2]
-	movdqu	@XMM[4], 0x30($out)
-	pxor	0x50(%rsp), @XMM[7]
-	movdqu	@XMM[2], 0x40($out)
-	movdqu	@XMM[7], 0x50($out)
-	lea	0x60($out), $out
-
-	movdqa	0x60(%rsp), @XMM[7]	# next iteration tweak
-	jmp	.Lxts_dec_done
-.align	16
-.Lxts_dec_5:
-	pxor	@XMM[8+3], @XMM[3]
-	lea	0x50($inp), $inp
-	pxor	@XMM[8+4], @XMM[4]
-	lea	0x80(%rsp), %rax	# pass key schedule
-	mov	%edx, %r10d		# pass rounds
-
-	call	_bsaes_decrypt8
-
-	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
-	pxor	0x10(%rsp), @XMM[1]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	pxor	0x20(%rsp), @XMM[6]
-	movdqu	@XMM[1], 0x10($out)
-	pxor	0x30(%rsp), @XMM[4]
-	movdqu	@XMM[6], 0x20($out)
-	pxor	0x40(%rsp), @XMM[2]
-	movdqu	@XMM[4], 0x30($out)
-	movdqu	@XMM[2], 0x40($out)
-	lea	0x50($out), $out
-
-	movdqa	0x50(%rsp), @XMM[7]	# next iteration tweak
-	jmp	.Lxts_dec_done
-.align	16
-.Lxts_dec_4:
-	pxor	@XMM[8+2], @XMM[2]
-	lea	0x40($inp), $inp
-	pxor	@XMM[8+3], @XMM[3]
-	lea	0x80(%rsp), %rax	# pass key schedule
-	mov	%edx, %r10d		# pass rounds
-
-	call	_bsaes_decrypt8
-
-	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
-	pxor	0x10(%rsp), @XMM[1]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	pxor	0x20(%rsp), @XMM[6]
-	movdqu	@XMM[1], 0x10($out)
-	pxor	0x30(%rsp), @XMM[4]
-	movdqu	@XMM[6], 0x20($out)
-	movdqu	@XMM[4], 0x30($out)
-	lea	0x40($out), $out
-
-	movdqa	0x40(%rsp), @XMM[7]	# next iteration tweak
-	jmp	.Lxts_dec_done
-.align	16
-.Lxts_dec_3:
-	pxor	@XMM[8+1], @XMM[1]
-	lea	0x30($inp), $inp
-	pxor	@XMM[8+2], @XMM[2]
-	lea	0x80(%rsp), %rax	# pass key schedule
-	mov	%edx, %r10d		# pass rounds
-
-	call	_bsaes_decrypt8
-
-	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
-	pxor	0x10(%rsp), @XMM[1]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	pxor	0x20(%rsp), @XMM[6]
-	movdqu	@XMM[1], 0x10($out)
-	movdqu	@XMM[6], 0x20($out)
-	lea	0x30($out), $out
-
-	movdqa	0x30(%rsp), @XMM[7]	# next iteration tweak
-	jmp	.Lxts_dec_done
-.align	16
-.Lxts_dec_2:
-	pxor	@XMM[8+0], @XMM[0]
-	lea	0x20($inp), $inp
-	pxor	@XMM[8+1], @XMM[1]
-	lea	0x80(%rsp), %rax	# pass key schedule
-	mov	%edx, %r10d		# pass rounds
-
-	call	_bsaes_decrypt8
-
-	pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
-	pxor	0x10(%rsp), @XMM[1]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	movdqu	@XMM[1], 0x10($out)
-	lea	0x20($out), $out
-
-	movdqa	0x20(%rsp), @XMM[7]	# next iteration tweak
-	jmp	.Lxts_dec_done
-.align	16
-.Lxts_dec_1:
-	pxor	@XMM[0], @XMM[8]
-	lea	0x10($inp), $inp
-	movdqa	@XMM[8], 0x20(%rbp)
-	lea	0x20(%rbp), $arg1
-	lea	0x20(%rbp), $arg2
-	lea	($key), $arg3
-	call	asm_AES_decrypt		# doesn't touch %xmm
-	pxor	0x20(%rbp), @XMM[0]	# ^= tweak[]
-	#pxor	@XMM[8], @XMM[0]
-	#lea	0x80(%rsp), %rax	# pass key schedule
-	#mov	%edx, %r10d		# pass rounds
-	#call	_bsaes_decrypt8
-	#pxor	0x00(%rsp), @XMM[0]	# ^= tweak[]
-	movdqu	@XMM[0], 0x00($out)	# write output
-	lea	0x10($out), $out
-
-	movdqa	0x10(%rsp), @XMM[7]	# next iteration tweak
-
-.Lxts_dec_done:
-	and	\$15, %ebx
-	jz	.Lxts_dec_ret
-
-	pxor	$twtmp, $twtmp
-	movdqa	.Lxts_magic(%rip), $twmask
-	pcmpgtd	@XMM[7], $twtmp
-	pshufd	\$0x13, $twtmp, $twres
-	movdqa	@XMM[7], @XMM[6]
-	paddq	@XMM[7], @XMM[7]	# psllq 1,$tweak
-	pand	$twmask, $twres		# isolate carry and residue
-	movdqu	($inp), @XMM[0]
-	pxor	$twres, @XMM[7]
-
-	lea	0x20(%rbp), $arg1
-	pxor	@XMM[7], @XMM[0]
-	lea	0x20(%rbp), $arg2
-	movdqa	@XMM[0], 0x20(%rbp)
-	lea	($key), $arg3
-	call	asm_AES_decrypt		# doesn't touch %xmm
-	pxor	0x20(%rbp), @XMM[7]
-	mov	$out, %rdx
-	movdqu	@XMM[7], ($out)
-
-.Lxts_dec_steal:
-	movzb	16($inp), %eax
-	movzb	(%rdx), %ecx
-	lea	1($inp), $inp
-	mov	%al, (%rdx)
-	mov	%cl, 16(%rdx)
-	lea	1(%rdx), %rdx
-	sub	\$1,%ebx
-	jnz	.Lxts_dec_steal
-
-	movdqu	($out), @XMM[0]
-	lea	0x20(%rbp), $arg1
-	pxor	@XMM[6], @XMM[0]
-	lea	0x20(%rbp), $arg2
-	movdqa	@XMM[0], 0x20(%rbp)
-	lea	($key), $arg3
-	call	asm_AES_decrypt		# doesn't touch %xmm
-	pxor	0x20(%rbp), @XMM[6]
-	movdqu	@XMM[6], ($out)
-
-.Lxts_dec_ret:
-	lea	(%rsp), %rax
-	pxor	%xmm0, %xmm0
-.Lxts_dec_bzero:			# wipe key schedule [if any]
-	movdqa	%xmm0, 0x00(%rax)
-	movdqa	%xmm0, 0x10(%rax)
-	lea	0x20(%rax), %rax
-	cmp	%rax, %rbp
-	ja	.Lxts_dec_bzero
-
-	lea	0x78(%rbp),%rax
-.cfi_def_cfa	%rax,8
-___
-$code.=<<___ if ($win64);
-	movaps	0x40(%rbp), %xmm6
-	movaps	0x50(%rbp), %xmm7
-	movaps	0x60(%rbp), %xmm8
-	movaps	0x70(%rbp), %xmm9
-	movaps	0x80(%rbp), %xmm10
-	movaps	0x90(%rbp), %xmm11
-	movaps	0xa0(%rbp), %xmm12
-	movaps	0xb0(%rbp), %xmm13
-	movaps	0xc0(%rbp), %xmm14
-	movaps	0xd0(%rbp), %xmm15
-	lea	0xa0(%rax), %rax
-.Lxts_dec_tail:
-___
-$code.=<<___;
-	mov	-48(%rax), %r15
-.cfi_restore	%r15
-	mov	-40(%rax), %r14
-.cfi_restore	%r14
-	mov	-32(%rax), %r13
-.cfi_restore	%r13
-	mov	-24(%rax), %r12
-.cfi_restore	%r12
-	mov	-16(%rax), %rbx
-.cfi_restore	%rbx
-	mov	-8(%rax), %rbp
-.cfi_restore	%rbp
-	lea	(%rax), %rsp		# restore %rsp
-.cfi_def_cfa_register	%rsp
-.Lxts_dec_epilogue:
-	ret
-.cfi_endproc
-.size	bsaes_xts_decrypt,.-bsaes_xts_decrypt
-___
-}
-$code.=<<___;
-.type	_bsaes_const,\@object
-.align	64
-_bsaes_const:
-.LM0ISR:	# InvShiftRows constants
-	.quad	0x0a0e0206070b0f03, 0x0004080c0d010509
-.LISRM0:
-	.quad	0x01040b0e0205080f, 0x0306090c00070a0d
-.LISR:
-	.quad	0x0504070602010003, 0x0f0e0d0c080b0a09
-.LBS0:		# bit-slice constants
-	.quad	0x5555555555555555, 0x5555555555555555
-.LBS1:
-	.quad	0x3333333333333333, 0x3333333333333333
-.LBS2:
-	.quad	0x0f0f0f0f0f0f0f0f, 0x0f0f0f0f0f0f0f0f
-.LSR:		# shiftrows constants
-	.quad	0x0504070600030201, 0x0f0e0d0c0a09080b
-.LSRM0:
-	.quad	0x0304090e00050a0f, 0x01060b0c0207080d
-.LM0SR:
-	.quad	0x0a0e02060f03070b, 0x0004080c05090d01
-.LSWPUP:	# byte-swap upper dword
-	.quad	0x0706050403020100, 0x0c0d0e0f0b0a0908
-.LSWPUPM0SR:
-	.quad	0x0a0d02060c03070b, 0x0004080f05090e01
-.LADD1:		# counter increment constants
-	.quad	0x0000000000000000, 0x0000000100000000
-.LADD2:
-	.quad	0x0000000000000000, 0x0000000200000000
-.LADD3:
-	.quad	0x0000000000000000, 0x0000000300000000
-.LADD4:
-	.quad	0x0000000000000000, 0x0000000400000000
-.LADD5:
-	.quad	0x0000000000000000, 0x0000000500000000
-.LADD6:
-	.quad	0x0000000000000000, 0x0000000600000000
-.LADD7:
-	.quad	0x0000000000000000, 0x0000000700000000
-.LADD8:
-	.quad	0x0000000000000000, 0x0000000800000000
-.Lxts_magic:
-	.long	0x87,0,1,0
-.Lmasks:
-	.quad	0x0101010101010101, 0x0101010101010101
-	.quad	0x0202020202020202, 0x0202020202020202
-	.quad	0x0404040404040404, 0x0404040404040404
-	.quad	0x0808080808080808, 0x0808080808080808
-.LM0:
-	.quad	0x02060a0e03070b0f, 0x0004080c0105090d
-.L63:
-	.quad	0x6363636363636363, 0x6363636363636363
-.asciz	"Bit-sliced AES for x86_64/SSSE3, Emilia Käsper, Peter Schwabe, Andy Polyakov"
-.align	64
-.size	_bsaes_const,.-_bsaes_const
-___
-
-# EXCEPTION_DISPOSITION handler (EXCEPTION_RECORD *rec,ULONG64 frame,
-#		CONTEXT *context,DISPATCHER_CONTEXT *disp)
-if ($win64) {
-$rec="%rcx";
-$frame="%rdx";
-$context="%r8";
-$disp="%r9";
-
-$code.=<<___;
-.extern	__imp_RtlVirtualUnwind
-.type	se_handler,\@abi-omnipotent
-.align	16
-se_handler:
-	push	%rsi
-	push	%rdi
-	push	%rbx
-	push	%rbp
-	push	%r12
-	push	%r13
-	push	%r14
-	push	%r15
-	pushfq
-	sub	\$64,%rsp
-
-	mov	120($context),%rax	# pull context->Rax
-	mov	248($context),%rbx	# pull context->Rip
-
-	mov	8($disp),%rsi		# disp->ImageBase
-	mov	56($disp),%r11		# disp->HandlerData
-
-	mov	0(%r11),%r10d		# HandlerData[0]
-	lea	(%rsi,%r10),%r10	# prologue label
-	cmp	%r10,%rbx		# context->Rip<=prologue label
-	jbe	.Lin_prologue
-
-	mov	4(%r11),%r10d		# HandlerData[1]
-	lea	(%rsi,%r10),%r10	# epilogue label
-	cmp	%r10,%rbx		# context->Rip>=epilogue label
-	jae	.Lin_prologue
-
-	mov	8(%r11),%r10d		# HandlerData[2]
-	lea	(%rsi,%r10),%r10	# epilogue label
-	cmp	%r10,%rbx		# context->Rip>=tail label
-	jae	.Lin_tail
-
-	mov	160($context),%rax	# pull context->Rbp
-
-	lea	0x40(%rax),%rsi		# %xmm save area
-	lea	512($context),%rdi	# &context.Xmm6
-	mov	\$20,%ecx		# 10*sizeof(%xmm0)/sizeof(%rax)
-	.long	0xa548f3fc		# cld; rep movsq
-	lea	0xa0+0x78(%rax),%rax	# adjust stack pointer
-
-.Lin_tail:
-	mov	-48(%rax),%rbp
-	mov	-40(%rax),%rbx
-	mov	-32(%rax),%r12
-	mov	-24(%rax),%r13
-	mov	-16(%rax),%r14
-	mov	-8(%rax),%r15
-	mov	%rbx,144($context)	# restore context->Rbx
-	mov	%rbp,160($context)	# restore context->Rbp
-	mov	%r12,216($context)	# restore context->R12
-	mov	%r13,224($context)	# restore context->R13
-	mov	%r14,232($context)	# restore context->R14
-	mov	%r15,240($context)	# restore context->R15
-
-.Lin_prologue:
-	mov	%rax,152($context)	# restore context->Rsp
-
-	mov	40($disp),%rdi		# disp->ContextRecord
-	mov	$context,%rsi		# context
-	mov	\$`1232/8`,%ecx		# sizeof(CONTEXT)
-	.long	0xa548f3fc		# cld; rep movsq
-
-	mov	$disp,%rsi
-	xor	%rcx,%rcx		# arg1, UNW_FLAG_NHANDLER
-	mov	8(%rsi),%rdx		# arg2, disp->ImageBase
-	mov	0(%rsi),%r8		# arg3, disp->ControlPc
-	mov	16(%rsi),%r9		# arg4, disp->FunctionEntry
-	mov	40(%rsi),%r10		# disp->ContextRecord
-	lea	56(%rsi),%r11		# &disp->HandlerData
-	lea	24(%rsi),%r12		# &disp->EstablisherFrame
-	mov	%r10,32(%rsp)		# arg5
-	mov	%r11,40(%rsp)		# arg6
-	mov	%r12,48(%rsp)		# arg7
-	mov	%rcx,56(%rsp)		# arg8, (NULL)
-	call	*__imp_RtlVirtualUnwind(%rip)
-
-	mov	\$1,%eax		# ExceptionContinueSearch
-	add	\$64,%rsp
-	popfq
-	pop	%r15
-	pop	%r14
-	pop	%r13
-	pop	%r12
-	pop	%rbp
-	pop	%rbx
-	pop	%rdi
-	pop	%rsi
-	ret
-.size	se_handler,.-se_handler
-
-.section	.pdata
-.align	4
-___
-$code.=<<___ if ($ecb);
-	.rva	.Lecb_enc_prologue
-	.rva	.Lecb_enc_epilogue
-	.rva	.Lecb_enc_info
-
-	.rva	.Lecb_dec_prologue
-	.rva	.Lecb_dec_epilogue
-	.rva	.Lecb_dec_info
-___
-$code.=<<___;
-	.rva	.Lcbc_dec_prologue
-	.rva	.Lcbc_dec_epilogue
-	.rva	.Lcbc_dec_info
-
-	.rva	.Lctr_enc_prologue
-	.rva	.Lctr_enc_epilogue
-	.rva	.Lctr_enc_info
-
-	.rva	.Lxts_enc_prologue
-	.rva	.Lxts_enc_epilogue
-	.rva	.Lxts_enc_info
-
-	.rva	.Lxts_dec_prologue
-	.rva	.Lxts_dec_epilogue
-	.rva	.Lxts_dec_info
-
-.section	.xdata
-.align	8
-___
-$code.=<<___ if ($ecb);
-.Lecb_enc_info:
-	.byte	9,0,0,0
-	.rva	se_handler
-	.rva	.Lecb_enc_body,.Lecb_enc_epilogue	# HandlerData[]
-	.rva	.Lecb_enc_tail
-	.long	0
-.Lecb_dec_info:
-	.byte	9,0,0,0
-	.rva	se_handler
-	.rva	.Lecb_dec_body,.Lecb_dec_epilogue	# HandlerData[]
-	.rva	.Lecb_dec_tail
-	.long	0
-___
-$code.=<<___;
-.Lcbc_dec_info:
-	.byte	9,0,0,0
-	.rva	se_handler
-	.rva	.Lcbc_dec_body,.Lcbc_dec_epilogue	# HandlerData[]
-	.rva	.Lcbc_dec_tail
-	.long	0
-.Lctr_enc_info:
-	.byte	9,0,0,0
-	.rva	se_handler
-	.rva	.Lctr_enc_body,.Lctr_enc_epilogue	# HandlerData[]
-	.rva	.Lctr_enc_tail
-	.long	0
-.Lxts_enc_info:
-	.byte	9,0,0,0
-	.rva	se_handler
-	.rva	.Lxts_enc_body,.Lxts_enc_epilogue	# HandlerData[]
-	.rva	.Lxts_enc_tail
-	.long	0
-.Lxts_dec_info:
-	.byte	9,0,0,0
-	.rva	se_handler
-	.rva	.Lxts_dec_body,.Lxts_dec_epilogue	# HandlerData[]
-	.rva	.Lxts_dec_tail
-	.long	0
-___
-}
-
-$code =~ s/\`([^\`]*)\`/eval($1)/gem;
-
-print $code;
-
-close STDOUT;
diff --git a/deps/openssl/openssl/crypto/asn1/a_time.c b/deps/openssl/openssl/crypto/asn1/a_time.c
index 1babb9636054c6..c36dd9500169f5 100644
--- a/deps/openssl/openssl/crypto/asn1/a_time.c
+++ b/deps/openssl/openssl/crypto/asn1/a_time.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1999-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1999-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -67,7 +67,7 @@ static void determine_days(struct tm *tm)
     }
     c = y / 100;
     y %= 100;
-    /* Zeller's congruance */
+    /* Zeller's congruence */
     tm->tm_wday = (d + (13 * m) / 5 + y + y / 4 + c / 4 + 5 * c + 6) % 7;
 }
 
@@ -79,7 +79,11 @@ int asn1_time_to_tm(struct tm *tm, const ASN1_TIME *d)
     char *a;
     int n, i, i2, l, o, min_l = 11, strict = 0, end = 6, btz = 5, md;
     struct tm tmp;
-
+#if defined(CHARSET_EBCDIC)
+    const char upper_z = 0x5A, num_zero = 0x30, period = 0x2E, minus = 0x2D, plus = 0x2B;
+#else
+    const char upper_z = 'Z', num_zero = '0', period = '.', minus = '-', plus = '+';
+#endif
     /*
      * ASN1_STRING_FLAG_X509_TIME is used to enforce RFC 5280
      * time string format, in which:
@@ -120,20 +124,20 @@ int asn1_time_to_tm(struct tm *tm, const ASN1_TIME *d)
     if (l < min_l)
         goto err;
     for (i = 0; i < end; i++) {
-        if (!strict && (i == btz) && ((a[o] == 'Z') || (a[o] == '+') || (a[o] == '-'))) {
+        if (!strict && (i == btz) && ((a[o] == upper_z) || (a[o] == plus) || (a[o] == minus))) {
             i++;
             break;
         }
-        if (!ossl_isdigit(a[o]))
+        if (!ascii_isdigit(a[o]))
             goto err;
-        n = a[o] - '0';
+        n = a[o] - num_zero;
         /* incomplete 2-digital number */
         if (++o == l)
             goto err;
 
-        if (!ossl_isdigit(a[o]))
+        if (!ascii_isdigit(a[o]))
             goto err;
-        n = (n * 10) + a[o] - '0';
+        n = (n * 10) + a[o] - num_zero;
         /* no more bytes to read, but we haven't seen time-zone yet */
         if (++o == l)
             goto err;
@@ -185,14 +189,14 @@ int asn1_time_to_tm(struct tm *tm, const ASN1_TIME *d)
      * Optional fractional seconds: decimal point followed by one or more
      * digits.
      */
-    if (d->type == V_ASN1_GENERALIZEDTIME && a[o] == '.') {
+    if (d->type == V_ASN1_GENERALIZEDTIME && a[o] == period) {
         if (strict)
             /* RFC 5280 forbids fractional seconds */
             goto err;
         if (++o == l)
             goto err;
         i = o;
-        while ((o < l) && ossl_isdigit(a[o]))
+        while ((o < l) && ascii_isdigit(a[o]))
             o++;
         /* Must have at least one digit after decimal point */
         if (i == o)
@@ -207,10 +211,10 @@ int asn1_time_to_tm(struct tm *tm, const ASN1_TIME *d)
      * 'o' can point to '\0' is either the subsequent if or the first
      * else if is true.
      */
-    if (a[o] == 'Z') {
+    if (a[o] == upper_z) {
         o++;
-    } else if (!strict && ((a[o] == '+') || (a[o] == '-'))) {
-        int offsign = a[o] == '-' ? 1 : -1;
+    } else if (!strict && ((a[o] == plus) || (a[o] == minus))) {
+        int offsign = a[o] == minus ? 1 : -1;
         int offset = 0;
 
         o++;
@@ -223,13 +227,13 @@ int asn1_time_to_tm(struct tm *tm, const ASN1_TIME *d)
         if (o + 4 != l)
             goto err;
         for (i = end; i < end + 2; i++) {
-            if (!ossl_isdigit(a[o]))
+            if (!ascii_isdigit(a[o]))
                 goto err;
-            n = a[o] - '0';
+            n = a[o] - num_zero;
             o++;
-            if (!ossl_isdigit(a[o]))
+            if (!ascii_isdigit(a[o]))
                 goto err;
-            n = (n * 10) + a[o] - '0';
+            n = (n * 10) + a[o] - num_zero;
             i2 = (d->type == V_ASN1_UTCTIME) ? i + 1 : i;
             if ((n < min[i2]) || (n > max[i2]))
                 goto err;
@@ -300,7 +304,7 @@ ASN1_TIME *asn1_time_from_tm(ASN1_TIME *s, struct tm *ts, int type)
                                     ts->tm_mday, ts->tm_hour, ts->tm_min,
                                     ts->tm_sec);
 
-#ifdef CHARSET_EBCDIC_not
+#ifdef CHARSET_EBCDIC
     ebcdic2ascii(tmps->data, tmps->data, tmps->length);
 #endif
     return tmps;
@@ -467,6 +471,7 @@ int ASN1_TIME_print(BIO *bp, const ASN1_TIME *tm)
     char *v;
     int gmt = 0, l;
     struct tm stm;
+    const char upper_z = 0x5A, period = 0x2E;
 
     if (!asn1_time_to_tm(&stm, tm)) {
         /* asn1_time_to_tm will check the time type */
@@ -475,7 +480,7 @@ int ASN1_TIME_print(BIO *bp, const ASN1_TIME *tm)
 
     l = tm->length;
     v = (char *)tm->data;
-    if (v[l - 1] == 'Z')
+    if (v[l - 1] == upper_z)
         gmt = 1;
 
     if (tm->type == V_ASN1_GENERALIZEDTIME) {
@@ -486,10 +491,10 @@ int ASN1_TIME_print(BIO *bp, const ASN1_TIME *tm)
          * Try to parse fractional seconds. '14' is the place of
          * 'fraction point' in a GeneralizedTime string.
          */
-        if (tm->length > 15 && v[14] == '.') {
+        if (tm->length > 15 && v[14] == period) {
             f = &v[14];
             f_len = 1;
-            while (14 + f_len < l && ossl_isdigit(f[f_len]))
+            while (14 + f_len < l && ascii_isdigit(f[f_len]))
                 ++f_len;
         }
 
diff --git a/deps/openssl/openssl/crypto/asn1/a_type.c b/deps/openssl/openssl/crypto/asn1/a_type.c
index 0c7aebe3076b4e..732328e050498c 100644
--- a/deps/openssl/openssl/crypto/asn1/a_type.c
+++ b/deps/openssl/openssl/crypto/asn1/a_type.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -15,7 +15,9 @@
 
 int ASN1_TYPE_get(const ASN1_TYPE *a)
 {
-    if ((a->value.ptr != NULL) || (a->type == V_ASN1_NULL))
+    if (a->type == V_ASN1_BOOLEAN
+            || a->type == V_ASN1_NULL
+            || a->value.ptr != NULL)
         return a->type;
     else
         return 0;
@@ -23,7 +25,9 @@ int ASN1_TYPE_get(const ASN1_TYPE *a)
 
 void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value)
 {
-    if (a->value.ptr != NULL) {
+    if (a->type != V_ASN1_BOOLEAN
+            && a->type != V_ASN1_NULL
+            && a->value.ptr != NULL) {
         ASN1_TYPE **tmp_a = &a;
         asn1_primitive_free((ASN1_VALUE **)tmp_a, NULL, 0);
     }
diff --git a/deps/openssl/openssl/crypto/asn1/x_bignum.c b/deps/openssl/openssl/crypto/asn1/x_bignum.c
index da57e77a7aa829..6c93ea7510da1e 100644
--- a/deps/openssl/openssl/crypto/asn1/x_bignum.c
+++ b/deps/openssl/openssl/crypto/asn1/x_bignum.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -130,9 +130,20 @@ static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
 static int bn_secure_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
                          int utype, char *free_cont, const ASN1_ITEM *it)
 {
-    if (!*pval)
-        bn_secure_new(pval, it);
-    return bn_c2i(pval, cont, len, utype, free_cont, it);
+    int ret;
+    BIGNUM *bn;
+
+    if (!*pval && !bn_secure_new(pval, it))
+        return 0;
+
+    ret = bn_c2i(pval, cont, len, utype, free_cont, it);
+    if (!ret)
+        return 0;
+
+    /* Set constant-time flag for all secure BIGNUMS */
+    bn = (BIGNUM *)*pval;
+    BN_set_flags(bn, BN_FLG_CONSTTIME);
+    return ret;
 }
 
 static int bn_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it,
diff --git a/deps/openssl/openssl/crypto/bio/b_addr.c b/deps/openssl/openssl/crypto/bio/b_addr.c
index f295b766fa7346..dd5008e636a477 100644
--- a/deps/openssl/openssl/crypto/bio/b_addr.c
+++ b/deps/openssl/openssl/crypto/bio/b_addr.c
@@ -675,7 +675,7 @@ int BIO_lookup_ex(const char *host, const char *service, int lookup_type,
 
     if (1) {
 #ifdef AI_PASSIVE
-        int gai_ret = 0;
+        int gai_ret = 0, old_ret = 0;
         struct addrinfo hints;
 
         memset(&hints, 0, sizeof(hints));
@@ -683,12 +683,12 @@ int BIO_lookup_ex(const char *host, const char *service, int lookup_type,
         hints.ai_family = family;
         hints.ai_socktype = socktype;
         hints.ai_protocol = protocol;
-#ifdef AI_ADDRCONFIG
-#ifdef AF_UNSPEC
+# ifdef AI_ADDRCONFIG
+#  ifdef AF_UNSPEC
         if (family == AF_UNSPEC)
-#endif
+#  endif
             hints.ai_flags |= AI_ADDRCONFIG;
-#endif
+# endif
 
         if (lookup_type == BIO_LOOKUP_SERVER)
             hints.ai_flags |= AI_PASSIVE;
@@ -696,19 +696,33 @@ int BIO_lookup_ex(const char *host, const char *service, int lookup_type,
         /* Note that |res| SHOULD be a 'struct addrinfo **' thanks to
          * macro magic in bio_lcl.h
          */
+      retry:
         switch ((gai_ret = getaddrinfo(host, service, &hints, res))) {
 # ifdef EAI_SYSTEM
         case EAI_SYSTEM:
             SYSerr(SYS_F_GETADDRINFO, get_last_socket_error());
             BIOerr(BIO_F_BIO_LOOKUP_EX, ERR_R_SYS_LIB);
             break;
+# endif
+# ifdef EAI_MEMORY
+        case EAI_MEMORY:
+            BIOerr(BIO_F_BIO_LOOKUP_EX, ERR_R_MALLOC_FAILURE);
+            break;
 # endif
         case 0:
             ret = 1;             /* Success */
             break;
         default:
+# if defined(AI_ADDRCONFIG) && defined(AI_NUMERICHOST)
+            if (hints.ai_flags & AI_ADDRCONFIG) {
+                hints.ai_flags &= ~AI_ADDRCONFIG;
+                hints.ai_flags |= AI_NUMERICHOST;
+                old_ret = gai_ret;
+                goto retry;
+            }
+# endif
             BIOerr(BIO_F_BIO_LOOKUP_EX, ERR_R_SYS_LIB);
-            ERR_add_error_data(1, gai_strerror(gai_ret));
+            ERR_add_error_data(1, gai_strerror(old_ret ? old_ret : gai_ret));
             break;
         }
     } else {
diff --git a/deps/openssl/openssl/crypto/bio/bss_dgram.c b/deps/openssl/openssl/crypto/bio/bss_dgram.c
index d5fe5bb5a8a2d7..551821609f7313 100644
--- a/deps/openssl/openssl/crypto/bio/bss_dgram.c
+++ b/deps/openssl/openssl/crypto/bio/bss_dgram.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2005-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2005-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -784,7 +784,7 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
      * reasons. When BIO_CTRL_DGRAM_SET_PEEK_MODE was first defined its value
      * was incorrectly clashing with BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE. The
      * value has been updated to a non-clashing value. However to preserve
-     * binary compatiblity we now respond to both the old value and the new one
+     * binary compatibility we now respond to both the old value and the new one
      */
     case BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE:
     case BIO_CTRL_DGRAM_SET_PEEK_MODE:
diff --git a/deps/openssl/openssl/crypto/bio/bss_file.c b/deps/openssl/openssl/crypto/bio/bss_file.c
index 057344783d61b7..a2102055976012 100644
--- a/deps/openssl/openssl/crypto/bio/bss_file.c
+++ b/deps/openssl/openssl/crypto/bio/bss_file.c
@@ -7,10 +7,7 @@
  * https://www.openssl.org/source/license.html
  */
 
-#ifndef HEADER_BSS_FILE_C
-# define HEADER_BSS_FILE_C
-
-# if defined(__linux) || defined(__sun) || defined(__hpux)
+#if defined(__linux) || defined(__sun) || defined(__hpux)
 /*
  * Following definition aliases fopen to fopen64 on above mentioned
  * platforms. This makes it possible to open and sequentially access files
@@ -23,17 +20,17 @@
  * of 32-bit platforms which allow for sequential access of large files
  * without extra "magic" comprise *BSD, Darwin, IRIX...
  */
-#  ifndef _FILE_OFFSET_BITS
-#   define _FILE_OFFSET_BITS 64
-#  endif
+# ifndef _FILE_OFFSET_BITS
+#  define _FILE_OFFSET_BITS 64
 # endif
+#endif
 
-# include <stdio.h>
-# include <errno.h>
-# include "bio_lcl.h"
-# include <openssl/err.h>
+#include <stdio.h>
+#include <errno.h>
+#include "bio_lcl.h"
+#include <openssl/err.h>
 
-# if !defined(OPENSSL_NO_STDIO)
+#if !defined(OPENSSL_NO_STDIO)
 
 static int file_write(BIO *h, const char *buf, int num);
 static int file_read(BIO *h, char *buf, int size);
@@ -72,9 +69,9 @@ BIO *BIO_new_file(const char *filename, const char *mode)
         SYSerr(SYS_F_FOPEN, get_last_sys_error());
         ERR_add_error_data(5, "fopen('", filename, "','", mode, "')");
         if (errno == ENOENT
-# ifdef ENXIO
+#ifdef ENXIO
             || errno == ENXIO
-# endif
+#endif
             )
             BIOerr(BIO_F_BIO_NEW_FILE, BIO_R_NO_SUCH_FILE);
         else
@@ -212,33 +209,33 @@ static long file_ctrl(BIO *b, int cmd, long num, void *ptr)
         b->shutdown = (int)num & BIO_CLOSE;
         b->ptr = ptr;
         b->init = 1;
-#  if BIO_FLAGS_UPLINK!=0
-#   if defined(__MINGW32__) && defined(__MSVCRT__) && !defined(_IOB_ENTRIES)
-#    define _IOB_ENTRIES 20
-#   endif
+# if BIO_FLAGS_UPLINK!=0
+#  if defined(__MINGW32__) && defined(__MSVCRT__) && !defined(_IOB_ENTRIES)
+#   define _IOB_ENTRIES 20
+#  endif
         /* Safety net to catch purely internal BIO_set_fp calls */
-#   if defined(_MSC_VER) && _MSC_VER>=1900
+#  if defined(_MSC_VER) && _MSC_VER>=1900
         if (ptr == stdin || ptr == stdout || ptr == stderr)
             BIO_clear_flags(b, BIO_FLAGS_UPLINK);
-#   elif defined(_IOB_ENTRIES)
+#  elif defined(_IOB_ENTRIES)
         if ((size_t)ptr >= (size_t)stdin &&
             (size_t)ptr < (size_t)(stdin + _IOB_ENTRIES))
             BIO_clear_flags(b, BIO_FLAGS_UPLINK);
-#   endif
 #  endif
-#  ifdef UP_fsetmod
+# endif
+# ifdef UP_fsetmod
         if (b->flags & BIO_FLAGS_UPLINK)
             UP_fsetmod(b->ptr, (char)((num & BIO_FP_TEXT) ? 't' : 'b'));
         else
-#  endif
+# endif
         {
-#  if defined(OPENSSL_SYS_WINDOWS)
+# if defined(OPENSSL_SYS_WINDOWS)
             int fd = _fileno((FILE *)ptr);
             if (num & BIO_FP_TEXT)
                 _setmode(fd, _O_TEXT);
             else
                 _setmode(fd, _O_BINARY);
-#  elif defined(OPENSSL_SYS_MSDOS)
+# elif defined(OPENSSL_SYS_MSDOS)
             int fd = fileno((FILE *)ptr);
             /* Set correct text/binary mode */
             if (num & BIO_FP_TEXT)
@@ -251,11 +248,11 @@ static long file_ctrl(BIO *b, int cmd, long num, void *ptr)
                 } else
                     _setmode(fd, _O_BINARY);
             }
-#  elif defined(OPENSSL_SYS_WIN32_CYGWIN)
+# elif defined(OPENSSL_SYS_WIN32_CYGWIN)
             int fd = fileno((FILE *)ptr);
             if (!(num & BIO_FP_TEXT))
                 setmode(fd, O_BINARY);
-#  endif
+# endif
         }
         break;
     case BIO_C_SET_FILENAME:
@@ -277,15 +274,15 @@ static long file_ctrl(BIO *b, int cmd, long num, void *ptr)
             ret = 0;
             break;
         }
-#  if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS)
+# if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WINDOWS)
         if (!(num & BIO_FP_TEXT))
             OPENSSL_strlcat(p, "b", sizeof(p));
         else
             OPENSSL_strlcat(p, "t", sizeof(p));
-#  elif defined(OPENSSL_SYS_WIN32_CYGWIN)
+# elif defined(OPENSSL_SYS_WIN32_CYGWIN)
         if (!(num & BIO_FP_TEXT))
             OPENSSL_strlcat(p, "b", sizeof(p));
-#  endif
+# endif
         fp = openssl_fopen(ptr, p);
         if (fp == NULL) {
             SYSerr(SYS_F_FOPEN, get_last_sys_error());
@@ -422,6 +419,4 @@ BIO *BIO_new_file(const char *filename, const char *mode)
     return NULL;
 }
 
-# endif                         /* OPENSSL_NO_STDIO */
-
-#endif                          /* HEADER_BSS_FILE_C */
+#endif                         /* OPENSSL_NO_STDIO */
diff --git a/deps/openssl/openssl/crypto/bio/bss_mem.c b/deps/openssl/openssl/crypto/bio/bss_mem.c
index 8c621d6c1e880d..2d536e9db05f4c 100644
--- a/deps/openssl/openssl/crypto/bio/bss_mem.c
+++ b/deps/openssl/openssl/crypto/bio/bss_mem.c
@@ -259,9 +259,7 @@ static long mem_ctrl(BIO *b, int cmd, long num, void *ptr)
         bm = bbm->buf;
         if (bm->data != NULL) {
             if (!(b->flags & BIO_FLAGS_MEM_RDONLY)) {
-                if (b->flags & BIO_FLAGS_NONCLEAR_RST) {
-                    bm->length = bm->max;
-                } else {
+                if (!(b->flags & BIO_FLAGS_NONCLEAR_RST)) {
                     memset(bm->data, 0, bm->max);
                     bm->length = 0;
                 }
diff --git a/deps/openssl/openssl/crypto/bn/asm/mips.pl b/deps/openssl/openssl/crypto/bn/asm/mips.pl
index 38b796e375fec2..a205189eb684fe 100644
--- a/deps/openssl/openssl/crypto/bn/asm/mips.pl
+++ b/deps/openssl/openssl/crypto/bn/asm/mips.pl
@@ -801,7 +801,7 @@
 #if 0
 /*
  * The bn_div_3_words entry point is re-used for constant-time interface.
- * Implementation is retained as hystorical reference.
+ * Implementation is retained as historical reference.
  */
 .align 5
 .globl	bn_div_3_words
diff --git a/deps/openssl/openssl/crypto/bn/bn_div.c b/deps/openssl/openssl/crypto/bn/bn_div.c
index 3a6fa0a1b194b0..7fc0132830a12a 100644
--- a/deps/openssl/openssl/crypto/bn/bn_div.c
+++ b/deps/openssl/openssl/crypto/bn/bn_div.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -258,7 +258,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num, const BIGNUM *divisor,
  *
  *     - availability of constant-time bn_div_3_words;
  *     - dividend is at least as "wide" as divisor, limb-wise, zero-padded
- *       if so requied, which shouldn't be a privacy problem, because
+ *       if so required, which shouldn't be a privacy problem, because
  *       divisor's length is considered public;
  */
 int bn_div_fixed_top(BIGNUM *dv, BIGNUM *rm, const BIGNUM *num,
diff --git a/deps/openssl/openssl/crypto/bn/bn_lcl.h b/deps/openssl/openssl/crypto/bn/bn_lcl.h
index 8a36db2e8b671c..7f823a6178a5bb 100644
--- a/deps/openssl/openssl/crypto/bn/bn_lcl.h
+++ b/deps/openssl/openssl/crypto/bn/bn_lcl.h
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -295,7 +295,7 @@ struct bn_gencb_st {
                  (b) >  23 ? 3 : 1)
 
 /*
- * BN_mod_exp_mont_conttime is based on the assumption that the L1 data cache
+ * BN_mod_exp_mont_consttime is based on the assumption that the L1 data cache
  * line width of the target processor is at least the following value.
  */
 # define MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH      ( 64 )
diff --git a/deps/openssl/openssl/crypto/bn/bn_lib.c b/deps/openssl/openssl/crypto/bn/bn_lib.c
index f93bbcfcc71f7f..254069ff38198d 100644
--- a/deps/openssl/openssl/crypto/bn/bn_lib.c
+++ b/deps/openssl/openssl/crypto/bn/bn_lib.c
@@ -132,20 +132,66 @@ int BN_num_bits_word(BN_ULONG l)
     return bits;
 }
 
+/*
+ * This function still leaks `a->dmax`: it's caller's responsibility to
+ * expand the input `a` in advance to a public length.
+ */
+static ossl_inline
+int bn_num_bits_consttime(const BIGNUM *a)
+{
+    int j, ret;
+    unsigned int mask, past_i;
+    int i = a->top - 1;
+    bn_check_top(a);
+
+    for (j = 0, past_i = 0, ret = 0; j < a->dmax; j++) {
+        mask = constant_time_eq_int(i, j); /* 0xff..ff if i==j, 0x0 otherwise */
+
+        ret += BN_BITS2 & (~mask & ~past_i);
+        ret += BN_num_bits_word(a->d[j]) & mask;
+
+        past_i |= mask; /* past_i will become 0xff..ff after i==j */
+    }
+
+    /*
+     * if BN_is_zero(a) => i is -1 and ret contains garbage, so we mask the
+     * final result.
+     */
+    mask = ~(constant_time_eq_int(i, ((int)-1)));
+
+    return ret & mask;
+}
+
 int BN_num_bits(const BIGNUM *a)
 {
     int i = a->top - 1;
     bn_check_top(a);
 
+    if (a->flags & BN_FLG_CONSTTIME) {
+        /*
+         * We assume that BIGNUMs flagged as CONSTTIME have also been expanded
+         * so that a->dmax is not leaking secret information.
+         *
+         * In other words, it's the caller's responsibility to ensure `a` has
+         * been preallocated in advance to a public length if we hit this
+         * branch.
+         *
+         */
+        return bn_num_bits_consttime(a);
+    }
+
     if (BN_is_zero(a))
         return 0;
+
     return ((i * BN_BITS2) + BN_num_bits_word(a->d[i]));
 }
 
-static void bn_free_d(BIGNUM *a)
+static void bn_free_d(BIGNUM *a, int clear)
 {
     if (BN_get_flags(a, BN_FLG_SECURE))
-        OPENSSL_secure_free(a->d);
+        OPENSSL_secure_clear_free(a->d, a->dmax * sizeof(a->d[0]));
+    else if (clear != 0)
+        OPENSSL_clear_free(a->d, a->dmax * sizeof(a->d[0]));
     else
         OPENSSL_free(a->d);
 }
@@ -155,10 +201,8 @@ void BN_clear_free(BIGNUM *a)
 {
     if (a == NULL)
         return;
-    if (a->d != NULL && !BN_get_flags(a, BN_FLG_STATIC_DATA)) {
-        OPENSSL_cleanse(a->d, a->dmax * sizeof(a->d[0]));
-        bn_free_d(a);
-    }
+    if (a->d != NULL && !BN_get_flags(a, BN_FLG_STATIC_DATA))
+        bn_free_d(a, 1);
     if (BN_get_flags(a, BN_FLG_MALLOCED)) {
         OPENSSL_cleanse(a, sizeof(*a));
         OPENSSL_free(a);
@@ -170,7 +214,7 @@ void BN_free(BIGNUM *a)
     if (a == NULL)
         return;
     if (!BN_get_flags(a, BN_FLG_STATIC_DATA))
-        bn_free_d(a);
+        bn_free_d(a, 0);
     if (a->flags & BN_FLG_MALLOCED)
         OPENSSL_free(a);
 }
@@ -248,10 +292,8 @@ BIGNUM *bn_expand2(BIGNUM *b, int words)
         BN_ULONG *a = bn_expand_internal(b, words);
         if (!a)
             return NULL;
-        if (b->d) {
-            OPENSSL_cleanse(b->d, b->dmax * sizeof(b->d[0]));
-            bn_free_d(b);
-        }
+        if (b->d != NULL)
+            bn_free_d(b, 1);
         b->d = a;
         b->dmax = words;
     }
@@ -416,8 +458,11 @@ BIGNUM *BN_bin2bn(const unsigned char *s, int len, BIGNUM *ret)
     return ret;
 }
 
+typedef enum {big, little} endianess_t;
+
 /* ignore negative */
-static int bn2binpad(const BIGNUM *a, unsigned char *to, int tolen)
+static
+int bn2binpad(const BIGNUM *a, unsigned char *to, int tolen, endianess_t endianess)
 {
     int n;
     size_t i, lasti, j, atop, mask;
@@ -449,10 +494,17 @@ static int bn2binpad(const BIGNUM *a, unsigned char *to, int tolen)
 
     lasti = atop - 1;
     atop = a->top * BN_BYTES;
-    for (i = 0, j = 0, to += tolen; j < (size_t)tolen; j++) {
+    if (endianess == big)
+        to += tolen; /* start from the end of the buffer */
+    for (i = 0, j = 0; j < (size_t)tolen; j++) {
+        unsigned char val;
         l = a->d[i / BN_BYTES];
         mask = 0 - ((j - atop) >> (8 * sizeof(i) - 1));
-        *--to = (unsigned char)(l >> (8 * (i % BN_BYTES)) & mask);
+        val = (unsigned char)(l >> (8 * (i % BN_BYTES)) & mask);
+        if (endianess == big)
+            *--to = val;
+        else
+            *to++ = val;
         i += (i - lasti) >> (8 * sizeof(i) - 1); /* stay on last limb */
     }
 
@@ -463,12 +515,12 @@ int BN_bn2binpad(const BIGNUM *a, unsigned char *to, int tolen)
 {
     if (tolen < 0)
         return -1;
-    return bn2binpad(a, to, tolen);
+    return bn2binpad(a, to, tolen, big);
 }
 
 int BN_bn2bin(const BIGNUM *a, unsigned char *to)
 {
-    return bn2binpad(a, to, -1);
+    return bn2binpad(a, to, -1, big);
 }
 
 BIGNUM *BN_lebin2bn(const unsigned char *s, int len, BIGNUM *ret)
@@ -520,22 +572,9 @@ BIGNUM *BN_lebin2bn(const unsigned char *s, int len, BIGNUM *ret)
 
 int BN_bn2lebinpad(const BIGNUM *a, unsigned char *to, int tolen)
 {
-    int i;
-    BN_ULONG l;
-    bn_check_top(a);
-    i = BN_num_bytes(a);
-    if (tolen < i)
+    if (tolen < 0)
         return -1;
-    /* Add trailing zeroes if necessary */
-    if (tolen > i)
-        memset(to + i, 0, tolen - i);
-    to += i;
-    while (i--) {
-        l = a->d[i / BN_BYTES];
-        to--;
-        *to = (unsigned char)(l >> (8 * (i % BN_BYTES))) & 0xff;
-    }
-    return tolen;
+    return bn2binpad(a, to, tolen, little);
 }
 
 int BN_ucmp(const BIGNUM *a, const BIGNUM *b)
diff --git a/deps/openssl/openssl/crypto/bn/bn_prime.c b/deps/openssl/openssl/crypto/bn/bn_prime.c
index 4bbd7c88103145..19b081f38eb7b2 100644
--- a/deps/openssl/openssl/crypto/bn/bn_prime.c
+++ b/deps/openssl/openssl/crypto/bn/bn_prime.c
@@ -63,8 +63,12 @@ int BN_generate_prime_ex(BIGNUM *ret, int bits, int safe,
         /* There are no prime numbers this small. */
         BNerr(BN_F_BN_GENERATE_PRIME_EX, BN_R_BITS_TOO_SMALL);
         return 0;
-    } else if (bits == 2 && safe) {
-        /* The smallest safe prime (7) is three bits. */
+    } else if (add == NULL && safe && bits < 6 && bits != 3) {
+        /*
+         * The smallest safe prime (7) is three bits.
+         * But the following two safe primes with less than 6 bits (11, 23)
+         * are unreachable for BN_rand with BN_RAND_TOP_TWO.
+         */
         BNerr(BN_F_BN_GENERATE_PRIME_EX, BN_R_BITS_TOO_SMALL);
         return 0;
     }
diff --git a/deps/openssl/openssl/crypto/bn/bn_rand.c b/deps/openssl/openssl/crypto/bn/bn_rand.c
index c0d1a32292bace..051f29e34305cb 100644
--- a/deps/openssl/openssl/crypto/bn/bn_rand.c
+++ b/deps/openssl/openssl/crypto/bn/bn_rand.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -225,8 +225,7 @@ int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range,
         goto err;
 
     /* We copy |priv| into a local buffer to avoid exposing its length. */
-    todo = sizeof(priv->d[0]) * priv->top;
-    if (todo > sizeof(private_bytes)) {
+    if (BN_bn2binpad(priv, private_bytes, sizeof(private_bytes)) < 0) {
         /*
          * No reasonable DSA or ECDSA key should have a private key this
          * large and we don't handle this case in order to avoid leaking the
@@ -235,8 +234,6 @@ int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range,
         BNerr(BN_F_BN_GENERATE_DSA_NONCE, BN_R_PRIVATE_KEY_TOO_LARGE);
         goto err;
     }
-    memcpy(private_bytes, priv->d, todo);
-    memset(private_bytes + todo, 0, sizeof(private_bytes) - todo);
 
     for (done = 0; done < num_k_bytes;) {
         if (RAND_priv_bytes(random_bytes, sizeof(random_bytes)) != 1)
diff --git a/deps/openssl/openssl/crypto/bn/bn_sqrt.c b/deps/openssl/openssl/crypto/bn/bn_sqrt.c
index b97d8ca43ba2c8..c3e66b033bde5f 100644
--- a/deps/openssl/openssl/crypto/bn/bn_sqrt.c
+++ b/deps/openssl/openssl/crypto/bn/bn_sqrt.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -125,7 +125,8 @@ BIGNUM *BN_mod_sqrt(BIGNUM *in, const BIGNUM *a, const BIGNUM *p, BN_CTX *ctx)
          *         = a.
          *
          * (This is due to A.O.L. Atkin,
-         * <URL: http://listserv.nodak.edu/scripts/wa.exe?A2=ind9211&L=nmbrthry&O=T&P=562>,
+         * Subject: Square Roots and Cognate Matters modulo p=8n+5.
+         * URL: https://listserv.nodak.edu/cgi-bin/wa.exe?A2=ind9211&L=NMBRTHRY&P=4026
          * November 1992.)
          */
 
diff --git a/deps/openssl/openssl/crypto/cms/cms_att.c b/deps/openssl/openssl/crypto/cms/cms_att.c
index 664e64971b0ac7..0566019753bdda 100644
--- a/deps/openssl/openssl/crypto/cms/cms_att.c
+++ b/deps/openssl/openssl/crypto/cms/cms_att.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2008-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -13,6 +13,56 @@
 #include <openssl/err.h>
 #include <openssl/cms.h>
 #include "cms_lcl.h"
+#include "internal/nelem.h"
+
+/*-
+ * Attribute flags.
+ * CMS attribute restrictions are discussed in
+ *  - RFC 5652 Section 11.
+ * ESS attribute restrictions are discussed in
+ *  - RFC 2634 Section 1.3.4  AND
+ *  - RFC 5035 Section 5.4
+ */
+/* This is a signed attribute */
+#define CMS_ATTR_F_SIGNED         0x01
+/* This is an unsigned attribute */
+#define CMS_ATTR_F_UNSIGNED       0x02
+/* Must be present if there are any other attributes of the same type */
+#define CMS_ATTR_F_REQUIRED_COND  0x10
+/* There can only be one instance of this attribute */
+#define CMS_ATTR_F_ONLY_ONE       0x20
+/* The Attribute's value must have exactly one entry */
+#define CMS_ATTR_F_ONE_ATTR_VALUE 0x40
+
+/* Attributes rules for different attributes */
+static const struct {
+    int nid;   /* The attribute id */
+    int flags;
+} cms_attribute_properties[] = {
+    /* See RFC Section 11 */
+    { NID_pkcs9_contentType, CMS_ATTR_F_SIGNED
+                             | CMS_ATTR_F_ONLY_ONE
+                             | CMS_ATTR_F_ONE_ATTR_VALUE
+                             | CMS_ATTR_F_REQUIRED_COND },
+    { NID_pkcs9_messageDigest, CMS_ATTR_F_SIGNED
+                               | CMS_ATTR_F_ONLY_ONE
+                               | CMS_ATTR_F_ONE_ATTR_VALUE
+                               | CMS_ATTR_F_REQUIRED_COND },
+    { NID_pkcs9_signingTime, CMS_ATTR_F_SIGNED
+                             | CMS_ATTR_F_ONLY_ONE
+                             | CMS_ATTR_F_ONE_ATTR_VALUE },
+    { NID_pkcs9_countersignature, CMS_ATTR_F_UNSIGNED },
+    /* ESS */
+    { NID_id_smime_aa_signingCertificate, CMS_ATTR_F_SIGNED
+                                          | CMS_ATTR_F_ONLY_ONE
+                                          | CMS_ATTR_F_ONE_ATTR_VALUE },
+    { NID_id_smime_aa_signingCertificateV2, CMS_ATTR_F_SIGNED
+                                            | CMS_ATTR_F_ONLY_ONE
+                                            | CMS_ATTR_F_ONE_ATTR_VALUE },
+    { NID_id_smime_aa_receiptRequest, CMS_ATTR_F_SIGNED
+                                      | CMS_ATTR_F_ONLY_ONE
+                                      | CMS_ATTR_F_ONE_ATTR_VALUE }
+};
 
 /* CMS SignedData Attribute utilities */
 
@@ -149,4 +199,86 @@ void *CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
     return X509at_get0_data_by_OBJ(si->unsignedAttrs, oid, lastpos, type);
 }
 
-/* Specific attribute cases */
+/*
+ * Retrieve an attribute by nid from a stack of attributes starting at index
+ * *lastpos + 1.
+ * Returns the attribute or NULL if there is no attribute.
+ * If an attribute was found *lastpos returns the index of the found attribute.
+ */
+static X509_ATTRIBUTE *cms_attrib_get(int nid,
+                                      const STACK_OF(X509_ATTRIBUTE) *attrs,
+                                      int *lastpos)
+{
+    X509_ATTRIBUTE *at;
+    int loc;
+
+    loc = X509at_get_attr_by_NID(attrs, nid, *lastpos);
+    if (loc < 0)
+        return NULL;
+
+    at = X509at_get_attr(attrs, loc);
+    *lastpos = loc;
+    return at;
+}
+
+static int cms_check_attribute(int nid, int flags, int type,
+                               const STACK_OF(X509_ATTRIBUTE) *attrs,
+                               int have_attrs)
+{
+    int lastpos = -1;
+    X509_ATTRIBUTE *at = cms_attrib_get(nid, attrs, &lastpos);
+
+    if (at != NULL) {
+        int count = X509_ATTRIBUTE_count(at);
+
+        /* Is this attribute allowed? */
+        if (((flags & type) == 0)
+            /* check if multiple attributes of the same type are allowed */
+            || (((flags & CMS_ATTR_F_ONLY_ONE) != 0)
+                && cms_attrib_get(nid, attrs, &lastpos) != NULL)
+            /* Check if attribute should have exactly one value in its set */
+            || (((flags & CMS_ATTR_F_ONE_ATTR_VALUE) != 0)
+                && count != 1)
+            /* There should be at least one value */
+            || count == 0)
+        return 0;
+    } else {
+        /* fail if a required attribute is missing */
+        if (have_attrs
+            && ((flags & CMS_ATTR_F_REQUIRED_COND) != 0)
+            && (flags & type) != 0)
+            return 0;
+    }
+    return 1;
+}
+
+/*
+ * Check that the signerinfo attributes obey the attribute rules which includes
+ * the following checks
+ * - If any signed attributes exist then there must be a Content Type
+ * and Message Digest attribute in the signed attributes.
+ * - The countersignature attribute is an optional unsigned attribute only.
+ * - Content Type, Message Digest, and Signing time attributes are signed
+ *     attributes. Only one instance of each is allowed, with each of these
+ *     attributes containing a single attribute value in its set.
+ */
+int CMS_si_check_attributes(const CMS_SignerInfo *si)
+{
+    int i;
+    int have_signed_attrs = (CMS_signed_get_attr_count(si) > 0);
+    int have_unsigned_attrs = (CMS_unsigned_get_attr_count(si) > 0);
+
+    for (i = 0; i < (int)OSSL_NELEM(cms_attribute_properties); ++i) {
+        int nid = cms_attribute_properties[i].nid;
+        int flags = cms_attribute_properties[i].flags;
+
+        if (!cms_check_attribute(nid, flags, CMS_ATTR_F_SIGNED,
+                                 si->signedAttrs, have_signed_attrs)
+            || !cms_check_attribute(nid, flags, CMS_ATTR_F_UNSIGNED,
+                                    si->unsignedAttrs, have_unsigned_attrs)) {
+            CMSerr(CMS_F_CMS_SI_CHECK_ATTRIBUTES, CMS_R_ATTRIBUTE_ERROR);
+            return 0;
+        }
+    }
+    return 1;
+}
diff --git a/deps/openssl/openssl/crypto/cms/cms_env.c b/deps/openssl/openssl/crypto/cms/cms_env.c
index bb95af75e3e1dc..26fb81f79ab1f2 100644
--- a/deps/openssl/openssl/crypto/cms/cms_env.c
+++ b/deps/openssl/openssl/crypto/cms/cms_env.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2008-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -363,6 +363,7 @@ static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms,
     unsigned char *ek = NULL;
     size_t eklen;
     int ret = 0;
+    size_t fixlen = 0;
     CMS_EncryptedContentInfo *ec;
     ec = cms->d.envelopedData->encryptedContentInfo;
 
@@ -371,6 +372,19 @@ static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms,
         return 0;
     }
 
+    if (cms->d.envelopedData->encryptedContentInfo->havenocert
+            && !cms->d.envelopedData->encryptedContentInfo->debug) {
+        X509_ALGOR *calg = ec->contentEncryptionAlgorithm;
+        const EVP_CIPHER *ciph = EVP_get_cipherbyobj(calg->algorithm);
+
+        if (ciph == NULL) {
+            CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, CMS_R_UNKNOWN_CIPHER);
+            return 0;
+        }
+
+        fixlen = EVP_CIPHER_key_length(ciph);
+    }
+
     ktri->pctx = EVP_PKEY_CTX_new(pkey, NULL);
     if (ktri->pctx == NULL)
         return 0;
@@ -401,7 +415,9 @@ static int cms_RecipientInfo_ktri_decrypt(CMS_ContentInfo *cms,
 
     if (EVP_PKEY_decrypt(ktri->pctx, ek, &eklen,
                          ktri->encryptedKey->data,
-                         ktri->encryptedKey->length) <= 0) {
+                         ktri->encryptedKey->length) <= 0
+            || eklen == 0
+            || (fixlen != 0 && eklen != fixlen)) {
         CMSerr(CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT, CMS_R_CMS_LIB);
         goto err;
     }
diff --git a/deps/openssl/openssl/crypto/cms/cms_err.c b/deps/openssl/openssl/crypto/cms/cms_err.c
index 4432b471ee7620..a211f4954ce16f 100644
--- a/deps/openssl/openssl/crypto/cms/cms_err.c
+++ b/deps/openssl/openssl/crypto/cms/cms_err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -146,6 +146,8 @@ static const ERR_STRING_DATA CMS_str_functs[] = {
     {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT, 0),
      "CMS_SignerInfo_verify_content"},
     {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_SIGN_RECEIPT, 0), "CMS_sign_receipt"},
+    {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_SI_CHECK_ATTRIBUTES, 0),
+     "CMS_si_check_attributes"},
     {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_STREAM, 0), "CMS_stream"},
     {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_UNCOMPRESS, 0), "CMS_uncompress"},
     {ERR_PACK(ERR_LIB_CMS, CMS_F_CMS_VERIFY, 0), "CMS_verify"},
@@ -155,6 +157,7 @@ static const ERR_STRING_DATA CMS_str_functs[] = {
 
 static const ERR_STRING_DATA CMS_str_reasons[] = {
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_ADD_SIGNER_ERROR), "add signer error"},
+    {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_ATTRIBUTE_ERROR), "attribute error"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CERTIFICATE_ALREADY_PRESENT),
     "certificate already present"},
     {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CERTIFICATE_HAS_NO_KEYID),
diff --git a/deps/openssl/openssl/crypto/cms/cms_lcl.h b/deps/openssl/openssl/crypto/cms/cms_lcl.h
index 916fcbfbe190b1..68aa01271bc2e7 100644
--- a/deps/openssl/openssl/crypto/cms/cms_lcl.h
+++ b/deps/openssl/openssl/crypto/cms/cms_lcl.h
@@ -1,5 +1,5 @@
 /*
- * Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2008-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -125,6 +125,8 @@ struct CMS_EncryptedContentInfo_st {
     size_t keylen;
     /* Set to 1 if we are debugging decrypt and don't fake keys for MMA */
     int debug;
+    /* Set to 1 if we have no cert and need extra safety measures for MMA */
+    int havenocert;
 };
 
 struct CMS_RecipientInfo_st {
@@ -317,8 +319,6 @@ struct CMS_OtherKeyAttribute_st {
 
 /* ESS structures */
 
-# ifdef HEADER_X509V3_H
-
 struct CMS_ReceiptRequest_st {
     ASN1_OCTET_STRING *signedContentIdentifier;
     CMS_ReceiptsFrom *receiptsFrom;
@@ -332,7 +332,6 @@ struct CMS_ReceiptsFrom_st {
         STACK_OF(GENERAL_NAMES) *receiptList;
     } d;
 };
-# endif
 
 struct CMS_Receipt_st {
     int32_t version;
@@ -416,6 +415,8 @@ int cms_RecipientInfo_kari_encrypt(CMS_ContentInfo *cms,
 /* PWRI routines */
 int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
                                  int en_de);
+/* SignerInfo routines */
+int CMS_si_check_attributes(const CMS_SignerInfo *si);
 
 DECLARE_ASN1_ITEM(CMS_CertificateChoices)
 DECLARE_ASN1_ITEM(CMS_DigestedData)
diff --git a/deps/openssl/openssl/crypto/cms/cms_sd.c b/deps/openssl/openssl/crypto/cms/cms_sd.c
index ff2d540b6a30cd..3841513f8bd237 100644
--- a/deps/openssl/openssl/crypto/cms/cms_sd.c
+++ b/deps/openssl/openssl/crypto/cms/cms_sd.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2008-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -109,6 +109,27 @@ static void cms_sd_set_version(CMS_SignedData *sd)
 
 }
 
+/*
+ * RFC 5652 Section 11.1 Content Type
+ * The content-type attribute within signed-data MUST
+ *   1) be present if there are signed attributes
+ *   2) match the content type in the signed-data,
+ *   3) be a signed attribute.
+ *   4) not have more than one copy of the attribute.
+ *
+ * Note that since the CMS_SignerInfo_sign() always adds the "signing time"
+ * attribute, the content type attribute MUST be added also.
+ * Assumptions: This assumes that the attribute does not already exist.
+ */
+static int cms_set_si_contentType_attr(CMS_ContentInfo *cms, CMS_SignerInfo *si)
+{
+    ASN1_OBJECT *ctype = cms->d.signedData->encapContentInfo->eContentType;
+
+    /* Add the contentType attribute */
+    return CMS_signed_add1_attr_by_NID(si, NID_pkcs9_contentType,
+                                       V_ASN1_OBJECT, ctype, -1) > 0;
+}
+
 /* Copy an existing messageDigest value */
 
 static int cms_copy_messageDigest(CMS_ContentInfo *cms, CMS_SignerInfo *si)
@@ -328,6 +349,8 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
         if (flags & CMS_REUSE_DIGEST) {
             if (!cms_copy_messageDigest(cms, si))
                 goto err;
+            if (!cms_set_si_contentType_attr(cms, si))
+                goto err;
             if (!(flags & (CMS_PARTIAL | CMS_KEY_PARAM)) &&
                 !CMS_SignerInfo_sign(si))
                 goto err;
@@ -558,8 +581,6 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
      */
 
     if (CMS_signed_get_attr_count(si) >= 0) {
-        ASN1_OBJECT *ctype =
-            cms->d.signedData->encapContentInfo->eContentType;
         unsigned char md[EVP_MAX_MD_SIZE];
         unsigned int mdlen;
         if (!EVP_DigestFinal_ex(mctx, md, &mdlen))
@@ -568,9 +589,9 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
                                          V_ASN1_OCTET_STRING, md, mdlen))
             goto err;
         /* Copy content type across */
-        if (CMS_signed_add1_attr_by_NID(si, NID_pkcs9_contentType,
-                                        V_ASN1_OBJECT, ctype, -1) <= 0)
+        if (!cms_set_si_contentType_attr(cms, si))
             goto err;
+
         if (!CMS_SignerInfo_sign(si))
             goto err;
     } else if (si->pctx) {
@@ -650,6 +671,9 @@ int CMS_SignerInfo_sign(CMS_SignerInfo *si)
             goto err;
     }
 
+    if (!CMS_si_check_attributes(si))
+        goto err;
+
     if (si->pctx)
         pctx = si->pctx;
     else {
@@ -696,7 +720,6 @@ int CMS_SignerInfo_sign(CMS_SignerInfo *si)
     OPENSSL_free(abuf);
     EVP_MD_CTX_reset(mctx);
     return 0;
-
 }
 
 int CMS_SignerInfo_verify(CMS_SignerInfo *si)
@@ -711,6 +734,9 @@ int CMS_SignerInfo_verify(CMS_SignerInfo *si)
         return -1;
     }
 
+    if (!CMS_si_check_attributes(si))
+        return -1;
+
     md = EVP_get_digestbyobj(si->digestAlgorithm->algorithm);
     if (md == NULL)
         return -1;
diff --git a/deps/openssl/openssl/crypto/cms/cms_smime.c b/deps/openssl/openssl/crypto/cms/cms_smime.c
index 5dcf803f4bd3c9..10815639f81154 100644
--- a/deps/openssl/openssl/crypto/cms/cms_smime.c
+++ b/deps/openssl/openssl/crypto/cms/cms_smime.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2008-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -743,6 +743,10 @@ int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert,
         cms->d.envelopedData->encryptedContentInfo->debug = 1;
     else
         cms->d.envelopedData->encryptedContentInfo->debug = 0;
+    if (!cert)
+        cms->d.envelopedData->encryptedContentInfo->havenocert = 1;
+    else
+        cms->d.envelopedData->encryptedContentInfo->havenocert = 0;
     if (!pk && !cert && !dcont && !out)
         return 1;
     if (pk && !CMS_decrypt_set1_pkey(cms, pk, cert))
diff --git a/deps/openssl/openssl/crypto/conf/conf_sap.c b/deps/openssl/openssl/crypto/conf/conf_sap.c
index 3805c426d80204..82105de748ed54 100644
--- a/deps/openssl/openssl/crypto/conf/conf_sap.c
+++ b/deps/openssl/openssl/crypto/conf/conf_sap.c
@@ -42,7 +42,7 @@ void OPENSSL_config(const char *appname)
 
 int openssl_config_int(const OPENSSL_INIT_SETTINGS *settings)
 {
-    int ret;
+    int ret = 0;
     const char *filename;
     const char *appname;
     unsigned long flags;
diff --git a/deps/openssl/openssl/crypto/ctype.c b/deps/openssl/openssl/crypto/ctype.c
index 813be25a074121..e05f84cd40860a 100644
--- a/deps/openssl/openssl/crypto/ctype.c
+++ b/deps/openssl/openssl/crypto/ctype.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -272,3 +272,9 @@ int ossl_toupper(int c)
 {
     return ossl_islower(c) ? c ^ case_change : c;
 }
+
+int ascii_isdigit(const char inchar) {
+    if (inchar > 0x2F && inchar < 0x3A)
+        return 1;
+    return 0;
+}
diff --git a/deps/openssl/openssl/crypto/dh/dh_check.c b/deps/openssl/openssl/crypto/dh/dh_check.c
index c7e1dbf4ac0f68..d13d8206ce5093 100644
--- a/deps/openssl/openssl/crypto/dh/dh_check.c
+++ b/deps/openssl/openssl/crypto/dh/dh_check.c
@@ -24,7 +24,8 @@ int DH_check_params_ex(const DH *dh)
 {
     int errflags = 0;
 
-    (void)DH_check_params(dh, &errflags);
+    if (!DH_check_params(dh, &errflags))
+        return 0;
 
     if ((errflags & DH_CHECK_P_NOT_PRIME) != 0)
         DHerr(DH_F_DH_CHECK_PARAMS_EX, DH_R_CHECK_P_NOT_PRIME);
@@ -67,18 +68,14 @@ int DH_check_params(const DH *dh, int *ret)
 
 /*-
  * Check that p is a safe prime and
- * if g is 2, 3 or 5, check that it is a suitable generator
- * where
- * for 2, p mod 24 == 11
- * for 3, p mod 12 == 5
- * for 5, p mod 10 == 3 or 7
- * should hold.
+ * g is a suitable generator.
  */
 int DH_check_ex(const DH *dh)
 {
     int errflags = 0;
 
-    (void)DH_check(dh, &errflags);
+    if (!DH_check(dh, &errflags))
+        return 0;
 
     if ((errflags & DH_NOT_SUITABLE_GENERATOR) != 0)
         DHerr(DH_F_DH_CHECK_EX, DH_R_NOT_SUITABLE_GENERATOR);
@@ -102,10 +99,11 @@ int DH_check(const DH *dh, int *ret)
 {
     int ok = 0, r;
     BN_CTX *ctx = NULL;
-    BN_ULONG l;
     BIGNUM *t1 = NULL, *t2 = NULL;
 
-    *ret = 0;
+    if (!DH_check_params(dh, ret))
+        return 0;
+
     ctx = BN_CTX_new();
     if (ctx == NULL)
         goto err;
@@ -139,21 +137,7 @@ int DH_check(const DH *dh, int *ret)
             *ret |= DH_CHECK_INVALID_Q_VALUE;
         if (dh->j && BN_cmp(dh->j, t1))
             *ret |= DH_CHECK_INVALID_J_VALUE;
-
-    } else if (BN_is_word(dh->g, DH_GENERATOR_2)) {
-        l = BN_mod_word(dh->p, 24);
-        if (l == (BN_ULONG)-1)
-            goto err;
-        if (l != 11)
-            *ret |= DH_NOT_SUITABLE_GENERATOR;
-    } else if (BN_is_word(dh->g, DH_GENERATOR_5)) {
-        l = BN_mod_word(dh->p, 10);
-        if (l == (BN_ULONG)-1)
-            goto err;
-        if ((l != 3) && (l != 7))
-            *ret |= DH_NOT_SUITABLE_GENERATOR;
-    } else
-        *ret |= DH_UNABLE_TO_CHECK_GENERATOR;
+    }
 
     r = BN_is_prime_ex(dh->p, DH_NUMBER_ITERATIONS_FOR_PRIME, ctx, NULL);
     if (r < 0)
@@ -180,7 +164,8 @@ int DH_check_pub_key_ex(const DH *dh, const BIGNUM *pub_key)
 {
     int errflags = 0;
 
-    (void)DH_check(dh, &errflags);
+    if (!DH_check_pub_key(dh, pub_key, &errflags))
+        return 0;
 
     if ((errflags & DH_CHECK_PUBKEY_TOO_SMALL) != 0)
         DHerr(DH_F_DH_CHECK_PUB_KEY_EX, DH_R_CHECK_PUBKEY_TOO_SMALL);
diff --git a/deps/openssl/openssl/crypto/dh/dh_gen.c b/deps/openssl/openssl/crypto/dh/dh_gen.c
index 887fc4c3aedeed..d293835eb22b7e 100644
--- a/deps/openssl/openssl/crypto/dh/dh_gen.c
+++ b/deps/openssl/openssl/crypto/dh/dh_gen.c
@@ -30,30 +30,33 @@ int DH_generate_parameters_ex(DH *ret, int prime_len, int generator,
 
 /*-
  * We generate DH parameters as follows
- * find a prime q which is prime_len/2 bits long.
- * p=(2*q)+1 or (p-1)/2 = q
- * For this case, g is a generator if
- * g^((p-1)/q) mod p != 1 for values of q which are the factors of p-1.
- * Since the factors of p-1 are q and 2, we just need to check
- * g^2 mod p != 1 and g^q mod p != 1.
+ * find a prime p which is prime_len bits long,
+ * where q=(p-1)/2 is also prime.
+ * In the following we assume that g is not 0, 1 or p-1, since it
+ * would generate only trivial subgroups.
+ * For this case, g is a generator of the order-q subgroup if
+ * g^q mod p == 1.
+ * Or in terms of the Legendre symbol: (g/p) == 1.
  *
  * Having said all that,
  * there is another special case method for the generators 2, 3 and 5.
- * for 2, p mod 24 == 11
- * for 3, p mod 12 == 5  <<<<< does not work for safe primes.
- * for 5, p mod 10 == 3 or 7
+ * Using the quadratic reciprocity law it is possible to solve
+ * (g/p) == 1 for the special values 2, 3, 5:
+ * (2/p) == 1 if p mod 8 == 1 or 7.
+ * (3/p) == 1 if p mod 12 == 1 or 11.
+ * (5/p) == 1 if p mod 5 == 1 or 4.
+ * See for instance: https://en.wikipedia.org/wiki/Legendre_symbol
  *
- * Thanks to Phil Karn for the pointers about the
- * special generators and for answering some of my questions.
+ * Since all safe primes > 7 must satisfy p mod 12 == 11
+ * and all safe primes > 11 must satisfy p mod 5 != 1
+ * we can further improve the condition for g = 2, 3 and 5:
+ * for 2, p mod 24 == 23
+ * for 3, p mod 12 == 11
+ * for 5, p mod 60 == 59
  *
- * I've implemented the second simple method :-).
- * Since DH should be using a safe prime (both p and q are prime),
- * this generator function can take a very very long time to run.
- */
-/*
- * Actually there is no reason to insist that 'generator' be a generator.
- * It's just as OK (and in some sense better) to use a generator of the
- * order-q subgroup.
+ * However for compatibilty with previous versions we use:
+ * for 2, p mod 24 == 11
+ * for 5, p mod 60 == 23
  */
 static int dh_builtin_genparams(DH *ret, int prime_len, int generator,
                                 BN_GENCB *cb)
@@ -88,13 +91,10 @@ static int dh_builtin_genparams(DH *ret, int prime_len, int generator,
             goto err;
         g = 2;
     } else if (generator == DH_GENERATOR_5) {
-        if (!BN_set_word(t1, 10))
+        if (!BN_set_word(t1, 60))
             goto err;
-        if (!BN_set_word(t2, 3))
+        if (!BN_set_word(t2, 23))
             goto err;
-        /*
-         * BN_set_word(t3,7); just have to miss out on these ones :-(
-         */
         g = 5;
     } else {
         /*
@@ -102,9 +102,9 @@ static int dh_builtin_genparams(DH *ret, int prime_len, int generator,
          * not: since we are using safe primes, it will generate either an
          * order-q or an order-2q group, which both is OK
          */
-        if (!BN_set_word(t1, 2))
+        if (!BN_set_word(t1, 12))
             goto err;
-        if (!BN_set_word(t2, 1))
+        if (!BN_set_word(t2, 11))
             goto err;
         g = generator;
     }
diff --git a/deps/openssl/openssl/crypto/dh/dh_key.c b/deps/openssl/openssl/crypto/dh/dh_key.c
index 99c00e5a05d1cb..718aa422d9354a 100644
--- a/deps/openssl/openssl/crypto/dh/dh_key.c
+++ b/deps/openssl/openssl/crypto/dh/dh_key.c
@@ -125,6 +125,15 @@ static int generate_key(DH *dh)
             l = dh->length ? dh->length : BN_num_bits(dh->p) - 1;
             if (!BN_priv_rand(priv_key, l, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY))
                 goto err;
+            /*
+             * We handle just one known case where g is a quadratic non-residue:
+             * for g = 2: p % 8 == 3
+             */
+            if (BN_is_word(dh->g, DH_GENERATOR_2) && !BN_is_bit_set(dh->p, 2)) {
+                /* clear bit 0, since it won't be a secret anyway */
+                if (!BN_clear_bit(priv_key, 0))
+                    goto err;
+            }
         }
     }
 
@@ -136,11 +145,11 @@ static int generate_key(DH *dh)
         BN_with_flags(prk, priv_key, BN_FLG_CONSTTIME);
 
         if (!dh->meth->bn_mod_exp(dh, pub_key, dh->g, prk, dh->p, ctx, mont)) {
-            BN_free(prk);
+            BN_clear_free(prk);
             goto err;
         }
         /* We MUST free prk before any further use of priv_key */
-        BN_free(prk);
+        BN_clear_free(prk);
     }
 
     dh->pub_key = pub_key;
diff --git a/deps/openssl/openssl/crypto/dh/dh_lib.c b/deps/openssl/openssl/crypto/dh/dh_lib.c
index 962f864deec614..e7e7ef08e9e3ce 100644
--- a/deps/openssl/openssl/crypto/dh/dh_lib.c
+++ b/deps/openssl/openssl/crypto/dh/dh_lib.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -234,11 +234,11 @@ void DH_get0_key(const DH *dh, const BIGNUM **pub_key, const BIGNUM **priv_key)
 int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key)
 {
     if (pub_key != NULL) {
-        BN_free(dh->pub_key);
+        BN_clear_free(dh->pub_key);
         dh->pub_key = pub_key;
     }
     if (priv_key != NULL) {
-        BN_free(dh->priv_key);
+        BN_clear_free(dh->priv_key);
         dh->priv_key = priv_key;
     }
 
diff --git a/deps/openssl/openssl/crypto/dsa/dsa_ameth.c b/deps/openssl/openssl/crypto/dsa/dsa_ameth.c
index 9c5b8aa02e9dbd..49aa1ae23bab08 100644
--- a/deps/openssl/openssl/crypto/dsa/dsa_ameth.c
+++ b/deps/openssl/openssl/crypto/dsa/dsa_ameth.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2006-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -503,7 +503,7 @@ static int dsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
 
     case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
         *(int *)arg2 = NID_sha256;
-        return 2;
+        return 1;
 
     default:
         return -2;
diff --git a/deps/openssl/openssl/crypto/dsa/dsa_err.c b/deps/openssl/openssl/crypto/dsa/dsa_err.c
index 8f97f6f3f9eed6..8dcf0548ac76ab 100644
--- a/deps/openssl/openssl/crypto/dsa/dsa_err.c
+++ b/deps/openssl/openssl/crypto/dsa/dsa_err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -52,6 +52,8 @@ static const ERR_STRING_DATA DSA_str_reasons[] = {
     "invalid digest type"},
     {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_INVALID_PARAMETERS), "invalid parameters"},
     {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_MISSING_PARAMETERS), "missing parameters"},
+    {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_MISSING_PRIVATE_KEY),
+    "missing private key"},
     {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_MODULUS_TOO_LARGE), "modulus too large"},
     {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_NO_PARAMETERS_SET), "no parameters set"},
     {ERR_PACK(ERR_LIB_DSA, 0, DSA_R_PARAMETER_ENCODING_ERROR),
diff --git a/deps/openssl/openssl/crypto/dsa/dsa_ossl.c b/deps/openssl/openssl/crypto/dsa/dsa_ossl.c
index cefda5a450fa51..16161dcadf22bb 100644
--- a/deps/openssl/openssl/crypto/dsa/dsa_ossl.c
+++ b/deps/openssl/openssl/crypto/dsa/dsa_ossl.c
@@ -72,6 +72,10 @@ static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
         reason = DSA_R_MISSING_PARAMETERS;
         goto err;
     }
+    if (dsa->priv_key == NULL) {
+        reason = DSA_R_MISSING_PRIVATE_KEY;
+        goto err;
+    }
 
     ret = DSA_SIG_new();
     if (ret == NULL)
@@ -195,6 +199,10 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in,
         DSAerr(DSA_F_DSA_SIGN_SETUP, DSA_R_INVALID_PARAMETERS);
         return 0;
     }
+    if (dsa->priv_key == NULL) {
+        DSAerr(DSA_F_DSA_SIGN_SETUP, DSA_R_MISSING_PRIVATE_KEY);
+        return 0;
+    }
 
     k = BN_new();
     l = BN_new();
@@ -248,7 +256,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in,
      * one bit longer than the modulus.
      *
      * There are some concerns about the efficacy of doing this.  More
-     * specificly refer to the discussion starting with:
+     * specifically refer to the discussion starting with:
      *     https://github.com/openssl/openssl/pull/7486#discussion_r228323705
      * The fix is to rework BN so these gymnastics aren't required.
      */
diff --git a/deps/openssl/openssl/crypto/dso/dso_dlfcn.c b/deps/openssl/openssl/crypto/dso/dso_dlfcn.c
index 4240f5f5e30c85..ba3b55fcbffad1 100644
--- a/deps/openssl/openssl/crypto/dso/dso_dlfcn.c
+++ b/deps/openssl/openssl/crypto/dso/dso_dlfcn.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -27,8 +27,7 @@
 #  endif
 #  include <dlfcn.h>
 #  define HAVE_DLINFO 1
-#  if defined(__CYGWIN__) || \
-     defined(__SCO_VERSION__) || defined(_SCO_ELF) || \
+#  if defined(__SCO_VERSION__) || defined(_SCO_ELF) || \
      (defined(__osf__) && !defined(RTLD_NEXT))     || \
      (defined(__OpenBSD__) && !defined(RTLD_SELF)) || \
         defined(__ANDROID__)
diff --git a/deps/openssl/openssl/crypto/ec/asm/ecp_nistz256-sparcv9.pl b/deps/openssl/openssl/crypto/ec/asm/ecp_nistz256-sparcv9.pl
index 0a4def6e2bf62d..4383bea4a7bed6 100755
--- a/deps/openssl/openssl/crypto/ec/asm/ecp_nistz256-sparcv9.pl
+++ b/deps/openssl/openssl/crypto/ec/asm/ecp_nistz256-sparcv9.pl
@@ -1,5 +1,5 @@
 #! /usr/bin/env perl
-# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.
 #
 # Licensed under the OpenSSL license (the "License").  You may not use
 # this file except in compliance with the License.  You can obtain a copy
@@ -2301,7 +2301,6 @@
 # !in1infty, !in2infty and result of check for zero.
 
 $code.=<<___;
-.globl	ecp_nistz256_point_add_vis3
 .align	32
 ecp_nistz256_point_add_vis3:
 	save	%sp,-STACK64_FRAME-32*18-32,%sp
diff --git a/deps/openssl/openssl/crypto/ec/asm/ecp_nistz256-x86_64.pl b/deps/openssl/openssl/crypto/ec/asm/ecp_nistz256-x86_64.pl
index 87149e7f680dfb..10ccc6414a498c 100755
--- a/deps/openssl/openssl/crypto/ec/asm/ecp_nistz256-x86_64.pl
+++ b/deps/openssl/openssl/crypto/ec/asm/ecp_nistz256-x86_64.pl
@@ -1301,7 +1301,7 @@
 
 	################################# reduction
 	mulx	8*0+128(%r14), $t0, $t1
-	adcx	$t0, $acc3		# guranteed to be zero
+	adcx	$t0, $acc3		# guaranteed to be zero
 	adox	$t1, $acc4
 
 	mulx	8*1+128(%r14), $t0, $t1
diff --git a/deps/openssl/openssl/crypto/ec/asm/x25519-ppc64.pl b/deps/openssl/openssl/crypto/ec/asm/x25519-ppc64.pl
index 3773cb27cd6521..6e8b36420f53bf 100755
--- a/deps/openssl/openssl/crypto/ec/asm/x25519-ppc64.pl
+++ b/deps/openssl/openssl/crypto/ec/asm/x25519-ppc64.pl
@@ -1,5 +1,5 @@
 #! /usr/bin/env perl
-# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved.
 #
 # Licensed under the OpenSSL license (the "License").  You may not use
 # this file except in compliance with the License.  You can obtain a copy
@@ -451,7 +451,7 @@
 	and	$t0,$t0,$t1
 	sldi	$a3,$a3,1
 	add	$t0,$t0,$t1		# compare to modulus in the same go
-	srdi	$a3,$a3,1		# most signifcant bit cleared
+	srdi	$a3,$a3,1		# most significant bit cleared
 
 	addc	$a0,$a0,$t0
 	addze	$a1,$a1
@@ -462,7 +462,7 @@
 	sradi	$t0,$a3,63		# most significant bit -> mask
 	sldi	$a3,$a3,1
 	andc	$t0,$t1,$t0
-	srdi	$a3,$a3,1		# most signifcant bit cleared
+	srdi	$a3,$a3,1		# most significant bit cleared
 
 	subi	$rp,$rp,1
 	subfc	$a0,$t0,$a0
diff --git a/deps/openssl/openssl/crypto/ec/ec_asn1.c b/deps/openssl/openssl/crypto/ec/ec_asn1.c
index 13c56a621dd75f..1ce1181fc10a2f 100644
--- a/deps/openssl/openssl/crypto/ec/ec_asn1.c
+++ b/deps/openssl/openssl/crypto/ec/ec_asn1.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2002-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -568,10 +568,12 @@ ECPKPARAMETERS *EC_GROUP_get_ecpkparameters(const EC_GROUP *group,
 EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params)
 {
     int ok = 0, tmp;
-    EC_GROUP *ret = NULL;
+    EC_GROUP *ret = NULL, *dup = NULL;
     BIGNUM *p = NULL, *a = NULL, *b = NULL;
     EC_POINT *point = NULL;
     long field_bits;
+    int curve_name = NID_undef;
+    BN_CTX *ctx = NULL;
 
     if (!params->fieldID || !params->fieldID->fieldType ||
         !params->fieldID->p.ptr) {
@@ -789,18 +791,79 @@ EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params)
         goto err;
     }
 
+    /*
+     * Check if the explicit parameters group just created matches one of the
+     * built-in curves.
+     *
+     * We create a copy of the group just built, so that we can remove optional
+     * fields for the lookup: we do this to avoid the possibility that one of
+     * the optional parameters is used to force the library into using a less
+     * performant and less secure EC_METHOD instead of the specialized one.
+     * In any case, `seed` is not really used in any computation, while a
+     * cofactor different from the one in the built-in table is just
+     * mathematically wrong anyway and should not be used.
+     */
+    if ((ctx = BN_CTX_new()) == NULL) {
+        ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, ERR_R_BN_LIB);
+        goto err;
+    }
+    if ((dup = EC_GROUP_dup(ret)) == NULL
+            || EC_GROUP_set_seed(dup, NULL, 0) != 1
+            || !EC_GROUP_set_generator(dup, point, a, NULL)) {
+        ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, ERR_R_EC_LIB);
+        goto err;
+    }
+    if ((curve_name = ec_curve_nid_from_params(dup, ctx)) != NID_undef) {
+        /*
+         * The input explicit parameters successfully matched one of the
+         * built-in curves: often for built-in curves we have specialized
+         * methods with better performance and hardening.
+         *
+         * In this case we replace the `EC_GROUP` created through explicit
+         * parameters with one created from a named group.
+         */
+        EC_GROUP *named_group = NULL;
+
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+        /*
+         * NID_wap_wsg_idm_ecid_wtls12 and NID_secp224r1 are both aliases for
+         * the same curve, we prefer the SECP nid when matching explicit
+         * parameters as that is associated with a specialized EC_METHOD.
+         */
+        if (curve_name == NID_wap_wsg_idm_ecid_wtls12)
+            curve_name = NID_secp224r1;
+#endif /* !def(OPENSSL_NO_EC_NISTP_64_GCC_128) */
+
+        if ((named_group = EC_GROUP_new_by_curve_name(curve_name)) == NULL) {
+            ECerr(EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS, ERR_R_EC_LIB);
+            goto err;
+        }
+        EC_GROUP_free(ret);
+        ret = named_group;
+
+        /*
+         * Set the flag so that EC_GROUPs created from explicit parameters are
+         * serialized using explicit parameters by default.
+         */
+        EC_GROUP_set_asn1_flag(ret, OPENSSL_EC_EXPLICIT_CURVE);
+    }
+
     ok = 1;
 
  err:
     if (!ok) {
-        EC_GROUP_clear_free(ret);
+        EC_GROUP_free(ret);
         ret = NULL;
     }
+    EC_GROUP_free(dup);
 
     BN_free(p);
     BN_free(a);
     BN_free(b);
     EC_POINT_free(point);
+
+    BN_CTX_free(ctx);
+
     return ret;
 }
 
@@ -861,7 +924,7 @@ EC_GROUP *d2i_ECPKParameters(EC_GROUP **a, const unsigned char **in, long len)
     }
 
     if (a) {
-        EC_GROUP_clear_free(*a);
+        EC_GROUP_free(*a);
         *a = group;
     }
 
@@ -909,7 +972,7 @@ EC_KEY *d2i_ECPrivateKey(EC_KEY **a, const unsigned char **in, long len)
         ret = *a;
 
     if (priv_key->parameters) {
-        EC_GROUP_clear_free(ret->group);
+        EC_GROUP_free(ret->group);
         ret->group = EC_GROUP_new_from_ecpkparameters(priv_key->parameters);
     }
 
diff --git a/deps/openssl/openssl/crypto/ec/ec_curve.c b/deps/openssl/openssl/crypto/ec/ec_curve.c
index bb1ce196d0fa6b..477349d4413e1a 100644
--- a/deps/openssl/openssl/crypto/ec/ec_curve.c
+++ b/deps/openssl/openssl/crypto/ec/ec_curve.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2002-2019 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -3197,3 +3197,115 @@ int EC_curve_nist2nid(const char *name)
     }
     return NID_undef;
 }
+
+#define NUM_BN_FIELDS 6
+/*
+ * Validates EC domain parameter data for known named curves.
+ * This can be used when a curve is loaded explicitly (without a curve
+ * name) or to validate that domain parameters have not been modified.
+ *
+ * Returns: The nid associated with the found named curve, or NID_undef
+ *          if not found. If there was an error it returns -1.
+ */
+int ec_curve_nid_from_params(const EC_GROUP *group, BN_CTX *ctx)
+{
+    int ret = -1, nid, len, field_type, param_len;
+    size_t i, seed_len;
+    const unsigned char *seed, *params_seed, *params;
+    unsigned char *param_bytes = NULL;
+    const EC_CURVE_DATA *data;
+    const EC_POINT *generator = NULL;
+    const EC_METHOD *meth;
+    const BIGNUM *cofactor = NULL;
+    /* An array of BIGNUMs for (p, a, b, x, y, order) */
+    BIGNUM *bn[NUM_BN_FIELDS] = {NULL, NULL, NULL, NULL, NULL, NULL};
+
+    meth = EC_GROUP_method_of(group);
+    if (meth == NULL)
+        return -1;
+    /* Use the optional named curve nid as a search field */
+    nid = EC_GROUP_get_curve_name(group);
+    field_type = EC_METHOD_get_field_type(meth);
+    seed_len = EC_GROUP_get_seed_len(group);
+    seed = EC_GROUP_get0_seed(group);
+    cofactor = EC_GROUP_get0_cofactor(group);
+
+    BN_CTX_start(ctx);
+
+    /*
+     * The built-in curves contains data fields (p, a, b, x, y, order) that are
+     * all zero-padded to be the same size. The size of the padding is
+     * determined by either the number of bytes in the field modulus (p) or the
+     * EC group order, whichever is larger.
+     */
+    param_len = BN_num_bytes(group->order);
+    len = BN_num_bytes(group->field);
+    if (len > param_len)
+        param_len = len;
+
+    /* Allocate space to store the padded data for (p, a, b, x, y, order)  */
+    param_bytes = OPENSSL_malloc(param_len * NUM_BN_FIELDS);
+    if (param_bytes == NULL)
+        goto end;
+
+    /* Create the bignums */
+    for (i = 0; i < NUM_BN_FIELDS; ++i) {
+        if ((bn[i] = BN_CTX_get(ctx)) == NULL)
+            goto end;
+    }
+    /*
+     * Fill in the bn array with the same values as the internal curves
+     * i.e. the values are p, a, b, x, y, order.
+     */
+    /* Get p, a & b */
+    if (!(EC_GROUP_get_curve(group, bn[0], bn[1], bn[2], ctx)
+        && ((generator = EC_GROUP_get0_generator(group)) != NULL)
+        /* Get x & y */
+        && EC_POINT_get_affine_coordinates(group, generator, bn[3], bn[4], ctx)
+        /* Get order */
+        && EC_GROUP_get_order(group, bn[5], ctx)))
+        goto end;
+
+   /*
+     * Convert the bignum array to bytes that are joined together to form
+     * a single buffer that contains data for all fields.
+     * (p, a, b, x, y, order) are all zero padded to be the same size.
+     */
+    for (i = 0; i < NUM_BN_FIELDS; ++i) {
+        if (BN_bn2binpad(bn[i], &param_bytes[i*param_len], param_len) <= 0)
+            goto end;
+    }
+
+    for (i = 0; i < curve_list_length; i++) {
+        const ec_list_element curve = curve_list[i];
+
+        data = curve.data;
+        /* Get the raw order byte data */
+        params_seed = (const unsigned char *)(data + 1); /* skip header */
+        params = params_seed + data->seed_len;
+
+        /* Look for unique fields in the fixed curve data */
+        if (data->field_type == field_type
+            && param_len == data->param_len
+            && (nid <= 0 || nid == curve.nid)
+            /* check the optional cofactor (ignore if its zero) */
+            && (BN_is_zero(cofactor)
+                || BN_is_word(cofactor, (const BN_ULONG)curve.data->cofactor))
+            /* Check the optional seed (ignore if its not set) */
+            && (data->seed_len == 0 || seed_len == 0
+                || ((size_t)data->seed_len == seed_len
+                     && memcmp(params_seed, seed, seed_len) == 0))
+            /* Check that the groups params match the built-in curve params */
+            && memcmp(param_bytes, params, param_len * NUM_BN_FIELDS)
+                             == 0) {
+            ret = curve.nid;
+            goto end;
+        }
+    }
+    /* Gets here if the group was not found */
+    ret = NID_undef;
+end:
+    OPENSSL_free(param_bytes);
+    BN_CTX_end(ctx);
+    return ret;
+}
diff --git a/deps/openssl/openssl/crypto/ec/ec_lcl.h b/deps/openssl/openssl/crypto/ec/ec_lcl.h
index 119255f1dc832b..fbdb04ea3a0423 100644
--- a/deps/openssl/openssl/crypto/ec/ec_lcl.h
+++ b/deps/openssl/openssl/crypto/ec/ec_lcl.h
@@ -154,7 +154,7 @@ struct ec_method_st {
     int (*field_div) (const EC_GROUP *, BIGNUM *r, const BIGNUM *a,
                       const BIGNUM *b, BN_CTX *);
     /*-
-     * 'field_inv' computes the multipicative inverse of a in the field,
+     * 'field_inv' computes the multiplicative inverse of a in the field,
      * storing the result in r.
      *
      * If 'a' is zero (or equivalent), you'll get an EC_R_CANNOT_INVERT error.
@@ -595,6 +595,8 @@ int ec_key_simple_generate_key(EC_KEY *eckey);
 int ec_key_simple_generate_public_key(EC_KEY *eckey);
 int ec_key_simple_check_key(const EC_KEY *eckey);
 
+int ec_curve_nid_from_params(const EC_GROUP *group, BN_CTX *ctx);
+
 /* EC_METHOD definitions */
 
 struct ec_key_method_st {
diff --git a/deps/openssl/openssl/crypto/ec/ec_lib.c b/deps/openssl/openssl/crypto/ec/ec_lib.c
index 8cab5a5061cf04..1289c8608eddfb 100644
--- a/deps/openssl/openssl/crypto/ec/ec_lib.c
+++ b/deps/openssl/openssl/crypto/ec/ec_lib.c
@@ -265,6 +265,67 @@ int EC_METHOD_get_field_type(const EC_METHOD *meth)
 
 static int ec_precompute_mont_data(EC_GROUP *);
 
+/*-
+ * Try computing cofactor from the generator order (n) and field cardinality (q).
+ * This works for all curves of cryptographic interest.
+ *
+ * Hasse thm: q + 1 - 2*sqrt(q) <= n*h <= q + 1 + 2*sqrt(q)
+ * h_min = (q + 1 - 2*sqrt(q))/n
+ * h_max = (q + 1 + 2*sqrt(q))/n
+ * h_max - h_min = 4*sqrt(q)/n
+ * So if n > 4*sqrt(q) holds, there is only one possible value for h:
+ * h = \lfloor (h_min + h_max)/2 \rceil = \lfloor (q + 1)/n \rceil
+ *
+ * Otherwise, zero cofactor and return success.
+ */
+static int ec_guess_cofactor(EC_GROUP *group) {
+    int ret = 0;
+    BN_CTX *ctx = NULL;
+    BIGNUM *q = NULL;
+
+    /*-
+     * If the cofactor is too large, we cannot guess it.
+     * The RHS of below is a strict overestimate of lg(4 * sqrt(q))
+     */
+    if (BN_num_bits(group->order) <= (BN_num_bits(group->field) + 1) / 2 + 3) {
+        /* default to 0 */
+        BN_zero(group->cofactor);
+        /* return success */
+        return 1;
+    }
+
+    if ((ctx = BN_CTX_new()) == NULL)
+        return 0;
+
+    BN_CTX_start(ctx);
+    if ((q = BN_CTX_get(ctx)) == NULL)
+        goto err;
+
+    /* set q = 2**m for binary fields; q = p otherwise */
+    if (group->meth->field_type == NID_X9_62_characteristic_two_field) {
+        BN_zero(q);
+        if (!BN_set_bit(q, BN_num_bits(group->field) - 1))
+            goto err;
+    } else {
+        if (!BN_copy(q, group->field))
+            goto err;
+    }
+
+    /* compute h = \lfloor (q + 1)/n \rceil = \lfloor (q + 1 + n/2)/n \rfloor */
+    if (!BN_rshift1(group->cofactor, group->order) /* n/2 */
+        || !BN_add(group->cofactor, group->cofactor, q) /* q + n/2 */
+        /* q + 1 + n/2 */
+        || !BN_add(group->cofactor, group->cofactor, BN_value_one())
+        /* (q + 1 + n/2)/n */
+        || !BN_div(group->cofactor, NULL, group->cofactor, group->order, ctx))
+        goto err;
+    ret = 1;
+ err:
+    BN_CTX_end(ctx);
+    BN_CTX_free(ctx);
+    return ret;
+}
+
 int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
                            const BIGNUM *order, const BIGNUM *cofactor)
 {
@@ -273,6 +334,34 @@ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
         return 0;
     }
 
+    /* require group->field >= 1 */
+    if (group->field == NULL || BN_is_zero(group->field)
+        || BN_is_negative(group->field)) {
+        ECerr(EC_F_EC_GROUP_SET_GENERATOR, EC_R_INVALID_FIELD);
+        return 0;
+    }
+
+    /*-
+     * - require order >= 1
+     * - enforce upper bound due to Hasse thm: order can be no more than one bit
+     *   longer than field cardinality
+     */
+    if (order == NULL || BN_is_zero(order) || BN_is_negative(order)
+        || BN_num_bits(order) > BN_num_bits(group->field) + 1) {
+        ECerr(EC_F_EC_GROUP_SET_GENERATOR, EC_R_INVALID_GROUP_ORDER);
+        return 0;
+    }
+
+    /*-
+     * Unfortunately the cofactor is an optional field in many standards.
+     * Internally, the lib uses 0 cofactor as a marker for "unknown cofactor".
+     * So accept cofactor == NULL or cofactor >= 0.
+     */
+    if (cofactor != NULL && BN_is_negative(cofactor)) {
+        ECerr(EC_F_EC_GROUP_SET_GENERATOR, EC_R_UNKNOWN_COFACTOR);
+        return 0;
+    }
+
     if (group->generator == NULL) {
         group->generator = EC_POINT_new(group);
         if (group->generator == NULL)
@@ -281,17 +370,17 @@ int EC_GROUP_set_generator(EC_GROUP *group, const EC_POINT *generator,
     if (!EC_POINT_copy(group->generator, generator))
         return 0;
 
-    if (order != NULL) {
-        if (!BN_copy(group->order, order))
-            return 0;
-    } else
-        BN_zero(group->order);
+    if (!BN_copy(group->order, order))
+        return 0;
 
-    if (cofactor != NULL) {
+    /* Either take the provided positive cofactor, or try to compute it */
+    if (cofactor != NULL && !BN_is_zero(cofactor)) {
         if (!BN_copy(group->cofactor, cofactor))
             return 0;
-    } else
+    } else if (!ec_guess_cofactor(group)) {
         BN_zero(group->cofactor);
+        return 0;
+    }
 
     /*
      * Some groups have an order with
diff --git a/deps/openssl/openssl/crypto/ec/ecdh_ossl.c b/deps/openssl/openssl/crypto/ec/ecdh_ossl.c
index 5608c62b2ac94e..ab51ee7138ff89 100644
--- a/deps/openssl/openssl/crypto/ec/ecdh_ossl.c
+++ b/deps/openssl/openssl/crypto/ec/ecdh_ossl.c
@@ -58,7 +58,7 @@ int ecdh_simple_compute_key(unsigned char **pout, size_t *poutlen,
 
     priv_key = EC_KEY_get0_private_key(ecdh);
     if (priv_key == NULL) {
-        ECerr(EC_F_ECDH_SIMPLE_COMPUTE_KEY, EC_R_NO_PRIVATE_VALUE);
+        ECerr(EC_F_ECDH_SIMPLE_COMPUTE_KEY, EC_R_MISSING_PRIVATE_KEY);
         goto err;
     }
 
diff --git a/deps/openssl/openssl/crypto/ec/ecdsa_ossl.c b/deps/openssl/openssl/crypto/ec/ecdsa_ossl.c
index e35c7600d8668d..c35ed2dcd0e7db 100644
--- a/deps/openssl/openssl/crypto/ec/ecdsa_ossl.c
+++ b/deps/openssl/openssl/crypto/ec/ecdsa_ossl.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2002-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -41,11 +41,16 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in,
     const EC_GROUP *group;
     int ret = 0;
     int order_bits;
+    const BIGNUM *priv_key;
 
     if (eckey == NULL || (group = EC_KEY_get0_group(eckey)) == NULL) {
         ECerr(EC_F_ECDSA_SIGN_SETUP, ERR_R_PASSED_NULL_PARAMETER);
         return 0;
     }
+    if ((priv_key = EC_KEY_get0_private_key(eckey)) == NULL) {
+        ECerr(EC_F_ECDSA_SIGN_SETUP, EC_R_MISSING_PRIVATE_KEY);
+        return 0;
+    }
 
     if (!EC_KEY_can_sign(eckey)) {
         ECerr(EC_F_ECDSA_SIGN_SETUP, EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING);
@@ -83,8 +88,7 @@ static int ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in,
         /* get random k */
         do {
             if (dgst != NULL) {
-                if (!BN_generate_dsa_nonce(k, order,
-                                           EC_KEY_get0_private_key(eckey),
+                if (!BN_generate_dsa_nonce(k, order, priv_key,
                                            dgst, dlen, ctx)) {
                     ECerr(EC_F_ECDSA_SIGN_SETUP,
                           EC_R_RANDOM_NUMBER_GENERATION_FAILED);
@@ -162,10 +166,14 @@ ECDSA_SIG *ossl_ecdsa_sign_sig(const unsigned char *dgst, int dgst_len,
     group = EC_KEY_get0_group(eckey);
     priv_key = EC_KEY_get0_private_key(eckey);
 
-    if (group == NULL || priv_key == NULL) {
+    if (group == NULL) {
         ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, ERR_R_PASSED_NULL_PARAMETER);
         return NULL;
     }
+    if (priv_key == NULL) {
+        ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, EC_R_MISSING_PRIVATE_KEY);
+        return NULL;
+    }
 
     if (!EC_KEY_can_sign(eckey)) {
         ECerr(EC_F_OSSL_ECDSA_SIGN_SIG, EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING);
diff --git a/deps/openssl/openssl/crypto/ec/ecp_nistp224.c b/deps/openssl/openssl/crypto/ec/ecp_nistp224.c
index 025273a1444087..fbbdb9d9386cbf 100644
--- a/deps/openssl/openssl/crypto/ec/ecp_nistp224.c
+++ b/deps/openssl/openssl/crypto/ec/ecp_nistp224.c
@@ -324,34 +324,21 @@ static void felem_to_bin28(u8 out[28], const felem in)
     }
 }
 
-/* To preserve endianness when using BN_bn2bin and BN_bin2bn */
-static void flip_endian(u8 *out, const u8 *in, unsigned len)
-{
-    unsigned i;
-    for (i = 0; i < len; ++i)
-        out[i] = in[len - 1 - i];
-}
-
 /* From OpenSSL BIGNUM to internal representation */
 static int BN_to_felem(felem out, const BIGNUM *bn)
 {
-    felem_bytearray b_in;
     felem_bytearray b_out;
-    unsigned num_bytes;
+    int num_bytes;
 
-    /* BN_bn2bin eats leading zeroes */
-    memset(b_out, 0, sizeof(b_out));
-    num_bytes = BN_num_bytes(bn);
-    if (num_bytes > sizeof(b_out)) {
+    if (BN_is_negative(bn)) {
         ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
         return 0;
     }
-    if (BN_is_negative(bn)) {
+    num_bytes = BN_bn2lebinpad(bn, b_out, sizeof(b_out));
+    if (num_bytes < 0) {
         ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
         return 0;
     }
-    num_bytes = BN_bn2bin(bn, b_in);
-    flip_endian(b_out, b_in, num_bytes);
     bin28_to_felem(out, b_out);
     return 1;
 }
@@ -359,10 +346,9 @@ static int BN_to_felem(felem out, const BIGNUM *bn)
 /* From internal representation to OpenSSL BIGNUM */
 static BIGNUM *felem_to_BN(BIGNUM *out, const felem in)
 {
-    felem_bytearray b_in, b_out;
-    felem_to_bin28(b_in, in);
-    flip_endian(b_out, b_in, sizeof(b_out));
-    return BN_bin2bn(b_out, sizeof(b_out), out);
+    felem_bytearray b_out;
+    felem_to_bin28(b_out, in);
+    return BN_lebin2bn(b_out, sizeof(b_out), out);
 }
 
 /******************************************************************************/
@@ -1402,8 +1388,7 @@ int ec_GFp_nistp224_points_mul(const EC_GROUP *group, EC_POINT *r,
     felem_bytearray *secrets = NULL;
     felem (*pre_comp)[17][3] = NULL;
     felem *tmp_felems = NULL;
-    felem_bytearray tmp;
-    unsigned num_bytes;
+    int num_bytes;
     int have_pre_comp = 0;
     size_t num_points = num;
     felem x_in, y_in, z_in, x_out, y_out, z_out;
@@ -1478,14 +1463,12 @@ int ec_GFp_nistp224_points_mul(const EC_GROUP *group, EC_POINT *r,
          * i.e., they contribute nothing to the linear combination
          */
         for (i = 0; i < num_points; ++i) {
-            if (i == num)
+            if (i == num) {
                 /* the generator */
-            {
                 p = EC_GROUP_get0_generator(group);
                 p_scalar = scalar;
-            } else
+            } else {
                 /* the i^th point */
-            {
                 p = points[i];
                 p_scalar = scalars[i];
             }
@@ -1501,10 +1484,16 @@ int ec_GFp_nistp224_points_mul(const EC_GROUP *group, EC_POINT *r,
                         ECerr(EC_F_EC_GFP_NISTP224_POINTS_MUL, ERR_R_BN_LIB);
                         goto err;
                     }
-                    num_bytes = BN_bn2bin(tmp_scalar, tmp);
-                } else
-                    num_bytes = BN_bn2bin(p_scalar, tmp);
-                flip_endian(secrets[i], tmp, num_bytes);
+                    num_bytes = BN_bn2lebinpad(tmp_scalar,
+                                               secrets[i], sizeof(secrets[i]));
+                } else {
+                    num_bytes = BN_bn2lebinpad(p_scalar,
+                                               secrets[i], sizeof(secrets[i]));
+                }
+                if (num_bytes < 0) {
+                    ECerr(EC_F_EC_GFP_NISTP224_POINTS_MUL, ERR_R_BN_LIB);
+                    goto err;
+                }
                 /* precompute multiples */
                 if ((!BN_to_felem(x_out, p->X)) ||
                     (!BN_to_felem(y_out, p->Y)) ||
@@ -1547,20 +1536,21 @@ int ec_GFp_nistp224_points_mul(const EC_GROUP *group, EC_POINT *r,
                 ECerr(EC_F_EC_GFP_NISTP224_POINTS_MUL, ERR_R_BN_LIB);
                 goto err;
             }
-            num_bytes = BN_bn2bin(tmp_scalar, tmp);
-        } else
-            num_bytes = BN_bn2bin(scalar, tmp);
-        flip_endian(g_secret, tmp, num_bytes);
+            num_bytes = BN_bn2lebinpad(tmp_scalar, g_secret, sizeof(g_secret));
+        } else {
+            num_bytes = BN_bn2lebinpad(scalar, g_secret, sizeof(g_secret));
+        }
         /* do the multiplication with generator precomputation */
         batch_mul(x_out, y_out, z_out,
                   (const felem_bytearray(*))secrets, num_points,
                   g_secret,
                   mixed, (const felem(*)[17][3])pre_comp, g_pre_comp);
-    } else
+    } else {
         /* do the multiplication without generator precomputation */
         batch_mul(x_out, y_out, z_out,
                   (const felem_bytearray(*))secrets, num_points,
                   NULL, mixed, (const felem(*)[17][3])pre_comp, NULL);
+    }
     /* reduce the output to its unique minimal representation */
     felem_contract(x_in, x_out);
     felem_contract(y_in, y_out);
diff --git a/deps/openssl/openssl/crypto/ec/ecp_nistp256.c b/deps/openssl/openssl/crypto/ec/ecp_nistp256.c
index a21e5f78fc9065..22ba69aa44bae8 100644
--- a/deps/openssl/openssl/crypto/ec/ecp_nistp256.c
+++ b/deps/openssl/openssl/crypto/ec/ecp_nistp256.c
@@ -146,34 +146,21 @@ static void smallfelem_to_bin32(u8 out[32], const smallfelem in)
     *((u64 *)&out[24]) = in[3];
 }
 
-/* To preserve endianness when using BN_bn2bin and BN_bin2bn */
-static void flip_endian(u8 *out, const u8 *in, unsigned len)
-{
-    unsigned i;
-    for (i = 0; i < len; ++i)
-        out[i] = in[len - 1 - i];
-}
-
 /* BN_to_felem converts an OpenSSL BIGNUM into an felem */
 static int BN_to_felem(felem out, const BIGNUM *bn)
 {
-    felem_bytearray b_in;
     felem_bytearray b_out;
-    unsigned num_bytes;
+    int num_bytes;
 
-    /* BN_bn2bin eats leading zeroes */
-    memset(b_out, 0, sizeof(b_out));
-    num_bytes = BN_num_bytes(bn);
-    if (num_bytes > sizeof(b_out)) {
+    if (BN_is_negative(bn)) {
         ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
         return 0;
     }
-    if (BN_is_negative(bn)) {
+    num_bytes = BN_bn2lebinpad(bn, b_out, sizeof(b_out));
+    if (num_bytes < 0) {
         ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
         return 0;
     }
-    num_bytes = BN_bn2bin(bn, b_in);
-    flip_endian(b_out, b_in, num_bytes);
     bin32_to_felem(out, b_out);
     return 1;
 }
@@ -181,10 +168,9 @@ static int BN_to_felem(felem out, const BIGNUM *bn)
 /* felem_to_BN converts an felem into an OpenSSL BIGNUM */
 static BIGNUM *smallfelem_to_BN(BIGNUM *out, const smallfelem in)
 {
-    felem_bytearray b_in, b_out;
-    smallfelem_to_bin32(b_in, in);
-    flip_endian(b_out, b_in, sizeof(b_out));
-    return BN_bin2bn(b_out, sizeof(b_out), out);
+    felem_bytearray b_out;
+    smallfelem_to_bin32(b_out, in);
+    return BN_lebin2bn(b_out, sizeof(b_out), out);
 }
 
 /*-
@@ -2024,8 +2010,8 @@ int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r,
     felem_bytearray *secrets = NULL;
     smallfelem (*pre_comp)[17][3] = NULL;
     smallfelem *tmp_smallfelems = NULL;
-    felem_bytearray tmp;
-    unsigned i, num_bytes;
+    unsigned i;
+    int num_bytes;
     int have_pre_comp = 0;
     size_t num_points = num;
     smallfelem x_in, y_in, z_in;
@@ -2102,17 +2088,15 @@ int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r,
         memset(secrets, 0, sizeof(*secrets) * num_points);
         memset(pre_comp, 0, sizeof(*pre_comp) * num_points);
         for (i = 0; i < num_points; ++i) {
-            if (i == num)
+            if (i == num) {
                 /*
                  * we didn't have a valid precomputation, so we pick the
                  * generator
                  */
-            {
                 p = EC_GROUP_get0_generator(group);
                 p_scalar = scalar;
-            } else
+            } else {
                 /* the i^th point */
-            {
                 p = points[i];
                 p_scalar = scalars[i];
             }
@@ -2128,10 +2112,16 @@ int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r,
                         ECerr(EC_F_EC_GFP_NISTP256_POINTS_MUL, ERR_R_BN_LIB);
                         goto err;
                     }
-                    num_bytes = BN_bn2bin(tmp_scalar, tmp);
-                } else
-                    num_bytes = BN_bn2bin(p_scalar, tmp);
-                flip_endian(secrets[i], tmp, num_bytes);
+                    num_bytes = BN_bn2lebinpad(tmp_scalar,
+                                               secrets[i], sizeof(secrets[i]));
+                } else {
+                    num_bytes = BN_bn2lebinpad(p_scalar,
+                                               secrets[i], sizeof(secrets[i]));
+                }
+                if (num_bytes < 0) {
+                    ECerr(EC_F_EC_GFP_NISTP256_POINTS_MUL, ERR_R_BN_LIB);
+                    goto err;
+                }
                 /* precompute multiples */
                 if ((!BN_to_felem(x_out, p->X)) ||
                     (!BN_to_felem(y_out, p->Y)) ||
@@ -2176,20 +2166,21 @@ int ec_GFp_nistp256_points_mul(const EC_GROUP *group, EC_POINT *r,
                 ECerr(EC_F_EC_GFP_NISTP256_POINTS_MUL, ERR_R_BN_LIB);
                 goto err;
             }
-            num_bytes = BN_bn2bin(tmp_scalar, tmp);
-        } else
-            num_bytes = BN_bn2bin(scalar, tmp);
-        flip_endian(g_secret, tmp, num_bytes);
+            num_bytes = BN_bn2lebinpad(tmp_scalar, g_secret, sizeof(g_secret));
+        } else {
+            num_bytes = BN_bn2lebinpad(scalar, g_secret, sizeof(g_secret));
+        }
         /* do the multiplication with generator precomputation */
         batch_mul(x_out, y_out, z_out,
                   (const felem_bytearray(*))secrets, num_points,
                   g_secret,
                   mixed, (const smallfelem(*)[17][3])pre_comp, g_pre_comp);
-    } else
+    } else {
         /* do the multiplication without generator precomputation */
         batch_mul(x_out, y_out, z_out,
                   (const felem_bytearray(*))secrets, num_points,
                   NULL, mixed, (const smallfelem(*)[17][3])pre_comp, NULL);
+    }
     /* reduce the output to its unique minimal representation */
     felem_contract(x_in, x_out);
     felem_contract(y_in, y_out);
diff --git a/deps/openssl/openssl/crypto/ec/ecp_nistp521.c b/deps/openssl/openssl/crypto/ec/ecp_nistp521.c
index e31b85c5f755c0..6340f48279374e 100644
--- a/deps/openssl/openssl/crypto/ec/ecp_nistp521.c
+++ b/deps/openssl/openssl/crypto/ec/ecp_nistp521.c
@@ -169,34 +169,21 @@ static void felem_to_bin66(u8 out[66], const felem in)
     (*((limb *) & out[58])) = in[8];
 }
 
-/* To preserve endianness when using BN_bn2bin and BN_bin2bn */
-static void flip_endian(u8 *out, const u8 *in, unsigned len)
-{
-    unsigned i;
-    for (i = 0; i < len; ++i)
-        out[i] = in[len - 1 - i];
-}
-
 /* BN_to_felem converts an OpenSSL BIGNUM into an felem */
 static int BN_to_felem(felem out, const BIGNUM *bn)
 {
-    felem_bytearray b_in;
     felem_bytearray b_out;
-    unsigned num_bytes;
+    int num_bytes;
 
-    /* BN_bn2bin eats leading zeroes */
-    memset(b_out, 0, sizeof(b_out));
-    num_bytes = BN_num_bytes(bn);
-    if (num_bytes > sizeof(b_out)) {
+    if (BN_is_negative(bn)) {
         ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
         return 0;
     }
-    if (BN_is_negative(bn)) {
+    num_bytes = BN_bn2lebinpad(bn, b_out, sizeof(b_out));
+    if (num_bytes < 0) {
         ECerr(EC_F_BN_TO_FELEM, EC_R_BIGNUM_OUT_OF_RANGE);
         return 0;
     }
-    num_bytes = BN_bn2bin(bn, b_in);
-    flip_endian(b_out, b_in, num_bytes);
     bin66_to_felem(out, b_out);
     return 1;
 }
@@ -204,10 +191,9 @@ static int BN_to_felem(felem out, const BIGNUM *bn)
 /* felem_to_BN converts an felem into an OpenSSL BIGNUM */
 static BIGNUM *felem_to_BN(BIGNUM *out, const felem in)
 {
-    felem_bytearray b_in, b_out;
-    felem_to_bin66(b_in, in);
-    flip_endian(b_out, b_in, sizeof(b_out));
-    return BN_bin2bn(b_out, sizeof(b_out), out);
+    felem_bytearray b_out;
+    felem_to_bin66(b_out, in);
+    return BN_lebin2bn(b_out, sizeof(b_out), out);
 }
 
 /*-
@@ -1269,7 +1255,7 @@ static void point_add(felem x3, felem y3, felem z3,
          * ffffffa51868783bf2f966b7fcc0148f709a5d03bb5c9b8899c47aebb6fb
          * 71e913863f7, in that case the penultimate intermediate is -9G and
          * the final digit is also -9G. Since this only happens for a single
-         * scalar, the timing leak is irrelevent. (Any attacker who wanted to
+         * scalar, the timing leak is irrelevant. (Any attacker who wanted to
          * check whether a secret scalar was that exact value, can already do
          * so.)
          */
@@ -1866,8 +1852,8 @@ int ec_GFp_nistp521_points_mul(const EC_GROUP *group, EC_POINT *r,
     felem_bytearray *secrets = NULL;
     felem (*pre_comp)[17][3] = NULL;
     felem *tmp_felems = NULL;
-    felem_bytearray tmp;
-    unsigned i, num_bytes;
+    unsigned i;
+    int num_bytes;
     int have_pre_comp = 0;
     size_t num_points = num;
     felem x_in, y_in, z_in, x_out, y_out, z_out;
@@ -1942,17 +1928,15 @@ int ec_GFp_nistp521_points_mul(const EC_GROUP *group, EC_POINT *r,
          * i.e., they contribute nothing to the linear combination
          */
         for (i = 0; i < num_points; ++i) {
-            if (i == num)
+            if (i == num) {
                 /*
                  * we didn't have a valid precomputation, so we pick the
                  * generator
                  */
-            {
                 p = EC_GROUP_get0_generator(group);
                 p_scalar = scalar;
-            } else
+            } else {
                 /* the i^th point */
-            {
                 p = points[i];
                 p_scalar = scalars[i];
             }
@@ -1968,10 +1952,16 @@ int ec_GFp_nistp521_points_mul(const EC_GROUP *group, EC_POINT *r,
                         ECerr(EC_F_EC_GFP_NISTP521_POINTS_MUL, ERR_R_BN_LIB);
                         goto err;
                     }
-                    num_bytes = BN_bn2bin(tmp_scalar, tmp);
-                } else
-                    num_bytes = BN_bn2bin(p_scalar, tmp);
-                flip_endian(secrets[i], tmp, num_bytes);
+                    num_bytes = BN_bn2lebinpad(tmp_scalar,
+                                               secrets[i], sizeof(secrets[i]));
+                } else {
+                    num_bytes = BN_bn2lebinpad(p_scalar,
+                                               secrets[i], sizeof(secrets[i]));
+                }
+                if (num_bytes < 0) {
+                    ECerr(EC_F_EC_GFP_NISTP521_POINTS_MUL, ERR_R_BN_LIB);
+                    goto err;
+                }
                 /* precompute multiples */
                 if ((!BN_to_felem(x_out, p->X)) ||
                     (!BN_to_felem(y_out, p->Y)) ||
@@ -2014,21 +2004,22 @@ int ec_GFp_nistp521_points_mul(const EC_GROUP *group, EC_POINT *r,
                 ECerr(EC_F_EC_GFP_NISTP521_POINTS_MUL, ERR_R_BN_LIB);
                 goto err;
             }
-            num_bytes = BN_bn2bin(tmp_scalar, tmp);
-        } else
-            num_bytes = BN_bn2bin(scalar, tmp);
-        flip_endian(g_secret, tmp, num_bytes);
+            num_bytes = BN_bn2lebinpad(tmp_scalar, g_secret, sizeof(g_secret));
+        } else {
+            num_bytes = BN_bn2lebinpad(scalar, g_secret, sizeof(g_secret));
+        }
         /* do the multiplication with generator precomputation */
         batch_mul(x_out, y_out, z_out,
                   (const felem_bytearray(*))secrets, num_points,
                   g_secret,
                   mixed, (const felem(*)[17][3])pre_comp,
                   (const felem(*)[3])g_pre_comp);
-    } else
+    } else {
         /* do the multiplication without generator precomputation */
         batch_mul(x_out, y_out, z_out,
                   (const felem_bytearray(*))secrets, num_points,
                   NULL, mixed, (const felem(*)[17][3])pre_comp, NULL);
+    }
     /* reduce the output to its unique minimal representation */
     felem_contract(x_in, x_out);
     felem_contract(y_in, y_out);
diff --git a/deps/openssl/openssl/crypto/ec/ecp_nistputil.c b/deps/openssl/openssl/crypto/ec/ecp_nistputil.c
index 97fb63100586a7..f89a2f0aacc188 100644
--- a/deps/openssl/openssl/crypto/ec/ecp_nistputil.c
+++ b/deps/openssl/openssl/crypto/ec/ecp_nistputil.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2011-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2011-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -158,13 +158,13 @@ void ec_GFp_nistp_points_make_affine_internal(size_t num, void *point_array,
  *     of a nonnegative integer (b_k in {0, 1}), rewrite it in digits 0, 1, -1
  *     by using bit-wise subtraction as follows:
  *
- *        b_k b_(k-1)  ...  b_2  b_1  b_0
- *      -     b_k      ...  b_3  b_2  b_1  b_0
- *       -------------------------------------
- *        s_k b_(k-1)  ...  s_3  s_2  s_1  s_0
+ *        b_k     b_(k-1)  ...  b_2  b_1  b_0
+ *      -         b_k      ...  b_3  b_2  b_1  b_0
+ *       -----------------------------------------
+ *        s_(k+1) s_k      ...  s_3  s_2  s_1  s_0
  *
  *     A left-shift followed by subtraction of the original value yields a new
- *     representation of the same value, using signed bits s_i = b_(i+1) - b_i.
+ *     representation of the same value, using signed bits s_i = b_(i-1) - b_i.
  *     This representation from Booth's paper has since appeared in the
  *     literature under a variety of different names including "reversed binary
  *     form", "alternating greedy expansion", "mutual opposite form", and
@@ -188,7 +188,7 @@ void ec_GFp_nistp_points_make_affine_internal(size_t num, void *point_array,
  * (1961), pp. 67-91), in a radix-2^5 setting.  That is, we always combine five
  * signed bits into a signed digit:
  *
- *       s_(4j + 4) s_(4j + 3) s_(4j + 2) s_(4j + 1) s_(4j)
+ *       s_(5j + 4) s_(5j + 3) s_(5j + 2) s_(5j + 1) s_(5j)
  *
  * The sign-alternating property implies that the resulting digit values are
  * integers from -16 to 16.
@@ -196,14 +196,14 @@ void ec_GFp_nistp_points_make_affine_internal(size_t num, void *point_array,
  * Of course, we don't actually need to compute the signed digits s_i as an
  * intermediate step (that's just a nice way to see how this scheme relates
  * to the wNAF): a direct computation obtains the recoded digit from the
- * six bits b_(4j + 4) ... b_(4j - 1).
+ * six bits b_(5j + 4) ... b_(5j - 1).
  *
- * This function takes those five bits as an integer (0 .. 63), writing the
+ * This function takes those six bits as an integer (0 .. 63), writing the
  * recoded digit to *sign (0 for positive, 1 for negative) and *digit (absolute
- * value, in the range 0 .. 8).  Note that this integer essentially provides the
- * input bits "shifted to the left" by one position: for example, the input to
- * compute the least significant recoded digit, given that there's no bit b_-1,
- * has to be b_4 b_3 b_2 b_1 b_0 0.
+ * value, in the range 0 .. 16).  Note that this integer essentially provides
+ * the input bits "shifted to the left" by one position: for example, the input
+ * to compute the least significant recoded digit, given that there's no bit
+ * b_-1, has to be b_4 b_3 b_2 b_1 b_0 0.
  *
  */
 void ec_GFp_nistp_recode_scalar_bits(unsigned char *sign,
diff --git a/deps/openssl/openssl/crypto/ec/ecx_meth.c b/deps/openssl/openssl/crypto/ec/ecx_meth.c
index e4cac99e2d2acf..c87419b5db3880 100644
--- a/deps/openssl/openssl/crypto/ec/ecx_meth.c
+++ b/deps/openssl/openssl/crypto/ec/ecx_meth.c
@@ -532,7 +532,7 @@ static int ecd_item_sign25519(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
     X509_ALGOR_set0(alg1, OBJ_nid2obj(NID_ED25519), V_ASN1_UNDEF, NULL);
     if (alg2)
         X509_ALGOR_set0(alg2, OBJ_nid2obj(NID_ED25519), V_ASN1_UNDEF, NULL);
-    /* Algorithm idetifiers set: carry on as normal */
+    /* Algorithm identifiers set: carry on as normal */
     return 3;
 }
 
diff --git a/deps/openssl/openssl/crypto/engine/eng_devcrypto.c b/deps/openssl/openssl/crypto/engine/eng_devcrypto.c
index 717d7c27794ff1..a727c6f6460692 100644
--- a/deps/openssl/openssl/crypto/engine/eng_devcrypto.c
+++ b/deps/openssl/openssl/crypto/engine/eng_devcrypto.c
@@ -26,7 +26,7 @@
 
 /* #define ENGINE_DEVCRYPTO_DEBUG */
 
-#ifdef CRYPTO_ALGORITHM_MIN
+#if CRYPTO_ALGORITHM_MIN < CRYPTO_ALGORITHM_MAX
 # define CHECK_BSD_STYLE_MACROS
 #endif
 
diff --git a/deps/openssl/openssl/crypto/engine/eng_openssl.c b/deps/openssl/openssl/crypto/engine/eng_openssl.c
index f7ad7a5f46da59..d9b3067a132227 100644
--- a/deps/openssl/openssl/crypto/engine/eng_openssl.c
+++ b/deps/openssl/openssl/crypto/engine/eng_openssl.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -29,12 +29,14 @@
  */
 #define TEST_ENG_OPENSSL_RC4
 #ifndef OPENSSL_NO_STDIO
-#define TEST_ENG_OPENSSL_PKEY
+# define TEST_ENG_OPENSSL_PKEY
 #endif
 /* #define TEST_ENG_OPENSSL_HMAC */
 /* #define TEST_ENG_OPENSSL_HMAC_INIT */
 /* #define TEST_ENG_OPENSSL_RC4_OTHERS */
-#define TEST_ENG_OPENSSL_RC4_P_INIT
+#ifndef OPENSSL_NO_STDIO
+# define TEST_ENG_OPENSSL_RC4_P_INIT
+#endif
 /* #define TEST_ENG_OPENSSL_RC4_P_CIPHER */
 #define TEST_ENG_OPENSSL_SHA
 /* #define TEST_ENG_OPENSSL_SHA_OTHERS */
diff --git a/deps/openssl/openssl/crypto/err/err.c b/deps/openssl/openssl/crypto/err/err.c
index eaf6712fdbd02b..3a58ccb9588296 100644
--- a/deps/openssl/openssl/crypto/err/err.c
+++ b/deps/openssl/openssl/crypto/err/err.c
@@ -184,8 +184,8 @@ static ERR_STRING_DATA *int_err_get_item(const ERR_STRING_DATA *d)
 }
 
 #ifndef OPENSSL_NO_ERR
-/* A measurement on Linux 2018-11-21 showed about 3.5kib */
-# define SPACE_SYS_STR_REASONS 4 * 1024
+/* 2019-05-21: Russian and Ukrainian locales on Linux require more than 6,5 kB */
+# define SPACE_SYS_STR_REASONS 8 * 1024
 # define NUM_SYS_STR_REASONS 127
 
 static ERR_STRING_DATA SYS_str_reasons[NUM_SYS_STR_REASONS + 1];
@@ -219,21 +219,23 @@ static void build_SYS_str_reasons(void)
         ERR_STRING_DATA *str = &SYS_str_reasons[i - 1];
 
         str->error = ERR_PACK(ERR_LIB_SYS, 0, i);
-        if (str->string == NULL) {
+        /*
+         * If we have used up all the space in strerror_pool,
+         * there's no point in calling openssl_strerror_r()
+         */
+        if (str->string == NULL && cnt < sizeof(strerror_pool)) {
             if (openssl_strerror_r(i, cur, sizeof(strerror_pool) - cnt)) {
                 size_t l = strlen(cur);
 
                 str->string = cur;
                 cnt += l;
-                if (cnt > sizeof(strerror_pool))
-                    cnt = sizeof(strerror_pool);
                 cur += l;
 
                 /*
                  * VMS has an unusual quirk of adding spaces at the end of
-                 * some (most? all?) messages.  Lets trim them off.
+                 * some (most? all?) messages. Lets trim them off.
                  */
-                while (ossl_isspace(cur[-1])) {
+                while (cur > strerror_pool && ossl_isspace(cur[-1])) {
                     cur--;
                     cnt--;
                 }
diff --git a/deps/openssl/openssl/crypto/err/openssl.txt b/deps/openssl/openssl/crypto/err/openssl.txt
index feff1dccded72d..a433b032407889 100644
--- a/deps/openssl/openssl/crypto/err/openssl.txt
+++ b/deps/openssl/openssl/crypto/err/openssl.txt
@@ -314,6 +314,7 @@ CMS_F_CMS_SIGNERINFO_VERIFY:152:CMS_SignerInfo_verify
 CMS_F_CMS_SIGNERINFO_VERIFY_CERT:153:cms_signerinfo_verify_cert
 CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT:154:CMS_SignerInfo_verify_content
 CMS_F_CMS_SIGN_RECEIPT:163:CMS_sign_receipt
+CMS_F_CMS_SI_CHECK_ATTRIBUTES:183:CMS_si_check_attributes
 CMS_F_CMS_STREAM:155:CMS_stream
 CMS_F_CMS_UNCOMPRESS:156:CMS_uncompress
 CMS_F_CMS_VERIFY:157:CMS_verify
@@ -713,11 +714,14 @@ ENGINE_F_INT_ENGINE_CONFIGURE:188:int_engine_configure
 ENGINE_F_INT_ENGINE_MODULE_INIT:187:int_engine_module_init
 ENGINE_F_OSSL_HMAC_INIT:200:ossl_hmac_init
 EVP_F_AESNI_INIT_KEY:165:aesni_init_key
+EVP_F_AESNI_XTS_INIT_KEY:207:aesni_xts_init_key
 EVP_F_AES_GCM_CTRL:196:aes_gcm_ctrl
 EVP_F_AES_INIT_KEY:133:aes_init_key
 EVP_F_AES_OCB_CIPHER:169:aes_ocb_cipher
 EVP_F_AES_T4_INIT_KEY:178:aes_t4_init_key
+EVP_F_AES_T4_XTS_INIT_KEY:208:aes_t4_xts_init_key
 EVP_F_AES_WRAP_CIPHER:170:aes_wrap_cipher
+EVP_F_AES_XTS_INIT_KEY:209:aes_xts_init_key
 EVP_F_ALG_MODULE_INIT:177:alg_module_init
 EVP_F_ARIA_CCM_INIT_KEY:175:aria_ccm_init_key
 EVP_F_ARIA_GCM_CTRL:197:aria_gcm_ctrl
@@ -808,6 +812,7 @@ EVP_F_PKCS5_V2_SCRYPT_KEYIVGEN:180:PKCS5_v2_scrypt_keyivgen
 EVP_F_PKEY_SET_TYPE:158:pkey_set_type
 EVP_F_RC2_MAGIC_TO_METH:109:rc2_magic_to_meth
 EVP_F_RC5_CTRL:125:rc5_ctrl
+EVP_F_R_32_12_16_INIT_KEY:242:r_32_12_16_init_key
 EVP_F_S390X_AES_GCM_CTRL:201:s390x_aes_gcm_ctrl
 EVP_F_UPDATE:173:update
 KDF_F_PKEY_HKDF_CTRL_STR:103:pkey_hkdf_ctrl_str
@@ -1020,6 +1025,7 @@ RAND_F_RAND_POOL_ADD_BEGIN:113:rand_pool_add_begin
 RAND_F_RAND_POOL_ADD_END:114:rand_pool_add_end
 RAND_F_RAND_POOL_ATTACH:124:rand_pool_attach
 RAND_F_RAND_POOL_BYTES_NEEDED:115:rand_pool_bytes_needed
+RAND_F_RAND_POOL_GROW:125:rand_pool_grow
 RAND_F_RAND_POOL_NEW:116:rand_pool_new
 RAND_F_RAND_WRITE_FILE:112:RAND_write_file
 RSA_F_CHECK_PADDING_MD:140:check_padding_md
@@ -1930,6 +1936,7 @@ BN_R_P_IS_NOT_PRIME:112:p is not prime
 BN_R_TOO_MANY_ITERATIONS:113:too many iterations
 BN_R_TOO_MANY_TEMPORARY_VARIABLES:109:too many temporary variables
 CMS_R_ADD_SIGNER_ERROR:99:add signer error
+CMS_R_ATTRIBUTE_ERROR:161:attribute error
 CMS_R_CERTIFICATE_ALREADY_PRESENT:175:certificate already present
 CMS_R_CERTIFICATE_HAS_NO_KEYID:160:certificate has no keyid
 CMS_R_CERTIFICATE_VERIFY_ERROR:100:certificate verify error
@@ -2094,6 +2101,7 @@ DSA_R_DECODE_ERROR:104:decode error
 DSA_R_INVALID_DIGEST_TYPE:106:invalid digest type
 DSA_R_INVALID_PARAMETERS:112:invalid parameters
 DSA_R_MISSING_PARAMETERS:101:missing parameters
+DSA_R_MISSING_PRIVATE_KEY:111:missing private key
 DSA_R_MODULUS_TOO_LARGE:103:modulus too large
 DSA_R_NO_PARAMETERS_SET:107:no parameters set
 DSA_R_PARAMETER_ENCODING_ERROR:105:parameter encoding error
@@ -2218,6 +2226,7 @@ ENGINE_R_VERSION_INCOMPATIBILITY:145:version incompatibility
 EVP_R_AES_KEY_SETUP_FAILED:143:aes key setup failed
 EVP_R_ARIA_KEY_SETUP_FAILED:176:aria key setup failed
 EVP_R_BAD_DECRYPT:100:bad decrypt
+EVP_R_BAD_KEY_LENGTH:195:bad key length
 EVP_R_BUFFER_TOO_SMALL:155:buffer too small
 EVP_R_CAMELLIA_KEY_SETUP_FAILED:157:camellia key setup failed
 EVP_R_CIPHER_PARAMETER_ERROR:122:cipher parameter error
@@ -2287,6 +2296,7 @@ EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM:118:unsupported private key algorithm
 EVP_R_UNSUPPORTED_SALT_TYPE:126:unsupported salt type
 EVP_R_WRAP_MODE_NOT_ALLOWED:170:wrap mode not allowed
 EVP_R_WRONG_FINAL_BLOCK_LENGTH:109:wrong final block length
+EVP_R_XTS_DUPLICATED_KEYS:183:xts duplicated keys
 KDF_R_INVALID_DIGEST:100:invalid digest
 KDF_R_MISSING_ITERATION_COUNT:109:missing iteration count
 KDF_R_MISSING_KEY:104:missing key
@@ -2527,6 +2537,7 @@ RSA_R_KEY_PRIME_NUM_INVALID:165:key prime num invalid
 RSA_R_KEY_SIZE_TOO_SMALL:120:key size too small
 RSA_R_LAST_OCTET_INVALID:134:last octet invalid
 RSA_R_MGF1_DIGEST_NOT_ALLOWED:152:mgf1 digest not allowed
+RSA_R_MISSING_PRIVATE_KEY:179:missing private key
 RSA_R_MODULUS_TOO_LARGE:105:modulus too large
 RSA_R_MP_COEFFICIENT_NOT_INVERSE_OF_R:168:mp coefficient not inverse of r
 RSA_R_MP_EXPONENT_NOT_CONGRUENT_TO_D:169:mp exponent not congruent to d
@@ -3003,6 +3014,7 @@ X509_R_CERT_ALREADY_IN_HASH_TABLE:101:cert already in hash table
 X509_R_CRL_ALREADY_DELTA:127:crl already delta
 X509_R_CRL_VERIFY_FAILURE:131:crl verify failure
 X509_R_IDP_MISMATCH:128:idp mismatch
+X509_R_INVALID_ATTRIBUTES:138:invalid attributes
 X509_R_INVALID_DIRECTORY:113:invalid directory
 X509_R_INVALID_FIELD_NAME:119:invalid field name
 X509_R_INVALID_TRUST:123:invalid trust
diff --git a/deps/openssl/openssl/crypto/evp/bio_ok.c b/deps/openssl/openssl/crypto/evp/bio_ok.c
index a0462219beb7ee..300db6cd320d1a 100644
--- a/deps/openssl/openssl/crypto/evp/bio_ok.c
+++ b/deps/openssl/openssl/crypto/evp/bio_ok.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -38,9 +38,9 @@
         of memory.
 
         BIO_f_reliable splits data stream into blocks. Each block is prefixed
-        with it's length and suffixed with it's digest. So you need only
+        with its length and suffixed with its digest. So you need only
         several Kbytes of memory to buffer single block before verifying
-        it's digest.
+        its digest.
 
         BIO_f_reliable goes further and adds several important capabilities:
 
diff --git a/deps/openssl/openssl/crypto/evp/e_aes.c b/deps/openssl/openssl/crypto/evp/e_aes.c
index 68322e1982b883..35b1e711170d1a 100644
--- a/deps/openssl/openssl/crypto/evp/e_aes.c
+++ b/deps/openssl/openssl/crypto/evp/e_aes.c
@@ -176,7 +176,7 @@ static void ctr64_inc(unsigned char *counter)
 # define HWAES_xts_decrypt aes_p8_xts_decrypt
 #endif
 
-#if     defined(AES_ASM) && !defined(I386_ONLY) &&      (  \
+#if     !defined(OPENSSL_NO_ASM) &&                     (  \
         ((defined(__i386)       || defined(__i386__)    || \
           defined(_M_IX86)) && defined(OPENSSL_IA32_SSE2))|| \
         defined(__x86_64)       || defined(__x86_64__)  || \
@@ -383,10 +383,25 @@ static int aesni_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                               const unsigned char *iv, int enc)
 {
     EVP_AES_XTS_CTX *xctx = EVP_C_DATA(EVP_AES_XTS_CTX,ctx);
+
     if (!iv && !key)
         return 1;
 
     if (key) {
+        /* The key is two half length keys in reality */
+        const int bytes = EVP_CIPHER_CTX_key_length(ctx) / 2;
+
+        /*
+         * Verify that the two keys are different.
+         *
+         * This addresses Rogaway's vulnerability.
+         * See comment in aes_xts_init_key() below.
+         */
+        if (enc && CRYPTO_memcmp(key, key + bytes, bytes) == 0) {
+            EVPerr(EVP_F_AESNI_XTS_INIT_KEY, EVP_R_XTS_DUPLICATED_KEYS);
+            return 0;
+        }
+
         /* key_len is two AES keys */
         if (enc) {
             aesni_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 4,
@@ -787,11 +802,26 @@ static int aes_t4_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                                const unsigned char *iv, int enc)
 {
     EVP_AES_XTS_CTX *xctx = EVP_C_DATA(EVP_AES_XTS_CTX,ctx);
+
     if (!iv && !key)
         return 1;
 
     if (key) {
-        int bits = EVP_CIPHER_CTX_key_length(ctx) * 4;
+        /* The key is two half length keys in reality */
+        const int bytes = EVP_CIPHER_CTX_key_length(ctx) / 2;
+        const int bits = bytes * 8;
+
+        /*
+         * Verify that the two keys are different.
+         *
+         * This addresses Rogaway's vulnerability.
+         * See comment in aes_xts_init_key() below.
+         */
+        if (enc && CRYPTO_memcmp(key, key + bytes, bytes) == 0) {
+            EVPerr(EVP_F_AES_T4_XTS_INIT_KEY, EVP_R_XTS_DUPLICATED_KEYS);
+            return 0;
+        }
+
         xctx->stream = NULL;
         /* key_len is two AES keys */
         if (enc) {
@@ -1578,7 +1608,7 @@ static int s390x_aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
 
     switch (type) {
     case EVP_CTRL_INIT:
-        ivlen = EVP_CIPHER_CTX_iv_length(c);
+        ivlen = EVP_CIPHER_iv_length(c->cipher);
         iv = EVP_CIPHER_CTX_iv_noconst(c);
         gctx->key_set = 0;
         gctx->iv_set = 0;
@@ -1589,6 +1619,10 @@ static int s390x_aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
         gctx->tls_aad_len = -1;
         return 1;
 
+    case EVP_CTRL_GET_IVLEN:
+        *(int *)ptr = gctx->ivlen;
+        return 1;
+
     case EVP_CTRL_AEAD_SET_IVLEN:
         if (arg <= 0)
             return 0;
@@ -2299,6 +2333,10 @@ static int s390x_aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
         cctx->aes.ccm.tls_aad_len = -1;
         return 1;
 
+    case EVP_CTRL_GET_IVLEN:
+        *(int *)ptr = 15 - cctx->aes.ccm.l;
+        return 1;
+
     case EVP_CTRL_AEAD_TLS1_AAD:
         if (arg != EVP_AEAD_TLS1_AAD_LEN)
             return 0;
@@ -2817,13 +2855,17 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
     case EVP_CTRL_INIT:
         gctx->key_set = 0;
         gctx->iv_set = 0;
-        gctx->ivlen = c->cipher->iv_len;
+        gctx->ivlen = EVP_CIPHER_iv_length(c->cipher);
         gctx->iv = c->iv;
         gctx->taglen = -1;
         gctx->iv_gen = 0;
         gctx->tls_aad_len = -1;
         return 1;
 
+    case EVP_CTRL_GET_IVLEN:
+        *(int *)ptr = gctx->ivlen;
+        return 1;
+
     case EVP_CTRL_AEAD_SET_IVLEN:
         if (arg <= 0)
             return 0;
@@ -3273,7 +3315,7 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 #define CUSTOM_FLAGS    (EVP_CIPH_FLAG_DEFAULT_ASN1 \
                 | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \
                 | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT \
-                | EVP_CIPH_CUSTOM_COPY)
+                | EVP_CIPH_CUSTOM_COPY | EVP_CIPH_CUSTOM_IV_LENGTH)
 
 BLOCK_CIPHER_custom(NID_aes, 128, 1, 12, gcm, GCM,
                     EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS)
@@ -3284,10 +3326,12 @@ BLOCK_CIPHER_custom(NID_aes, 128, 1, 12, gcm, GCM,
 
 static int aes_xts_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
 {
-    EVP_AES_XTS_CTX *xctx = EVP_C_DATA(EVP_AES_XTS_CTX,c);
+    EVP_AES_XTS_CTX *xctx = EVP_C_DATA(EVP_AES_XTS_CTX, c);
+
     if (type == EVP_CTRL_COPY) {
         EVP_CIPHER_CTX *out = ptr;
         EVP_AES_XTS_CTX *xctx_out = EVP_C_DATA(EVP_AES_XTS_CTX,out);
+
         if (xctx->xts.key1) {
             if (xctx->xts.key1 != &xctx->ks1)
                 return 0;
@@ -3311,11 +3355,36 @@ static int aes_xts_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                             const unsigned char *iv, int enc)
 {
     EVP_AES_XTS_CTX *xctx = EVP_C_DATA(EVP_AES_XTS_CTX,ctx);
+
     if (!iv && !key)
         return 1;
 
     if (key)
         do {
+            /* The key is two half length keys in reality */
+            const int bytes = EVP_CIPHER_CTX_key_length(ctx) / 2;
+
+            /*
+             * Verify that the two keys are different.
+             *
+             * This addresses the vulnerability described in Rogaway's
+             * September 2004 paper:
+             *
+             *      "Efficient Instantiations of Tweakable Blockciphers and
+             *       Refinements to Modes OCB and PMAC".
+             *      (http://web.cs.ucdavis.edu/~rogaway/papers/offsets.pdf)
+             *
+             * FIPS 140-2 IG A.9 XTS-AES Key Generation Requirements states
+             * that:
+             *      "The check for Key_1 != Key_2 shall be done at any place
+             *       BEFORE using the keys in the XTS-AES algorithm to process
+             *       data with them."
+             */
+            if (enc && CRYPTO_memcmp(key, key + bytes, bytes) == 0) {
+                EVPerr(EVP_F_AES_XTS_INIT_KEY, EVP_R_XTS_DUPLICATED_KEYS);
+                return 0;
+            }
+
 #ifdef AES_XTS_ASM
             xctx->stream = enc ? AES_xts_encrypt : AES_xts_decrypt;
 #else
@@ -3448,7 +3517,9 @@ static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
         cctx->len_set = 0;
         cctx->tls_aad_len = -1;
         return 1;
-
+    case EVP_CTRL_GET_IVLEN:
+        *(int *)ptr = 15 - cctx->L;
+        return 1;
     case EVP_CTRL_AEAD_TLS1_AAD:
         /* Save the AAD for later use */
         if (arg != EVP_AEAD_TLS1_AAD_LEN)
@@ -3897,13 +3968,17 @@ static int aes_ocb_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
     case EVP_CTRL_INIT:
         octx->key_set = 0;
         octx->iv_set = 0;
-        octx->ivlen = EVP_CIPHER_CTX_iv_length(c);
+        octx->ivlen = EVP_CIPHER_iv_length(c->cipher);
         octx->iv = EVP_CIPHER_CTX_iv_noconst(c);
         octx->taglen = 16;
         octx->data_buf_len = 0;
         octx->aad_buf_len = 0;
         return 1;
 
+    case EVP_CTRL_GET_IVLEN:
+        *(int *)ptr = octx->ivlen;
+        return 1;
+
     case EVP_CTRL_AEAD_SET_IVLEN:
         /* IV len must be 1 to 15 */
         if (arg <= 0 || arg > 15)
diff --git a/deps/openssl/openssl/crypto/evp/e_aria.c b/deps/openssl/openssl/crypto/evp/e_aria.c
index 100573f5fc7fce..fcaceb3bcadf8e 100644
--- a/deps/openssl/openssl/crypto/evp/e_aria.c
+++ b/deps/openssl/openssl/crypto/evp/e_aria.c
@@ -252,7 +252,7 @@ static int aria_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
     case EVP_CTRL_INIT:
         gctx->key_set = 0;
         gctx->iv_set = 0;
-        gctx->ivlen = EVP_CIPHER_CTX_iv_length(c);
+        gctx->ivlen = EVP_CIPHER_iv_length(c->cipher);
         gctx->iv = EVP_CIPHER_CTX_iv_noconst(c);
         gctx->taglen = -1;
         gctx->iv_gen = 0;
@@ -274,6 +274,10 @@ static int aria_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
         gctx->ivlen = arg;
         return 1;
 
+    case EVP_CTRL_GET_IVLEN:
+        *(int *)ptr = gctx->ivlen;
+        return 1;
+
     case EVP_CTRL_AEAD_SET_TAG:
         if (arg <= 0 || arg > 16 || EVP_CIPHER_CTX_encrypting(c))
             return 0;
@@ -573,6 +577,10 @@ static int aria_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
         memcpy(EVP_CIPHER_CTX_iv_noconst(c), ptr, arg);
         return 1;
 
+    case EVP_CTRL_GET_IVLEN:
+        *(int *)ptr = 15 - cctx->L;
+        return 1;
+
     case EVP_CTRL_AEAD_SET_IVLEN:
         arg = 15 - arg;
         /* fall thru */
@@ -742,7 +750,8 @@ static int aria_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
 #define ARIA_AUTH_FLAGS  (EVP_CIPH_FLAG_DEFAULT_ASN1 \
                           | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \
                           | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT \
-                          | EVP_CIPH_CUSTOM_COPY | EVP_CIPH_FLAG_AEAD_CIPHER)
+                          | EVP_CIPH_CUSTOM_COPY | EVP_CIPH_FLAG_AEAD_CIPHER \
+                          | EVP_CIPH_CUSTOM_IV_LENGTH)
 
 #define BLOCK_CIPHER_aead(nid,keylen,blocksize,ivlen,nmode,mode,MODE,flags) \
 static const EVP_CIPHER aria_##keylen##_##mode = { \
diff --git a/deps/openssl/openssl/crypto/evp/e_chacha20_poly1305.c b/deps/openssl/openssl/crypto/evp/e_chacha20_poly1305.c
index 600365d2f077d1..435a38d3658d34 100644
--- a/deps/openssl/openssl/crypto/evp/e_chacha20_poly1305.c
+++ b/deps/openssl/openssl/crypto/evp/e_chacha20_poly1305.c
@@ -534,6 +534,10 @@ static int chacha20_poly1305_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
         }
         return 1;
 
+    case EVP_CTRL_GET_IVLEN:
+        *(int *)ptr = actx->nonce_len;
+        return 1;
+
     case EVP_CTRL_AEAD_SET_IVLEN:
         if (arg <= 0 || arg > CHACHA20_POLY1305_MAX_IVLEN)
             return 0;
@@ -613,7 +617,8 @@ static EVP_CIPHER chacha20_poly1305 = {
     12,                 /* iv_len, 96-bit nonce in the context */
     EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_CUSTOM_IV |
     EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT |
-    EVP_CIPH_CUSTOM_COPY | EVP_CIPH_FLAG_CUSTOM_CIPHER,
+    EVP_CIPH_CUSTOM_COPY | EVP_CIPH_FLAG_CUSTOM_CIPHER |
+    EVP_CIPH_CUSTOM_IV_LENGTH,
     chacha20_poly1305_init_key,
     chacha20_poly1305_cipher,
     chacha20_poly1305_cleanup,
diff --git a/deps/openssl/openssl/crypto/evp/e_rc5.c b/deps/openssl/openssl/crypto/evp/e_rc5.c
index a2f26d8c5f23bd..dc5589b6881381 100644
--- a/deps/openssl/openssl/crypto/evp/e_rc5.c
+++ b/deps/openssl/openssl/crypto/evp/e_rc5.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -66,6 +66,10 @@ static int rc5_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
 static int r_32_12_16_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
                                const unsigned char *iv, int enc)
 {
+    if (EVP_CIPHER_CTX_key_length(ctx) > 255) {
+        EVPerr(EVP_F_R_32_12_16_INIT_KEY, EVP_R_BAD_KEY_LENGTH);
+        return 0;
+    }
     RC5_32_set_key(&data(ctx)->ks, EVP_CIPHER_CTX_key_length(ctx),
                    key, data(ctx)->rounds);
     return 1;
diff --git a/deps/openssl/openssl/crypto/evp/evp_err.c b/deps/openssl/openssl/crypto/evp/evp_err.c
index 60df27cbc20ac6..84bd3c2dab27af 100644
--- a/deps/openssl/openssl/crypto/evp/evp_err.c
+++ b/deps/openssl/openssl/crypto/evp/evp_err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -15,11 +15,15 @@
 
 static const ERR_STRING_DATA EVP_str_functs[] = {
     {ERR_PACK(ERR_LIB_EVP, EVP_F_AESNI_INIT_KEY, 0), "aesni_init_key"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_AESNI_XTS_INIT_KEY, 0), "aesni_xts_init_key"},
     {ERR_PACK(ERR_LIB_EVP, EVP_F_AES_GCM_CTRL, 0), "aes_gcm_ctrl"},
     {ERR_PACK(ERR_LIB_EVP, EVP_F_AES_INIT_KEY, 0), "aes_init_key"},
     {ERR_PACK(ERR_LIB_EVP, EVP_F_AES_OCB_CIPHER, 0), "aes_ocb_cipher"},
     {ERR_PACK(ERR_LIB_EVP, EVP_F_AES_T4_INIT_KEY, 0), "aes_t4_init_key"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_AES_T4_XTS_INIT_KEY, 0),
+     "aes_t4_xts_init_key"},
     {ERR_PACK(ERR_LIB_EVP, EVP_F_AES_WRAP_CIPHER, 0), "aes_wrap_cipher"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_AES_XTS_INIT_KEY, 0), "aes_xts_init_key"},
     {ERR_PACK(ERR_LIB_EVP, EVP_F_ALG_MODULE_INIT, 0), "alg_module_init"},
     {ERR_PACK(ERR_LIB_EVP, EVP_F_ARIA_CCM_INIT_KEY, 0), "aria_ccm_init_key"},
     {ERR_PACK(ERR_LIB_EVP, EVP_F_ARIA_GCM_CTRL, 0), "aria_gcm_ctrl"},
@@ -149,6 +153,8 @@ static const ERR_STRING_DATA EVP_str_functs[] = {
     {ERR_PACK(ERR_LIB_EVP, EVP_F_PKEY_SET_TYPE, 0), "pkey_set_type"},
     {ERR_PACK(ERR_LIB_EVP, EVP_F_RC2_MAGIC_TO_METH, 0), "rc2_magic_to_meth"},
     {ERR_PACK(ERR_LIB_EVP, EVP_F_RC5_CTRL, 0), "rc5_ctrl"},
+    {ERR_PACK(ERR_LIB_EVP, EVP_F_R_32_12_16_INIT_KEY, 0),
+     "r_32_12_16_init_key"},
     {ERR_PACK(ERR_LIB_EVP, EVP_F_S390X_AES_GCM_CTRL, 0), "s390x_aes_gcm_ctrl"},
     {ERR_PACK(ERR_LIB_EVP, EVP_F_UPDATE, 0), "update"},
     {0, NULL}
@@ -160,6 +166,7 @@ static const ERR_STRING_DATA EVP_str_reasons[] = {
     {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_ARIA_KEY_SETUP_FAILED),
     "aria key setup failed"},
     {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_BAD_DECRYPT), "bad decrypt"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_BAD_KEY_LENGTH), "bad key length"},
     {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_BUFFER_TOO_SMALL), "buffer too small"},
     {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_CAMELLIA_KEY_SETUP_FAILED),
     "camellia key setup failed"},
@@ -266,6 +273,8 @@ static const ERR_STRING_DATA EVP_str_reasons[] = {
     "wrap mode not allowed"},
     {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_WRONG_FINAL_BLOCK_LENGTH),
     "wrong final block length"},
+    {ERR_PACK(ERR_LIB_EVP, 0, EVP_R_XTS_DUPLICATED_KEYS),
+    "xts duplicated keys"},
     {0, NULL}
 };
 
diff --git a/deps/openssl/openssl/crypto/evp/evp_lib.c b/deps/openssl/openssl/crypto/evp/evp_lib.c
index 1b3c9840c6fc53..4935c2a94a1a67 100644
--- a/deps/openssl/openssl/crypto/evp/evp_lib.c
+++ b/deps/openssl/openssl/crypto/evp/evp_lib.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -242,6 +242,13 @@ int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher)
 
 int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
 {
+    int i, rv;
+
+    if ((EVP_CIPHER_flags(ctx->cipher) & EVP_CIPH_CUSTOM_IV_LENGTH) != 0) {
+        rv = EVP_CIPHER_CTX_ctrl((EVP_CIPHER_CTX *)ctx, EVP_CTRL_GET_IVLEN,
+                                 0, &i);
+        return (rv == 1) ? i : -1;
+    }
     return ctx->cipher->iv_len;
 }
 
diff --git a/deps/openssl/openssl/crypto/evp/m_sha3.c b/deps/openssl/openssl/crypto/evp/m_sha3.c
index 31379c0f6b9953..01cf57d313d08c 100644
--- a/deps/openssl/openssl/crypto/evp/m_sha3.c
+++ b/deps/openssl/openssl/crypto/evp/m_sha3.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -108,6 +108,9 @@ static int sha3_final(EVP_MD_CTX *evp_ctx, unsigned char *md)
     size_t bsz = ctx->block_size;
     size_t num = ctx->num;
 
+    if (ctx->md_size == 0)
+        return 1;
+
     /*
      * Pad the data with 10*1. Note that |num| can be |bsz - 1|
      * in which case both byte operations below are performed on
diff --git a/deps/openssl/openssl/crypto/include/internal/bn_conf.h b/deps/openssl/openssl/crypto/include/internal/bn_conf.h
deleted file mode 100644
index 79400c6472a49c..00000000000000
--- a/deps/openssl/openssl/crypto/include/internal/bn_conf.h
+++ /dev/null
@@ -1 +0,0 @@
-#include "../../../config/bn_conf.h"
diff --git a/deps/openssl/openssl/crypto/include/internal/ctype.h b/deps/openssl/openssl/crypto/include/internal/ctype.h
index a35b12bfbff654..9f3a58339c4ffe 100644
--- a/deps/openssl/openssl/crypto/include/internal/ctype.h
+++ b/deps/openssl/openssl/crypto/include/internal/ctype.h
@@ -1,5 +1,5 @@
 /*
- * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -57,6 +57,8 @@ int ossl_ctype_check(int c, unsigned int mask);
 int ossl_tolower(int c);
 int ossl_toupper(int c);
 
+int ascii_isdigit(const char inchar);
+
 # define ossl_isalnum(c)        (ossl_ctype_check((c), CTYPE_MASK_alnum))
 # define ossl_isalpha(c)        (ossl_ctype_check((c), CTYPE_MASK_alpha))
 # ifdef CHARSET_EBCDIC
diff --git a/deps/openssl/openssl/crypto/include/internal/dso_conf.h b/deps/openssl/openssl/crypto/include/internal/dso_conf.h
deleted file mode 100644
index e7f2afa9872320..00000000000000
--- a/deps/openssl/openssl/crypto/include/internal/dso_conf.h
+++ /dev/null
@@ -1 +0,0 @@
-#include "../../../config/dso_conf.h"
diff --git a/deps/openssl/openssl/crypto/include/internal/rand_int.h b/deps/openssl/openssl/crypto/include/internal/rand_int.h
index 888cab1b8f6644..10347ab0e37403 100644
--- a/deps/openssl/openssl/crypto/include/internal/rand_int.h
+++ b/deps/openssl/openssl/crypto/include/internal/rand_int.h
@@ -1,5 +1,5 @@
 /*
- * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -26,7 +26,6 @@ typedef struct rand_pool_st RAND_POOL;
 void rand_cleanup_int(void);
 void rand_drbg_cleanup_int(void);
 void drbg_delete_thread_state(void);
-void rand_fork(void);
 
 /* Hardware-based seeding functions. */
 size_t rand_acquire_entropy_from_tsc(RAND_POOL *pool);
@@ -52,7 +51,8 @@ void rand_drbg_cleanup_additional_data(RAND_POOL *pool, unsigned char *out);
 /*
  * RAND_POOL functions
  */
-RAND_POOL *rand_pool_new(int entropy_requested, size_t min_len, size_t max_len);
+RAND_POOL *rand_pool_new(int entropy_requested, int secure,
+                         size_t min_len, size_t max_len);
 RAND_POOL *rand_pool_attach(const unsigned char *buffer, size_t len,
                             size_t entropy);
 void rand_pool_free(RAND_POOL *pool);
diff --git a/deps/openssl/openssl/crypto/include/internal/sm2err.h b/deps/openssl/openssl/crypto/include/internal/sm2err.h
index a4db1b73d728c8..09edfab787f415 100644
--- a/deps/openssl/openssl/crypto/include/internal/sm2err.h
+++ b/deps/openssl/openssl/crypto/include/internal/sm2err.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,6 +11,10 @@
 #ifndef HEADER_SM2ERR_H
 # define HEADER_SM2ERR_H
 
+# ifndef HEADER_SYMHACKS_H
+#  include <openssl/symhacks.h>
+# endif
+
 # include <openssl/opensslconf.h>
 
 # ifndef OPENSSL_NO_SM2
diff --git a/deps/openssl/openssl/crypto/init.c b/deps/openssl/openssl/crypto/init.c
index 62626a707ea8af..9fc0e8ef68aadb 100644
--- a/deps/openssl/openssl/crypto/init.c
+++ b/deps/openssl/openssl/crypto/init.c
@@ -40,7 +40,7 @@ static int stopped = 0;
  * destructor for threads terminating before libcrypto is initialized or
  * after it's de-initialized. Access to the key doesn't have to be
  * serialized for the said threads, because they didn't use libcrypto
- * and it doesn't matter if they pick "impossible" or derefernce real
+ * and it doesn't matter if they pick "impossible" or dereference real
  * key value and pull NULL past initialization in the first thread that
  * intends to use libcrypto.
  */
@@ -847,6 +847,5 @@ void OPENSSL_fork_parent(void)
 
 void OPENSSL_fork_child(void)
 {
-    rand_fork();
 }
 #endif
diff --git a/deps/openssl/openssl/crypto/lhash/lhash.c b/deps/openssl/openssl/crypto/lhash/lhash.c
index 8d9f933df368c9..485d4c3ffff454 100644
--- a/deps/openssl/openssl/crypto/lhash/lhash.c
+++ b/deps/openssl/openssl/crypto/lhash/lhash.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -19,14 +19,14 @@
 
 /*
  * A hashing implementation that appears to be based on the linear hashing
- * alogrithm:
+ * algorithm:
  * https://en.wikipedia.org/wiki/Linear_hashing
  *
  * Litwin, Witold (1980), "Linear hashing: A new tool for file and table
  * addressing", Proc. 6th Conference on Very Large Databases: 212-223
- * http://hackthology.com/pdfs/Litwin-1980-Linear_Hashing.pdf
+ * https://hackthology.com/pdfs/Litwin-1980-Linear_Hashing.pdf
  *
- * From the wikipedia article "Linear hashing is used in the BDB Berkeley
+ * From the Wikipedia article "Linear hashing is used in the BDB Berkeley
  * database system, which in turn is used by many software systems such as
  * OpenLDAP, using a C implementation derived from the CACM article and first
  * published on the Usenet in 1988 by Esmond Pitt."
diff --git a/deps/openssl/openssl/crypto/o_str.c b/deps/openssl/openssl/crypto/o_str.c
index 1dbd70d58c4ddc..9ad7a89dcadfe7 100644
--- a/deps/openssl/openssl/crypto/o_str.c
+++ b/deps/openssl/openssl/crypto/o_str.c
@@ -231,7 +231,7 @@ int openssl_strerror_r(int errnum, char *buf, size_t buflen)
      * buf is left unused.
      */
     err = strerror_r(errnum, buf, buflen);
-    if (err == NULL)
+    if (err == NULL || buflen == 0)
         return 0;
     /*
      * If err is statically allocated, err != buf and we need to copy the data.
diff --git a/deps/openssl/openssl/crypto/pem/pvkfmt.c b/deps/openssl/openssl/crypto/pem/pvkfmt.c
index e39c2438140d05..2bbee4a306e4f1 100644
--- a/deps/openssl/openssl/crypto/pem/pvkfmt.c
+++ b/deps/openssl/openssl/crypto/pem/pvkfmt.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2005-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2005-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -274,6 +274,9 @@ static EVP_PKEY *b2i_dss(const unsigned char **in,
         if (!read_lebn(&p, 20, &priv_key))
             goto memerr;
 
+        /* Set constant time flag before public key calculation */
+        BN_set_flags(priv_key, BN_FLG_CONSTTIME);
+
         /* Calculate public key */
         pub_key = BN_new();
         if (pub_key == NULL)
diff --git a/deps/openssl/openssl/crypto/pkcs7/pk7_doit.c b/deps/openssl/openssl/crypto/pkcs7/pk7_doit.c
index ee08e602a1eb91..f63fbc50ea60ef 100644
--- a/deps/openssl/openssl/crypto/pkcs7/pk7_doit.c
+++ b/deps/openssl/openssl/crypto/pkcs7/pk7_doit.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -137,7 +137,8 @@ static int pkcs7_encode_rinfo(PKCS7_RECIP_INFO *ri,
 }
 
 static int pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen,
-                               PKCS7_RECIP_INFO *ri, EVP_PKEY *pkey)
+                               PKCS7_RECIP_INFO *ri, EVP_PKEY *pkey,
+                               size_t fixlen)
 {
     EVP_PKEY_CTX *pctx = NULL;
     unsigned char *ek = NULL;
@@ -170,7 +171,9 @@ static int pkcs7_decrypt_rinfo(unsigned char **pek, int *peklen,
     }
 
     if (EVP_PKEY_decrypt(pctx, ek, &eklen,
-                         ri->enc_key->data, ri->enc_key->length) <= 0) {
+                         ri->enc_key->data, ri->enc_key->length) <= 0
+            || eklen == 0
+            || (fixlen != 0 && eklen != fixlen)) {
         ret = 0;
         PKCS7err(PKCS7_F_PKCS7_DECRYPT_RINFO, ERR_R_EVP_LIB);
         goto err;
@@ -499,13 +502,14 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
             for (i = 0; i < sk_PKCS7_RECIP_INFO_num(rsk); i++) {
                 ri = sk_PKCS7_RECIP_INFO_value(rsk, i);
 
-                if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey) < 0)
+                if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey,
+                        EVP_CIPHER_key_length(evp_cipher)) < 0)
                     goto err;
                 ERR_clear_error();
             }
         } else {
             /* Only exit on fatal errors, not decrypt failure */
-            if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey) < 0)
+            if (pkcs7_decrypt_rinfo(&ek, &eklen, ri, pkey, 0) < 0)
                 goto err;
             ERR_clear_error();
         }
diff --git a/deps/openssl/openssl/crypto/rand/drbg_lib.c b/deps/openssl/openssl/crypto/rand/drbg_lib.c
index abbe0a8ba30f3e..12bb627a04efab 100644
--- a/deps/openssl/openssl/crypto/rand/drbg_lib.c
+++ b/deps/openssl/openssl/crypto/rand/drbg_lib.c
@@ -197,7 +197,7 @@ static RAND_DRBG *rand_drbg_new(int secure,
     }
 
     drbg->secure = secure && CRYPTO_secure_allocated(drbg);
-    drbg->fork_count = rand_fork_count;
+    drbg->fork_id = openssl_get_fork_id();
     drbg->parent = parent;
 
     if (parent == NULL) {
@@ -318,7 +318,7 @@ int RAND_DRBG_instantiate(RAND_DRBG *drbg,
     /*
      * NIST SP800-90Ar1 section 9.1 says you can combine getting the entropy
      * and nonce in 1 call by increasing the entropy with 50% and increasing
-     * the minimum length to accomadate the length of the nonce.
+     * the minimum length to accommodate the length of the nonce.
      * We do this in case a nonce is require and get_nonce is NULL.
      */
     if (drbg->min_noncelen > 0 && drbg->get_nonce == NULL) {
@@ -578,6 +578,7 @@ int RAND_DRBG_generate(RAND_DRBG *drbg, unsigned char *out, size_t outlen,
                        int prediction_resistance,
                        const unsigned char *adin, size_t adinlen)
 {
+    int fork_id;
     int reseed_required = 0;
 
     if (drbg->state != DRBG_READY) {
@@ -603,8 +604,10 @@ int RAND_DRBG_generate(RAND_DRBG *drbg, unsigned char *out, size_t outlen,
         return 0;
     }
 
-    if (drbg->fork_count != rand_fork_count) {
-        drbg->fork_count = rand_fork_count;
+    fork_id = openssl_get_fork_id();
+
+    if (drbg->fork_id != fork_id) {
+        drbg->fork_id = fork_id;
         reseed_required = 1;
     }
 
@@ -664,7 +667,7 @@ int RAND_DRBG_bytes(RAND_DRBG *drbg, unsigned char *out, size_t outlen)
     if (drbg->adin_pool == NULL) {
         if (drbg->type == 0)
             goto err;
-        drbg->adin_pool = rand_pool_new(0, 0, drbg->max_adinlen);
+        drbg->adin_pool = rand_pool_new(0, 0, 0, drbg->max_adinlen);
         if (drbg->adin_pool == NULL)
             goto err;
     }
diff --git a/deps/openssl/openssl/crypto/rand/rand_err.c b/deps/openssl/openssl/crypto/rand/rand_err.c
index 6a870455d50a8a..ae4d8559fb2850 100644
--- a/deps/openssl/openssl/crypto/rand/rand_err.c
+++ b/deps/openssl/openssl/crypto/rand/rand_err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -47,6 +47,7 @@ static const ERR_STRING_DATA RAND_str_functs[] = {
     {ERR_PACK(ERR_LIB_RAND, RAND_F_RAND_POOL_ATTACH, 0), "rand_pool_attach"},
     {ERR_PACK(ERR_LIB_RAND, RAND_F_RAND_POOL_BYTES_NEEDED, 0),
      "rand_pool_bytes_needed"},
+    {ERR_PACK(ERR_LIB_RAND, RAND_F_RAND_POOL_GROW, 0), "rand_pool_grow"},
     {ERR_PACK(ERR_LIB_RAND, RAND_F_RAND_POOL_NEW, 0), "rand_pool_new"},
     {ERR_PACK(ERR_LIB_RAND, RAND_F_RAND_WRITE_FILE, 0), "RAND_write_file"},
     {0, NULL}
diff --git a/deps/openssl/openssl/crypto/rand/rand_lcl.h b/deps/openssl/openssl/crypto/rand/rand_lcl.h
index c3e9804dc07e5b..306c59f6efa0f6 100644
--- a/deps/openssl/openssl/crypto/rand/rand_lcl.h
+++ b/deps/openssl/openssl/crypto/rand/rand_lcl.h
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -45,7 +45,6 @@
 # define DRBG_MAX_LENGTH                         INT32_MAX
 
 
-
 /*
  * Maximum allocation size for RANDOM_POOL buffers
  *
@@ -72,6 +71,24 @@
  *                                1.5 * (RAND_DRBG_STRENGTH / 8))
  */
 
+/*
+ * Initial allocation minimum.
+ *
+ * There is a distinction between the secure and normal allocation minimums.
+ * Ideally, the secure allocation size should be a power of two.  The normal
+ * allocation size doesn't have any such restriction.
+ *
+ * The secure value is based on 128 bits of secure material, which is 16 bytes.
+ * Typically, the DRBGs will set a minimum larger than this so optimal
+ * allocation ought to take place (for full quality seed material).
+ *
+ * The normal value has been chosed by noticing that the rand_drbg_get_nonce
+ * function is usually the largest of the built in allocation (twenty four
+ * bytes and then appending another sixteen bytes).  This means the buffer ends
+ * with 40 bytes.  The value of forty eight is comfortably above this which
+ * allows some slack in the platform specific values used.
+ */
+# define RAND_POOL_MIN_ALLOCATION(secure) ((secure) ? 16 : 48)
 
 /* DRBG status values */
 typedef enum drbg_status_e {
@@ -150,9 +167,11 @@ struct rand_pool_st {
     size_t len; /* current number of random bytes contained in the pool */
 
     int attached;  /* true pool was attached to existing buffer */
+    int secure;    /* 1: allocated on the secure heap, 0: otherwise */
 
     size_t min_len; /* minimum number of random bytes requested */
     size_t max_len; /* maximum number of random bytes (allocated buffer size) */
+    size_t alloc_len; /* current number of bytes allocated */
     size_t entropy; /* current entropy count in bits */
     size_t entropy_requested; /* requested entropy count in bits */
 };
@@ -167,12 +186,12 @@ struct rand_drbg_st {
     int secure; /* 1: allocated on the secure heap, 0: otherwise */
     int type; /* the nid of the underlying algorithm */
     /*
-     * Stores the value of the rand_fork_count global as of when we last
-     * reseeded.  The DRBG reseeds automatically whenever drbg->fork_count !=
-     * rand_fork_count.  Used to provide fork-safety and reseed this DRBG in
-     * the child process.
+     * Stores the return value of openssl_get_fork_id() as of when we last
+     * reseeded.  The DRBG reseeds automatically whenever drbg->fork_id !=
+     * openssl_get_fork_id().  Used to provide fork-safety and reseed this
+     * DRBG in the child process.
      */
-    int fork_count;
+    int fork_id;
     unsigned short flags; /* various external flags */
 
     /*
@@ -264,19 +283,6 @@ struct rand_drbg_st {
 /* The global RAND method, and the global buffer and DRBG instance. */
 extern RAND_METHOD rand_meth;
 
-/*
- * A "generation count" of forks.  Incremented in the child process after a
- * fork.  Since rand_fork_count is increment-only, and only ever written to in
- * the child process of the fork, which is guaranteed to be single-threaded, no
- * locking is needed for normal (read) accesses; the rest of pthread fork
- * processing is assumed to introduce the necessary memory barriers.  Sibling
- * children of a given parent will produce duplicate values, but this is not
- * problematic because the reseeding process pulls input from the system CSPRNG
- * and/or other global sources, so the siblings will end up generating
- * different output streams.
- */
-extern int rand_fork_count;
-
 /* DRBG helpers */
 int rand_drbg_restart(RAND_DRBG *drbg,
                       const unsigned char *buffer, size_t len, size_t entropy);
diff --git a/deps/openssl/openssl/crypto/rand/rand_lib.c b/deps/openssl/openssl/crypto/rand/rand_lib.c
index c573b66fdc3268..91b26523110f34 100644
--- a/deps/openssl/openssl/crypto/rand/rand_lib.c
+++ b/deps/openssl/openssl/crypto/rand/rand_lib.c
@@ -26,8 +26,6 @@ static CRYPTO_RWLOCK *rand_meth_lock;
 static const RAND_METHOD *default_RAND_meth;
 static CRYPTO_ONCE rand_init = CRYPTO_ONCE_STATIC_INIT;
 
-int rand_fork_count;
-
 static CRYPTO_RWLOCK *rand_nonce_lock;
 static int rand_nonce_count;
 
@@ -150,7 +148,7 @@ size_t rand_drbg_get_entropy(RAND_DRBG *drbg,
         pool = drbg->seed_pool;
         pool->entropy_requested = entropy;
     } else {
-        pool = rand_pool_new(entropy, min_len, max_len);
+        pool = rand_pool_new(entropy, drbg->secure, min_len, max_len);
         if (pool == NULL)
             return 0;
     }
@@ -163,7 +161,9 @@ size_t rand_drbg_get_entropy(RAND_DRBG *drbg,
             size_t bytes = 0;
 
             /*
-             * Get random from parent, include our state as additional input.
+             * Get random data from parent. Include our address as additional input,
+             * in order to provide some additional distinction between different
+             * DRBG child instances.
              * Our lock is already held, but we need to lock our parent before
              * generating bits from it. (Note: taking the lock will be a no-op
              * if locking if drbg->parent->lock == NULL.)
@@ -172,7 +172,7 @@ size_t rand_drbg_get_entropy(RAND_DRBG *drbg,
             if (RAND_DRBG_generate(drbg->parent,
                                    buffer, bytes_needed,
                                    prediction_resistance,
-                                   NULL, 0) != 0)
+                                   (unsigned char *)&drbg, sizeof(drbg)) != 0)
                 bytes = bytes_needed;
             drbg->reseed_next_counter
                 = tsan_load(&drbg->parent->reseed_prop_counter);
@@ -216,8 +216,12 @@ size_t rand_drbg_get_entropy(RAND_DRBG *drbg,
 void rand_drbg_cleanup_entropy(RAND_DRBG *drbg,
                                unsigned char *out, size_t outlen)
 {
-    if (drbg->seed_pool == NULL)
-        OPENSSL_secure_clear_free(out, outlen);
+    if (drbg->seed_pool == NULL) {
+        if (drbg->secure)
+            OPENSSL_secure_clear_free(out, outlen);
+        else
+            OPENSSL_clear_free(out, outlen);
+    }
 }
 
 
@@ -238,8 +242,7 @@ size_t rand_drbg_get_nonce(RAND_DRBG *drbg,
     } data;
 
     memset(&data, 0, sizeof(data));
-
-    pool = rand_pool_new(0, min_len, max_len);
+    pool = rand_pool_new(0, 0, min_len, max_len);
     if (pool == NULL)
         return 0;
 
@@ -268,7 +271,7 @@ size_t rand_drbg_get_nonce(RAND_DRBG *drbg,
 void rand_drbg_cleanup_nonce(RAND_DRBG *drbg,
                              unsigned char *out, size_t outlen)
 {
-    OPENSSL_secure_clear_free(out, outlen);
+    OPENSSL_clear_free(out, outlen);
 }
 
 /*
@@ -300,11 +303,6 @@ void rand_drbg_cleanup_additional_data(RAND_POOL *pool, unsigned char *out)
     rand_pool_reattach(pool, out);
 }
 
-void rand_fork(void)
-{
-    rand_fork_count++;
-}
-
 DEFINE_RUN_ONCE_STATIC(do_rand_init)
 {
 #ifndef OPENSSL_NO_ENGINE
@@ -364,7 +362,7 @@ void rand_cleanup_int(void)
 }
 
 /*
- * RAND_close_seed_files() ensures that any seed file decriptors are
+ * RAND_close_seed_files() ensures that any seed file descriptors are
  * closed after use.
  */
 void RAND_keep_random_devices_open(int keep)
@@ -403,7 +401,7 @@ int RAND_poll(void)
 
     } else {
         /* fill random pool and seed the current legacy RNG */
-        pool = rand_pool_new(RAND_DRBG_STRENGTH,
+        pool = rand_pool_new(RAND_DRBG_STRENGTH, 1,
                              (RAND_DRBG_STRENGTH + 7) / 8,
                              RAND_POOL_MAX_LENGTH);
         if (pool == NULL)
@@ -430,9 +428,11 @@ int RAND_poll(void)
  * Allocate memory and initialize a new random pool
  */
 
-RAND_POOL *rand_pool_new(int entropy_requested, size_t min_len, size_t max_len)
+RAND_POOL *rand_pool_new(int entropy_requested, int secure,
+                         size_t min_len, size_t max_len)
 {
     RAND_POOL *pool = OPENSSL_zalloc(sizeof(*pool));
+    size_t min_alloc_size = RAND_POOL_MIN_ALLOCATION(secure);
 
     if (pool == NULL) {
         RANDerr(RAND_F_RAND_POOL_NEW, ERR_R_MALLOC_FAILURE);
@@ -442,14 +442,22 @@ RAND_POOL *rand_pool_new(int entropy_requested, size_t min_len, size_t max_len)
     pool->min_len = min_len;
     pool->max_len = (max_len > RAND_POOL_MAX_LENGTH) ?
         RAND_POOL_MAX_LENGTH : max_len;
+    pool->alloc_len = min_len < min_alloc_size ? min_alloc_size : min_len;
+    if (pool->alloc_len > pool->max_len)
+        pool->alloc_len = pool->max_len;
+
+    if (secure)
+        pool->buffer = OPENSSL_secure_zalloc(pool->alloc_len);
+    else
+        pool->buffer = OPENSSL_zalloc(pool->alloc_len);
 
-    pool->buffer = OPENSSL_secure_zalloc(pool->max_len);
     if (pool->buffer == NULL) {
         RANDerr(RAND_F_RAND_POOL_NEW, ERR_R_MALLOC_FAILURE);
         goto err;
     }
 
     pool->entropy_requested = entropy_requested;
+    pool->secure = secure;
 
     return pool;
 
@@ -484,7 +492,7 @@ RAND_POOL *rand_pool_attach(const unsigned char *buffer, size_t len,
 
     pool->attached = 1;
 
-    pool->min_len = pool->max_len = pool->len;
+    pool->min_len = pool->max_len = pool->alloc_len = pool->len;
     pool->entropy = entropy;
 
     return pool;
@@ -504,8 +512,13 @@ void rand_pool_free(RAND_POOL *pool)
      * to rand_pool_attach() as `const unsigned char*`.
      * (see corresponding comment in rand_pool_attach()).
      */
-    if (!pool->attached)
-        OPENSSL_secure_clear_free(pool->buffer, pool->max_len);
+    if (!pool->attached) {
+        if (pool->secure)
+            OPENSSL_secure_clear_free(pool->buffer, pool->alloc_len);
+        else
+            OPENSSL_clear_free(pool->buffer, pool->alloc_len);
+    }
+
     OPENSSL_free(pool);
 }
 
@@ -598,6 +611,42 @@ size_t rand_pool_entropy_needed(RAND_POOL *pool)
     return 0;
 }
 
+/* Increase the allocation size -- not usable for an attached pool */
+static int rand_pool_grow(RAND_POOL *pool, size_t len)
+{
+    if (len > pool->alloc_len - pool->len) {
+        unsigned char *p;
+        const size_t limit = pool->max_len / 2;
+        size_t newlen = pool->alloc_len;
+
+        if (pool->attached || len > pool->max_len - pool->len) {
+            RANDerr(RAND_F_RAND_POOL_GROW, ERR_R_INTERNAL_ERROR);
+            return 0;
+        }
+
+        do
+            newlen = newlen < limit ? newlen * 2 : pool->max_len;
+        while (len > newlen - pool->len);
+
+        if (pool->secure)
+            p = OPENSSL_secure_zalloc(newlen);
+        else
+            p = OPENSSL_zalloc(newlen);
+        if (p == NULL) {
+            RANDerr(RAND_F_RAND_POOL_GROW, ERR_R_MALLOC_FAILURE);
+            return 0;
+        }
+        memcpy(p, pool->buffer, pool->len);
+        if (pool->secure)
+            OPENSSL_secure_clear_free(pool->buffer, pool->alloc_len);
+        else
+            OPENSSL_clear_free(pool->buffer, pool->alloc_len);
+        pool->buffer = p;
+        pool->alloc_len = newlen;
+    }
+    return 1;
+}
+
 /*
  * Returns the number of bytes needed to fill the pool, assuming
  * the input has 1 / |entropy_factor| entropy bits per data bit.
@@ -627,6 +676,24 @@ size_t rand_pool_bytes_needed(RAND_POOL *pool, unsigned int entropy_factor)
         /* to meet the min_len requirement */
         bytes_needed = pool->min_len - pool->len;
 
+    /*
+     * Make sure the buffer is large enough for the requested amount
+     * of data. This guarantees that existing code patterns where
+     * rand_pool_add_begin, rand_pool_add_end or rand_pool_add
+     * are used to collect entropy data without any error handling
+     * whatsoever, continue to be valid.
+     * Furthermore if the allocation here fails once, make sure that
+     * we don't fall back to a less secure or even blocking random source,
+     * as that could happen by the existing code patterns.
+     * This is not a concern for additional data, therefore that
+     * is not needed if rand_pool_grow fails in other places.
+     */
+    if (!rand_pool_grow(pool, bytes_needed)) {
+        /* persistent error for this pool */
+        pool->max_len = pool->len = 0;
+        return 0;
+    }
+
     return bytes_needed;
 }
 
@@ -659,6 +726,27 @@ int rand_pool_add(RAND_POOL *pool,
     }
 
     if (len > 0) {
+        /*
+         * This is to protect us from accidentally passing the buffer
+         * returned from rand_pool_add_begin.
+         * The check for alloc_len makes sure we do not compare the
+         * address of the end of the allocated memory to something
+         * different, since that comparison would have an
+         * indeterminate result.
+         */
+        if (pool->alloc_len > pool->len && pool->buffer + pool->len == buffer) {
+            RANDerr(RAND_F_RAND_POOL_ADD, ERR_R_INTERNAL_ERROR);
+            return 0;
+        }
+        /*
+         * We have that only for cases when a pool is used to collect
+         * additional data.
+         * For entropy data, as long as the allocation request stays within
+         * the limits given by rand_pool_bytes_needed this rand_pool_grow
+         * below is guaranteed to succeed, thus no allocation happens.
+         */
+        if (!rand_pool_grow(pool, len))
+            return 0;
         memcpy(pool->buffer + pool->len, buffer, len);
         pool->len += len;
         pool->entropy += entropy;
@@ -694,6 +782,18 @@ unsigned char *rand_pool_add_begin(RAND_POOL *pool, size_t len)
         return NULL;
     }
 
+    /*
+     * As long as the allocation request stays within the limits given
+     * by rand_pool_bytes_needed this rand_pool_grow below is guaranteed
+     * to succeed, thus no allocation happens.
+     * We have that only for cases when a pool is used to collect
+     * additional data. Then the buffer might need to grow here,
+     * and of course the caller is responsible to check the return
+     * value of this function.
+     */
+    if (!rand_pool_grow(pool, len))
+        return NULL;
+
     return pool->buffer + pool->len;
 }
 
@@ -708,7 +808,7 @@ unsigned char *rand_pool_add_begin(RAND_POOL *pool, size_t len)
  */
 int rand_pool_add_end(RAND_POOL *pool, size_t len, size_t entropy)
 {
-    if (len > pool->max_len - pool->len) {
+    if (len > pool->alloc_len - pool->len) {
         RANDerr(RAND_F_RAND_POOL_ADD_END, RAND_R_RANDOM_POOL_OVERFLOW);
         return 0;
     }
diff --git a/deps/openssl/openssl/crypto/rand/rand_unix.c b/deps/openssl/openssl/crypto/rand/rand_unix.c
index 4710dbb2d1019a..69efcdeed752d7 100644
--- a/deps/openssl/openssl/crypto/rand/rand_unix.c
+++ b/deps/openssl/openssl/crypto/rand/rand_unix.c
@@ -14,14 +14,19 @@
 #include <stdio.h>
 #include "internal/cryptlib.h"
 #include <openssl/rand.h>
+#include <openssl/crypto.h>
 #include "rand_lcl.h"
 #include "internal/rand_int.h"
 #include <stdio.h>
 #include "internal/dso.h"
-#if defined(__linux)
-# include <asm/unistd.h>
+#ifdef __linux
+# include <sys/syscall.h>
+# ifdef DEVRANDOM_WAIT
+#  include <sys/shm.h>
+#  include <sys/utsname.h>
+# endif
 #endif
-#if defined(__FreeBSD__)
+#if defined(__FreeBSD__) && !defined(OPENSSL_SYS_UEFI)
 # include <sys/types.h>
 # include <sys/sysctl.h>
 # include <sys/param.h>
@@ -275,6 +280,17 @@ static ssize_t sysctl_random(char *buf, size_t buflen)
 #  endif
 
 #  if defined(OPENSSL_RAND_SEED_GETRANDOM)
+
+#   if defined(__linux) && !defined(__NR_getrandom)
+#    if defined(__arm__) && defined(__NR_SYSCALL_BASE)
+#     define __NR_getrandom    (__NR_SYSCALL_BASE+384)
+#    elif defined(__i386__)
+#     define __NR_getrandom    355
+#    elif defined(__x86_64__) && !defined(__ILP32__)
+#     define __NR_getrandom    318
+#    endif
+#   endif
+
 /*
  * syscall_random(): Try to get random data using a system call
  * returns the number of bytes returned in buf, or < 0 on error.
@@ -346,6 +362,91 @@ static struct random_device {
 } random_devices[OSSL_NELEM(random_device_paths)];
 static int keep_random_devices_open = 1;
 
+#   if defined(__linux) && defined(DEVRANDOM_WAIT)
+static void *shm_addr;
+
+static void cleanup_shm(void)
+{
+    shmdt(shm_addr);
+}
+
+/*
+ * Ensure that the system randomness source has been adequately seeded.
+ * This is done by having the first start of libcrypto, wait until the device
+ * /dev/random becomes able to supply a byte of entropy.  Subsequent starts
+ * of the library and later reseedings do not need to do this.
+ */
+static int wait_random_seeded(void)
+{
+    static int seeded = OPENSSL_RAND_SEED_DEVRANDOM_SHM_ID < 0;
+    static const int kernel_version[] = { DEVRANDOM_SAFE_KERNEL };
+    int kernel[2];
+    int shm_id, fd, r;
+    char c, *p;
+    struct utsname un;
+    fd_set fds;
+
+    if (!seeded) {
+        /* See if anything has created the global seeded indication */
+        if ((shm_id = shmget(OPENSSL_RAND_SEED_DEVRANDOM_SHM_ID, 1, 0)) == -1) {
+            /*
+             * Check the kernel's version and fail if it is too recent.
+             *
+             * Linux kernels from 4.8 onwards do not guarantee that
+             * /dev/urandom is properly seeded when /dev/random becomes
+             * readable.  However, such kernels support the getentropy(2)
+             * system call and this should always succeed which renders
+             * this alternative but essentially identical source moot.
+             */
+            if (uname(&un) == 0) {
+                kernel[0] = atoi(un.release);
+                p = strchr(un.release, '.');
+                kernel[1] = p == NULL ? 0 : atoi(p + 1);
+                if (kernel[0] > kernel_version[0]
+                    || (kernel[0] == kernel_version[0]
+                        && kernel[1] >= kernel_version[1])) {
+                    return 0;
+                }
+            }
+            /* Open /dev/random and wait for it to be readable */
+            if ((fd = open(DEVRANDOM_WAIT, O_RDONLY)) != -1) {
+                if (DEVRANDM_WAIT_USE_SELECT && fd < FD_SETSIZE) {
+                    FD_ZERO(&fds);
+                    FD_SET(fd, &fds);
+                    while ((r = select(fd + 1, &fds, NULL, NULL, NULL)) < 0
+                           && errno == EINTR);
+                } else {
+                    while ((r = read(fd, &c, 1)) < 0 && errno == EINTR);
+                }
+                close(fd);
+                if (r == 1) {
+                    seeded = 1;
+                    /* Create the shared memory indicator */
+                    shm_id = shmget(OPENSSL_RAND_SEED_DEVRANDOM_SHM_ID, 1,
+                                    IPC_CREAT | S_IRUSR | S_IRGRP | S_IROTH);
+                }
+            }
+        }
+        if (shm_id != -1) {
+            seeded = 1;
+            /*
+             * Map the shared memory to prevent its premature destruction.
+             * If this call fails, it isn't a big problem.
+             */
+            shm_addr = shmat(shm_id, NULL, SHM_RDONLY);
+            if (shm_addr != (void *)-1)
+                OPENSSL_atexit(&cleanup_shm);
+        }
+    }
+    return seeded;
+}
+#   else /* defined __linux */
+static int wait_random_seeded(void)
+{
+    return 1;
+}
+#   endif
+
 /*
  * Verify that the file descriptor associated with the random source is
  * still valid. The rationale for doing this is the fact that it is not
@@ -472,12 +573,12 @@ size_t rand_pool_acquire_entropy(RAND_POOL *pool)
 #  if defined(OPENSSL_RAND_SEED_NONE)
     return rand_pool_entropy_available(pool);
 #  else
-    size_t bytes_needed;
-    size_t entropy_available = 0;
-    unsigned char *buffer;
+    size_t entropy_available;
 
 #   if defined(OPENSSL_RAND_SEED_GETRANDOM)
     {
+        size_t bytes_needed;
+        unsigned char *buffer;
         ssize_t bytes;
         /* Maximum allowed number of consecutive unsuccessful attempts */
         int attempts = 3;
@@ -507,36 +608,16 @@ size_t rand_pool_acquire_entropy(RAND_POOL *pool)
 #   endif
 
 #   if defined(OPENSSL_RAND_SEED_DEVRANDOM)
-    bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/);
-    {
+    if (wait_random_seeded()) {
+        size_t bytes_needed;
+        unsigned char *buffer;
         size_t i;
-#ifdef DEVRANDOM_WAIT
-        static int wait_done = 0;
 
-        /*
-         * On some implementations reading from /dev/urandom is possible
-         * before it is initialized. Therefore we wait for /dev/random
-         * to be readable to make sure /dev/urandom is initialized.
-         */
-        if (!wait_done && bytes_needed > 0) {
-             int f = open(DEVRANDOM_WAIT, O_RDONLY);
-
-             if (f >= 0) {
-                 fd_set fds;
-
-                 FD_ZERO(&fds);
-                 FD_SET(f, &fds);
-                 while (select(f+1, &fds, NULL, NULL, NULL) < 0
-                        && errno == EINTR);
-                 close(f);
-             }
-             wait_done = 1;
-        }
-#endif
-
-        for (i = 0; bytes_needed > 0 && i < OSSL_NELEM(random_device_paths); i++) {
+        bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/);
+        for (i = 0; bytes_needed > 0 && i < OSSL_NELEM(random_device_paths);
+             i++) {
             ssize_t bytes = 0;
-            /* Maximum allowed number of consecutive unsuccessful attempts */
+            /* Maximum number of consecutive unsuccessful attempts */
             int attempts = 3;
             const int fd = get_random_device(i);
 
@@ -550,7 +631,7 @@ size_t rand_pool_acquire_entropy(RAND_POOL *pool)
                 if (bytes > 0) {
                     rand_pool_add_end(pool, bytes, 8 * bytes);
                     bytes_needed -= bytes;
-                    attempts = 3; /* reset counter after successful attempt */
+                    attempts = 3; /* reset counter on successful attempt */
                 } else if (bytes < 0 && errno != EINTR) {
                     break;
                 }
@@ -558,7 +639,7 @@ size_t rand_pool_acquire_entropy(RAND_POOL *pool)
             if (bytes < 0 || !keep_random_devices_open)
                 close_random_device(i);
 
-            bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/);
+            bytes_needed = rand_pool_bytes_needed(pool, 1);
         }
         entropy_available = rand_pool_entropy_available(pool);
         if (entropy_available > 0)
@@ -579,26 +660,29 @@ size_t rand_pool_acquire_entropy(RAND_POOL *pool)
 #   endif
 
 #   if defined(OPENSSL_RAND_SEED_EGD)
-    bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/);
-    if (bytes_needed > 0) {
+    {
         static const char *paths[] = { DEVRANDOM_EGD, NULL };
+        size_t bytes_needed;
+        unsigned char *buffer;
         int i;
 
-        for (i = 0; paths[i] != NULL; i++) {
+        bytes_needed = rand_pool_bytes_needed(pool, 1 /*entropy_factor*/);
+        for (i = 0; bytes_needed > 0 && paths[i] != NULL; i++) {
+            size_t bytes = 0;
+            int num;
+
             buffer = rand_pool_add_begin(pool, bytes_needed);
-            if (buffer != NULL) {
-                size_t bytes = 0;
-                int num = RAND_query_egd_bytes(paths[i],
-                                               buffer, (int)bytes_needed);
-                if (num == (int)bytes_needed)
-                    bytes = bytes_needed;
+            num = RAND_query_egd_bytes(paths[i],
+                                       buffer, (int)bytes_needed);
+            if (num == (int)bytes_needed)
+                bytes = bytes_needed;
 
-                rand_pool_add_end(pool, bytes, 8 * bytes);
-                entropy_available = rand_pool_entropy_available(pool);
-            }
-            if (entropy_available > 0)
-                return entropy_available;
+            rand_pool_add_end(pool, bytes, 8 * bytes);
+            bytes_needed = rand_pool_bytes_needed(pool, 1);
         }
+        entropy_available = rand_pool_entropy_available(pool);
+        if (entropy_available > 0)
+            return entropy_available;
     }
 #   endif
 
@@ -632,15 +716,18 @@ int rand_pool_add_nonce_data(RAND_POOL *pool)
 int rand_pool_add_additional_data(RAND_POOL *pool)
 {
     struct {
+        int fork_id;
         CRYPTO_THREAD_ID tid;
         uint64_t time;
     } data = { 0 };
 
     /*
      * Add some noise from the thread id and a high resolution timer.
+     * The fork_id adds some extra fork-safety.
      * The thread id adds a little randomness if the drbg is accessed
      * concurrently (which is the case for the <master> drbg).
      */
+    data.fork_id = openssl_get_fork_id();
     data.tid = CRYPTO_THREAD_get_current_id();
     data.time = get_timer_bits();
 
diff --git a/deps/openssl/openssl/crypto/rand/rand_win.c b/deps/openssl/openssl/crypto/rand/rand_win.c
index 56d79e7f3b6c84..a9c5751f1a2bc4 100644
--- a/deps/openssl/openssl/crypto/rand/rand_win.c
+++ b/deps/openssl/openssl/crypto/rand/rand_win.c
@@ -19,7 +19,8 @@
 
 # include <windows.h>
 /* On Windows Vista or higher use BCrypt instead of the legacy CryptoAPI */
-# if defined(_MSC_VER) && defined(_WIN32_WINNT) && _WIN32_WINNT >= 0x0600
+# if defined(_MSC_VER) && _MSC_VER > 1500 /* 1500 = Visual Studio 2008 */ \
+     && defined(_WIN32_WINNT) && _WIN32_WINNT >= 0x0600
 #  define USE_BCRYPTGENRANDOM
 # endif
 
diff --git a/deps/openssl/openssl/crypto/rsa/rsa_ameth.c b/deps/openssl/openssl/crypto/rsa/rsa_ameth.c
index ab5f61518bb156..9dcb85d837573e 100644
--- a/deps/openssl/openssl/crypto/rsa/rsa_ameth.c
+++ b/deps/openssl/openssl/crypto/rsa/rsa_ameth.c
@@ -458,6 +458,9 @@ static int rsa_sig_print(BIO *bp, const X509_ALGOR *sigalg,
 static int rsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
 {
     X509_ALGOR *alg = NULL;
+    const EVP_MD *md;
+    const EVP_MD *mgf1md;
+    int min_saltlen;
 
     switch (op) {
 
@@ -497,6 +500,16 @@ static int rsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2)
 #endif
 
     case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
+        if (pkey->pkey.rsa->pss != NULL) {
+            if (!rsa_pss_get_param(pkey->pkey.rsa->pss, &md, &mgf1md,
+                                   &min_saltlen)) {
+                RSAerr(0, ERR_R_INTERNAL_ERROR);
+                return 0;
+            }
+            *(int *)arg2 = EVP_MD_type(md);
+            /* Return of 2 indicates this MD is mandatory */
+            return 2;
+        }
         *(int *)arg2 = NID_sha256;
         return 1;
 
diff --git a/deps/openssl/openssl/crypto/rsa/rsa_err.c b/deps/openssl/openssl/crypto/rsa/rsa_err.c
index 62fd9e0b114d22..0687c1e6260263 100644
--- a/deps/openssl/openssl/crypto/rsa/rsa_err.c
+++ b/deps/openssl/openssl/crypto/rsa/rsa_err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -174,6 +174,8 @@ static const ERR_STRING_DATA RSA_str_reasons[] = {
     {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_LAST_OCTET_INVALID), "last octet invalid"},
     {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_MGF1_DIGEST_NOT_ALLOWED),
     "mgf1 digest not allowed"},
+    {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_MISSING_PRIVATE_KEY),
+    "missing private key"},
     {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_MODULUS_TOO_LARGE), "modulus too large"},
     {ERR_PACK(ERR_LIB_RSA, 0, RSA_R_MP_COEFFICIENT_NOT_INVERSE_OF_R),
     "mp coefficient not inverse of r"},
diff --git a/deps/openssl/openssl/crypto/rsa/rsa_gen.c b/deps/openssl/openssl/crypto/rsa/rsa_gen.c
index 4997a632f2d3f6..2b818088606cdd 100644
--- a/deps/openssl/openssl/crypto/rsa/rsa_gen.c
+++ b/deps/openssl/openssl/crypto/rsa/rsa_gen.c
@@ -250,7 +250,7 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, int primes, BIGNUM *e_value,
              *
              * This strategy has the following goals:
              *
-             * 1. 1024-bit factors are effcient when using 3072 and 4096-bit key
+             * 1. 1024-bit factors are efficient when using 3072 and 4096-bit key
              * 2. stay the same logic with normal 2-prime key
              */
             bitse -= bitsr[i];
diff --git a/deps/openssl/openssl/crypto/rsa/rsa_lib.c b/deps/openssl/openssl/crypto/rsa/rsa_lib.c
index 49c34b7c36c918..e737a28898cc85 100644
--- a/deps/openssl/openssl/crypto/rsa/rsa_lib.c
+++ b/deps/openssl/openssl/crypto/rsa/rsa_lib.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -198,6 +198,7 @@ int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d)
     if (d != NULL) {
         BN_clear_free(r->d);
         r->d = d;
+        BN_set_flags(r->d, BN_FLG_CONSTTIME);
     }
 
     return 1;
@@ -215,10 +216,12 @@ int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q)
     if (p != NULL) {
         BN_clear_free(r->p);
         r->p = p;
+        BN_set_flags(r->p, BN_FLG_CONSTTIME);
     }
     if (q != NULL) {
         BN_clear_free(r->q);
         r->q = q;
+        BN_set_flags(r->q, BN_FLG_CONSTTIME);
     }
 
     return 1;
@@ -237,14 +240,17 @@ int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp)
     if (dmp1 != NULL) {
         BN_clear_free(r->dmp1);
         r->dmp1 = dmp1;
+        BN_set_flags(r->dmp1, BN_FLG_CONSTTIME);
     }
     if (dmq1 != NULL) {
         BN_clear_free(r->dmq1);
         r->dmq1 = dmq1;
+        BN_set_flags(r->dmq1, BN_FLG_CONSTTIME);
     }
     if (iqmp != NULL) {
         BN_clear_free(r->iqmp);
         r->iqmp = iqmp;
+        BN_set_flags(r->iqmp, BN_FLG_CONSTTIME);
     }
 
     return 1;
@@ -276,12 +282,15 @@ int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[],
         if (pinfo == NULL)
             goto err;
         if (primes[i] != NULL && exps[i] != NULL && coeffs[i] != NULL) {
-            BN_free(pinfo->r);
-            BN_free(pinfo->d);
-            BN_free(pinfo->t);
+            BN_clear_free(pinfo->r);
+            BN_clear_free(pinfo->d);
+            BN_clear_free(pinfo->t);
             pinfo->r = primes[i];
             pinfo->d = exps[i];
             pinfo->t = coeffs[i];
+            BN_set_flags(pinfo->r, BN_FLG_CONSTTIME);
+            BN_set_flags(pinfo->d, BN_FLG_CONSTTIME);
+            BN_set_flags(pinfo->t, BN_FLG_CONSTTIME);
         } else {
             rsa_multip_info_free(pinfo);
             goto err;
diff --git a/deps/openssl/openssl/crypto/rsa/rsa_ossl.c b/deps/openssl/openssl/crypto/rsa/rsa_ossl.c
index 33be9ea8cb848b..c8c3b7886aa9a5 100644
--- a/deps/openssl/openssl/crypto/rsa/rsa_ossl.c
+++ b/deps/openssl/openssl/crypto/rsa/rsa_ossl.c
@@ -321,6 +321,11 @@ static int rsa_ossl_private_encrypt(int flen, const unsigned char *from,
             RSAerr(RSA_F_RSA_OSSL_PRIVATE_ENCRYPT, ERR_R_MALLOC_FAILURE);
             goto err;
         }
+        if (rsa->d == NULL) {
+            RSAerr(RSA_F_RSA_OSSL_PRIVATE_ENCRYPT, RSA_R_MISSING_PRIVATE_KEY);
+            BN_free(d);
+            goto err;
+        }
         BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
 
         if (!rsa->meth->bn_mod_exp(ret, f, d, rsa->n, ctx,
@@ -438,6 +443,11 @@ static int rsa_ossl_private_decrypt(int flen, const unsigned char *from,
             RSAerr(RSA_F_RSA_OSSL_PRIVATE_DECRYPT, ERR_R_MALLOC_FAILURE);
             goto err;
         }
+        if (rsa->d == NULL) {
+            RSAerr(RSA_F_RSA_OSSL_PRIVATE_DECRYPT, RSA_R_MISSING_PRIVATE_KEY);
+            BN_free(d);
+            goto err;
+        }
         BN_with_flags(d, rsa->d, BN_FLG_CONSTTIME);
 
         if (rsa->flags & RSA_FLAG_CACHE_PUBLIC)
diff --git a/deps/openssl/openssl/crypto/s390xcap.c b/deps/openssl/openssl/crypto/s390xcap.c
index e7c7f0a357f20c..5d58b2d807b427 100644
--- a/deps/openssl/openssl/crypto/s390xcap.c
+++ b/deps/openssl/openssl/crypto/s390xcap.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2010-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2010-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -29,7 +29,7 @@ struct OPENSSL_s390xcap_st OPENSSL_s390xcap_P;
 void OPENSSL_cpuid_setup(void)
 {
     sigset_t oset;
-    struct sigaction ill_act, oact;
+    struct sigaction ill_act, oact_ill, oact_fpe;
 
     if (OPENSSL_s390xcap_P.stfle[0])
         return;
@@ -44,8 +44,8 @@ void OPENSSL_cpuid_setup(void)
     sigdelset(&ill_act.sa_mask, SIGFPE);
     sigdelset(&ill_act.sa_mask, SIGTRAP);
     sigprocmask(SIG_SETMASK, &ill_act.sa_mask, &oset);
-    sigaction(SIGILL, &ill_act, &oact);
-    sigaction(SIGFPE, &ill_act, &oact);
+    sigaction(SIGILL, &ill_act, &oact_ill);
+    sigaction(SIGFPE, &ill_act, &oact_fpe);
 
     /* protection against missing store-facility-list-extended */
     if (sigsetjmp(ill_jmp, 1) == 0)
@@ -61,7 +61,7 @@ void OPENSSL_cpuid_setup(void)
                                          | S390X_CAPBIT(S390X_VXE));
     }
 
-    sigaction(SIGFPE, &oact, NULL);
-    sigaction(SIGILL, &oact, NULL);
+    sigaction(SIGFPE, &oact_fpe, NULL);
+    sigaction(SIGILL, &oact_ill, NULL);
     sigprocmask(SIG_SETMASK, &oset, NULL);
 }
diff --git a/deps/openssl/openssl/crypto/sha/asm/keccak1600-armv4.pl b/deps/openssl/openssl/crypto/sha/asm/keccak1600-armv4.pl
index 8bf665c8b38d64..cb8ccc90f5b931 100755
--- a/deps/openssl/openssl/crypto/sha/asm/keccak1600-armv4.pl
+++ b/deps/openssl/openssl/crypto/sha/asm/keccak1600-armv4.pl
@@ -1,5 +1,5 @@
 #!/usr/bin/env perl
-# Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
 #
 # Licensed under the OpenSSL license (the "License").  You may not use
 # this file except in compliance with the License.  You can obtain a copy
@@ -1104,9 +1104,9 @@ sub Round {
 .align	4
 .Loop_neon:
 	@ Theta
-	vst1.64		{q4},  [r0:64]		@ offload A[0..1][4]
+	vst1.64		{q4},  [r0,:64]		@ offload A[0..1][4]
 	veor		q13, q0,  q5		@ A[0..1][0]^A[2..3][0]
-	vst1.64		{d18}, [r1:64]		@ offload A[2][4]
+	vst1.64		{d18}, [r1,:64]		@ offload A[2][4]
 	veor		q14, q1,  q6		@ A[0..1][1]^A[2..3][1]
 	veor		q15, q2,  q7		@ A[0..1][2]^A[2..3][2]
 	veor		d26, d26, d27		@ C[0]=A[0][0]^A[1][0]^A[2][0]^A[3][0]
@@ -1149,10 +1149,10 @@ sub Round {
 	veor		d16, d16, d28		@ A[2][3] ^= C[2]
 	veor		d17, d17, d28		@ A[3][3] ^= C[2]
 	veor		d23, d23, d28		@ A[4][3] ^= C[2]
-	vld1.64		{q4},  [r0:64]		@ restore A[0..1][4]
+	vld1.64		{q4},  [r0,:64]		@ restore A[0..1][4]
 	vmov		d28, d29
 
-	vld1.64		{d18}, [r1:64]		@ restore A[2][4]
+	vld1.64		{d18}, [r1,:64]		@ restore A[2][4]
 	veor		q2,  q2,  q13		@ A[0..1][2] ^= D[2]
 	veor		q7,  q7,  q13		@ A[2..3][2] ^= D[2]
 	veor		d22, d22, d27		@ A[4][2]    ^= D[2]
@@ -1227,7 +1227,7 @@ sub Round {
 	veor		q13, q13, q0		@ A[0..1][0] ^ (~A[0..1][1] & A[0..1][2])
 	veor		q14, q14, q1		@ A[0..1][1] ^ (~A[0..1][2] & A[0..1][3])
 	veor		q2,  q2,  q15		@ A[0..1][2] ^= (~A[0..1][3] & A[0..1][4])
-	vst1.64		{q13}, [r0:64]		@ offload A[0..1][0]
+	vst1.64		{q13}, [r0,:64]		@ offload A[0..1][0]
 	vbic		q13, q0,  q4
 	vbic		q15, q1,  q0
 	vmov		q1,  q14		@ A[0..1][1]
@@ -1248,10 +1248,10 @@ sub Round {
 	vmov		q14, q10		@ A[4][0..1]
 	veor		q9,  q9,  q13		@ A[2..3][4] ^= (~A[2..3][0] & A[2..3][1])
 
-	vld1.64		d25, [r2:64]!		@ Iota[i++]
+	vld1.64		d25, [r2,:64]!		@ Iota[i++]
 	vbic		d26, d22, d21
 	vbic		d27, d23, d22
-	vld1.64		{q0}, [r0:64]		@ restore A[0..1][0]
+	vld1.64		{q0}, [r0,:64]		@ restore A[0..1][0]
 	veor		d20, d20, d26		@ A[4][0] ^= (~A[4][1] & A[4][2])
 	vbic		d26, d24, d23
 	veor		d21, d21, d27		@ A[4][1] ^= (~A[4][2] & A[4][3])
@@ -1279,32 +1279,32 @@ sub Round {
 	mov	r5, r2			@ len
 	mov	r6, r3			@ bsz
 
-	vld1.32	{d0}, [r0:64]!		@ A[0][0]
-	vld1.32	{d2}, [r0:64]!		@ A[0][1]
-	vld1.32	{d4}, [r0:64]!		@ A[0][2]
-	vld1.32	{d6}, [r0:64]!		@ A[0][3]
-	vld1.32	{d8}, [r0:64]!		@ A[0][4]
-
-	vld1.32	{d1}, [r0:64]!		@ A[1][0]
-	vld1.32	{d3}, [r0:64]!		@ A[1][1]
-	vld1.32	{d5}, [r0:64]!		@ A[1][2]
-	vld1.32	{d7}, [r0:64]!		@ A[1][3]
-	vld1.32	{d9}, [r0:64]!		@ A[1][4]
-
-	vld1.32	{d10}, [r0:64]!		@ A[2][0]
-	vld1.32	{d12}, [r0:64]!		@ A[2][1]
-	vld1.32	{d14}, [r0:64]!		@ A[2][2]
-	vld1.32	{d16}, [r0:64]!		@ A[2][3]
-	vld1.32	{d18}, [r0:64]!		@ A[2][4]
-
-	vld1.32	{d11}, [r0:64]!		@ A[3][0]
-	vld1.32	{d13}, [r0:64]!		@ A[3][1]
-	vld1.32	{d15}, [r0:64]!		@ A[3][2]
-	vld1.32	{d17}, [r0:64]!		@ A[3][3]
-	vld1.32	{d19}, [r0:64]!		@ A[3][4]
-
-	vld1.32	{d20-d23}, [r0:64]!	@ A[4][0..3]
-	vld1.32	{d24}, [r0:64]		@ A[4][4]
+	vld1.32	{d0}, [r0,:64]!		@ A[0][0]
+	vld1.32	{d2}, [r0,:64]!		@ A[0][1]
+	vld1.32	{d4}, [r0,:64]!		@ A[0][2]
+	vld1.32	{d6}, [r0,:64]!		@ A[0][3]
+	vld1.32	{d8}, [r0,:64]!		@ A[0][4]
+
+	vld1.32	{d1}, [r0,:64]!		@ A[1][0]
+	vld1.32	{d3}, [r0,:64]!		@ A[1][1]
+	vld1.32	{d5}, [r0,:64]!		@ A[1][2]
+	vld1.32	{d7}, [r0,:64]!		@ A[1][3]
+	vld1.32	{d9}, [r0,:64]!		@ A[1][4]
+
+	vld1.32	{d10}, [r0,:64]!		@ A[2][0]
+	vld1.32	{d12}, [r0,:64]!		@ A[2][1]
+	vld1.32	{d14}, [r0,:64]!		@ A[2][2]
+	vld1.32	{d16}, [r0,:64]!		@ A[2][3]
+	vld1.32	{d18}, [r0,:64]!		@ A[2][4]
+
+	vld1.32	{d11}, [r0,:64]!		@ A[3][0]
+	vld1.32	{d13}, [r0,:64]!		@ A[3][1]
+	vld1.32	{d15}, [r0,:64]!		@ A[3][2]
+	vld1.32	{d17}, [r0,:64]!		@ A[3][3]
+	vld1.32	{d19}, [r0,:64]!		@ A[3][4]
+
+	vld1.32	{d20-d23}, [r0,:64]!	@ A[4][0..3]
+	vld1.32	{d24}, [r0,:64]		@ A[4][4]
 	sub	r0, r0, #24*8		@ rewind
 	b	.Loop_absorb_neon
 
@@ -1411,32 +1411,32 @@ sub Round {
 
 .align	4
 .Labsorbed_neon:
-	vst1.32	{d0}, [r0:64]!		@ A[0][0..4]
-	vst1.32	{d2}, [r0:64]!
-	vst1.32	{d4}, [r0:64]!
-	vst1.32	{d6}, [r0:64]!
-	vst1.32	{d8}, [r0:64]!
-
-	vst1.32	{d1}, [r0:64]!		@ A[1][0..4]
-	vst1.32	{d3}, [r0:64]!
-	vst1.32	{d5}, [r0:64]!
-	vst1.32	{d7}, [r0:64]!
-	vst1.32	{d9}, [r0:64]!
-
-	vst1.32	{d10}, [r0:64]!		@ A[2][0..4]
-	vst1.32	{d12}, [r0:64]!
-	vst1.32	{d14}, [r0:64]!
-	vst1.32	{d16}, [r0:64]!
-	vst1.32	{d18}, [r0:64]!
-
-	vst1.32	{d11}, [r0:64]!		@ A[3][0..4]
-	vst1.32	{d13}, [r0:64]!
-	vst1.32	{d15}, [r0:64]!
-	vst1.32	{d17}, [r0:64]!
-	vst1.32	{d19}, [r0:64]!
-
-	vst1.32	{d20-d23}, [r0:64]!	@ A[4][0..4]
-	vst1.32	{d24}, [r0:64]
+	vst1.32	{d0}, [r0,:64]!		@ A[0][0..4]
+	vst1.32	{d2}, [r0,:64]!
+	vst1.32	{d4}, [r0,:64]!
+	vst1.32	{d6}, [r0,:64]!
+	vst1.32	{d8}, [r0,:64]!
+
+	vst1.32	{d1}, [r0,:64]!		@ A[1][0..4]
+	vst1.32	{d3}, [r0,:64]!
+	vst1.32	{d5}, [r0,:64]!
+	vst1.32	{d7}, [r0,:64]!
+	vst1.32	{d9}, [r0,:64]!
+
+	vst1.32	{d10}, [r0,:64]!		@ A[2][0..4]
+	vst1.32	{d12}, [r0,:64]!
+	vst1.32	{d14}, [r0,:64]!
+	vst1.32	{d16}, [r0,:64]!
+	vst1.32	{d18}, [r0,:64]!
+
+	vst1.32	{d11}, [r0,:64]!		@ A[3][0..4]
+	vst1.32	{d13}, [r0,:64]!
+	vst1.32	{d15}, [r0,:64]!
+	vst1.32	{d17}, [r0,:64]!
+	vst1.32	{d19}, [r0,:64]!
+
+	vst1.32	{d20-d23}, [r0,:64]!	@ A[4][0..4]
+	vst1.32	{d24}, [r0,:64]
 
 	mov	r0, r5			@ return value
 	vldmia	sp!, {d8-d15}
@@ -1471,64 +1471,64 @@ sub Round {
 
 	vstmdb	sp!,  {d8-d15}
 
-	vld1.32	{d0}, [r0:64]!		@ A[0][0..4]
-	vld1.32	{d2}, [r0:64]!
-	vld1.32	{d4}, [r0:64]!
-	vld1.32	{d6}, [r0:64]!
-	vld1.32	{d8}, [r0:64]!
-
-	vld1.32	{d1}, [r0:64]!		@ A[1][0..4]
-	vld1.32	{d3}, [r0:64]!
-	vld1.32	{d5}, [r0:64]!
-	vld1.32	{d7}, [r0:64]!
-	vld1.32	{d9}, [r0:64]!
-
-	vld1.32	{d10}, [r0:64]!		@ A[2][0..4]
-	vld1.32	{d12}, [r0:64]!
-	vld1.32	{d14}, [r0:64]!
-	vld1.32	{d16}, [r0:64]!
-	vld1.32	{d18}, [r0:64]!
-
-	vld1.32	{d11}, [r0:64]!		@ A[3][0..4]
-	vld1.32	{d13}, [r0:64]!
-	vld1.32	{d15}, [r0:64]!
-	vld1.32	{d17}, [r0:64]!
-	vld1.32	{d19}, [r0:64]!
-
-	vld1.32	{d20-d23}, [r0:64]!	@ A[4][0..4]
-	vld1.32	{d24}, [r0:64]
+	vld1.32	{d0}, [r0,:64]!		@ A[0][0..4]
+	vld1.32	{d2}, [r0,:64]!
+	vld1.32	{d4}, [r0,:64]!
+	vld1.32	{d6}, [r0,:64]!
+	vld1.32	{d8}, [r0,:64]!
+
+	vld1.32	{d1}, [r0,:64]!		@ A[1][0..4]
+	vld1.32	{d3}, [r0,:64]!
+	vld1.32	{d5}, [r0,:64]!
+	vld1.32	{d7}, [r0,:64]!
+	vld1.32	{d9}, [r0,:64]!
+
+	vld1.32	{d10}, [r0,:64]!		@ A[2][0..4]
+	vld1.32	{d12}, [r0,:64]!
+	vld1.32	{d14}, [r0,:64]!
+	vld1.32	{d16}, [r0,:64]!
+	vld1.32	{d18}, [r0,:64]!
+
+	vld1.32	{d11}, [r0,:64]!		@ A[3][0..4]
+	vld1.32	{d13}, [r0,:64]!
+	vld1.32	{d15}, [r0,:64]!
+	vld1.32	{d17}, [r0,:64]!
+	vld1.32	{d19}, [r0,:64]!
+
+	vld1.32	{d20-d23}, [r0,:64]!	@ A[4][0..4]
+	vld1.32	{d24}, [r0,:64]
 	sub	r0, r0, #24*8		@ rewind
 
 	bl	KeccakF1600_neon
 
 	mov	r12, r0			@ A_flat
-	vst1.32	{d0}, [r0:64]!		@ A[0][0..4]
-	vst1.32	{d2}, [r0:64]!
-	vst1.32	{d4}, [r0:64]!
-	vst1.32	{d6}, [r0:64]!
-	vst1.32	{d8}, [r0:64]!
-
-	vst1.32	{d1}, [r0:64]!		@ A[1][0..4]
-	vst1.32	{d3}, [r0:64]!
-	vst1.32	{d5}, [r0:64]!
-	vst1.32	{d7}, [r0:64]!
-	vst1.32	{d9}, [r0:64]!
-
-	vst1.32	{d10}, [r0:64]!		@ A[2][0..4]
-	vst1.32	{d12}, [r0:64]!
-	vst1.32	{d14}, [r0:64]!
-	vst1.32	{d16}, [r0:64]!
-	vst1.32	{d18}, [r0:64]!
-
-	vst1.32	{d11}, [r0:64]!		@ A[3][0..4]
-	vst1.32	{d13}, [r0:64]!
-	vst1.32	{d15}, [r0:64]!
-	vst1.32	{d17}, [r0:64]!
-	vst1.32	{d19}, [r0:64]!
-
-	vst1.32	{d20-d23}, [r0:64]!	@ A[4][0..4]
+	vst1.32	{d0}, [r0,:64]!		@ A[0][0..4]
+	vst1.32	{d2}, [r0,:64]!
+	vst1.32	{d4}, [r0,:64]!
+	vst1.32	{d6}, [r0,:64]!
+	vst1.32	{d8}, [r0,:64]!
+
+	vst1.32	{d1}, [r0,:64]!		@ A[1][0..4]
+	vst1.32	{d3}, [r0,:64]!
+	vst1.32	{d5}, [r0,:64]!
+	vst1.32	{d7}, [r0,:64]!
+	vst1.32	{d9}, [r0,:64]!
+
+	vst1.32	{d10}, [r0,:64]!		@ A[2][0..4]
+	vst1.32	{d12}, [r0,:64]!
+	vst1.32	{d14}, [r0,:64]!
+	vst1.32	{d16}, [r0,:64]!
+	vst1.32	{d18}, [r0,:64]!
+
+	vst1.32	{d11}, [r0,:64]!		@ A[3][0..4]
+	vst1.32	{d13}, [r0,:64]!
+	vst1.32	{d15}, [r0,:64]!
+	vst1.32	{d17}, [r0,:64]!
+	vst1.32	{d19}, [r0,:64]!
+
+	vst1.32	{d20-d23}, [r0,:64]!	@ A[4][0..4]
 	mov	r14, r6			@ bsz
-	vst1.32	{d24}, [r0:64]
+	vst1.32	{d24}, [r0,:64]
 	mov	r0,  r12		@ rewind
 
 	vldmia	sp!, {d8-d15}
diff --git a/deps/openssl/openssl/crypto/sha/asm/keccak1600-armv8.pl b/deps/openssl/openssl/crypto/sha/asm/keccak1600-armv8.pl
index a3117bd7506ddd..3173c77f53631b 100755
--- a/deps/openssl/openssl/crypto/sha/asm/keccak1600-armv8.pl
+++ b/deps/openssl/openssl/crypto/sha/asm/keccak1600-armv8.pl
@@ -738,7 +738,7 @@
 	blo	.Lprocess_block_ce
 	ldr	d31,[$inp],#8		// *inp++
 #ifdef	__AARCH64EB__
-	rev	v31.16b,v31.16b
+	rev64	v31.16b,v31.16b
 #endif
 	eor	$A[$j/5][$j%5],$A[$j/5][$j%5],v31.16b
 	beq	.Lprocess_block_ce
@@ -747,7 +747,7 @@
 $code.=<<___;
 	ldr	d31,[$inp],#8		// *inp++
 #ifdef	__AARCH64EB__
-	rev	v31.16b,v31.16b
+	rev64	v31.16b,v31.16b
 #endif
 	eor	$A[4][4],$A[4][4],v31.16b
 
diff --git a/deps/openssl/openssl/crypto/sha/asm/sha512-sparcv9.pl b/deps/openssl/openssl/crypto/sha/asm/sha512-sparcv9.pl
index 4432bda65ab5d0..c215909633aec9 100644
--- a/deps/openssl/openssl/crypto/sha/asm/sha512-sparcv9.pl
+++ b/deps/openssl/openssl/crypto/sha/asm/sha512-sparcv9.pl
@@ -1,5 +1,5 @@
 #! /usr/bin/env perl
-# Copyright 2007-2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2007-2019 The OpenSSL Project Authors. All Rights Reserved.
 #
 # Licensed under the OpenSSL license (the "License").  You may not use
 # this file except in compliance with the License.  You can obtain a copy
@@ -27,7 +27,7 @@
 # over 2x than 32-bit code. X[16] resides on stack, but access to it
 # is scheduled for L2 latency and staged through 32 least significant
 # bits of %l0-%l7. The latter is done to achieve 32-/64-bit ABI
-# duality. Nevetheless it's ~40% faster than SHA256, which is pretty
+# duality. Nevertheless it's ~40% faster than SHA256, which is pretty
 # good [optimal coefficient is 50%].
 #
 # SHA512 on UltraSPARC T1.
diff --git a/deps/openssl/openssl/crypto/sm2/sm2_sign.c b/deps/openssl/openssl/crypto/sm2/sm2_sign.c
index 0f9c14cb5f4c1f..50ecb4d68cc65b 100644
--- a/deps/openssl/openssl/crypto/sm2/sm2_sign.c
+++ b/deps/openssl/openssl/crypto/sm2/sm2_sign.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright 2017 Ribose Inc. All Rights Reserved.
  * Ported from Ribose contributions from Botan.
  *
@@ -313,12 +313,12 @@ static int sm2_sig_verify(const EC_KEY *key, const ECDSA_SIG *sig,
 
     /*
      * B1: verify whether r' in [1,n-1], verification failed if not
-     * B2: vefify whether s' in [1,n-1], verification failed if not
+     * B2: verify whether s' in [1,n-1], verification failed if not
      * B3: set M'~=ZA || M'
      * B4: calculate e'=Hv(M'~)
      * B5: calculate t = (r' + s') modn, verification failed if t=0
      * B6: calculate the point (x1', y1')=[s']G + [t]PA
-     * B7: calculate R=(e'+x1') modn, verfication pass if yes, otherwise failed
+     * B7: calculate R=(e'+x1') modn, verification pass if yes, otherwise failed
      */
 
     ECDSA_SIG_get0(sig, &r, &s);
diff --git a/deps/openssl/openssl/crypto/store/loader_file.c b/deps/openssl/openssl/crypto/store/loader_file.c
index 632e4511f7e790..6f569ee62d71df 100644
--- a/deps/openssl/openssl/crypto/store/loader_file.c
+++ b/deps/openssl/openssl/crypto/store/loader_file.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -172,7 +172,7 @@ typedef OSSL_STORE_INFO *(*file_try_decode_fn)(const char *pem_name,
 typedef int (*file_eof_fn)(void *handler_ctx);
 /*
  * The destroy_ctx function is used to destroy the handler_ctx that was
- * intiated by a repeatable try_decode fuction.  This is only used when
+ * initiated by a repeatable try_decode function.  This is only used when
  * the handler is marked repeatable.
  */
 typedef void (*file_destroy_ctx_fn)(void **handler_ctx);
@@ -470,7 +470,7 @@ static FILE_HANDLER PrivateKey_handler = {
 };
 
 /*
- * Public key decoder.  Only supports SubjectPublicKeyInfo formated keys.
+ * Public key decoder.  Only supports SubjectPublicKeyInfo formatted keys.
  */
 static OSSL_STORE_INFO *try_decode_PUBKEY(const char *pem_name,
                                           const char *pem_header,
@@ -860,10 +860,10 @@ static OSSL_STORE_LOADER_CTX *file_open(const OSSL_STORE_LOADER *loader,
         if (ctx->_.dir.last_entry == NULL) {
             if (ctx->_.dir.last_errno != 0) {
                 char errbuf[256];
-                errno = ctx->_.dir.last_errno;
-                openssl_strerror_r(errno, errbuf, sizeof(errbuf));
                 OSSL_STOREerr(OSSL_STORE_F_FILE_OPEN, ERR_R_SYS_LIB);
-                ERR_add_error_data(1, errbuf);
+                errno = ctx->_.dir.last_errno;
+                if (openssl_strerror_r(errno, errbuf, sizeof(errbuf)))
+                    ERR_add_error_data(1, errbuf);
                 goto err;
             }
             ctx->_.dir.end_reached = 1;
@@ -1260,11 +1260,11 @@ static OSSL_STORE_INFO *file_load(OSSL_STORE_LOADER_CTX *ctx,
                 if (!ctx->_.dir.end_reached) {
                     char errbuf[256];
                     assert(ctx->_.dir.last_errno != 0);
+                    OSSL_STOREerr(OSSL_STORE_F_FILE_LOAD, ERR_R_SYS_LIB);
                     errno = ctx->_.dir.last_errno;
                     ctx->errcnt++;
-                    openssl_strerror_r(errno, errbuf, sizeof(errbuf));
-                    OSSL_STOREerr(OSSL_STORE_F_FILE_LOAD, ERR_R_SYS_LIB);
-                    ERR_add_error_data(1, errbuf);
+                    if (openssl_strerror_r(errno, errbuf, sizeof(errbuf)))
+                        ERR_add_error_data(1, errbuf);
                 }
                 return NULL;
             }
diff --git a/deps/openssl/openssl/crypto/store/store_lib.c b/deps/openssl/openssl/crypto/store/store_lib.c
index 1c43547666f1b7..7de2e31f556f75 100644
--- a/deps/openssl/openssl/crypto/store/store_lib.c
+++ b/deps/openssl/openssl/crypto/store/store_lib.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -228,7 +228,7 @@ int OSSL_STORE_close(OSSL_STORE_CTX *ctx)
  * Functions to generate OSSL_STORE_INFOs, one function for each type we
  * support having in them as well as a generic constructor.
  *
- * In all cases, ownership of the object is transfered to the OSSL_STORE_INFO
+ * In all cases, ownership of the object is transferred to the OSSL_STORE_INFO
  * and will therefore be freed when the OSSL_STORE_INFO is freed.
  */
 static OSSL_STORE_INFO *store_info_new(int type, void *data)
diff --git a/deps/openssl/openssl/crypto/threads_none.c b/deps/openssl/openssl/crypto/threads_none.c
index 4b1940ae44dbd6..aabf0e0dc090b4 100644
--- a/deps/openssl/openssl/crypto/threads_none.c
+++ b/deps/openssl/openssl/crypto/threads_none.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -12,6 +12,11 @@
 
 #if !defined(OPENSSL_THREADS) || defined(CRYPTO_TDEBUG)
 
+# if defined(OPENSSL_SYS_UNIX)
+#  include <sys/types.h>
+#  include <unistd.h>
+# endif
+
 CRYPTO_RWLOCK *CRYPTO_THREAD_lock_new(void)
 {
     CRYPTO_RWLOCK *lock;
@@ -133,4 +138,12 @@ int openssl_init_fork_handlers(void)
     return 0;
 }
 
+int openssl_get_fork_id(void)
+{
+# if defined(OPENSSL_SYS_UNIX)
+    return getpid();
+# else
+    return return 0;
+# endif
+}
 #endif
diff --git a/deps/openssl/openssl/crypto/threads_pthread.c b/deps/openssl/openssl/crypto/threads_pthread.c
index 5a59779ebbb1d9..1774a2b2ac1603 100644
--- a/deps/openssl/openssl/crypto/threads_pthread.c
+++ b/deps/openssl/openssl/crypto/threads_pthread.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -12,6 +12,11 @@
 
 #if defined(OPENSSL_THREADS) && !defined(CRYPTO_TDEBUG) && !defined(OPENSSL_SYS_WINDOWS)
 
+# if defined(OPENSSL_SYS_UNIX)
+#  include <sys/types.h>
+#  include <unistd.h>
+#endif
+
 # ifdef PTHREAD_RWLOCK_INITIALIZER
 #  define USE_RWLOCK
 # endif
@@ -193,4 +198,9 @@ int openssl_init_fork_handlers(void)
 # endif
     return 0;
 }
+
+int openssl_get_fork_id(void)
+{
+    return getpid();
+}
 #endif
diff --git a/deps/openssl/openssl/crypto/threads_win.c b/deps/openssl/openssl/crypto/threads_win.c
index b0b16fd3307f4b..44a360fcabb8d6 100644
--- a/deps/openssl/openssl/crypto/threads_win.c
+++ b/deps/openssl/openssl/crypto/threads_win.c
@@ -164,4 +164,8 @@ int openssl_init_fork_handlers(void)
     return 0;
 }
 
+int openssl_get_fork_id(void)
+{
+    return 0;
+}
 #endif
diff --git a/deps/openssl/openssl/crypto/ui/ui_lib.c b/deps/openssl/openssl/crypto/ui/ui_lib.c
index 139485dcd15485..f550972d3eec58 100644
--- a/deps/openssl/openssl/crypto/ui/ui_lib.c
+++ b/deps/openssl/openssl/crypto/ui/ui_lib.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -500,6 +500,7 @@ int UI_process(UI *ui)
     if (ui->meth->ui_flush != NULL)
         switch (ui->meth->ui_flush(ui)) {
         case -1:               /* Interrupt/Cancel/something... */
+            ui->flags &= ~UI_FLAG_REDOABLE;
             ok = -2;
             goto err;
         case 0:                /* Errors */
@@ -517,6 +518,7 @@ int UI_process(UI *ui)
                                              sk_UI_STRING_value(ui->strings,
                                                                 i))) {
             case -1:           /* Interrupt/Cancel/something... */
+                ui->flags &= ~UI_FLAG_REDOABLE;
                 ok = -2;
                 goto err;
             case 0:            /* Errors */
diff --git a/deps/openssl/openssl/crypto/ui/ui_openssl.c b/deps/openssl/openssl/crypto/ui/ui_openssl.c
index 5ca418d24870eb..0ec9f0daf333ee 100644
--- a/deps/openssl/openssl/crypto/ui/ui_openssl.c
+++ b/deps/openssl/openssl/crypto/ui/ui_openssl.c
@@ -79,7 +79,7 @@
  * systems that require something different.
  *
  * Note: we do not use SGTTY unless it's defined by the configuration.  We
- * may eventually opt to remove it's use entirely.
+ * may eventually opt to remove its use entirely.
  */
 
 # if !defined(TERMIOS) && !defined(TERMIO) && !defined(SGTTY)
diff --git a/deps/openssl/openssl/crypto/uid.c b/deps/openssl/openssl/crypto/uid.c
index b2b096446fb4e6..65b1171039fe5a 100644
--- a/deps/openssl/openssl/crypto/uid.c
+++ b/deps/openssl/openssl/crypto/uid.c
@@ -10,20 +10,20 @@
 #include <openssl/crypto.h>
 #include <openssl/opensslconf.h>
 
-#if defined(__OpenBSD__) || (defined(__FreeBSD__) && __FreeBSD__ > 2) || defined(__DragonFly__)
-
-# include OPENSSL_UNISTD
+#if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_UEFI)
 
 int OPENSSL_issetugid(void)
 {
-    return issetugid();
+    return 0;
 }
 
-#elif defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_VXWORKS) || defined(OPENSSL_SYS_UEFI)
+#elif defined(__OpenBSD__) || (defined(__FreeBSD__) && __FreeBSD__ > 2) || defined(__DragonFly__)
+
+# include OPENSSL_UNISTD
 
 int OPENSSL_issetugid(void)
 {
-    return 0;
+    return issetugid();
 }
 
 #else
diff --git a/deps/openssl/openssl/crypto/whrlpool/wp_block.c b/deps/openssl/openssl/crypto/whrlpool/wp_block.c
index 0cc92a3b014912..2ae5c38aba63e7 100644
--- a/deps/openssl/openssl/crypto/whrlpool/wp_block.c
+++ b/deps/openssl/openssl/crypto/whrlpool/wp_block.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2005-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -87,6 +87,7 @@ typedef unsigned long long u64;
 #ifndef PEDANTIC
 # if defined(_MSC_VER)
 #  if defined(_WIN64)            /* applies to both IA-64 and AMD64 */
+#   include <stdlib.h>
 #   pragma intrinsic(_rotl64)
 #   define ROTATE(a,n) _rotl64((a),n)
 #  endif
diff --git a/deps/openssl/openssl/crypto/x509/by_dir.c b/deps/openssl/openssl/crypto/x509/by_dir.c
index b3760dbadf3abf..b691a83a0dfbd9 100644
--- a/deps/openssl/openssl/crypto/x509/by_dir.c
+++ b/deps/openssl/openssl/crypto/x509/by_dir.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -327,10 +327,10 @@ static int get_cert_by_subject(X509_LOOKUP *xl, X509_LOOKUP_TYPE type,
         /*
          * we have added it to the cache so now pull it out again
          */
-        CRYPTO_THREAD_write_lock(ctx->lock);
+        X509_STORE_lock(xl->store_ctx);
         j = sk_X509_OBJECT_find(xl->store_ctx->objs, &stmp);
         tmp = sk_X509_OBJECT_value(xl->store_ctx->objs, j);
-        CRYPTO_THREAD_unlock(ctx->lock);
+        X509_STORE_unlock(xl->store_ctx);
 
         /* If a CRL, update the last file suffix added for this */
 
diff --git a/deps/openssl/openssl/crypto/x509/t_req.c b/deps/openssl/openssl/crypto/x509/t_req.c
index 2d4c591b744582..dc3b4f262de90f 100644
--- a/deps/openssl/openssl/crypto/x509/t_req.c
+++ b/deps/openssl/openssl/crypto/x509/t_req.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -127,6 +127,10 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags,
                 if ((j = i2a_ASN1_OBJECT(bp, aobj)) > 0) {
                     ii = 0;
                     count = X509_ATTRIBUTE_count(a);
+                    if (count == 0) {
+                      X509err(X509_F_X509_REQ_PRINT_EX, X509_R_INVALID_ATTRIBUTES);
+                      return 0;
+                    }
  get_next:
                     at = X509_ATTRIBUTE_get0_type(a, ii);
                     type = at->type;
diff --git a/deps/openssl/openssl/crypto/x509/x509_att.c b/deps/openssl/openssl/crypto/x509/x509_att.c
index 63895efe460801..3c4566d2e708eb 100644
--- a/deps/openssl/openssl/crypto/x509/x509_att.c
+++ b/deps/openssl/openssl/crypto/x509/x509_att.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -314,7 +314,9 @@ void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx,
     ttmp = X509_ATTRIBUTE_get0_type(attr, idx);
     if (!ttmp)
         return NULL;
-    if (atrtype != ASN1_TYPE_get(ttmp)) {
+    if (atrtype == V_ASN1_BOOLEAN
+            || atrtype == V_ASN1_NULL
+            || atrtype != ASN1_TYPE_get(ttmp)) {
         X509err(X509_F_X509_ATTRIBUTE_GET0_DATA, X509_R_WRONG_TYPE);
         return NULL;
     }
diff --git a/deps/openssl/openssl/crypto/x509/x509_cmp.c b/deps/openssl/openssl/crypto/x509/x509_cmp.c
index 02fad0c671ce47..833bfce1bf23a8 100644
--- a/deps/openssl/openssl/crypto/x509/x509_cmp.c
+++ b/deps/openssl/openssl/crypto/x509/x509_cmp.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -450,9 +450,17 @@ STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *chain)
     STACK_OF(X509) *ret;
     int i;
     ret = sk_X509_dup(chain);
+    if (ret == NULL)
+        return NULL;
     for (i = 0; i < sk_X509_num(ret); i++) {
         X509 *x = sk_X509_value(ret, i);
-        X509_up_ref(x);
+        if (!X509_up_ref(x))
+            goto err;
     }
     return ret;
+ err:
+    while (i-- > 0)
+        X509_free (sk_X509_value(ret, i));
+    sk_X509_free(ret);
+    return NULL;
 }
diff --git a/deps/openssl/openssl/crypto/x509/x509_err.c b/deps/openssl/openssl/crypto/x509/x509_err.c
index 739708e24fa3b3..c110d908090e63 100644
--- a/deps/openssl/openssl/crypto/x509/x509_err.c
+++ b/deps/openssl/openssl/crypto/x509/x509_err.c
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -123,6 +123,8 @@ static const ERR_STRING_DATA X509_str_reasons[] = {
     {ERR_PACK(ERR_LIB_X509, 0, X509_R_CRL_VERIFY_FAILURE),
     "crl verify failure"},
     {ERR_PACK(ERR_LIB_X509, 0, X509_R_IDP_MISMATCH), "idp mismatch"},
+    {ERR_PACK(ERR_LIB_X509, 0, X509_R_INVALID_ATTRIBUTES),
+    "invalid attributes"},
     {ERR_PACK(ERR_LIB_X509, 0, X509_R_INVALID_DIRECTORY), "invalid directory"},
     {ERR_PACK(ERR_LIB_X509, 0, X509_R_INVALID_FIELD_NAME),
     "invalid field name"},
diff --git a/deps/openssl/openssl/crypto/x509/x509_lu.c b/deps/openssl/openssl/crypto/x509/x509_lu.c
index 8ddd7ec280239b..b7d2e66574c454 100644
--- a/deps/openssl/openssl/crypto/x509/x509_lu.c
+++ b/deps/openssl/openssl/crypto/x509/x509_lu.c
@@ -289,24 +289,25 @@ X509_OBJECT *X509_STORE_CTX_get_obj_by_subject(X509_STORE_CTX *vs,
 int X509_STORE_CTX_get_by_subject(X509_STORE_CTX *vs, X509_LOOKUP_TYPE type,
                                   X509_NAME *name, X509_OBJECT *ret)
 {
-    X509_STORE *ctx = vs->ctx;
+    X509_STORE *store = vs->ctx;
     X509_LOOKUP *lu;
     X509_OBJECT stmp, *tmp;
     int i, j;
 
-    if (ctx == NULL)
+    if (store == NULL)
         return 0;
 
     stmp.type = X509_LU_NONE;
     stmp.data.ptr = NULL;
 
-    CRYPTO_THREAD_write_lock(ctx->lock);
-    tmp = X509_OBJECT_retrieve_by_subject(ctx->objs, type, name);
-    CRYPTO_THREAD_unlock(ctx->lock);
+
+    X509_STORE_lock(store);
+    tmp = X509_OBJECT_retrieve_by_subject(store->objs, type, name);
+    X509_STORE_unlock(store);
 
     if (tmp == NULL || type == X509_LU_CRL) {
-        for (i = 0; i < sk_X509_LOOKUP_num(ctx->get_cert_methods); i++) {
-            lu = sk_X509_LOOKUP_value(ctx->get_cert_methods, i);
+        for (i = 0; i < sk_X509_LOOKUP_num(store->get_cert_methods); i++) {
+            lu = sk_X509_LOOKUP_value(store->get_cert_methods, i);
             j = X509_LOOKUP_by_subject(lu, type, name, &stmp);
             if (j) {
                 tmp = &stmp;
@@ -317,15 +318,16 @@ int X509_STORE_CTX_get_by_subject(X509_STORE_CTX *vs, X509_LOOKUP_TYPE type,
             return 0;
     }
 
+    if (!X509_OBJECT_up_ref_count(tmp))
+        return 0;
+
     ret->type = tmp->type;
     ret->data.ptr = tmp->data.ptr;
 
-    X509_OBJECT_up_ref_count(ret);
-
     return 1;
 }
 
-static int x509_store_add(X509_STORE *ctx, void *x, int crl) {
+static int x509_store_add(X509_STORE *store, void *x, int crl) {
     X509_OBJECT *obj;
     int ret = 0, added = 0;
 
@@ -342,18 +344,20 @@ static int x509_store_add(X509_STORE *ctx, void *x, int crl) {
         obj->type = X509_LU_X509;
         obj->data.x509 = (X509 *)x;
     }
-    X509_OBJECT_up_ref_count(obj);
-
-    CRYPTO_THREAD_write_lock(ctx->lock);
+    if (!X509_OBJECT_up_ref_count(obj)) {
+        obj->type = X509_LU_NONE;
+        X509_OBJECT_free(obj);
+        return 0;
+    }
 
-    if (X509_OBJECT_retrieve_match(ctx->objs, obj)) {
+    X509_STORE_lock(store);
+    if (X509_OBJECT_retrieve_match(store->objs, obj)) {
         ret = 1;
     } else {
-        added = sk_X509_OBJECT_push(ctx->objs, obj);
+        added = sk_X509_OBJECT_push(store->objs, obj);
         ret = added != 0;
     }
-
-    CRYPTO_THREAD_unlock(ctx->lock);
+    X509_STORE_unlock(store);
 
     if (added == 0)             /* obj not pushed */
         X509_OBJECT_free(obj);
@@ -534,12 +538,13 @@ STACK_OF(X509) *X509_STORE_CTX_get1_certs(X509_STORE_CTX *ctx, X509_NAME *nm)
     STACK_OF(X509) *sk = NULL;
     X509 *x;
     X509_OBJECT *obj;
+    X509_STORE *store = ctx->ctx;
 
-    if (ctx->ctx == NULL)
+    if (store == NULL)
         return NULL;
 
-    CRYPTO_THREAD_write_lock(ctx->ctx->lock);
-    idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt);
+    X509_STORE_lock(store);
+    idx = x509_object_idx_cnt(store->objs, X509_LU_X509, nm, &cnt);
     if (idx < 0) {
         /*
          * Nothing found in cache: do lookup to possibly add new objects to
@@ -547,7 +552,8 @@ STACK_OF(X509) *X509_STORE_CTX_get1_certs(X509_STORE_CTX *ctx, X509_NAME *nm)
          */
         X509_OBJECT *xobj = X509_OBJECT_new();
 
-        CRYPTO_THREAD_unlock(ctx->ctx->lock);
+        X509_STORE_unlock(store);
+
         if (xobj == NULL)
             return NULL;
         if (!X509_STORE_CTX_get_by_subject(ctx, X509_LU_X509, nm, xobj)) {
@@ -555,27 +561,31 @@ STACK_OF(X509) *X509_STORE_CTX_get1_certs(X509_STORE_CTX *ctx, X509_NAME *nm)
             return NULL;
         }
         X509_OBJECT_free(xobj);
-        CRYPTO_THREAD_write_lock(ctx->ctx->lock);
-        idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt);
+        X509_STORE_lock(store);
+        idx = x509_object_idx_cnt(store->objs, X509_LU_X509, nm, &cnt);
         if (idx < 0) {
-            CRYPTO_THREAD_unlock(ctx->ctx->lock);
+            X509_STORE_unlock(store);
             return NULL;
         }
     }
 
     sk = sk_X509_new_null();
     for (i = 0; i < cnt; i++, idx++) {
-        obj = sk_X509_OBJECT_value(ctx->ctx->objs, idx);
+        obj = sk_X509_OBJECT_value(store->objs, idx);
         x = obj->data.x509;
-        X509_up_ref(x);
+        if (!X509_up_ref(x)) {
+            X509_STORE_unlock(store);
+            sk_X509_pop_free(sk, X509_free);
+            return NULL;
+        }
         if (!sk_X509_push(sk, x)) {
-            CRYPTO_THREAD_unlock(ctx->ctx->lock);
+            X509_STORE_unlock(store);
             X509_free(x);
             sk_X509_pop_free(sk, X509_free);
             return NULL;
         }
     }
-    CRYPTO_THREAD_unlock(ctx->ctx->lock);
+    X509_STORE_unlock(store);
     return sk;
 }
 
@@ -585,37 +595,42 @@ STACK_OF(X509_CRL) *X509_STORE_CTX_get1_crls(X509_STORE_CTX *ctx, X509_NAME *nm)
     STACK_OF(X509_CRL) *sk = sk_X509_CRL_new_null();
     X509_CRL *x;
     X509_OBJECT *obj, *xobj = X509_OBJECT_new();
+    X509_STORE *store = ctx->ctx;
 
     /* Always do lookup to possibly add new CRLs to cache */
     if (sk == NULL
             || xobj == NULL
-            || ctx->ctx == NULL
+            || store == NULL
             || !X509_STORE_CTX_get_by_subject(ctx, X509_LU_CRL, nm, xobj)) {
         X509_OBJECT_free(xobj);
         sk_X509_CRL_free(sk);
         return NULL;
     }
     X509_OBJECT_free(xobj);
-    CRYPTO_THREAD_write_lock(ctx->ctx->lock);
-    idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_CRL, nm, &cnt);
+    X509_STORE_lock(store);
+    idx = x509_object_idx_cnt(store->objs, X509_LU_CRL, nm, &cnt);
     if (idx < 0) {
-        CRYPTO_THREAD_unlock(ctx->ctx->lock);
+        X509_STORE_unlock(store);
         sk_X509_CRL_free(sk);
         return NULL;
     }
 
     for (i = 0; i < cnt; i++, idx++) {
-        obj = sk_X509_OBJECT_value(ctx->ctx->objs, idx);
+        obj = sk_X509_OBJECT_value(store->objs, idx);
         x = obj->data.crl;
-        X509_CRL_up_ref(x);
+        if (!X509_CRL_up_ref(x)) {
+            X509_STORE_unlock(store);
+            sk_X509_CRL_pop_free(sk, X509_CRL_free);
+            return NULL;
+        }
         if (!sk_X509_CRL_push(sk, x)) {
-            CRYPTO_THREAD_unlock(ctx->ctx->lock);
+            X509_STORE_unlock(store);
             X509_CRL_free(x);
             sk_X509_CRL_pop_free(sk, X509_CRL_free);
             return NULL;
         }
     }
-    CRYPTO_THREAD_unlock(ctx->ctx->lock);
+    X509_STORE_unlock(store);
     return sk;
 }
 
@@ -663,6 +678,7 @@ int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
 {
     X509_NAME *xn;
     X509_OBJECT *obj = X509_OBJECT_new(), *pobj = NULL;
+    X509_STORE *store = ctx->ctx;
     int i, ok, idx, ret;
 
     if (obj == NULL)
@@ -678,25 +694,28 @@ int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
     if (ctx->check_issued(ctx, x, obj->data.x509)) {
         if (x509_check_cert_time(ctx, obj->data.x509, -1)) {
             *issuer = obj->data.x509;
-            X509_up_ref(*issuer);
+            if (!X509_up_ref(*issuer)) {
+                *issuer = NULL;
+                ok = -1;
+            }
             X509_OBJECT_free(obj);
-            return 1;
+            return ok;
         }
     }
     X509_OBJECT_free(obj);
 
-    if (ctx->ctx == NULL)
+    if (store == NULL)
         return 0;
 
     /* Else find index of first cert accepted by 'check_issued' */
     ret = 0;
-    CRYPTO_THREAD_write_lock(ctx->ctx->lock);
-    idx = X509_OBJECT_idx_by_subject(ctx->ctx->objs, X509_LU_X509, xn);
+    X509_STORE_lock(store);
+    idx = X509_OBJECT_idx_by_subject(store->objs, X509_LU_X509, xn);
     if (idx != -1) {            /* should be true as we've had at least one
                                  * match */
         /* Look through all matching certs for suitable issuer */
-        for (i = idx; i < sk_X509_OBJECT_num(ctx->ctx->objs); i++) {
-            pobj = sk_X509_OBJECT_value(ctx->ctx->objs, i);
+        for (i = idx; i < sk_X509_OBJECT_num(store->objs); i++) {
+            pobj = sk_X509_OBJECT_value(store->objs, i);
             /* See if we've run past the matches */
             if (pobj->type != X509_LU_X509)
                 break;
@@ -717,9 +736,11 @@ int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
             }
         }
     }
-    CRYPTO_THREAD_unlock(ctx->ctx->lock);
-    if (*issuer)
-        X509_up_ref(*issuer);
+    if (*issuer && !X509_up_ref(*issuer)) {
+        *issuer = NULL;
+        ret = -1;
+    }
+    X509_STORE_unlock(store);
     return ret;
 }
 
diff --git a/deps/openssl/openssl/crypto/x509/x509_vfy.c b/deps/openssl/openssl/crypto/x509/x509_vfy.c
index 4ced716e3646ba..6be2c71e8692bf 100644
--- a/deps/openssl/openssl/crypto/x509/x509_vfy.c
+++ b/deps/openssl/openssl/crypto/x509/x509_vfy.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -1788,7 +1788,11 @@ int X509_cmp_time(const ASN1_TIME *ctm, time_t *cmp_time)
     static const size_t generalizedtime_length = sizeof("YYYYMMDDHHMMSSZ") - 1;
     ASN1_TIME *asn1_cmp_time = NULL;
     int i, day, sec, ret = 0;
-
+#ifdef CHARSET_EBCDIC
+    const char upper_z = 0x5A;
+#else
+    const char upper_z = 'Z';
+#endif
     /*
      * Note that ASN.1 allows much more slack in the time format than RFC5280.
      * In RFC5280, the representation is fixed:
@@ -1819,10 +1823,10 @@ int X509_cmp_time(const ASN1_TIME *ctm, time_t *cmp_time)
      * Digit and date ranges will be verified in the conversion methods.
      */
     for (i = 0; i < ctm->length - 1; i++) {
-        if (!ossl_isdigit(ctm->data[i]))
+        if (!ascii_isdigit(ctm->data[i]))
             return 0;
     }
-    if (ctm->data[ctm->length - 1] != 'Z')
+    if (ctm->data[ctm->length - 1] != upper_z)
         return 0;
 
     /*
diff --git a/deps/openssl/openssl/crypto/x509v3/v3_alt.c b/deps/openssl/openssl/crypto/x509v3/v3_alt.c
index 832e6d1285712e..dfcb9094f4fc9a 100644
--- a/deps/openssl/openssl/crypto/x509v3/v3_alt.c
+++ b/deps/openssl/openssl/crypto/x509v3/v3_alt.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1999-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1999-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -157,15 +157,18 @@ int GENERAL_NAME_print(BIO *out, GENERAL_NAME *gen)
         break;
 
     case GEN_EMAIL:
-        BIO_printf(out, "email:%s", gen->d.ia5->data);
+        BIO_printf(out, "email:");
+        ASN1_STRING_print(out, gen->d.ia5);
         break;
 
     case GEN_DNS:
-        BIO_printf(out, "DNS:%s", gen->d.ia5->data);
+        BIO_printf(out, "DNS:");
+        ASN1_STRING_print(out, gen->d.ia5);
         break;
 
     case GEN_URI:
-        BIO_printf(out, "URI:%s", gen->d.ia5->data);
+        BIO_printf(out, "URI:");
+        ASN1_STRING_print(out, gen->d.ia5);
         break;
 
     case GEN_DIRNAME:
diff --git a/deps/openssl/openssl/crypto/x509v3/v3_purp.c b/deps/openssl/openssl/crypto/x509v3/v3_purp.c
index 70b0397d97b915..2f06289d1949c0 100644
--- a/deps/openssl/openssl/crypto/x509v3/v3_purp.c
+++ b/deps/openssl/openssl/crypto/x509v3/v3_purp.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1999-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -871,6 +871,20 @@ const ASN1_OCTET_STRING *X509_get0_authority_key_id(X509 *x)
     return (x->akid != NULL ? x->akid->keyid : NULL);
 }
 
+const GENERAL_NAMES *X509_get0_authority_issuer(X509 *x)
+{
+    /* Call for side-effect of computing hash and caching extensions */
+    X509_check_purpose(x, -1, -1);
+    return (x->akid != NULL ? x->akid->issuer : NULL);
+}
+
+const ASN1_INTEGER *X509_get0_authority_serial(X509 *x)
+{
+    /* Call for side-effect of computing hash and caching extensions */
+    X509_check_purpose(x, -1, -1);
+    return (x->akid != NULL ? x->akid->serial : NULL);
+}
+
 long X509_get_pathlen(X509 *x)
 {
     /* Called for side effect of caching extensions */
diff --git a/deps/openssl/openssl/demos/bio/descrip.mms b/deps/openssl/openssl/demos/bio/descrip.mms
index d49725ffd191df..44ca2febc65746 100644
--- a/deps/openssl/openssl/demos/bio/descrip.mms
+++ b/deps/openssl/openssl/demos/bio/descrip.mms
@@ -37,7 +37,7 @@ server-arg.exe : server-arg.obj
 server-cmod.exe : server-cmod.obj
 server-conf.exe : server-conf.obj
 
-# Stoopid MMS doesn't infer this automatically...
+# MMS doesn't infer this automatically...
 client-arg.obj : client-arg.c
 client-conf.obj : client-conf.c
 saccept.obj : saccept.c
diff --git a/deps/openssl/openssl/demos/evp/aesgcm.c b/deps/openssl/openssl/demos/evp/aesgcm.c
index 46d9a5639bc0da..3cef27f9918719 100644
--- a/deps/openssl/openssl/demos/evp/aesgcm.c
+++ b/deps/openssl/openssl/demos/evp/aesgcm.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2012-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2012-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -84,7 +84,7 @@ void aes_gcm_decrypt(void)
     EVP_CIPHER_CTX *ctx;
     int outlen, tmplen, rv;
     unsigned char outbuf[1024];
-    printf("AES GCM Derypt:\n");
+    printf("AES GCM Decrypt:\n");
     printf("Ciphertext:\n");
     BIO_dump_fp(stdout, gcm_ct, sizeof(gcm_ct));
     ctx = EVP_CIPHER_CTX_new();
diff --git a/deps/openssl/openssl/doc/HOWTO/proxy_certificates.txt b/deps/openssl/openssl/doc/HOWTO/proxy_certificates.txt
index 2936cd6e518b1b..3c423492611114 100644
--- a/deps/openssl/openssl/doc/HOWTO/proxy_certificates.txt
+++ b/deps/openssl/openssl/doc/HOWTO/proxy_certificates.txt
@@ -255,7 +255,7 @@ Here is some skeleton code you can fill in:
 
                       /*
                        * process_rights() is supposed to be a procedure
-                       * that takes a string and it's length, interprets
+                       * that takes a string and its length, interprets
                        * it and sets the bits in the YOUR_RIGHTS pointed
                        * at by the third argument.
                        */
diff --git a/deps/openssl/openssl/doc/man1/engine.pod b/deps/openssl/openssl/doc/man1/engine.pod
index 24f1b32cdbfc1c..d49f04292bfb8e 100644
--- a/deps/openssl/openssl/doc/man1/engine.pod
+++ b/deps/openssl/openssl/doc/man1/engine.pod
@@ -64,7 +64,7 @@ See the example below.
 
 =back
 
-=head1 EXAMPLE
+=head1 EXAMPLES
 
 To list all the commands available to a dynamic engine:
 
@@ -109,7 +109,7 @@ L<config(5)>
 
 =head1 COPYRIGHT
 
-Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man1/errstr.pod b/deps/openssl/openssl/doc/man1/errstr.pod
index 3c89b8f5cfff10..94198c123ea6b3 100644
--- a/deps/openssl/openssl/doc/man1/errstr.pod
+++ b/deps/openssl/openssl/doc/man1/errstr.pod
@@ -20,7 +20,7 @@ second colon.
 
 None.
 
-=head1 EXAMPLE
+=head1 EXAMPLES
 
 The error code:
 
@@ -36,7 +36,7 @@ to produce the error message:
 
 =head1 COPYRIGHT
 
-Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2004-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man1/pkcs12.pod b/deps/openssl/openssl/doc/man1/pkcs12.pod
index 6f890c120f3c0e..da887a469978c2 100644
--- a/deps/openssl/openssl/doc/man1/pkcs12.pod
+++ b/deps/openssl/openssl/doc/man1/pkcs12.pod
@@ -225,7 +225,8 @@ for this search. If the search fails it is considered a fatal error.
 
 Encrypt the certificate using triple DES, this may render the PKCS#12
 file unreadable by some "export grade" software. By default the private
-key is encrypted using triple DES and the certificate using 40 bit RC2.
+key is encrypted using triple DES and the certificate using 40 bit RC2
+unless RC2 is disabled in which case triple DES is used.
 
 =item B<-keypbe alg>, B<-certpbe alg>
 
diff --git a/deps/openssl/openssl/doc/man1/pkeyparam.pod b/deps/openssl/openssl/doc/man1/pkeyparam.pod
index 50949657c818d6..bddabc2707e883 100644
--- a/deps/openssl/openssl/doc/man1/pkeyparam.pod
+++ b/deps/openssl/openssl/doc/man1/pkeyparam.pod
@@ -60,7 +60,7 @@ This option checks the correctness of parameters.
 
 =back
 
-=head1 EXAMPLE
+=head1 EXAMPLES
 
 Print out text version of parameters:
 
@@ -78,7 +78,7 @@ L<dsa(1)>, L<genrsa(1)>, L<gendsa(1)>
 
 =head1 COPYRIGHT
 
-Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2006-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man1/s_client.pod b/deps/openssl/openssl/doc/man1/s_client.pod
index cf8153572af041..2f19aac1dcfc53 100644
--- a/deps/openssl/openssl/doc/man1/s_client.pod
+++ b/deps/openssl/openssl/doc/man1/s_client.pod
@@ -147,7 +147,7 @@ SSL servers.
 =head1 OPTIONS
 
 In addition to the options below the B<s_client> utility also supports the
-common and client only options documented in the
+common and client only options documented
 in the "Supported Command Line Commands" section of the L<SSL_CONF_cmd(3)>
 manual page.
 
diff --git a/deps/openssl/openssl/doc/man1/s_server.pod b/deps/openssl/openssl/doc/man1/s_server.pod
index 768789633e7f6f..7fa382a8ae3329 100644
--- a/deps/openssl/openssl/doc/man1/s_server.pod
+++ b/deps/openssl/openssl/doc/man1/s_server.pod
@@ -193,7 +193,7 @@ for connections on a given port using SSL/TLS.
 =head1 OPTIONS
 
 In addition to the options below the B<s_server> utility also supports the
-common and server only options documented in the
+common and server only options documented
 in the "Supported Command Line Commands" section of the L<SSL_CONF_cmd(3)>
 manual page.
 
diff --git a/deps/openssl/openssl/doc/man3/ADMISSIONS.pod b/deps/openssl/openssl/doc/man3/ADMISSIONS.pod
index 5dcf72e201c648..eaf63b219783a3 100644
--- a/deps/openssl/openssl/doc/man3/ADMISSIONS.pod
+++ b/deps/openssl/openssl/doc/man3/ADMISSIONS.pod
@@ -130,7 +130,7 @@ ADMISSION_SYNTAX_set0_contentsOfAdmissions()
 functions free any existing value and set the pointer to the specified value.
 
 The B<ADMISSION> type has an authority name, authority object, and a
-stack of B<PROFSSION_INFO> items.
+stack of B<PROFESSION_INFO> items.
 The ADMISSIONS_get0_admissionAuthority(), ADMISSIONS_get0_namingAuthority(),
 and ADMISSIONS_get0_professionInfos()
 functions return pointers to those values within the object.
@@ -169,7 +169,7 @@ L<d2i_X509(3)>,
 
 =head1 COPYRIGHT
 
-Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/ASYNC_start_job.pod b/deps/openssl/openssl/doc/man3/ASYNC_start_job.pod
index 9bd1044b266a94..b06db76708a29a 100644
--- a/deps/openssl/openssl/doc/man3/ASYNC_start_job.pod
+++ b/deps/openssl/openssl/doc/man3/ASYNC_start_job.pod
@@ -170,7 +170,7 @@ is included, commonly as one of the first included headers. Therefore
 it is defined as an application developer's responsibility to include
 windows.h prior to async.h.
 
-=head1 EXAMPLE
+=head1 EXAMPLES
 
 The following example demonstrates how to use most of the core async APIs:
 
@@ -321,7 +321,7 @@ added in OpenSSL 1.1.0.
 
 =head1 COPYRIGHT
 
-Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/BIO_connect.pod b/deps/openssl/openssl/doc/man3/BIO_connect.pod
index 2766c3d6c5b707..853315aa46a4cf 100644
--- a/deps/openssl/openssl/doc/man3/BIO_connect.pod
+++ b/deps/openssl/openssl/doc/man3/BIO_connect.pod
@@ -24,7 +24,7 @@ but is present for future use.
 
 BIO_bind() binds the source address and service to a socket and
 may be useful before calling BIO_connect().  The options may include
-B<BIO_SOCK_REUSADDR>, which is described in L</FLAGS> below.
+B<BIO_SOCK_REUSEADDR>, which is described in L</FLAGS> below.
 
 BIO_connect() connects B<sock> to the address and service given by
 B<addr>.  Connection B<options> may be zero or any combination of
diff --git a/deps/openssl/openssl/doc/man3/BIO_f_ssl.pod b/deps/openssl/openssl/doc/man3/BIO_f_ssl.pod
index e069594fd1547f..59cccbd4e59791 100644
--- a/deps/openssl/openssl/doc/man3/BIO_f_ssl.pod
+++ b/deps/openssl/openssl/doc/man3/BIO_f_ssl.pod
@@ -129,9 +129,25 @@ BIO_set_ssl(), BIO_get_ssl(), BIO_set_ssl_mode(),
 BIO_set_ssl_renegotiate_bytes(), BIO_set_ssl_renegotiate_timeout(),
 BIO_get_num_renegotiates(), and BIO_do_handshake() are implemented as macros.
 
-=head1 EXAMPLE
+=head1 RETURN VALUES
+
+BIO_f_ssl() returns the SSL B<BIO_METHOD> structure.
+
+BIO_set_ssl(), BIO_get_ssl(), BIO_set_ssl_mode(), BIO_set_ssl_renegotiate_bytes(),
+BIO_set_ssl_renegotiate_timeout() and BIO_get_num_renegotiates() return 1 on
+success or a value which is less than or equal to 0 if an error occurred.
+
+BIO_new_ssl(), BIO_new_ssl_connect() and BIO_new_buffer_ssl_connect() return
+a valid B<BIO> structure on success or B<NULL> if an error occurred.
+
+BIO_ssl_copy_session_id() returns 1 on success or 0 on error.
+
+BIO_do_handshake() returns 1 if the connection was established successfully.
+A zero or negative value is returned if the connection could not be established.
+
+=head1 EXAMPLES
 
-This SSL/TLS client example, attempts to retrieve a page from an
+This SSL/TLS client example attempts to retrieve a page from an
 SSL/TLS web server. The I/O routines are identical to those of the
 unencrypted example in L<BIO_s_connect(3)>.
 
@@ -271,22 +287,6 @@ a client and also echoes the request to standard output.
  BIO_flush(sbio);
  BIO_free_all(sbio);
 
-=head1 RETURN VALUES
-
-BIO_f_ssl() returns the SSL B<BIO_METHOD> structure.
-
-BIO_set_ssl(), BIO_get_ssl(), BIO_set_ssl_mode(), BIO_set_ssl_renegotiate_bytes(),
-BIO_set_ssl_renegotiate_timeout() and BIO_get_num_renegotiates() return 1 on
-success or a value which is less than or equal to 0 if an error occurred.
-
-BIO_new_ssl(), BIO_new_ssl_connect() and BIO_new_buffer_ssl_connect() return
-a valid B<BIO> structure on success or B<NULL> if an error occurred.
-
-BIO_ssl_copy_session_id() returns 1 on success or 0 on error.
-
-BIO_do_handshake() returns 1 if the connection was established successfully.
-A zero or negative value is returned if the connection could not be established.
-
 =head1 HISTORY
 
 In OpenSSL before 1.0.0 the BIO_pop() call was handled incorrectly,
@@ -298,7 +298,7 @@ be modified to handle this fix or they may free up an already freed BIO.
 
 =head1 COPYRIGHT
 
-Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/BIO_find_type.pod b/deps/openssl/openssl/doc/man3/BIO_find_type.pod
index b8171942efcc01..b18b615a33d2c5 100644
--- a/deps/openssl/openssl/doc/man3/BIO_find_type.pod
+++ b/deps/openssl/openssl/doc/man3/BIO_find_type.pod
@@ -40,7 +40,7 @@ BIO_next() returns the next BIO in a chain.
 
 BIO_method_type() returns the type of the BIO B<b>.
 
-=head1 EXAMPLE
+=head1 EXAMPLES
 
 Traverse a chain looking for digest BIOs:
 
@@ -60,7 +60,7 @@ Traverse a chain looking for digest BIOs:
 
 =head1 COPYRIGHT
 
-Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/BIO_new.pod b/deps/openssl/openssl/doc/man3/BIO_new.pod
index 2712be0dab069a..c33eb9d02e6ab6 100644
--- a/deps/openssl/openssl/doc/man3/BIO_new.pod
+++ b/deps/openssl/openssl/doc/man3/BIO_new.pod
@@ -53,7 +53,7 @@ on it other than the discarded return value.
 
 BIO_set() was removed in OpenSSL 1.1.0 as BIO type is now opaque.
 
-=head1 EXAMPLE
+=head1 EXAMPLES
 
 Create a memory BIO:
 
@@ -61,7 +61,7 @@ Create a memory BIO:
 
 =head1 COPYRIGHT
 
-Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/BIO_s_accept.pod b/deps/openssl/openssl/doc/man3/BIO_s_accept.pod
index 45b864e5e64d91..37b6f4d8391296 100644
--- a/deps/openssl/openssl/doc/man3/BIO_s_accept.pod
+++ b/deps/openssl/openssl/doc/man3/BIO_s_accept.pod
@@ -174,7 +174,7 @@ BIO_get_bind_mode() returns the set of B<BIO_BIND> flags, or -1 on failure.
 
 BIO_new_accept() returns a BIO or NULL on error.
 
-=head1 EXAMPLE
+=head1 EXAMPLES
 
 This example accepts two connections on port 4444, sends messages
 down each and finally closes both down.
@@ -224,7 +224,7 @@ down each and finally closes both down.
 
 =head1 COPYRIGHT
 
-Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/BIO_s_bio.pod b/deps/openssl/openssl/doc/man3/BIO_s_bio.pod
index dfafa351e480c4..f78fe13489c672 100644
--- a/deps/openssl/openssl/doc/man3/BIO_s_bio.pod
+++ b/deps/openssl/openssl/doc/man3/BIO_s_bio.pod
@@ -133,7 +133,7 @@ locations for B<bio1> and B<bio2>. Check the error stack for more information.
 
 [XXXXX: More return values need to be added here]
 
-=head1 EXAMPLE
+=head1 EXAMPLES
 
 The BIO pair can be used to have full control over the network access of an
 application. The application can call select() on the socket as required
@@ -176,7 +176,7 @@ and must be transferred to the network. Use BIO_ctrl_get_read_request() to
 find out, how many bytes must be written into the buffer before the
 SSL_operation() can successfully be continued.
 
-=head1 WARNING
+=head1 WARNINGS
 
 As the data is buffered, SSL_operation() may return with an ERROR_SSL_WANT_READ
 condition, but there is still data in the write buffer. An application must
@@ -191,7 +191,7 @@ L<BIO_should_retry(3)>, L<BIO_read_ex(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/BIO_s_connect.pod b/deps/openssl/openssl/doc/man3/BIO_s_connect.pod
index d5cc553f250842..4f145297c5876b 100644
--- a/deps/openssl/openssl/doc/man3/BIO_s_connect.pod
+++ b/deps/openssl/openssl/doc/man3/BIO_s_connect.pod
@@ -163,7 +163,7 @@ BIO_set_nbio() always returns 1.
 BIO_do_connect() returns 1 if the connection was successfully
 established and 0 or -1 if the connection failed.
 
-=head1 EXAMPLE
+=head1 EXAMPLES
 
 This is example connects to a webserver on the local host and attempts
 to retrieve a page and copy the result to standard output.
@@ -203,7 +203,7 @@ Use BIO_set_conn_address() and BIO_get_conn_address() instead.
 
 =head1 COPYRIGHT
 
-Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/BIO_s_fd.pod b/deps/openssl/openssl/doc/man3/BIO_s_fd.pod
index 8ebf563cf64daa..6291373cf34da6 100644
--- a/deps/openssl/openssl/doc/man3/BIO_s_fd.pod
+++ b/deps/openssl/openssl/doc/man3/BIO_s_fd.pod
@@ -68,7 +68,7 @@ been initialized.
 BIO_new_fd() returns the newly allocated BIO or NULL is an error
 occurred.
 
-=head1 EXAMPLE
+=head1 EXAMPLES
 
 This is a file descriptor BIO version of "Hello World":
 
@@ -88,7 +88,7 @@ L<BIO_set_close(3)>, L<BIO_get_close(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/BIO_s_mem.pod b/deps/openssl/openssl/doc/man3/BIO_s_mem.pod
index 2a5d423648db6c..9d3ae216158a43 100644
--- a/deps/openssl/openssl/doc/man3/BIO_s_mem.pod
+++ b/deps/openssl/openssl/doc/man3/BIO_s_mem.pod
@@ -41,9 +41,10 @@ If the BIO_CLOSE flag is set when a memory BIO is freed then the underlying
 BUF_MEM structure is also freed.
 
 Calling BIO_reset() on a read write memory BIO clears any data in it if the
-flag BIO_FLAGS_NONCLEAR_RST is not set. On a read only BIO or if the flag
-BIO_FLAGS_NONCLEAR_RST is set it restores the BIO to its original state and
-the data can be read again.
+flag BIO_FLAGS_NONCLEAR_RST is not set, otherwise it just restores the read
+pointer to the state it was just after the last write was performed and the
+data can be read again. On a read only BIO it similarly restores the BIO to
+its original state and the read only data can be read again.
 
 BIO_eof() is true if no data is in the BIO.
 
@@ -79,11 +80,11 @@ first, so the supplied area of memory must be unchanged until the BIO is freed.
 Writes to memory BIOs will always succeed if memory is available: that is
 their size can grow indefinitely.
 
-Every read from a read write memory BIO will remove the data just read with
-an internal copy operation, if a BIO contains a lot of data and it is
-read in small chunks the operation can be very slow. The use of a read only
-memory BIO avoids this problem. If the BIO must be read write then adding
-a buffering BIO to the chain will speed up the process.
+Every write after partial read (not all data in the memory buffer was read)
+to a read write memory BIO will have to move the unread data with an internal
+copy operation, if a BIO contains a lot of data and it is read in small
+chunks intertwined with writes the operation can be very slow. Adding
+a buffering BIO to the chain can speed up the process.
 
 Calling BIO_set_mem_buf() on a BIO created with BIO_new_secmem() will
 give undefined results, including perhaps a program crash.
@@ -104,11 +105,32 @@ BIO is set to BIO_NOCLOSE, before freeing the BUF_MEM the data pointer
 in it must be set to NULL as the data pointer does not point to an
 allocated memory.
 
+Calling BIO_reset() on a read write memory BIO with BIO_FLAGS_NONCLEAR_RST
+flag set can have unexpected outcome when the reads and writes to the
+BIO are intertwined. As documented above the BIO will be reset to the
+state after the last completed write operation. The effects of reads
+preceding that write operation cannot be undone.
+
+Calling BIO_get_mem_ptr() prior to a BIO_reset() call with
+BIO_FLAGS_NONCLEAR_RST set has the same effect as a write operation.
+
 =head1 BUGS
 
 There should be an option to set the maximum size of a memory BIO.
 
-=head1 EXAMPLE
+=head1 RETURN VALUES
+
+BIO_s_mem() and BIO_s_secmem() return a valid memory B<BIO_METHOD> structure.
+
+BIO_set_mem_eof_return(), BIO_set_mem_buf() and BIO_get_mem_ptr()
+return 1 on success or a value which is less than or equal to 0 if an error occurred.
+
+BIO_get_mem_data() returns the total number of bytes available on success,
+0 if b is NULL, or a negative value in case of other errors.
+
+BIO_new_mem_buf() returns a valid B<BIO> structure on success or NULL on error.
+
+=head1 EXAMPLES
 
 Create a memory BIO and write some data to it:
 
@@ -129,14 +151,6 @@ Extract the BUF_MEM structure from a memory BIO and then free up the BIO:
  BIO_set_close(mem, BIO_NOCLOSE); /* So BIO_free() leaves BUF_MEM alone */
  BIO_free(mem);
 
-=head1 RETURN VALUES
-
-BIO_s_mem() and BIO_s_secmem() return a valid memory B<BIO_METHOD> structure.
-
-BIO_set_mem_eof_return(), BIO_get_mem_data(), BIO_set_mem_buf() and BIO_get_mem_ptr()
-return 1 on success or a value which is less than or equal to 0 if an error occurred.
-
-BIO_new_mem_buf() returns a valid B<BIO> structure on success or NULL on error.
 
 =head1 COPYRIGHT
 
diff --git a/deps/openssl/openssl/doc/man3/BIO_set_callback.pod b/deps/openssl/openssl/doc/man3/BIO_set_callback.pod
index 0a9b6edb656a72..291456baa42a2a 100644
--- a/deps/openssl/openssl/doc/man3/BIO_set_callback.pod
+++ b/deps/openssl/openssl/doc/man3/BIO_set_callback.pod
@@ -211,11 +211,6 @@ the actual call parameter, see B<BIO_callback_ctrl>.
 
 =back
 
-=head1 EXAMPLE
-
-The BIO_debug_callback() function is a good example, its source is
-in crypto/bio/bio_cb.c
-
 =head1 RETURN VALUES
 
 BIO_get_callback_ex() and BIO_get_callback() return the callback function
@@ -228,9 +223,14 @@ via a call to BIO_set_callback_arg().
 BIO_debug_callback() returns 1 or B<ret> if it's called after specific BIO
 operations.
 
+=head1 EXAMPLES
+
+The BIO_debug_callback() function is a good example, its source is
+in crypto/bio/bio_cb.c
+
 =head1 COPYRIGHT
 
-Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/BN_generate_prime.pod b/deps/openssl/openssl/doc/man3/BN_generate_prime.pod
index b6e9145106bec7..31fbc1ffa1743f 100644
--- a/deps/openssl/openssl/doc/man3/BN_generate_prime.pod
+++ b/deps/openssl/openssl/doc/man3/BN_generate_prime.pod
@@ -51,7 +51,9 @@ Deprecated:
 =head1 DESCRIPTION
 
 BN_generate_prime_ex() generates a pseudo-random prime number of
-at least bit length B<bits>.
+at least bit length B<bits>. The returned number is probably prime
+with a negligible error.
+
 If B<ret> is not B<NULL>, it will be used to store the number.
 
 If B<cb> is not B<NULL>, it is used as follows:
@@ -89,8 +91,9 @@ generator.
 If B<safe> is true, it will be a safe prime (i.e. a prime p so
 that (p-1)/2 is also prime).
 
-The PRNG must be seeded prior to calling BN_generate_prime_ex().
-The prime number generation has a negligible error probability.
+The random generator must be seeded prior to calling BN_generate_prime_ex().
+If the automatic seeding or reseeding of the OpenSSL CSPRNG fails due to
+external circumstances (see L<RAND(7)>), the operation will fail.
 
 BN_is_prime_ex() and BN_is_prime_fasttest_ex() test if the number B<p> is
 prime.  The following tests are performed until one of them shows that
@@ -193,7 +196,8 @@ Instead applications should create a BN_GENCB structure using BN_GENCB_new:
 =head1 SEE ALSO
 
 L<DH_generate_parameters(3)>, L<DSA_generate_parameters(3)>,
-L<RSA_generate_key(3)>, L<ERR_get_error(3)>, L<RAND_bytes(3)>
+L<RSA_generate_key(3)>, L<ERR_get_error(3)>, L<RAND_bytes(3)>,
+L<RAND(7)>
 
 =head1 HISTORY
 
@@ -202,7 +206,7 @@ and BN_GENCB_get_arg() functions were added in OpenSSL 1.1.0.
 
 =head1 COPYRIGHT
 
-Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/BN_mod_mul_montgomery.pod b/deps/openssl/openssl/doc/man3/BN_mod_mul_montgomery.pod
index 4dfcb21d9a1549..7f47e94c2b72aa 100644
--- a/deps/openssl/openssl/doc/man3/BN_mod_mul_montgomery.pod
+++ b/deps/openssl/openssl/doc/man3/BN_mod_mul_montgomery.pod
@@ -64,7 +64,7 @@ BN_MONT_CTX_free() has no return value.
 For the other functions, 1 is returned for success, 0 on error.
 The error codes can be obtained by L<ERR_get_error(3)>.
 
-=head1 WARNING
+=head1 WARNINGS
 
 The inputs must be reduced modulo B<m>, otherwise the result will be
 outside the expected range.
@@ -80,7 +80,7 @@ BN_MONT_CTX_init() was removed in OpenSSL 1.1.0
 
 =head1 COPYRIGHT
 
-Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/BN_new.pod b/deps/openssl/openssl/doc/man3/BN_new.pod
index 1fab6d26eb19d0..7f0f6514bc4adf 100644
--- a/deps/openssl/openssl/doc/man3/BN_new.pod
+++ b/deps/openssl/openssl/doc/man3/BN_new.pod
@@ -22,7 +22,7 @@ BN_new, BN_secure_new, BN_clear, BN_free, BN_clear_free - allocate and free BIGN
 
 BN_new() allocates and initializes a B<BIGNUM> structure.
 BN_secure_new() does the same except that the secure heap
-OPENSSL_secure_malloc(3) is used to store the value.
+L<OPENSSL_secure_malloc(3)> is used to store the value.
 
 BN_clear() is used to destroy sensitive data such as keys when they
 are no longer needed. It erases the memory used by B<a> and sets it
@@ -46,7 +46,7 @@ BN_clear(), BN_free() and BN_clear_free() have no return values.
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)>
+L<ERR_get_error(3)>, L<OPENSSL_secure_malloc(3)>
 
 =head1 HISTORY
 
diff --git a/deps/openssl/openssl/doc/man3/CMS_final.pod b/deps/openssl/openssl/doc/man3/CMS_final.pod
index 264fe7bc3b1a66..15fd15a68c0d46 100644
--- a/deps/openssl/openssl/doc/man3/CMS_final.pod
+++ b/deps/openssl/openssl/doc/man3/CMS_final.pod
@@ -12,7 +12,7 @@ CMS_final - finalise a CMS_ContentInfo structure
 
 =head1 DESCRIPTION
 
-CMS_final() finalises the structure B<cms>. It's purpose is to perform any
+CMS_final() finalises the structure B<cms>. Its purpose is to perform any
 operations necessary on B<cms> (digest computation for example) and set the
 appropriate fields. The parameter B<data> contains the content to be
 processed. The B<dcont> parameter contains a BIO to write content to after
@@ -36,7 +36,7 @@ L<CMS_encrypt(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2008-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/CRYPTO_THREAD_run_once.pod b/deps/openssl/openssl/doc/man3/CRYPTO_THREAD_run_once.pod
index 32776131936c8a..b919e2e478164b 100644
--- a/deps/openssl/openssl/doc/man3/CRYPTO_THREAD_run_once.pod
+++ b/deps/openssl/openssl/doc/man3/CRYPTO_THREAD_run_once.pod
@@ -97,7 +97,7 @@ one of the first included headers. Therefore it is defined as an
 application developer's responsibility to include windows.h prior to
 crypto.h where use of CRYPTO_THREAD_* types and functions is required.
 
-=head1 EXAMPLE
+=head1 EXAMPLES
 
 This example safely initializes and uses a lock.
 
@@ -161,7 +161,7 @@ L<crypto(7)>
 
 =head1 COPYRIGHT
 
-Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/CRYPTO_memcmp.pod b/deps/openssl/openssl/doc/man3/CRYPTO_memcmp.pod
new file mode 100644
index 00000000000000..9182d00796c9f0
--- /dev/null
+++ b/deps/openssl/openssl/doc/man3/CRYPTO_memcmp.pod
@@ -0,0 +1,39 @@
+=pod
+
+=head1 NAME
+
+CRYPTO_memcmp - Constant time memory comparison
+
+=head1 SYNOPSIS
+
+ #include <openssl/crypto.h>
+
+ int CRYPTO_memcmp(const void *a, const void *b, size_t len);
+
+=head1 DESCRIPTION
+
+The CRYPTO_memcmp function compares the B<len> bytes pointed to by B<a> and B<b>
+for equality.
+It takes an amount of time dependent on B<len>, but independent of the
+contents of the memory regions pointed to by B<a> and B<b>.
+
+=head1 RETURN VALUES
+
+CRYPTO_memcmp() returns 0 if the memory regions are equal and non-zero
+otherwise.
+
+=head1 NOTES
+
+Unlike memcmp(2), this function cannot be used to order the two memory regions
+as the return value when they differ is undefined, other than being non-zero.
+
+=head1 COPYRIGHT
+
+Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/deps/openssl/openssl/doc/man3/DES_random_key.pod b/deps/openssl/openssl/doc/man3/DES_random_key.pod
index bd4bd9750cd3cc..04df6ec0dfde3d 100644
--- a/deps/openssl/openssl/doc/man3/DES_random_key.pod
+++ b/deps/openssl/openssl/doc/man3/DES_random_key.pod
@@ -104,9 +104,11 @@ consists of 8 bytes with odd parity.  The least significant bit in
 each byte is the parity bit.  The key schedule is an expanded form of
 the key; it is used to speed the encryption process.
 
-DES_random_key() generates a random key.  The PRNG must be seeded
-prior to using this function (see L<RAND_bytes(3)>).  If the PRNG
-could not generate a secure key, 0 is returned.
+DES_random_key() generates a random key.  The random generator must be
+seeded when calling this function.
+If the automatic seeding or reseeding of the OpenSSL CSPRNG fails due to
+external circumstances (see L<RAND(7)>), the operation will fail.
+If the function fails, 0 is returned.
 
 Before a DES key can be used, it must be converted into the
 architecture dependent I<DES_key_schedule> via the
diff --git a/deps/openssl/openssl/doc/man3/DSA_generate_key.pod b/deps/openssl/openssl/doc/man3/DSA_generate_key.pod
index 9ff75533525559..bb1bb366909599 100644
--- a/deps/openssl/openssl/doc/man3/DSA_generate_key.pod
+++ b/deps/openssl/openssl/doc/man3/DSA_generate_key.pod
@@ -15,7 +15,9 @@ DSA_generate_key - generate DSA key pair
 DSA_generate_key() expects B<a> to contain DSA parameters. It generates
 a new key pair and stores it in B<a-E<gt>pub_key> and B<a-E<gt>priv_key>.
 
-The PRNG must be seeded prior to calling DSA_generate_key().
+The random generator must be seeded prior to calling DSA_generate_key().
+If the automatic seeding or reseeding of the OpenSSL CSPRNG fails due to
+external circumstances (see L<RAND(7)>), the operation will fail.
 
 =head1 RETURN VALUES
 
@@ -29,7 +31,7 @@ L<DSA_generate_parameters_ex(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/DSA_sign.pod b/deps/openssl/openssl/doc/man3/DSA_sign.pod
index 889c7a1e070822..0d76b8c3f928fb 100644
--- a/deps/openssl/openssl/doc/man3/DSA_sign.pod
+++ b/deps/openssl/openssl/doc/man3/DSA_sign.pod
@@ -36,8 +36,10 @@ B<dsa> is the signer's public key.
 
 The B<type> parameter is ignored.
 
-The PRNG must be seeded before DSA_sign() (or DSA_sign_setup())
+The random generator must be seeded when DSA_sign() (or DSA_sign_setup())
 is called.
+If the automatic seeding or reseeding of the OpenSSL CSPRNG fails due to
+external circumstances (see L<RAND(7)>), the operation will fail.
 
 =head1 RETURN VALUES
 
@@ -54,11 +56,12 @@ Standard, DSS), ANSI X9.30
 =head1 SEE ALSO
 
 L<DSA_new(3)>, L<ERR_get_error(3)>, L<RAND_bytes(3)>,
-L<DSA_do_sign(3)>
+L<DSA_do_sign(3)>,
+L<RAND(7)>
 
 =head1 COPYRIGHT
 
-Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/ECDSA_SIG_new.pod b/deps/openssl/openssl/doc/man3/ECDSA_SIG_new.pod
index 8d6cda5e7a3c97..6a7d107079d513 100644
--- a/deps/openssl/openssl/doc/man3/ECDSA_SIG_new.pod
+++ b/deps/openssl/openssl/doc/man3/ECDSA_SIG_new.pod
@@ -3,10 +3,10 @@
 =head1 NAME
 
 ECDSA_SIG_get0, ECDSA_SIG_get0_r, ECDSA_SIG_get0_s, ECDSA_SIG_set0,
-ECDSA_SIG_new, ECDSA_SIG_free, i2d_ECDSA_SIG, d2i_ECDSA_SIG, ECDSA_size,
-ECDSA_sign, ECDSA_do_sign, ECDSA_verify, ECDSA_do_verify, ECDSA_sign_setup,
-ECDSA_sign_ex, ECDSA_do_sign_ex - low level elliptic curve digital signature
-algorithm (ECDSA) functions
+ECDSA_SIG_new, ECDSA_SIG_free, ECDSA_size, ECDSA_sign, ECDSA_do_sign,
+ECDSA_verify, ECDSA_do_verify, ECDSA_sign_setup, ECDSA_sign_ex,
+ECDSA_do_sign_ex - low level elliptic curve digital signature algorithm (ECDSA)
+functions
 
 =head1 SYNOPSIS
 
@@ -18,8 +18,6 @@ algorithm (ECDSA) functions
  const BIGNUM *ECDSA_SIG_get0_r(const ECDSA_SIG *sig);
  const BIGNUM *ECDSA_SIG_get0_s(const ECDSA_SIG *sig);
  int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s);
- int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
- ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);
  int ECDSA_size(const EC_KEY *eckey);
 
  int ECDSA_sign(int type, const unsigned char *dgst, int dgstlen,
@@ -68,15 +66,8 @@ function transfers the memory management of the values to the ECDSA_SIG object,
 and therefore the values that have been passed in should not be freed directly
 after this function has been called.
 
-i2d_ECDSA_SIG() creates the DER encoding of the ECDSA signature B<sig> and
-writes the encoded signature to B<*pp> (note: if B<pp> is NULL i2d_ECDSA_SIG()
-returns the expected length in bytes of the DER encoded signature).
-i2d_ECDSA_SIG() returns the length of the DER encoded signature (or 0 on
-error).
-
-d2i_ECDSA_SIG() decodes a DER encoded ECDSA signature and returns the decoded
-signature in a newly allocated B<ECDSA_SIG> structure. B<*sig> points to the
-buffer containing the DER encoded signature of size B<len>.
+See L<i2d_ECDSA_SIG(3)> and L<d2i_ECDSA_SIG(3)> for information about encoding
+and decoding ECDSA signatures to/from DER.
 
 ECDSA_size() returns the maximum length of a DER encoded ECDSA signature
 created with the private EC key B<eckey>.
@@ -202,7 +193,9 @@ ANSI X9.62, US Federal Information Processing Standard FIPS 186-2
 
 L<EC_KEY_new(3)>,
 L<EVP_DigestSignInit(3)>,
-L<EVP_DigestVerifyInit(3)>
+L<EVP_DigestVerifyInit(3)>,
+L<i2d_ECDSA_SIG(3)>,
+L<d2i_ECDSA_SIG(3)>
 
 =head1 COPYRIGHT
 
diff --git a/deps/openssl/openssl/doc/man3/EVP_DigestInit.pod b/deps/openssl/openssl/doc/man3/EVP_DigestInit.pod
index 37bc10d38056fb..3e3e3422976347 100644
--- a/deps/openssl/openssl/doc/man3/EVP_DigestInit.pod
+++ b/deps/openssl/openssl/doc/man3/EVP_DigestInit.pod
@@ -304,7 +304,7 @@ macros.
 EVP_MD_CTX_ctrl() sends commands to message digests for additional configuration
 or control.
 
-=head1 EXAMPLE
+=head1 EXAMPLES
 
 This example digests the data "Test Message\n" and "Hello World\n", using the
 digest name passed on the command line.
@@ -381,7 +381,7 @@ The EVP_MD_CTX_set_pkey_ctx() function was added in 1.1.1.
 
 =head1 COPYRIGHT
 
-Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/EVP_DigestSignInit.pod b/deps/openssl/openssl/doc/man3/EVP_DigestSignInit.pod
index 7b74a23cbcf25a..0bbc3d0ff8f348 100644
--- a/deps/openssl/openssl/doc/man3/EVP_DigestSignInit.pod
+++ b/deps/openssl/openssl/doc/man3/EVP_DigestSignInit.pod
@@ -35,7 +35,7 @@ EVP_MD_CTX is freed).
 
 The digest B<type> may be NULL if the signing algorithm supports it.
 
-No B<EVP_PKEY_CTX> will be created by EVP_DigsetSignInit() if the passed B<ctx>
+No B<EVP_PKEY_CTX> will be created by EVP_DigestSignInit() if the passed B<ctx>
 has already been assigned one via L<EVP_MD_CTX_set_ctx(3)>. See also L<SM2(7)>.
 
 Only EVP_PKEY types that support signing can be used with these functions. This
@@ -125,8 +125,9 @@ and public key algorithms. This meant that "clone" digests such as EVP_dss1()
 needed to be used to sign using SHA1 and DSA. This is no longer necessary and
 the use of clone digest is now discouraged.
 
-For some key types and parameters the random number generator must be seeded
-or the operation will fail.
+For some key types and parameters the random number generator must be seeded.
+If the automatic seeding or reseeding of the OpenSSL CSPRNG fails due to
+external circumstances (see L<RAND(7)>), the operation will fail.
 
 The call to EVP_DigestSignFinal() internally finalizes a copy of the digest
 context. This means that calls to EVP_DigestSignUpdate() and
@@ -147,7 +148,8 @@ L<EVP_DigestVerifyInit(3)>,
 L<EVP_DigestInit(3)>,
 L<evp(7)>, L<HMAC(3)>, L<MD2(3)>,
 L<MD5(3)>, L<MDC2(3)>, L<RIPEMD160(3)>,
-L<SHA1(3)>, L<dgst(1)>
+L<SHA1(3)>, L<dgst(1)>,
+L<RAND(7)>
 
 =head1 HISTORY
 
@@ -156,7 +158,7 @@ were added in OpenSSL 1.0.0.
 
 =head1 COPYRIGHT
 
-Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2006-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/EVP_DigestVerifyInit.pod b/deps/openssl/openssl/doc/man3/EVP_DigestVerifyInit.pod
index 592a7508dce0b5..05b99bb913ce3b 100644
--- a/deps/openssl/openssl/doc/man3/EVP_DigestVerifyInit.pod
+++ b/deps/openssl/openssl/doc/man3/EVP_DigestVerifyInit.pod
@@ -32,7 +32,7 @@ being passed to EVP_DigestVerifyInit() (which means the EVP_PKEY_CTX is created
 inside EVP_DigestVerifyInit() and it will be freed automatically when the
 EVP_MD_CTX is freed).
 
-No B<EVP_PKEY_CTX> will be created by EVP_DigsetSignInit() if the passed B<ctx>
+No B<EVP_PKEY_CTX> will be created by EVP_DigestSignInit() if the passed B<ctx>
 has already been assigned one via L<EVP_MD_CTX_set_ctx(3)>. See also L<SM2(7)>.
 
 EVP_DigestVerifyUpdate() hashes B<cnt> bytes of data at B<d> into the
@@ -76,8 +76,9 @@ and public key algorithms. This meant that "clone" digests such as EVP_dss1()
 needed to be used to sign using SHA1 and DSA. This is no longer necessary and
 the use of clone digest is now discouraged.
 
-For some key types and parameters the random number generator must be seeded
-or the operation will fail.
+For some key types and parameters the random number generator must be seeded.
+If the automatic seeding or reseeding of the OpenSSL CSPRNG fails due to
+external circumstances (see L<RAND(7)>), the operation will fail.
 
 The call to EVP_DigestVerifyFinal() internally finalizes a copy of the digest
 context. This means that EVP_VerifyUpdate() and EVP_VerifyFinal() can
@@ -93,7 +94,8 @@ L<EVP_DigestSignInit(3)>,
 L<EVP_DigestInit(3)>,
 L<evp(7)>, L<HMAC(3)>, L<MD2(3)>,
 L<MD5(3)>, L<MDC2(3)>, L<RIPEMD160(3)>,
-L<SHA1(3)>, L<dgst(1)>
+L<SHA1(3)>, L<dgst(1)>,
+L<RAND(7)>
 
 =head1 HISTORY
 
diff --git a/deps/openssl/openssl/doc/man3/EVP_PKEY_CTX_set_hkdf_md.pod b/deps/openssl/openssl/doc/man3/EVP_PKEY_CTX_set_hkdf_md.pod
index e8f19cfc9980eb..974bbed9b9f2a1 100644
--- a/deps/openssl/openssl/doc/man3/EVP_PKEY_CTX_set_hkdf_md.pod
+++ b/deps/openssl/openssl/doc/man3/EVP_PKEY_CTX_set_hkdf_md.pod
@@ -121,7 +121,7 @@ All these functions return 1 for success and 0 or a negative value for failure.
 In particular a return value of -2 indicates the operation is not supported by
 the public key algorithm.
 
-=head1 EXAMPLE
+=head1 EXAMPLES
 
 This example derives 10 bytes using SHA-256 with the secret key "secret",
 salt value "salt" and info value "label":
@@ -156,7 +156,7 @@ L<EVP_PKEY_derive(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/EVP_PKEY_CTX_set_tls1_prf_md.pod b/deps/openssl/openssl/doc/man3/EVP_PKEY_CTX_set_tls1_prf_md.pod
index 30e50bc63e9482..9a8d7a88755282 100644
--- a/deps/openssl/openssl/doc/man3/EVP_PKEY_CTX_set_tls1_prf_md.pod
+++ b/deps/openssl/openssl/doc/man3/EVP_PKEY_CTX_set_tls1_prf_md.pod
@@ -70,7 +70,7 @@ All these functions return 1 for success and 0 or a negative value for failure.
 In particular a return value of -2 indicates the operation is not supported by
 the public key algorithm.
 
-=head1 EXAMPLE
+=head1 EXAMPLES
 
 This example derives 10 bytes using SHA-256 with the secret key "secret"
 and seed value "seed":
@@ -99,7 +99,7 @@ L<EVP_PKEY_derive(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/EVP_PKEY_decrypt.pod b/deps/openssl/openssl/doc/man3/EVP_PKEY_decrypt.pod
index 2e3d266541a66c..08d0ec32bdb399 100644
--- a/deps/openssl/openssl/doc/man3/EVP_PKEY_decrypt.pod
+++ b/deps/openssl/openssl/doc/man3/EVP_PKEY_decrypt.pod
@@ -41,7 +41,7 @@ EVP_PKEY_decrypt_init() and EVP_PKEY_decrypt() return 1 for success and 0
 or a negative value for failure. In particular a return value of -2
 indicates the operation is not supported by the public key algorithm.
 
-=head1 EXAMPLE
+=head1 EXAMPLES
 
 Decrypt data using OAEP (for RSA keys):
 
@@ -95,7 +95,7 @@ These functions were added in OpenSSL 1.0.0.
 
 =head1 COPYRIGHT
 
-Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2006-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/EVP_PKEY_derive.pod b/deps/openssl/openssl/doc/man3/EVP_PKEY_derive.pod
index a74065e31f3b97..76b3c3986b1cde 100644
--- a/deps/openssl/openssl/doc/man3/EVP_PKEY_derive.pod
+++ b/deps/openssl/openssl/doc/man3/EVP_PKEY_derive.pod
@@ -42,7 +42,7 @@ EVP_PKEY_derive_init() and EVP_PKEY_derive() return 1 for success and 0
 or a negative value for failure. In particular a return value of -2
 indicates the operation is not supported by the public key algorithm.
 
-=head1 EXAMPLE
+=head1 EXAMPLES
 
 Derive shared secret (for example DH or EC keys):
 
@@ -93,7 +93,7 @@ These functions were added in OpenSSL 1.0.0.
 
 =head1 COPYRIGHT
 
-Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2006-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/EVP_PKEY_encrypt.pod b/deps/openssl/openssl/doc/man3/EVP_PKEY_encrypt.pod
index 371891046473f1..2a3bf2a0974100 100644
--- a/deps/openssl/openssl/doc/man3/EVP_PKEY_encrypt.pod
+++ b/deps/openssl/openssl/doc/man3/EVP_PKEY_encrypt.pod
@@ -41,7 +41,7 @@ EVP_PKEY_encrypt_init() and EVP_PKEY_encrypt() return 1 for success and 0
 or a negative value for failure. In particular a return value of -2
 indicates the operation is not supported by the public key algorithm.
 
-=head1 EXAMPLE
+=head1 EXAMPLES
 
 Encrypt data using OAEP (for RSA keys). See also L<PEM_read_PUBKEY(3)> or
 L<d2i_X509(3)> for means to load a public key. You may also simply
@@ -100,7 +100,7 @@ These functions were added in OpenSSL 1.0.0.
 
 =head1 COPYRIGHT
 
-Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2006-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/EVP_PKEY_sign.pod b/deps/openssl/openssl/doc/man3/EVP_PKEY_sign.pod
index 1672831ff0158c..175aeed584d9f2 100644
--- a/deps/openssl/openssl/doc/man3/EVP_PKEY_sign.pod
+++ b/deps/openssl/openssl/doc/man3/EVP_PKEY_sign.pod
@@ -46,7 +46,7 @@ EVP_PKEY_sign_init() and EVP_PKEY_sign() return 1 for success and 0
 or a negative value for failure. In particular a return value of -2
 indicates the operation is not supported by the public key algorithm.
 
-=head1 EXAMPLE
+=head1 EXAMPLES
 
 Sign data using RSA with PKCS#1 padding and SHA256 digest:
 
@@ -105,7 +105,7 @@ These functions were added in OpenSSL 1.0.0.
 
 =head1 COPYRIGHT
 
-Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2006-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/EVP_PKEY_verify.pod b/deps/openssl/openssl/doc/man3/EVP_PKEY_verify.pod
index cdbb80b99df86e..616fd5577fd241 100644
--- a/deps/openssl/openssl/doc/man3/EVP_PKEY_verify.pod
+++ b/deps/openssl/openssl/doc/man3/EVP_PKEY_verify.pod
@@ -44,7 +44,7 @@ A negative value indicates an error other that signature verification failure.
 In particular a return value of -2 indicates the operation is not supported by
 the public key algorithm.
 
-=head1 EXAMPLE
+=head1 EXAMPLES
 
 Verify signature using PKCS#1 and SHA256 digest:
 
@@ -93,7 +93,7 @@ These functions were added in OpenSSL 1.0.0.
 
 =head1 COPYRIGHT
 
-Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2006-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/EVP_PKEY_verify_recover.pod b/deps/openssl/openssl/doc/man3/EVP_PKEY_verify_recover.pod
index 251360656167e5..a3a7818d7940a9 100644
--- a/deps/openssl/openssl/doc/man3/EVP_PKEY_verify_recover.pod
+++ b/deps/openssl/openssl/doc/man3/EVP_PKEY_verify_recover.pod
@@ -49,7 +49,7 @@ EVP_PKEY_verify_recover_init() and EVP_PKEY_verify_recover() return 1 for succes
 and 0 or a negative value for failure. In particular a return value of -2
 indicates the operation is not supported by the public key algorithm.
 
-=head1 EXAMPLE
+=head1 EXAMPLES
 
 Recover digest originally signed using PKCS#1 and SHA256 digest:
 
@@ -104,7 +104,7 @@ These functions were added in OpenSSL 1.0.0.
 
 =head1 COPYRIGHT
 
-Copyright 2013-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2013-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/EVP_SealInit.pod b/deps/openssl/openssl/doc/man3/EVP_SealInit.pod
index 29d89c30529a5a..2c2c89a71b51ee 100644
--- a/deps/openssl/openssl/doc/man3/EVP_SealInit.pod
+++ b/deps/openssl/openssl/doc/man3/EVP_SealInit.pod
@@ -55,7 +55,9 @@ failure.
 =head1 NOTES
 
 Because a random secret key is generated the random number generator
-must be seeded before calling EVP_SealInit().
+must be seeded when EVP_SealInit() is called.
+If the automatic seeding or reseeding of the OpenSSL CSPRNG fails due to
+external circumstances (see L<RAND(7)>), the operation will fail.
 
 The public key must be RSA because it is the only OpenSSL public key
 algorithm that supports key transport.
@@ -75,11 +77,12 @@ with B<type> set to NULL.
 
 L<evp(7)>, L<RAND_bytes(3)>,
 L<EVP_EncryptInit(3)>,
-L<EVP_OpenInit(3)>
+L<EVP_OpenInit(3)>,
+L<RAND(7)>
 
 =head1 COPYRIGHT
 
-Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/EVP_SignInit.pod b/deps/openssl/openssl/doc/man3/EVP_SignInit.pod
index 86fec82fb007dc..c26b7f7d5d2209 100644
--- a/deps/openssl/openssl/doc/man3/EVP_SignInit.pod
+++ b/deps/openssl/openssl/doc/man3/EVP_SignInit.pod
@@ -66,9 +66,10 @@ The B<EVP> interface to digital signatures should almost always be used in
 preference to the low level interfaces. This is because the code then becomes
 transparent to the algorithm used and much more flexible.
 
-When signing with DSA private keys the random number generator must be seeded
-or the operation will fail. The random number generator does not need to be
-seeded for RSA signatures.
+When signing with DSA private keys the random number generator must be seeded.
+If the automatic seeding or reseeding of the OpenSSL CSPRNG fails due to
+external circumstances (see L<RAND(7)>), the operation will fail.
+This requirement does not hold for RSA signatures.
 
 The call to EVP_SignFinal() internally finalizes a copy of the digest context.
 This means that calls to EVP_SignUpdate() and EVP_SignFinal() can be called
@@ -102,7 +103,7 @@ L<SHA1(3)>, L<dgst(1)>
 
 =head1 COPYRIGHT
 
-Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/EVP_VerifyInit.pod b/deps/openssl/openssl/doc/man3/EVP_VerifyInit.pod
index f86825849b80ec..647c99bceb5aaa 100644
--- a/deps/openssl/openssl/doc/man3/EVP_VerifyInit.pod
+++ b/deps/openssl/openssl/doc/man3/EVP_VerifyInit.pod
@@ -72,7 +72,7 @@ data have been passed through EVP_SignUpdate().
 
 It is not possible to change the signing parameters using these function.
 
-The previous two bugs are fixed in the newer EVP_VerifyDigest*() function.
+The previous two bugs are fixed in the newer EVP_DigestVerify*() function.
 
 =head1 SEE ALSO
 
@@ -85,7 +85,7 @@ L<SHA1(3)>, L<dgst(1)>
 
 =head1 COPYRIGHT
 
-Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/EVP_aria.pod b/deps/openssl/openssl/doc/man3/EVP_aria.pod
index fbb79187546cd4..c30ff9929cae8f 100644
--- a/deps/openssl/openssl/doc/man3/EVP_aria.pod
+++ b/deps/openssl/openssl/doc/man3/EVP_aria.pod
@@ -32,7 +32,7 @@ EVP_aria_256_ccm,
 EVP_aria_128_gcm,
 EVP_aria_192_gcm,
 EVP_aria_256_gcm,
-- EVP AES cipher
+- EVP ARIA cipher
 
 =head1 SYNOPSIS
 
@@ -106,7 +106,7 @@ L<EVP_CIPHER_meth_new(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/EVP_md5.pod b/deps/openssl/openssl/doc/man3/EVP_md5.pod
index 725fcbf5e2270d..ed0f99c99d37f7 100644
--- a/deps/openssl/openssl/doc/man3/EVP_md5.pod
+++ b/deps/openssl/openssl/doc/man3/EVP_md5.pod
@@ -29,7 +29,7 @@ The MD5 algorithm which produces a 128-bit output from a given input.
 
 =item EVP_md5_sha1()
 
-A hash algorithm of SSL v3 that combines MD5 with SHA-1 as decirbed in RFC
+A hash algorithm of SSL v3 that combines MD5 with SHA-1 as described in RFC
 6101.
 
 WARNING: this algorithm is not intended for non-SSL usage.
@@ -54,7 +54,7 @@ L<EVP_DigestInit(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/EVP_rc5_32_12_16_cbc.pod b/deps/openssl/openssl/doc/man3/EVP_rc5_32_12_16_cbc.pod
index 442a114ea9ce12..9eb8bd9dc3f918 100644
--- a/deps/openssl/openssl/doc/man3/EVP_rc5_32_12_16_cbc.pod
+++ b/deps/openssl/openssl/doc/man3/EVP_rc5_32_12_16_cbc.pod
@@ -33,7 +33,26 @@ EVP_rc5_32_12_16_ofb()
 
 RC5 encryption algorithm in CBC, CFB, ECB and OFB modes respectively. This is a
 variable key length cipher with an additional "number of rounds" parameter. By
-default the key length is set to 128 bits and 12 rounds.
+default the key length is set to 128 bits and 12 rounds. Alternative key lengths
+can be set using L<EVP_CIPHER_CTX_set_key_length(3)>. The maximum key length is
+2040 bits.
+
+The following rc5 specific I<ctrl>s are supported (see
+L<EVP_CIPHER_CTX_ctrl(3)>).
+
+=over 4
+
+=item EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_RC5_ROUNDS, rounds, NULL)
+
+Sets the number of rounds to B<rounds>. This must be one of RC5_8_ROUNDS,
+RC5_12_ROUNDS or RC5_16_ROUNDS.
+
+=item EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GET_RC5_ROUNDS, 0, &rounds)
+
+Stores the number of rounds currently configured in B<*rounds> where B<*rounds>
+is an int.
+
+=back
 
 =back
 
@@ -43,10 +62,6 @@ These functions return an B<EVP_CIPHER> structure that contains the
 implementation of the symmetric cipher. See L<EVP_CIPHER_meth_new(3)> for
 details of the B<EVP_CIPHER> structure.
 
-=head1 BUGS
-
-Currently the number of rounds in RC5 can only be set to 8, 12 or 16.
-This is a limitation of the current RC5 code rather than the EVP interface.
 
 =head1 SEE ALSO
 
@@ -56,7 +71,7 @@ L<EVP_CIPHER_meth_new(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/OCSP_REQUEST_new.pod b/deps/openssl/openssl/doc/man3/OCSP_REQUEST_new.pod
index a382b16ed3853e..283c226bc4080e 100644
--- a/deps/openssl/openssl/doc/man3/OCSP_REQUEST_new.pod
+++ b/deps/openssl/openssl/doc/man3/OCSP_REQUEST_new.pod
@@ -75,7 +75,7 @@ corresponding to each certificate.
 OCSP_request_onereq_count() and OCSP_request_onereq_get0() are mainly used by
 OCSP responders.
 
-=head1 EXAMPLE
+=head1 EXAMPLES
 
 Create an B<OCSP_REQUEST> structure for certificate B<cert> with issuer
 B<issuer>:
@@ -108,7 +108,7 @@ L<OCSP_sendreq_new(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/OPENSSL_fork_prepare.pod b/deps/openssl/openssl/doc/man3/OPENSSL_fork_prepare.pod
index 7c4eb1dbfd9f5f..a47a07a390d8a1 100644
--- a/deps/openssl/openssl/doc/man3/OPENSSL_fork_prepare.pod
+++ b/deps/openssl/openssl/doc/man3/OPENSSL_fork_prepare.pod
@@ -24,7 +24,7 @@ The OPENSSL_fork_prepare(), OPENSSL_fork_parent(), and OPENSSL_fork_child()
 functions are used to reset this internal state.
 
 Platforms without fork(2) will probably not need to use these functions.
-Platforms with fork(2) but without pthreads_atfork(3) will probably need
+Platforms with fork(2) but without pthread_atfork(3) will probably need
 to call them manually, as described in the following paragraph.  Platforms
 such as Linux that have both functions will normally not need to call these
 functions as the OpenSSL library will do so automatically.
@@ -32,7 +32,7 @@ functions as the OpenSSL library will do so automatically.
 L<OPENSSL_init_crypto(3)> will register these functions with the appropriate
 handler, when the B<OPENSSL_INIT_ATFORK> flag is used. For other
 applications, these functions can be called directly. They should be used
-according to the calling sequence described by the pthreads_atfork(3)
+according to the calling sequence described by the pthread_atfork(3)
 documentation, which is summarized here.  OPENSSL_fork_prepare() should
 be called before a fork() is done.  After the fork() returns, the parent
 process should call OPENSSL_fork_parent() and the child process should
@@ -53,7 +53,7 @@ These functions were added in OpenSSL 1.1.1.
 
 =head1 COPYRIGHT
 
-Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/OSSL_STORE_LOADER.pod b/deps/openssl/openssl/doc/man3/OSSL_STORE_LOADER.pod
index 15037541145228..b0c15b01c3341b 100644
--- a/deps/openssl/openssl/doc/man3/OSSL_STORE_LOADER.pod
+++ b/deps/openssl/openssl/doc/man3/OSSL_STORE_LOADER.pod
@@ -95,7 +95,7 @@ manner possible according to the scheme the loader implements, it also
 takes a B<UI_METHOD> and associated data, to be used any time
 something needs to be prompted for.
 Furthermore, this function is expected to initialize what needs to be
-initialized, to create a privata data store (B<OSSL_STORE_LOADER_CTX>, see
+initialized, to create a private data store (B<OSSL_STORE_LOADER_CTX>, see
 above), and to return it.
 If something goes wrong, this function is expected to return NULL.
 
@@ -254,7 +254,7 @@ were added in OpenSSL 1.1.1.
 
 =head1 COPYRIGHT
 
-Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/OSSL_STORE_expect.pod b/deps/openssl/openssl/doc/man3/OSSL_STORE_expect.pod
index 154472a76b5146..ff3fb2a69d3115 100644
--- a/deps/openssl/openssl/doc/man3/OSSL_STORE_expect.pod
+++ b/deps/openssl/openssl/doc/man3/OSSL_STORE_expect.pod
@@ -32,7 +32,7 @@ grained search of objects.
 
 OSSL_STORE_supports_search() checks if the loader of the given OSSL_STORE
 context supports the given search type.
-See L<OSSL_STORE_SEARCH/SUPPORED CRITERION TYPES> for information on the
+See L<OSSL_STORE_SEARCH/SUPPORTED CRITERION TYPES> for information on the
 supported search criterion types.
 
 OSSL_STORE_expect() and OSSL_STORE_find I<must> be called before the first
@@ -69,7 +69,7 @@ were added in OpenSSL 1.1.1.
 
 =head1 COPYRIGHT
 
-Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/PKCS12_newpass.pod b/deps/openssl/openssl/doc/man3/PKCS12_newpass.pod
index 1c34ee54491e8d..5fc041bfbdce5e 100644
--- a/deps/openssl/openssl/doc/man3/PKCS12_newpass.pod
+++ b/deps/openssl/openssl/doc/man3/PKCS12_newpass.pod
@@ -34,7 +34,7 @@ L<UI_OpenSSL(3)>, for example.
 PKCS12_newpass() returns 1 on success or 0 on failure. Applications can
 retrieve the most recent error from PKCS12_newpass() with ERR_get_error().
 
-=head1 EXAMPLE
+=head1 EXAMPLES
 
 This example loads a PKCS#12 file, changes its password and writes out
 the result to a new file.
@@ -107,7 +107,7 @@ L<passphrase-encoding(7)>
 
 =head1 COPYRIGHT
 
-Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/RAND_DRBG_set_callbacks.pod b/deps/openssl/openssl/doc/man3/RAND_DRBG_set_callbacks.pod
index 3da051e696aa05..55e9a8b7af779b 100644
--- a/deps/openssl/openssl/doc/man3/RAND_DRBG_set_callbacks.pod
+++ b/deps/openssl/openssl/doc/man3/RAND_DRBG_set_callbacks.pod
@@ -114,7 +114,7 @@ In other words, prediction resistance is currently not supported yet by the DRBG
 The derivation function is disabled during initialization by calling the
 RAND_DRBG_set() function with the RAND_DRBG_FLAG_CTR_NO_DF flag.
 For more information on the derivation function and when it can be omitted,
-see [NIST SP 800-90A Rev. 1]. Roughly speeking it can be omitted if the random
+see [NIST SP 800-90A Rev. 1]. Roughly speaking it can be omitted if the random
 source has "full entropy", i.e., contains 8 bits of entropy per byte.
 
 Even if a nonce is required, the B<get_nonce>() and B<cleanup_nonce>()
diff --git a/deps/openssl/openssl/doc/man3/RAND_set_rand_method.pod b/deps/openssl/openssl/doc/man3/RAND_set_rand_method.pod
index d4b65b91fdfd47..83a6cac17a51d9 100644
--- a/deps/openssl/openssl/doc/man3/RAND_set_rand_method.pod
+++ b/deps/openssl/openssl/doc/man3/RAND_set_rand_method.pod
@@ -10,7 +10,7 @@ RAND_set_rand_method, RAND_get_rand_method, RAND_OpenSSL - select RAND method
 
  RAND_METHOD *RAND_OpenSSL(void);
 
- void RAND_set_rand_method(const RAND_METHOD *meth);
+ int RAND_set_rand_method(const RAND_METHOD *meth);
 
  const RAND_METHOD *RAND_get_rand_method(void);
 
@@ -48,8 +48,9 @@ Each pointer may be NULL if the function is not implemented.
 
 =head1 RETURN VALUES
 
-RAND_set_rand_method() returns no value. RAND_get_rand_method() and
-RAND_OpenSSL() return pointers to the respective methods.
+RAND_set_rand_method() returns 1 on success and 0 on failue.
+RAND_get_rand_method() and RAND_OpenSSL() return pointers to the respective
+methods.
 
 =head1 SEE ALSO
 
@@ -59,7 +60,7 @@ L<RAND(7)>
 
 =head1 COPYRIGHT
 
-Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/RSA_blinding_on.pod b/deps/openssl/openssl/doc/man3/RSA_blinding_on.pod
index 33d49d37206a6f..5db127f16e3cc9 100644
--- a/deps/openssl/openssl/doc/man3/RSA_blinding_on.pod
+++ b/deps/openssl/openssl/doc/man3/RSA_blinding_on.pod
@@ -20,8 +20,7 @@ must be used to protect the RSA operation from that attack.
 
 RSA_blinding_on() turns blinding on for key B<rsa> and generates a
 random blinding factor. B<ctx> is B<NULL> or a pre-allocated and
-initialized B<BN_CTX>. The random number generator must be seeded
-prior to calling RSA_blinding_on().
+initialized B<BN_CTX>.
 
 RSA_blinding_off() turns blinding off and frees the memory used for
 the blinding factor.
@@ -34,7 +33,7 @@ RSA_blinding_off() returns no value.
 
 =head1 COPYRIGHT
 
-Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/RSA_generate_key.pod b/deps/openssl/openssl/doc/man3/RSA_generate_key.pod
index a4c078a4b0bacc..491ba41e502d76 100644
--- a/deps/openssl/openssl/doc/man3/RSA_generate_key.pod
+++ b/deps/openssl/openssl/doc/man3/RSA_generate_key.pod
@@ -15,7 +15,7 @@ RSA_generate_multi_prime_key - generate RSA key pair
 Deprecated:
 
  #if OPENSSL_API_COMPAT < 0x00908000L
- RSA *RSA_generate_key(int num, unsigned long e,
+ RSA *RSA_generate_key(int bits, unsigned long e,
                        void (*callback)(int, int, void *), void *cb_arg);
  #endif
 
@@ -27,8 +27,10 @@ be seeded prior to calling RSA_generate_key_ex().
 
 RSA_generate_multi_prime_key() generates a multi-prime RSA key pair and stores
 it in the B<RSA> structure provided in B<rsa>. The number of primes is given by
-the B<primes> parameter. The pseudo-random number generator must be seeded prior
-to calling RSA_generate_multi_prime_key().
+the B<primes> parameter. The random number generator must be seeded when
+calling RSA_generate_multi_prime_key().
+If the automatic seeding or reseeding of the OpenSSL CSPRNG fails due to
+external circumstances (see L<RAND(7)>), the operation will fail.
 
 The modulus size will be of length B<bits>, the number of primes to form the
 modulus will be B<primes>, and the public exponent will be B<e>. Key sizes
@@ -47,7 +49,7 @@ progress of the key generation. If B<cb> is not B<NULL>, it
 will be called as follows using the BN_GENCB_call() function
 described on the L<BN_generate_prime(3)> page.
 
-RSA_generate_prime() is similar to RSA_generate_prime_ex() but
+RSA_generate_key() is similar to RSA_generate_key_ex() but
 expects an old-style callback function; see
 L<BN_generate_prime(3)> for information on the old-style callback.
 
@@ -88,7 +90,8 @@ B<BN_GENCB_call(cb, 2, x)> is used with two different meanings.
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)>, L<RAND_bytes(3)>, L<BN_generate_prime(3)>
+L<ERR_get_error(3)>, L<RAND_bytes(3)>, L<BN_generate_prime(3)>,
+L<RAND(7)>
 
 =head1 HISTORY
 
@@ -97,7 +100,7 @@ RSA_generate_key_ex() instead.
 
 =head1 COPYRIGHT
 
-Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/RSA_padding_add_PKCS1_type_1.pod b/deps/openssl/openssl/doc/man3/RSA_padding_add_PKCS1_type_1.pod
index 20926003d876aa..d0d42ce265955a 100644
--- a/deps/openssl/openssl/doc/man3/RSA_padding_add_PKCS1_type_1.pod
+++ b/deps/openssl/openssl/doc/man3/RSA_padding_add_PKCS1_type_1.pod
@@ -100,6 +100,8 @@ simply copy the data
 
 The random number generator must be seeded prior to calling
 RSA_padding_add_xxx().
+If the automatic seeding or reseeding of the OpenSSL CSPRNG fails due to
+external circumstances (see L<RAND(7)>), the operation will fail.
 
 RSA_padding_check_xxx() verifies that the B<fl> bytes at B<f> contain
 a valid encoding for a B<rsa_len> byte RSA key in the respective
@@ -121,7 +123,7 @@ The RSA_padding_check_xxx() functions return the length of the
 recovered data, -1 on error. Error codes can be obtained by calling
 L<ERR_get_error(3)>.
 
-=head1 WARNING
+=head1 WARNINGS
 
 The result of RSA_padding_check_PKCS1_type_2() is a very sensitive
 information which can potentially be used to mount a Bleichenbacher
@@ -143,7 +145,8 @@ including PKCS1_OAEP.
 
 L<RSA_public_encrypt(3)>,
 L<RSA_private_decrypt(3)>,
-L<RSA_sign(3)>, L<RSA_verify(3)>
+L<RSA_sign(3)>, L<RSA_verify(3)>,
+L<RAND(7)>
 
 =head1 COPYRIGHT
 
diff --git a/deps/openssl/openssl/doc/man3/RSA_public_encrypt.pod b/deps/openssl/openssl/doc/man3/RSA_public_encrypt.pod
index d91c6884b1d5bb..384c4823cb630c 100644
--- a/deps/openssl/openssl/doc/man3/RSA_public_encrypt.pod
+++ b/deps/openssl/openssl/doc/man3/RSA_public_encrypt.pod
@@ -81,7 +81,7 @@ means only that the plaintext was empty.
 On error, -1 is returned; the error codes can be
 obtained by L<ERR_get_error(3)>.
 
-=head1 WARNING
+=head1 WARNINGS
 
 Decryption failures in the RSA_PKCS1_PADDING mode leak information
 which can potentially be used to mount a Bleichenbacher padding oracle
diff --git a/deps/openssl/openssl/doc/man3/RSA_sign_ASN1_OCTET_STRING.pod b/deps/openssl/openssl/doc/man3/RSA_sign_ASN1_OCTET_STRING.pod
index f577e153d688d5..6e8a53b53e5981 100644
--- a/deps/openssl/openssl/doc/man3/RSA_sign_ASN1_OCTET_STRING.pod
+++ b/deps/openssl/openssl/doc/man3/RSA_sign_ASN1_OCTET_STRING.pod
@@ -26,7 +26,10 @@ memory.
 
 B<dummy> is ignored.
 
-The random number generator must be seeded prior to calling RSA_sign_ASN1_OCTET_STRING().
+The random number generator must be seeded when calling
+RSA_sign_ASN1_OCTET_STRING().
+If the automatic seeding or reseeding of the OpenSSL CSPRNG fails due to
+external circumstances (see L<RAND(7)>), the operation will fail.
 
 RSA_verify_ASN1_OCTET_STRING() verifies that the signature B<sigbuf>
 of size B<siglen> is the DER representation of a given octet string
@@ -49,11 +52,12 @@ These functions serve no recognizable purpose.
 
 L<ERR_get_error(3)>,
 L<RAND_bytes(3)>, L<RSA_sign(3)>,
-L<RSA_verify(3)>
+L<RSA_verify(3)>,
+L<RAND(7)>
 
 =head1 COPYRIGHT
 
-Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/SSL_CTX_config.pod b/deps/openssl/openssl/doc/man3/SSL_CTX_config.pod
index 90d86746cec192..76c4d3238c34be 100644
--- a/deps/openssl/openssl/doc/man3/SSL_CTX_config.pod
+++ b/deps/openssl/openssl/doc/man3/SSL_CTX_config.pod
@@ -33,7 +33,7 @@ file syntax.
 SSL_CTX_config() and SSL_config() return 1 for success or 0 if an error
 occurred.
 
-=head1 EXAMPLE
+=head1 EXAMPLES
 
 If the file "config.cnf" contains the following:
 
@@ -81,7 +81,7 @@ The SSL_CTX_config() and SSL_config() functions were added in OpenSSL 1.1.0.
 
 =head1 COPYRIGHT
 
-Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/SSL_CTX_dane_enable.pod b/deps/openssl/openssl/doc/man3/SSL_CTX_dane_enable.pod
index d1b3c1aad7d3f9..7168bd64fda8c8 100644
--- a/deps/openssl/openssl/doc/man3/SSL_CTX_dane_enable.pod
+++ b/deps/openssl/openssl/doc/man3/SSL_CTX_dane_enable.pod
@@ -181,7 +181,7 @@ The functions SSL_CTX_dane_set_flags(), SSL_CTX_dane_clear_flags(),
 SSL_dane_set_flags() and SSL_dane_clear_flags() return the B<flags> in effect
 before they were called.
 
-=head1 EXAMPLE
+=head1 EXAMPLES
 
 Suppose "smtp.example.com" is the MX host of the domain "example.com", and has
 DNSSEC-validated TLSA records.
@@ -372,7 +372,7 @@ These functions were added in OpenSSL 1.1.0.
 
 =head1 COPYRIGHT
 
-Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/SSL_CTX_get0_param.pod b/deps/openssl/openssl/doc/man3/SSL_CTX_get0_param.pod
index 8b99dc330ad958..55cddfded620f1 100644
--- a/deps/openssl/openssl/doc/man3/SSL_CTX_get0_param.pod
+++ b/deps/openssl/openssl/doc/man3/SSL_CTX_get0_param.pod
@@ -29,13 +29,6 @@ Typically parameters are retrieved from an B<SSL_CTX> or B<SSL> structure
 using SSL_CTX_get0_param() or SSL_get0_param() and an application modifies
 them to suit its needs: for example to add a hostname check.
 
-=head1 EXAMPLE
-
-Check hostname matches "www.foo.com" in peer certificate:
-
- X509_VERIFY_PARAM *vpm = SSL_get0_param(ssl);
- X509_VERIFY_PARAM_set1_host(vpm, "www.foo.com", 0);
-
 =head1 RETURN VALUES
 
 SSL_CTX_get0_param() and SSL_get0_param() return a pointer to an
@@ -44,6 +37,13 @@ B<X509_VERIFY_PARAM> structure.
 SSL_CTX_set1_param() and SSL_set1_param() return 1 for success and 0
 for failure.
 
+=head1 EXAMPLES
+
+Check hostname matches "www.foo.com" in peer certificate:
+
+ X509_VERIFY_PARAM *vpm = SSL_get0_param(ssl);
+ X509_VERIFY_PARAM_set1_host(vpm, "www.foo.com", 0);
+
 =head1 SEE ALSO
 
 L<X509_VERIFY_PARAM_set_flags(3)>
@@ -54,7 +54,7 @@ These functions were added in OpenSSL 1.0.2.
 
 =head1 COPYRIGHT
 
-Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/SSL_CTX_new.pod b/deps/openssl/openssl/doc/man3/SSL_CTX_new.pod
index df25a6f657fd9b..a6c036c365ea67 100644
--- a/deps/openssl/openssl/doc/man3/SSL_CTX_new.pod
+++ b/deps/openssl/openssl/doc/man3/SSL_CTX_new.pod
@@ -94,28 +94,31 @@ The actual protocol version used will be negotiated to the highest version
 mutually supported by the client and the server.
 The supported protocols are SSLv3, TLSv1, TLSv1.1, TLSv1.2 and TLSv1.3.
 Applications should use these methods, and avoid the version-specific
-methods described below.
+methods described below, which are deprecated.
 
 =item SSLv23_method(), SSLv23_server_method(), SSLv23_client_method()
 
-Use of these functions is deprecated. They have been replaced with the above
-TLS_method(), TLS_server_method() and TLS_client_method() respectively. New
-code should use those functions instead.
+These functions do not exist anymore, they have been renamed to
+TLS_method(), TLS_server_method() and TLS_client_method() respectively.
+Currently, the old function calls are renamed to the corresponding new
+ones by preprocessor macros, to ensure that existing code which uses the
+old function names still compiles. However, using the old function names
+is deprecated and new code should call the new functions instead.
 
 =item TLSv1_2_method(), TLSv1_2_server_method(), TLSv1_2_client_method()
 
 A TLS/SSL connection established with these methods will only understand the
-TLSv1.2 protocol.
+TLSv1.2 protocol. These methods are deprecated.
 
 =item TLSv1_1_method(), TLSv1_1_server_method(), TLSv1_1_client_method()
 
 A TLS/SSL connection established with these methods will only understand the
-TLSv1.1 protocol.
+TLSv1.1 protocol.  These methods are deprecated.
 
 =item TLSv1_method(), TLSv1_server_method(), TLSv1_client_method()
 
 A TLS/SSL connection established with these methods will only understand the
-TLSv1 protocol.
+TLSv1 protocol. These methods are deprecated.
 
 =item SSLv3_method(), SSLv3_server_method(), SSLv3_client_method()
 
@@ -131,10 +134,12 @@ Currently supported protocols are DTLS 1.0 and DTLS 1.2.
 =item DTLSv1_2_method(), DTLSv1_2_server_method(), DTLSv1_2_client_method()
 
 These are the version-specific methods for DTLSv1.2.
+These methods are deprecated.
 
 =item DTLSv1_method(), DTLSv1_server_method(), DTLSv1_client_method()
 
 These are the version-specific methods for DTLSv1.
+These methods are deprecated.
 
 =back
 
diff --git a/deps/openssl/openssl/doc/man3/SSL_CTX_set_cipher_list.pod b/deps/openssl/openssl/doc/man3/SSL_CTX_set_cipher_list.pod
index 59c6b4bdc91503..66ade102830bbb 100644
--- a/deps/openssl/openssl/doc/man3/SSL_CTX_set_cipher_list.pod
+++ b/deps/openssl/openssl/doc/man3/SSL_CTX_set_cipher_list.pod
@@ -31,7 +31,7 @@ B<ssl>.
 
 SSL_CTX_set_ciphersuites() is used to configure the available TLSv1.3
 ciphersuites for B<ctx>. This is a simple colon (":") separated list of TLSv1.3
-ciphersuite names in order of perference. Valid TLSv1.3 ciphersuite names are:
+ciphersuite names in order of preference. Valid TLSv1.3 ciphersuite names are:
 
 =over 4
 
@@ -102,7 +102,7 @@ L<ciphers(1)>
 
 =head1 COPYRIGHT
 
-Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/SSL_CTX_set_generate_session_id.pod b/deps/openssl/openssl/doc/man3/SSL_CTX_set_generate_session_id.pod
index dab56375080642..1735c6271b5a59 100644
--- a/deps/openssl/openssl/doc/man3/SSL_CTX_set_generate_session_id.pod
+++ b/deps/openssl/openssl/doc/man3/SSL_CTX_set_generate_session_id.pod
@@ -10,7 +10,7 @@ SSL_has_matching_session_id, GEN_SESSION_CB
 
  #include <openssl/ssl.h>
 
- typedef int (*GEN_SESSION_CB)(const SSL *ssl, unsigned char *id,
+ typedef int (*GEN_SESSION_CB)(SSL *ssl, unsigned char *id,
                                unsigned int *id_len);
 
  int SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb);
@@ -98,7 +98,7 @@ server id given, and will fill the rest with pseudo random bytes:
  const char session_id_prefix = "www-18";
 
  #define MAX_SESSION_ID_ATTEMPTS 10
- static int generate_session_id(const SSL *ssl, unsigned char *id,
+ static int generate_session_id(SSL *ssl, unsigned char *id,
                                 unsigned int *id_len)
  {
      unsigned int count = 0;
diff --git a/deps/openssl/openssl/doc/man3/SSL_CTX_set_session_id_context.pod b/deps/openssl/openssl/doc/man3/SSL_CTX_set_session_id_context.pod
index d83235091cfb41..4036d3c7b323f1 100644
--- a/deps/openssl/openssl/doc/man3/SSL_CTX_set_session_id_context.pod
+++ b/deps/openssl/openssl/doc/man3/SSL_CTX_set_session_id_context.pod
@@ -42,7 +42,7 @@ OpenSSL clients will check the session id context returned by the server
 when reusing a session.
 
 The maximum length of the B<sid_ctx> is limited to
-B<SSL_MAX_SSL_SESSION_ID_LENGTH>.
+B<SSL_MAX_SID_CTX_LENGTH>.
 
 =head1 WARNINGS
 
@@ -67,7 +67,7 @@ return the following values:
 =item Z<>0
 
 The length B<sid_ctx_len> of the session id context B<sid_ctx> exceeded
-the maximum allowed length of B<SSL_MAX_SSL_SESSION_ID_LENGTH>. The error
+the maximum allowed length of B<SSL_MAX_SID_CTX_LENGTH>. The error
 is logged to the error stack.
 
 =item Z<>1
@@ -82,7 +82,7 @@ L<ssl(7)>
 
 =head1 COPYRIGHT
 
-Copyright 2001-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/SSL_CTX_set_verify.pod b/deps/openssl/openssl/doc/man3/SSL_CTX_set_verify.pod
index 21d9ae1018dc23..1e759c3de0df76 100644
--- a/deps/openssl/openssl/doc/man3/SSL_CTX_set_verify.pod
+++ b/deps/openssl/openssl/doc/man3/SSL_CTX_set_verify.pod
@@ -102,7 +102,7 @@ B<Server mode:> if the client did not return a certificate, the TLS/SSL
 handshake is immediately terminated with a "handshake failure" alert.
 This flag must be used together with SSL_VERIFY_PEER.
 
-B<Client mode:> ignored
+B<Client mode:> ignored (see BUGS)
 
 =item SSL_VERIFY_CLIENT_ONCE
 
@@ -112,7 +112,7 @@ renegotiation or post-authentication if a certificate was requested
 during the initial handshake. This flag must be used together with
 SSL_VERIFY_PEER.
 
-B<Client mode:> ignored
+B<Client mode:> ignored (see BUGS)
 
 =item SSL_VERIFY_POST_HANDSHAKE
 
@@ -123,7 +123,7 @@ to be configured for post-handshake peer verification before the
 handshake occurs. This flag must be used together with
 SSL_VERIFY_PEER. TLSv1.3 only; no effect on pre-TLSv1.3 connections.
 
-B<Client mode:> ignored
+B<Client mode:> ignored (see BUGS)
 
 =back
 
@@ -203,8 +203,8 @@ message is sent to the client.
 =head1 BUGS
 
 In client mode, it is not checked whether the SSL_VERIFY_PEER flag
-is set, but whether any flags are set. This can lead to
-unexpected behaviour if SSL_VERIFY_PEER and other flags are not used as
+is set, but whether any flags other than SSL_VERIFY_NONE are set. This can
+lead to unexpected behaviour if SSL_VERIFY_PEER and other flags are not used as
 required.
 
 =head1 RETURN VALUES
@@ -348,7 +348,7 @@ and SSL_set_post_handshake_auth() functions were added in OpenSSL 1.1.1.
 
 =head1 COPYRIGHT
 
-Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/SSL_SESSION_get0_hostname.pod b/deps/openssl/openssl/doc/man3/SSL_SESSION_get0_hostname.pod
index 989c997882cac4..475f700a88c5c9 100644
--- a/deps/openssl/openssl/doc/man3/SSL_SESSION_get0_hostname.pod
+++ b/deps/openssl/openssl/doc/man3/SSL_SESSION_get0_hostname.pod
@@ -6,7 +6,7 @@ SSL_SESSION_get0_hostname,
 SSL_SESSION_set1_hostname,
 SSL_SESSION_get0_alpn_selected,
 SSL_SESSION_set1_alpn_selected
-- get and set SNI and ALPN data ssociated with a session
+- get and set SNI and ALPN data associated with a session
 
 =head1 SYNOPSIS
 
@@ -64,7 +64,7 @@ SSL_SESSION_set1_alpn_selected() functions were added in OpenSSL 1.1.1.
 
 =head1 COPYRIGHT
 
-Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/SSL_get_error.pod b/deps/openssl/openssl/doc/man3/SSL_get_error.pod
index 32668a036ddb98..97320a6c153f6f 100644
--- a/deps/openssl/openssl/doc/man3/SSL_get_error.pod
+++ b/deps/openssl/openssl/doc/man3/SSL_get_error.pod
@@ -14,9 +14,9 @@ SSL_get_error - obtain result code for TLS/SSL I/O operation
 
 SSL_get_error() returns a result code (suitable for the C "switch"
 statement) for a preceding call to SSL_connect(), SSL_accept(), SSL_do_handshake(),
-SSL_read_ex(), SSL_read(), SSL_peek_ex(), SSL_peek(), SSL_write_ex() or
-SSL_write() on B<ssl>.  The value returned by that TLS/SSL I/O function must be
-passed to SSL_get_error() in parameter B<ret>.
+SSL_read_ex(), SSL_read(), SSL_peek_ex(), SSL_peek(), SSL_shutdown(),
+SSL_write_ex() or SSL_write() on B<ssl>.  The value returned by that TLS/SSL I/O
+function must be passed to SSL_get_error() in parameter B<ret>.
 
 In addition to B<ssl> and B<ret>, SSL_get_error() inspects the
 current thread's OpenSSL error queue.  Thus, SSL_get_error() must be
diff --git a/deps/openssl/openssl/doc/man3/SSL_library_init.pod b/deps/openssl/openssl/doc/man3/SSL_library_init.pod
index 85768a1028b381..e486fae89d1916 100644
--- a/deps/openssl/openssl/doc/man3/SSL_library_init.pod
+++ b/deps/openssl/openssl/doc/man3/SSL_library_init.pod
@@ -25,7 +25,7 @@ implemented as a macro.
 SSL_library_init() must be called before any other action takes place.
 SSL_library_init() is not reentrant.
 
-=head1 WARNING
+=head1 WARNINGS
 
 SSL_library_init() adds ciphers and digests used directly and indirectly by
 SSL/TLS.
@@ -47,7 +47,7 @@ deprecated in OpenSSL 1.1.0 by OPENSSL_init_ssl().
 
 =head1 COPYRIGHT
 
-Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/SSL_set1_host.pod b/deps/openssl/openssl/doc/man3/SSL_set1_host.pod
index a2c9f133eed3b8..4ae9f6e7f3d198 100644
--- a/deps/openssl/openssl/doc/man3/SSL_set1_host.pod
+++ b/deps/openssl/openssl/doc/man3/SSL_set1_host.pod
@@ -71,7 +71,7 @@ applicable (as with RFC7671 DANE-EE(3)), or no trusted peername was
 matched.  Otherwise, it returns the matched peername.  To determine
 whether verification succeeded call L<SSL_get_verify_result(3)>.
 
-=head1 EXAMPLE
+=head1 EXAMPLES
 
 Suppose "smtp.example.com" is the MX host of the domain "example.com".
 The calls below will arrange to match either the MX hostname or the
@@ -108,7 +108,7 @@ These functions were added in OpenSSL 1.1.0.
 
 =head1 COPYRIGHT
 
-Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/SSL_write.pod b/deps/openssl/openssl/doc/man3/SSL_write.pod
index 84eb948cc6eb9e..a76ffbb8fd1540 100644
--- a/deps/openssl/openssl/doc/man3/SSL_write.pod
+++ b/deps/openssl/openssl/doc/man3/SSL_write.pod
@@ -57,7 +57,7 @@ operation is considered completed. The bytes are sent and a new write call with
 a new buffer (with the already sent bytes removed) must be started. A partial
 write is performed with the size of a message block, which is 16kB.
 
-=head1 WARNING
+=head1 WARNINGS
 
 When a write function call has to be repeated because L<SSL_get_error(3)>
 returned B<SSL_ERROR_WANT_READ> or B<SSL_ERROR_WANT_WRITE>, it must be repeated
diff --git a/deps/openssl/openssl/doc/man3/X509_STORE_CTX_get_error.pod b/deps/openssl/openssl/doc/man3/X509_STORE_CTX_get_error.pod
index f166b0832d4e61..bdbf86ae9695b6 100644
--- a/deps/openssl/openssl/doc/man3/X509_STORE_CTX_get_error.pod
+++ b/deps/openssl/openssl/doc/man3/X509_STORE_CTX_get_error.pod
@@ -101,8 +101,8 @@ the operation was successful.
 
 =item B<X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: unable to get issuer certificate>
 
-the issuer certificate could not be found: this occurs if the issuer certificate
-of an untrusted certificate cannot be found.
+the issuer certificate of a locally looked up certificate could not be found.
+This normally means the list of trusted certificates is not complete.
 
 =item B<X509_V_ERR_UNABLE_TO_GET_CRL: unable to get certificate CRL>
 
@@ -180,8 +180,8 @@ the root could not be found locally.
 
 =item B<X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: unable to get local issuer certificate>
 
-the issuer certificate of a locally looked up certificate could not be found.
-This normally means the list of trusted certificates is not complete.
+the issuer certificate could not be found: this occurs if the issuer certificate
+of an untrusted certificate cannot be found.
 
 =item B<X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: unable to verify the first certificate>
 
@@ -328,7 +328,7 @@ L<X509_free(3)>.
 
 =head1 COPYRIGHT
 
-Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2009-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/X509_STORE_CTX_set_verify_cb.pod b/deps/openssl/openssl/doc/man3/X509_STORE_CTX_set_verify_cb.pod
index 647ed2f174016e..7cd661f215c107 100644
--- a/deps/openssl/openssl/doc/man3/X509_STORE_CTX_set_verify_cb.pod
+++ b/deps/openssl/openssl/doc/man3/X509_STORE_CTX_set_verify_cb.pod
@@ -76,7 +76,7 @@ from the corresponding B<X509_STORE>, please see
 L<X509_STORE_set_verify(3)> for more information.
 
 
-=head1 WARNING
+=head1 WARNINGS
 
 In general a verification callback should B<NOT> unconditionally return 1 in
 all circumstances because this will allow verification to succeed no matter
@@ -202,7 +202,7 @@ and X509_STORE_CTX_get_cleanup() functions were added in OpenSSL 1.1.0.
 
 =head1 COPYRIGHT
 
-Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2009-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/X509_STORE_add_cert.pod b/deps/openssl/openssl/doc/man3/X509_STORE_add_cert.pod
index 8ac9729bc3dc1c..3ea5b8b1272f21 100644
--- a/deps/openssl/openssl/doc/man3/X509_STORE_add_cert.pod
+++ b/deps/openssl/openssl/doc/man3/X509_STORE_add_cert.pod
@@ -55,7 +55,9 @@ operate on pointers to B<X509> objects, though.
 
 X509_STORE_add_cert() and X509_STORE_add_crl() add the respective object
 to the B<X509_STORE>'s local storage.  Untrusted objects should not be
-added in this way.
+added in this way.  The added object's reference count is incremented by one,
+hence the caller retains ownership of the object and needs to free it when it
+is no longer needed.
 
 X509_STORE_set_depth(), X509_STORE_set_flags(), X509_STORE_set_purpose(),
 X509_STORE_set_trust(), and X509_STORE_set1_param() set the default values
@@ -90,7 +92,7 @@ L<X509_STORE_get0_param(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/X509_STORE_new.pod b/deps/openssl/openssl/doc/man3/X509_STORE_new.pod
index b3bc96e20b59f8..a28c8a20a82ef7 100644
--- a/deps/openssl/openssl/doc/man3/X509_STORE_new.pod
+++ b/deps/openssl/openssl/doc/man3/X509_STORE_new.pod
@@ -23,7 +23,7 @@ X509_STORE_up_ref() increments the reference count associated with the
 X509_STORE object.
 
 X509_STORE_lock() locks the store from modification by other threads,
-X509_STORE_unlock() locks it.
+X509_STORE_unlock() unlocks it.
 
 X509_STORE_free() frees up a single X509_STORE object.
 
@@ -48,7 +48,7 @@ functions were added in OpenSSL 1.1.0.
 
 =head1 COPYRIGHT
 
-Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/X509_VERIFY_PARAM_set_flags.pod b/deps/openssl/openssl/doc/man3/X509_VERIFY_PARAM_set_flags.pod
index f45467caceccef..7593dea7dab957 100644
--- a/deps/openssl/openssl/doc/man3/X509_VERIFY_PARAM_set_flags.pod
+++ b/deps/openssl/openssl/doc/man3/X509_VERIFY_PARAM_set_flags.pod
@@ -346,7 +346,7 @@ If CRLs checking is enable CRLs are expected to be available in the
 corresponding B<X509_STORE> structure. No attempt is made to download
 CRLs from the CRL distribution points extension.
 
-=head1 EXAMPLE
+=head1 EXAMPLES
 
 Enable CRL checking when performing certificate verification during SSL
 connections associated with an B<SSL_CTX> structure B<ctx>:
@@ -376,7 +376,7 @@ The X509_VERIFY_PARAM_get_hostflags() function was added in OpenSSL 1.1.0i.
 
 =head1 COPYRIGHT
 
-Copyright 2009-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2009-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/X509_cmp.pod b/deps/openssl/openssl/doc/man3/X509_cmp.pod
new file mode 100644
index 00000000000000..3cb16b2a81f106
--- /dev/null
+++ b/deps/openssl/openssl/doc/man3/X509_cmp.pod
@@ -0,0 +1,80 @@
+=pod
+
+=head1 NAME
+
+X509_cmp, X509_NAME_cmp,
+X509_issuer_and_serial_cmp, X509_issuer_name_cmp, X509_subject_name_cmp,
+X509_CRL_cmp, X509_CRL_match
+- compare X509 certificates and related values
+
+=head1 SYNOPSIS
+
+ #include <openssl/x509.h>
+
+ int X509_cmp(const X509 *a, const X509 *b);
+ int X509_NAME_cmp(const X509_NAME *a, const X509_NAME *b);
+ int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b);
+ int X509_issuer_name_cmp(const X509 *a, const X509 *b);
+ int X509_subject_name_cmp(const X509 *a, const X509 *b);
+ int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b);
+ int X509_CRL_match(const X509_CRL *a, const X509_CRL *b);
+
+=head1 DESCRIPTION
+
+This set of functions are used to compare X509 objects, including X509
+certificates, X509 CRL objects and various values in an X509 certificate.
+
+The X509_cmp() function compares two B<X509> objects indicated by parameters
+B<a> and B<b>. The comparison is based on the B<memcmp> result of the hash
+values of two B<X509> objects and the canonical (DER) encoding values.
+
+The X509_NAME_cmp() function compares two B<X509_NAME> objects indicated by
+parameters B<a> and B<b>. The comparison is based on the B<memcmp> result of
+the canonical (DER) encoding values of the two objects. L<i2d_X509_NAME(3)>
+has a more detailed description of the DER encoding of the B<X509_NAME> structure.
+
+The X509_issuer_and_serial_cmp() function compares the serial number and issuer
+values in the given B<X509> objects B<a> and B<b>.
+
+The X509_issuer_name_cmp(), X509_subject_name_cmp() and X509_CRL_cmp() functions
+are effectively wrappers of the X509_NAME_cmp() function. These functions compare
+issuer names and subject names of the X<509> objects, or issuers of B<X509_CRL>
+objects, respectively.
+
+The X509_CRL_match() function compares two B<X509_CRL> objects. Unlike the
+X509_CRL_cmp() function, this function compares the whole CRL content instead
+of just the issuer name.
+
+=head1 RETURN VALUES
+
+Like common memory comparison functions, the B<X509> comparison functions return
+an integer less than, equal to, or greater than zero if object B<a> is found to
+be less than, to match, or be greater than object B<b>, respectively.
+
+X509_NAME_cmp(), X509_issuer_and_serial_cmp(), X509_issuer_name_cmp(),
+X509_subject_name_cmp() and X509_CRL_cmp() may return B<-2> to indicate an error.
+
+=head1 NOTES
+
+These functions in fact utilize the underlying B<memcmp> of the C library to do
+the comparison job. Data to be compared varies from DER encoding data, hash
+value or B<ASN1_STRING>. The sign of the comparison can be used to order the
+objects but it does not have a special meaning in some cases.
+
+X509_NAME_cmp() and wrappers utilize the value B<-2> to indicate errors in some
+circumstances, which could cause confusion for the applications.
+
+=head1 SEE ALSO
+
+L<i2d_X509_NAME(3)>, L<i2d_X509(3)>
+
+=head1 COPYRIGHT
+
+Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/deps/openssl/openssl/doc/man3/X509_get_extension_flags.pod b/deps/openssl/openssl/doc/man3/X509_get_extension_flags.pod
index fc4ebbb31d8d39..2dfe2ef3727582 100644
--- a/deps/openssl/openssl/doc/man3/X509_get_extension_flags.pod
+++ b/deps/openssl/openssl/doc/man3/X509_get_extension_flags.pod
@@ -4,6 +4,8 @@
 
 X509_get0_subject_key_id,
 X509_get0_authority_key_id,
+X509_get0_authority_issuer,
+X509_get0_authority_serial,
 X509_get_pathlen,
 X509_get_extension_flags,
 X509_get_key_usage,
@@ -22,6 +24,8 @@ X509_get_proxy_pathlen - retrieve certificate extension data
  uint32_t X509_get_extended_key_usage(X509 *x);
  const ASN1_OCTET_STRING *X509_get0_subject_key_id(X509 *x);
  const ASN1_OCTET_STRING *X509_get0_authority_key_id(X509 *x);
+ const GENERAL_NAMES *X509_get0_authority_issuer(X509 *x);
+ const ASN1_INTEGER *X509_get0_authority_serial(X509 *x);
  void X509_set_proxy_flag(X509 *x);
  void X509_set_proxy_pathlen(int l);
  long X509_get_proxy_pathlen(X509 *x);
@@ -115,6 +119,14 @@ X509_get0_authority_key_id() returns an internal pointer to the authority key
 identifier of B<x> as an B<ASN1_OCTET_STRING> or B<NULL> if the extension
 is not present or cannot be parsed.
 
+X509_get0_authority_issuer() returns an internal pointer to the authority
+certificate issuer of B<x> as a stack of B<GENERAL_NAME> structures or
+B<NULL> if the extension is not present or cannot be parsed.
+
+X509_get0_authority_serial() returns an internal pointer to the authority
+certificate serial number of B<x> as an B<ASN1_INTEGER> or B<NULL> if the
+extension is not present or cannot be parsed.
+
 X509_set_proxy_flag() marks the certificate with the B<EXFLAG_PROXY> flag.
 This is for the users who need to mark non-RFC3820 proxy certificates as
 such, as OpenSSL only detects RFC3820 compliant ones.
@@ -171,7 +183,7 @@ X509_get_proxy_pathlen() were added in OpenSSL 1.1.0.
 
 =head1 COPYRIGHT
 
-Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man3/d2i_X509.pod b/deps/openssl/openssl/doc/man3/d2i_X509.pod
index 3d50f5d9081a89..e36270f7394009 100644
--- a/deps/openssl/openssl/doc/man3/d2i_X509.pod
+++ b/deps/openssl/openssl/doc/man3/d2i_X509.pod
@@ -53,6 +53,7 @@ d2i_DSA_PUBKEY_bio,
 d2i_DSA_PUBKEY_fp,
 d2i_DSA_SIG,
 d2i_DSAparams,
+d2i_ECDSA_SIG,
 d2i_ECPKParameters,
 d2i_ECParameters,
 d2i_ECPrivateKey,
@@ -229,6 +230,7 @@ i2d_DSA_PUBKEY_bio,
 i2d_DSA_PUBKEY_fp,
 i2d_DSA_SIG,
 i2d_DSAparams,
+i2d_ECDSA_SIG,
 i2d_ECPKParameters,
 i2d_ECParameters,
 i2d_ECPrivateKey,
@@ -472,6 +474,10 @@ Represents a DSA public key using a B<SubjectPublicKeyInfo> structure.
 Use a non-standard OpenSSL format and should be avoided; use B<DSA_PUBKEY>,
 B<PEM_write_PrivateKey(3)>, or similar instead.
 
+=item B<ECDSA_SIG>
+
+Represents an ECDSA signature.
+
 =item B<RSAPublicKey>
 
 Represents a PKCS#1 RSA public key structure.
@@ -500,8 +506,8 @@ Represents the B<DigestInfo> structure defined in PKCS#1 and PKCS#7.
 
 d2i_TYPE(), d2i_TYPE_bio() and d2i_TYPE_fp() return a valid B<TYPE> structure
 or B<NULL> if an error occurs.  If the "reuse" capability has been used with
-a valid structure being passed in via B<a>, then the object is not freed in
-the event of error but may be in a potentially invalid or inconsistent state.
+a valid structure being passed in via B<a>, then the object is freed in
+the event of error and B<*a> is set to NULL.
 
 i2d_TYPE() returns the number of bytes successfully encoded or a negative
 value if an error occurs.
@@ -582,9 +588,13 @@ happen.
 =head1 BUGS
 
 In some versions of OpenSSL the "reuse" behaviour of d2i_TYPE() when
-B<*px> is valid is broken and some parts of the reused structure may
-persist if they are not present in the new one. As a result the use
-of this "reuse" behaviour is strongly discouraged.
+B<*a> is valid is broken and some parts of the reused structure may
+persist if they are not present in the new one. Additionally, in versions of
+OpenSSL prior to 1.1.0, when the "reuse" behaviour is used and an error occurs
+the behaviour is inconsistent. Some functions behaved as described here, while
+some did not free B<*a> on error and did not set B<*a> to NULL.
+
+As a result of the above issues the "reuse" behaviour is strongly discouraged.
 
 i2d_TYPE() will not return an error in many versions of OpenSSL,
 if mandatory fields are not initialized due to a programming error
diff --git a/deps/openssl/openssl/doc/man5/x509v3_config.pod b/deps/openssl/openssl/doc/man5/x509v3_config.pod
index a35b4ccfff08cd..803b12b3edebbe 100644
--- a/deps/openssl/openssl/doc/man5/x509v3_config.pod
+++ b/deps/openssl/openssl/doc/man5/x509v3_config.pod
@@ -483,7 +483,7 @@ For example:
 
  basicConstraints=critical,DER:00:01:02:03
 
-=head1 WARNING
+=head1 WARNINGS
 
 There is no guarantee that a specific implementation will process a given
 extension. It may therefore be sometimes possible to use certificates for
@@ -493,7 +493,6 @@ not recognize or honour the values of the relevant extensions.
 The DER and ASN1 options should be used with caution. It is possible to create
 totally invalid extensions if they are not used carefully.
 
-
 =head1 NOTES
 
 If an extension is multi-value and a field value must contain a comma the long
@@ -535,7 +534,7 @@ L<ASN1_generate_nconf(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2004-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man7/Ed25519.pod b/deps/openssl/openssl/doc/man7/Ed25519.pod
index 3f54217918a715..6442e0ea43785b 100644
--- a/deps/openssl/openssl/doc/man7/Ed25519.pod
+++ b/deps/openssl/openssl/doc/man7/Ed25519.pod
@@ -53,7 +53,7 @@ Ed25519 and Ed448 can be tested within L<speed(1)> application since version 1.1
 Valid algorithm names are B<ed25519>, B<ed448> and B<eddsa>. If B<eddsa> is
 specified, then both Ed25519 and Ed448 are benchmarked.
 
-=head1 EXAMPLE
+=head1 EXAMPLES
 
 This example generates an B<ED25519> private key and writes it to standard
 output in PEM format:
@@ -77,7 +77,7 @@ L<EVP_DigestVerifyInit(3)>,
 
 =head1 COPYRIGHT
 
-Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man7/RAND.pod b/deps/openssl/openssl/doc/man7/RAND.pod
index 971b3cdb161287..7ce44ad9b6bd35 100644
--- a/deps/openssl/openssl/doc/man7/RAND.pod
+++ b/deps/openssl/openssl/doc/man7/RAND.pod
@@ -28,6 +28,12 @@ As a normal application developer, you do not have to worry about any details,
 just use L<RAND_bytes(3)> to obtain random data.
 Having said that, there is one important rule to obey: Always check the error
 return value of L<RAND_bytes(3)> and do not take randomness for granted.
+Although (re-)seeding is automatic, it can fail because no trusted random source
+is available or the trusted source(s) temporarily fail to provide sufficient
+random seed material.
+In this case the CSPRNG enters an error state and ceases to provide output,
+until it is able to recover from the error by reseeding itself.
+For more details on reseeding and error recovery, see L<RAND_DRBG(7)>.
 
 For values that should remain secret, you can use L<RAND_priv_bytes(3)>
 instead.
@@ -71,7 +77,7 @@ L<RAND_DRBG(7)>
 
 =head1 COPYRIGHT
 
-Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man7/SM2.pod b/deps/openssl/openssl/doc/man7/SM2.pod
index 029dc736cbd5dc..c8fceffa1cfcdf 100644
--- a/deps/openssl/openssl/doc/man7/SM2.pod
+++ b/deps/openssl/openssl/doc/man7/SM2.pod
@@ -41,7 +41,7 @@ done by calling:
 And normally there is no need to pass a B<pctx> parameter to EVP_DigestSignInit()
 or EVP_DigestVerifyInit() in such a scenario.
 
-=head1 EXAMPLE
+=head1 EXAMPLES
 
 This example demonstrates the calling sequence for using an B<EVP_PKEY> to verify
 a message with the SM2 signature algorithm and the SM3 hash algorithm:
@@ -69,7 +69,7 @@ L<EVP_MD_CTX_set_pkey_ctx(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2018-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man7/X25519.pod b/deps/openssl/openssl/doc/man7/X25519.pod
index 7cb6ff6b3bed09..4851f8a1d9dcb6 100644
--- a/deps/openssl/openssl/doc/man7/X25519.pod
+++ b/deps/openssl/openssl/doc/man7/X25519.pod
@@ -37,7 +37,7 @@ X25519 or X448 public keys can be set directly using
 L<EVP_PKEY_new_raw_public_key(3)> or loaded from a SubjectPublicKeyInfo
 structure in a PEM file using L<PEM_read_bio_PUBKEY(3)> (or similar function).
 
-=head1 EXAMPLE
+=head1 EXAMPLES
 
 This example generates an B<X25519> private key and writes it to standard
 output in PEM format:
@@ -64,7 +64,7 @@ L<EVP_PKEY_derive_set_peer(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man7/bio.pod b/deps/openssl/openssl/doc/man7/bio.pod
index 45ef2f77041daf..23b231b44e3518 100644
--- a/deps/openssl/openssl/doc/man7/bio.pod
+++ b/deps/openssl/openssl/doc/man7/bio.pod
@@ -52,7 +52,7 @@ pointer to a BIO_METHOD. There is a naming convention for such functions:
 a source/sink BIO is normally called BIO_s_*() and a filter BIO
 BIO_f_*();
 
-=head1 EXAMPLE
+=head1 EXAMPLES
 
 Create a memory BIO:
 
@@ -76,7 +76,7 @@ L<BIO_should_retry(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/doc/man7/scrypt.pod b/deps/openssl/openssl/doc/man7/scrypt.pod
index 94ff3ab53fce79..a005133747c67a 100644
--- a/deps/openssl/openssl/doc/man7/scrypt.pod
+++ b/deps/openssl/openssl/doc/man7/scrypt.pod
@@ -38,7 +38,7 @@ A context for scrypt can be obtained by calling:
 The output length of an scrypt key derivation is specified via the
 length parameter to the L<EVP_PKEY_derive(3)> function.
 
-=head1 EXAMPLE
+=head1 EXAMPLES
 
 This example derives a 64-byte long test vector using scrypt using the password
 "password", salt "NaCl" and N = 1024, r = 8, p = 16.
@@ -105,7 +105,7 @@ L<EVP_PKEY_derive(3)>
 
 =head1 COPYRIGHT
 
-Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
 
 Licensed under the OpenSSL license (the "License").  You may not use
 this file except in compliance with the License.  You can obtain a copy
diff --git a/deps/openssl/openssl/e_os.h b/deps/openssl/openssl/e_os.h
index e9ce6c9cc8b9b0..858bc40cb1fced 100644
--- a/deps/openssl/openssl/e_os.h
+++ b/deps/openssl/openssl/e_os.h
@@ -28,8 +28,34 @@
  * default, we will try to read at least one of these files
  */
 #  define DEVRANDOM "/dev/urandom", "/dev/random", "/dev/hwrng", "/dev/srandom"
-#  ifdef __linux
-#   define DEVRANDOM_WAIT "/dev/random"
+#  if defined(__linux) && !defined(__ANDROID__)
+#   ifndef DEVRANDOM_WAIT
+#    define DEVRANDOM_WAIT   "/dev/random"
+#   endif
+/*
+ * Linux kernels 4.8 and later changes how their random device works and there
+ * is no reliable way to tell that /dev/urandom has been seeded -- getentropy(2)
+ * should be used instead.
+ */
+#   ifndef DEVRANDOM_SAFE_KERNEL
+#    define DEVRANDOM_SAFE_KERNEL        4, 8
+#   endif
+/*
+ * Some operating systems do not permit select(2) on their random devices,
+ * defining this to zero will force the used of read(2) to extract one byte
+ * from /dev/random.
+ */
+#   ifndef DEVRANDM_WAIT_USE_SELECT
+#    define DEVRANDM_WAIT_USE_SELECT     1
+#   endif
+/*
+ * Define the shared memory identifier used to indicate if the operating
+ * system has properly seeded the DEVRANDOM source.
+ */
+#   ifndef OPENSSL_RAND_SEED_DEVRANDOM_SHM_ID
+#    define OPENSSL_RAND_SEED_DEVRANDOM_SHM_ID 114
+#   endif
+
 #  endif
 # endif
 # if !defined(OPENSSL_NO_EGD) && !defined(DEVRANDOM_EGD)
diff --git a/deps/openssl/openssl/engines/build.info b/deps/openssl/openssl/engines/build.info
index df173ea69d9131..1db771971cd5ca 100644
--- a/deps/openssl/openssl/engines/build.info
+++ b/deps/openssl/openssl/engines/build.info
@@ -2,8 +2,9 @@ IF[{- !$disabled{"engine"} -}]
 
   IF[{- $disabled{"dynamic-engine"} -}]
     LIBS=../libcrypto
-    SOURCE[../libcrypto]=\
-            e_padlock.c {- $target{padlock_asm_src} -}
+    IF[{- !$disabled{hw} && !$disabled{'hw-padlock'} -}]
+      SOURCE[../libcrypto]= e_padlock.c {- $target{padlock_asm_src} -}
+    ENDIF
     IF[{- !$disabled{capieng} -}]
       SOURCE[../libcrypto]=e_capi.c
     ENDIF
@@ -11,10 +12,12 @@ IF[{- !$disabled{"engine"} -}]
       SOURCE[../libcrypto]=e_afalg.c
     ENDIF
   ELSE
-    ENGINES=padlock
-    SOURCE[padlock]=e_padlock.c {- $target{padlock_asm_src} -}
-    DEPEND[padlock]=../libcrypto
-    INCLUDE[padlock]=../include
+    IF[{- !$disabled{hw} && !$disabled{'hw-padlock'} -}]
+      ENGINES=padlock
+      SOURCE[padlock]=e_padlock.c {- $target{padlock_asm_src} -}
+      DEPEND[padlock]=../libcrypto
+      INCLUDE[padlock]=../include
+    ENDIF
     IF[{- !$disabled{capieng} -}]
       ENGINES=capi
       SOURCE[capi]=e_capi.c
diff --git a/deps/openssl/openssl/engines/e_afalg.c b/deps/openssl/openssl/engines/e_afalg.c
index f09c396ed92386..7f62d77e5bc174 100644
--- a/deps/openssl/openssl/engines/e_afalg.c
+++ b/deps/openssl/openssl/engines/e_afalg.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -63,9 +63,6 @@ void engine_load_afalg_int(void)
 # define ALG_OP_TYPE     unsigned int
 # define ALG_OP_LEN      (sizeof(ALG_OP_TYPE))
 
-#define ALG_MAX_SALG_NAME       64
-#define ALG_MAX_SALG_TYPE       14
-
 # ifdef OPENSSL_NO_DYNAMIC_ENGINE
 void engine_load_afalg_int(void);
 # endif
@@ -371,10 +368,8 @@ static int afalg_create_sk(afalg_ctx *actx, const char *ciphertype,
 
     memset(&sa, 0, sizeof(sa));
     sa.salg_family = AF_ALG;
-    strncpy((char *) sa.salg_type, ciphertype, ALG_MAX_SALG_TYPE);
-    sa.salg_type[ALG_MAX_SALG_TYPE-1] = '\0';
-    strncpy((char *) sa.salg_name, ciphername, ALG_MAX_SALG_NAME);
-    sa.salg_name[ALG_MAX_SALG_NAME-1] = '\0';
+    OPENSSL_strlcpy((char *) sa.salg_type, ciphertype, sizeof(sa.salg_type));
+    OPENSSL_strlcpy((char *) sa.salg_name, ciphername, sizeof(sa.salg_name));
 
     actx->bfd = socket(AF_ALG, SOCK_SEQPACKET, 0);
     if (actx->bfd == -1) {
@@ -502,7 +497,7 @@ static int afalg_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
     int ciphertype;
     int ret;
     afalg_ctx *actx;
-    char ciphername[ALG_MAX_SALG_NAME];
+    const char *ciphername;
 
     if (ctx == NULL || key == NULL) {
         ALG_WARN("%s(%d): Null Parameter\n", __FILE__, __LINE__);
@@ -525,14 +520,13 @@ static int afalg_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
     case NID_aes_128_cbc:
     case NID_aes_192_cbc:
     case NID_aes_256_cbc:
-        strncpy(ciphername, "cbc(aes)", ALG_MAX_SALG_NAME);
+        ciphername = "cbc(aes)";
         break;
     default:
         ALG_WARN("%s(%d): Unsupported Cipher type %d\n", __FILE__, __LINE__,
                  ciphertype);
         return 0;
     }
-    ciphername[ALG_MAX_SALG_NAME-1]='\0';
 
     if (ALG_AES_IV_LEN != EVP_CIPHER_CTX_iv_length(ctx)) {
         ALG_WARN("%s(%d): Unsupported IV length :%d\n", __FILE__, __LINE__,
diff --git a/deps/openssl/openssl/include/internal/constant_time_locl.h b/deps/openssl/openssl/include/internal/constant_time_locl.h
index cde30f4067ef19..0193a653d4bb1a 100644
--- a/deps/openssl/openssl/include/internal/constant_time_locl.h
+++ b/deps/openssl/openssl/include/internal/constant_time_locl.h
@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -213,18 +213,72 @@ static ossl_inline unsigned char constant_time_eq_int_8(int a, int b)
     return constant_time_eq_8((unsigned)(a), (unsigned)(b));
 }
 
+/*
+ * Returns the value unmodified, but avoids optimizations.
+ * The barriers prevent the compiler from narrowing down the
+ * possible value range of the mask and ~mask in the select
+ * statements, which avoids the recognition of the select
+ * and turning it into a conditional load or branch.
+ */
+static ossl_inline unsigned int value_barrier(unsigned int a)
+{
+#if !defined(OPENSSL_NO_ASM) && defined(__GNUC__)
+    unsigned int r;
+    __asm__("" : "=r"(r) : "0"(a));
+#else
+    volatile unsigned int r = a;
+#endif
+    return r;
+}
+
+/* Convenience method for uint32_t. */
+static ossl_inline uint32_t value_barrier_32(uint32_t a)
+{
+#if !defined(OPENSSL_NO_ASM) && defined(__GNUC__)
+    uint32_t r;
+    __asm__("" : "=r"(r) : "0"(a));
+#else
+    volatile uint32_t r = a;
+#endif
+    return r;
+}
+
+/* Convenience method for uint64_t. */
+static ossl_inline uint64_t value_barrier_64(uint64_t a)
+{
+#if !defined(OPENSSL_NO_ASM) && defined(__GNUC__)
+    uint64_t r;
+    __asm__("" : "=r"(r) : "0"(a));
+#else
+    volatile uint64_t r = a;
+#endif
+    return r;
+}
+
+/* Convenience method for size_t. */
+static ossl_inline size_t value_barrier_s(size_t a)
+{
+#if !defined(OPENSSL_NO_ASM) && defined(__GNUC__)
+    size_t r;
+    __asm__("" : "=r"(r) : "0"(a));
+#else
+    volatile size_t r = a;
+#endif
+    return r;
+}
+
 static ossl_inline unsigned int constant_time_select(unsigned int mask,
                                                      unsigned int a,
                                                      unsigned int b)
 {
-    return (mask & a) | (~mask & b);
+    return (value_barrier(mask) & a) | (value_barrier(~mask) & b);
 }
 
 static ossl_inline size_t constant_time_select_s(size_t mask,
                                                  size_t a,
                                                  size_t b)
 {
-    return (mask & a) | (~mask & b);
+    return (value_barrier_s(mask) & a) | (value_barrier_s(~mask) & b);
 }
 
 static ossl_inline unsigned char constant_time_select_8(unsigned char mask,
@@ -249,13 +303,13 @@ static ossl_inline int constant_time_select_int_s(size_t mask, int a, int b)
 static ossl_inline uint32_t constant_time_select_32(uint32_t mask, uint32_t a,
                                                     uint32_t b)
 {
-    return (mask & a) | (~mask & b);
+    return (value_barrier_32(mask) & a) | (value_barrier_32(~mask) & b);
 }
 
 static ossl_inline uint64_t constant_time_select_64(uint64_t mask, uint64_t a,
                                                     uint64_t b)
 {
-    return (mask & a) | (~mask & b);
+    return (value_barrier_64(mask) & a) | (value_barrier_64(~mask) & b);
 }
 
 /*
diff --git a/deps/openssl/openssl/include/internal/cryptlib.h b/deps/openssl/openssl/include/internal/cryptlib.h
index b4d76d5f2ed735..23e17e5586e8f5 100644
--- a/deps/openssl/openssl/include/internal/cryptlib.h
+++ b/deps/openssl/openssl/include/internal/cryptlib.h
@@ -80,6 +80,7 @@ extern unsigned int OPENSSL_ia32cap_P[];
 void OPENSSL_showfatal(const char *fmta, ...);
 void crypto_cleanup_all_ex_data_int(void);
 int openssl_init_fork_handlers(void);
+int openssl_get_fork_id(void);
 
 char *ossl_safe_getenv(const char *name);
 
diff --git a/deps/openssl/openssl/include/internal/dsoerr.h b/deps/openssl/openssl/include/internal/dsoerr.h
index 0edf277f705175..5f4511c4d6f889 100644
--- a/deps/openssl/openssl/include/internal/dsoerr.h
+++ b/deps/openssl/openssl/include/internal/dsoerr.h
@@ -11,7 +11,9 @@
 #ifndef HEADER_DSOERR_H
 # define HEADER_DSOERR_H
 
-# include <openssl/opensslconf.h>
+# ifndef HEADER_SYMHACKS_H
+#  include <openssl/symhacks.h>
+# endif
 
 # ifdef  __cplusplus
 extern "C"
diff --git a/deps/openssl/openssl/include/internal/refcount.h b/deps/openssl/openssl/include/internal/refcount.h
index d2364c6212211c..6e1a840ef1ea6d 100644
--- a/deps/openssl/openssl/include/internal/refcount.h
+++ b/deps/openssl/openssl/include/internal/refcount.h
@@ -105,7 +105,7 @@ static __inline int CRYPTO_DOWN_REF(volatile int *val, int *ret, void *lock)
 #    if _WIN32_WCE >= 0x600
       extern long __cdecl _InterlockedExchangeAdd(long volatile*, long);
 #    else
-      // under Windows CE we still have old-style Interlocked* functions
+      /* under Windows CE we still have old-style Interlocked* functions */
       extern long __cdecl InterlockedExchangeAdd(long volatile*, long);
 #     define _InterlockedExchangeAdd InterlockedExchangeAdd
 #    endif
diff --git a/deps/openssl/openssl/include/internal/thread_once.h b/deps/openssl/openssl/include/internal/thread_once.h
index 8a25d04d2d4d9e..8f8aa6e1c4b1bc 100644
--- a/deps/openssl/openssl/include/internal/thread_once.h
+++ b/deps/openssl/openssl/include/internal/thread_once.h
@@ -72,7 +72,7 @@
  * function defined via DEFINE_ONCE_STATIC where both functions use the same
  * CRYPTO_ONCE object to synchronise. Where an alternative initialiser function
  * is used only one of the primary or the alternative initialiser function will
- * ever be called - and that function will be called exactly once. Definitition
+ * ever be called - and that function will be called exactly once. Definition
  * of an alternative initialiser function MUST occur AFTER the definition of the
  * primary initialiser function.
  *
diff --git a/deps/openssl/openssl/include/internal/tsan_assist.h b/deps/openssl/openssl/include/internal/tsan_assist.h
index d41ebb341a422a..cc30162eb74ec1 100644
--- a/deps/openssl/openssl/include/internal/tsan_assist.h
+++ b/deps/openssl/openssl/include/internal/tsan_assist.h
@@ -18,7 +18,7 @@
  * if (var == NOT_YET_INITIALIZED)
  *     var = function_returning_same_value();
  *
- * This does work provided that loads and stores are single-instuction
+ * This does work provided that loads and stores are single-instruction
  * operations (and integer ones are on *all* supported platforms), but
  * it upsets Thread Sanitizer. Suggested solution is
  *
diff --git a/deps/openssl/openssl/include/openssl/asn1err.h b/deps/openssl/openssl/include/openssl/asn1err.h
index 5a91126db954d0..faed5a55180d63 100644
--- a/deps/openssl/openssl/include/openssl/asn1err.h
+++ b/deps/openssl/openssl/include/openssl/asn1err.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,6 +11,10 @@
 #ifndef HEADER_ASN1ERR_H
 # define HEADER_ASN1ERR_H
 
+# ifndef HEADER_SYMHACKS_H
+#  include <openssl/symhacks.h>
+# endif
+
 # ifdef  __cplusplus
 extern "C"
 # endif
diff --git a/deps/openssl/openssl/include/openssl/asyncerr.h b/deps/openssl/openssl/include/openssl/asyncerr.h
index 5497ba75279ee5..91afbbb2f5b84a 100644
--- a/deps/openssl/openssl/include/openssl/asyncerr.h
+++ b/deps/openssl/openssl/include/openssl/asyncerr.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,6 +11,10 @@
 #ifndef HEADER_ASYNCERR_H
 # define HEADER_ASYNCERR_H
 
+# ifndef HEADER_SYMHACKS_H
+#  include <openssl/symhacks.h>
+# endif
+
 # ifdef  __cplusplus
 extern "C"
 # endif
diff --git a/deps/openssl/openssl/include/openssl/bio.h b/deps/openssl/openssl/include/openssl/bio.h
index 2888b42da84dfc..e1fddfb7969d6e 100644
--- a/deps/openssl/openssl/include/openssl/bio.h
+++ b/deps/openssl/openssl/include/openssl/bio.h
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -20,10 +20,6 @@
 # include <openssl/crypto.h>
 # include <openssl/bioerr.h>
 
-# ifndef OPENSSL_NO_SCTP
-#  include <openssl/e_os2.h>
-# endif
-
 #ifdef  __cplusplus
 extern "C" {
 #endif
diff --git a/deps/openssl/openssl/include/openssl/bioerr.h b/deps/openssl/openssl/include/openssl/bioerr.h
index f119a59c36ccb1..46e2c96ee3547e 100644
--- a/deps/openssl/openssl/include/openssl/bioerr.h
+++ b/deps/openssl/openssl/include/openssl/bioerr.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,6 +11,10 @@
 #ifndef HEADER_BIOERR_H
 # define HEADER_BIOERR_H
 
+# ifndef HEADER_SYMHACKS_H
+#  include <openssl/symhacks.h>
+# endif
+
 # ifdef  __cplusplus
 extern "C"
 # endif
diff --git a/deps/openssl/openssl/include/openssl/bnerr.h b/deps/openssl/openssl/include/openssl/bnerr.h
index 8a022cc0698deb..9f3c7cfaab6742 100644
--- a/deps/openssl/openssl/include/openssl/bnerr.h
+++ b/deps/openssl/openssl/include/openssl/bnerr.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,6 +11,10 @@
 #ifndef HEADER_BNERR_H
 # define HEADER_BNERR_H
 
+# ifndef HEADER_SYMHACKS_H
+#  include <openssl/symhacks.h>
+# endif
+
 # ifdef  __cplusplus
 extern "C"
 # endif
diff --git a/deps/openssl/openssl/include/openssl/buffererr.h b/deps/openssl/openssl/include/openssl/buffererr.h
index 3aee1323238363..04f6ff7a8393db 100644
--- a/deps/openssl/openssl/include/openssl/buffererr.h
+++ b/deps/openssl/openssl/include/openssl/buffererr.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,6 +11,10 @@
 #ifndef HEADER_BUFERR_H
 # define HEADER_BUFERR_H
 
+# ifndef HEADER_SYMHACKS_H
+#  include <openssl/symhacks.h>
+# endif
+
 # ifdef  __cplusplus
 extern "C"
 # endif
diff --git a/deps/openssl/openssl/include/openssl/cms.h b/deps/openssl/openssl/include/openssl/cms.h
index ddf37e56f8d41f..c7627968c7a0d3 100644
--- a/deps/openssl/openssl/include/openssl/cms.h
+++ b/deps/openssl/openssl/include/openssl/cms.h
@@ -1,5 +1,5 @@
 /*
- * Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2008-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -284,8 +284,6 @@ int CMS_unsigned_add1_attr_by_txt(CMS_SignerInfo *si,
 void *CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid,
                                     int lastpos, int type);
 
-# ifdef HEADER_X509V3_H
-
 int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr);
 CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen,
                                                int allorfirst,
@@ -298,7 +296,6 @@ void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr,
                                     int *pallorfirst,
                                     STACK_OF(GENERAL_NAMES) **plist,
                                     STACK_OF(GENERAL_NAMES) **prto);
-# endif
 int CMS_RecipientInfo_kari_get0_alg(CMS_RecipientInfo *ri,
                                     X509_ALGOR **palg,
                                     ASN1_OCTET_STRING **pukm);
diff --git a/deps/openssl/openssl/include/openssl/cmserr.h b/deps/openssl/openssl/include/openssl/cmserr.h
index 3f8ae26da80192..7dbc13dc939eee 100644
--- a/deps/openssl/openssl/include/openssl/cmserr.h
+++ b/deps/openssl/openssl/include/openssl/cmserr.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,6 +11,10 @@
 #ifndef HEADER_CMSERR_H
 # define HEADER_CMSERR_H
 
+# ifndef HEADER_SYMHACKS_H
+#  include <openssl/symhacks.h>
+# endif
+
 # include <openssl/opensslconf.h>
 
 # ifndef OPENSSL_NO_CMS
@@ -101,6 +105,7 @@ int ERR_load_CMS_strings(void);
 #  define CMS_F_CMS_SIGNERINFO_VERIFY_CERT                 153
 #  define CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT              154
 #  define CMS_F_CMS_SIGN_RECEIPT                           163
+#  define CMS_F_CMS_SI_CHECK_ATTRIBUTES                    183
 #  define CMS_F_CMS_STREAM                                 155
 #  define CMS_F_CMS_UNCOMPRESS                             156
 #  define CMS_F_CMS_VERIFY                                 157
@@ -110,6 +115,7 @@ int ERR_load_CMS_strings(void);
  * CMS reason codes.
  */
 #  define CMS_R_ADD_SIGNER_ERROR                           99
+#  define CMS_R_ATTRIBUTE_ERROR                            161
 #  define CMS_R_CERTIFICATE_ALREADY_PRESENT                175
 #  define CMS_R_CERTIFICATE_HAS_NO_KEYID                   160
 #  define CMS_R_CERTIFICATE_VERIFY_ERROR                   100
diff --git a/deps/openssl/openssl/include/openssl/comperr.h b/deps/openssl/openssl/include/openssl/comperr.h
index edea63a6809321..90231e9aa34f30 100644
--- a/deps/openssl/openssl/include/openssl/comperr.h
+++ b/deps/openssl/openssl/include/openssl/comperr.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,6 +11,10 @@
 #ifndef HEADER_COMPERR_H
 # define HEADER_COMPERR_H
 
+# ifndef HEADER_SYMHACKS_H
+#  include <openssl/symhacks.h>
+# endif
+
 # include <openssl/opensslconf.h>
 
 # ifndef OPENSSL_NO_COMP
diff --git a/deps/openssl/openssl/include/openssl/conferr.h b/deps/openssl/openssl/include/openssl/conferr.h
index d1c92f45d82dbb..32b92291856662 100644
--- a/deps/openssl/openssl/include/openssl/conferr.h
+++ b/deps/openssl/openssl/include/openssl/conferr.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,6 +11,10 @@
 #ifndef HEADER_CONFERR_H
 # define HEADER_CONFERR_H
 
+# ifndef HEADER_SYMHACKS_H
+#  include <openssl/symhacks.h>
+# endif
+
 # ifdef  __cplusplus
 extern "C"
 # endif
diff --git a/deps/openssl/openssl/include/openssl/cryptoerr.h b/deps/openssl/openssl/include/openssl/cryptoerr.h
index 10723d0454b3c5..3db5a4ee9911d6 100644
--- a/deps/openssl/openssl/include/openssl/cryptoerr.h
+++ b/deps/openssl/openssl/include/openssl/cryptoerr.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,12 +11,13 @@
 #ifndef HEADER_CRYPTOERR_H
 # define HEADER_CRYPTOERR_H
 
+# ifndef HEADER_SYMHACKS_H
+#  include <openssl/symhacks.h>
+# endif
+
 # ifdef  __cplusplus
 extern "C"
 # endif
-
-# include <openssl/symhacks.h>
-
 int ERR_load_CRYPTO_strings(void);
 
 /*
diff --git a/deps/openssl/openssl/include/openssl/cterr.h b/deps/openssl/openssl/include/openssl/cterr.h
index 764e1a22046240..feb7bc56632fba 100644
--- a/deps/openssl/openssl/include/openssl/cterr.h
+++ b/deps/openssl/openssl/include/openssl/cterr.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,6 +11,10 @@
 #ifndef HEADER_CTERR_H
 # define HEADER_CTERR_H
 
+# ifndef HEADER_SYMHACKS_H
+#  include <openssl/symhacks.h>
+# endif
+
 # include <openssl/opensslconf.h>
 
 # ifndef OPENSSL_NO_CT
diff --git a/deps/openssl/openssl/include/openssl/dherr.h b/deps/openssl/openssl/include/openssl/dherr.h
index 81e73f75c07d4e..916b3bed0b596f 100644
--- a/deps/openssl/openssl/include/openssl/dherr.h
+++ b/deps/openssl/openssl/include/openssl/dherr.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,6 +11,10 @@
 #ifndef HEADER_DHERR_H
 # define HEADER_DHERR_H
 
+# ifndef HEADER_SYMHACKS_H
+#  include <openssl/symhacks.h>
+# endif
+
 # include <openssl/opensslconf.h>
 
 # ifndef OPENSSL_NO_DH
diff --git a/deps/openssl/openssl/include/openssl/dsaerr.h b/deps/openssl/openssl/include/openssl/dsaerr.h
index d94f97bba8f213..495a1ac89d6361 100644
--- a/deps/openssl/openssl/include/openssl/dsaerr.h
+++ b/deps/openssl/openssl/include/openssl/dsaerr.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,6 +11,10 @@
 #ifndef HEADER_DSAERR_H
 # define HEADER_DSAERR_H
 
+# ifndef HEADER_SYMHACKS_H
+#  include <openssl/symhacks.h>
+# endif
+
 # include <openssl/opensslconf.h>
 
 # ifndef OPENSSL_NO_DSA
@@ -57,6 +61,7 @@ int ERR_load_DSA_strings(void);
 #  define DSA_R_INVALID_DIGEST_TYPE                        106
 #  define DSA_R_INVALID_PARAMETERS                         112
 #  define DSA_R_MISSING_PARAMETERS                         101
+#  define DSA_R_MISSING_PRIVATE_KEY                        111
 #  define DSA_R_MODULUS_TOO_LARGE                          103
 #  define DSA_R_NO_PARAMETERS_SET                          107
 #  define DSA_R_PARAMETER_ENCODING_ERROR                   105
diff --git a/deps/openssl/openssl/include/openssl/ec.h b/deps/openssl/openssl/include/openssl/ec.h
index 347cfb6d097b91..5af9ebdc7fce62 100644
--- a/deps/openssl/openssl/include/openssl/ec.h
+++ b/deps/openssl/openssl/include/openssl/ec.h
@@ -1,5 +1,5 @@
 /*
- * Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2002-2019 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -142,7 +142,7 @@ const EC_METHOD *EC_GROUP_method_of(const EC_GROUP *group);
  */
 int EC_METHOD_get_field_type(const EC_METHOD *meth);
 
-/** Sets the generator and it's order/cofactor of a EC_GROUP object.
+/** Sets the generator and its order/cofactor of a EC_GROUP object.
  *  \param  group      EC_GROUP object
  *  \param  generator  EC_POINT object with the generator.
  *  \param  order      the order of the group generated by the generator.
@@ -1138,7 +1138,8 @@ void ECDSA_SIG_free(ECDSA_SIG *sig);
  *  (*pp += length of the DER encoded signature)).
  *  \param  sig  pointer to the ECDSA_SIG object
  *  \param  pp   pointer to a unsigned char pointer for the output or NULL
- *  \return the length of the DER encoded ECDSA_SIG object or 0
+ *  \return the length of the DER encoded ECDSA_SIG object or a negative value
+ *          on error
  */
 int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);
 
diff --git a/deps/openssl/openssl/include/openssl/ecerr.h b/deps/openssl/openssl/include/openssl/ecerr.h
index be313d2856b89a..f7b91834564e2f 100644
--- a/deps/openssl/openssl/include/openssl/ecerr.h
+++ b/deps/openssl/openssl/include/openssl/ecerr.h
@@ -11,6 +11,10 @@
 #ifndef HEADER_ECERR_H
 # define HEADER_ECERR_H
 
+# ifndef HEADER_SYMHACKS_H
+#  include <openssl/symhacks.h>
+# endif
+
 # include <openssl/opensslconf.h>
 
 # ifndef OPENSSL_NO_EC
diff --git a/deps/openssl/openssl/include/openssl/engineerr.h b/deps/openssl/openssl/include/openssl/engineerr.h
index b4c036b2106eeb..05e84bd2a24122 100644
--- a/deps/openssl/openssl/include/openssl/engineerr.h
+++ b/deps/openssl/openssl/include/openssl/engineerr.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,6 +11,10 @@
 #ifndef HEADER_ENGINEERR_H
 # define HEADER_ENGINEERR_H
 
+# ifndef HEADER_SYMHACKS_H
+#  include <openssl/symhacks.h>
+# endif
+
 # include <openssl/opensslconf.h>
 
 # ifndef OPENSSL_NO_ENGINE
diff --git a/deps/openssl/openssl/include/openssl/evp.h b/deps/openssl/openssl/include/openssl/evp.h
index dd1117d0fe2d90..545654a98b1c08 100644
--- a/deps/openssl/openssl/include/openssl/evp.h
+++ b/deps/openssl/openssl/include/openssl/evp.h
@@ -260,6 +260,8 @@ int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
 # define         EVP_CIPH_RAND_KEY               0x200
 /* cipher has its own additional copying logic */
 # define         EVP_CIPH_CUSTOM_COPY            0x400
+/* Don't use standard iv length function */
+# define         EVP_CIPH_CUSTOM_IV_LENGTH       0x800
 /* Allow use default ASN1 get/set iv */
 # define         EVP_CIPH_FLAG_DEFAULT_ASN1      0x1000
 /* Buffer length in bits not bytes: CFB1 mode only */
@@ -349,6 +351,8 @@ int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *,
 /* Set the input buffer lengths to use for a pipelined operation */
 # define         EVP_CTRL_SET_PIPELINE_INPUT_LENS        0x24
 
+# define         EVP_CTRL_GET_IVLEN                      0x25
+
 /* Padding modes */
 #define EVP_PADDING_PKCS7       1
 #define EVP_PADDING_ISO7816_4   2
diff --git a/deps/openssl/openssl/include/openssl/evperr.h b/deps/openssl/openssl/include/openssl/evperr.h
index 84f03eb3c45f08..6a651f55635419 100644
--- a/deps/openssl/openssl/include/openssl/evperr.h
+++ b/deps/openssl/openssl/include/openssl/evperr.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,6 +11,10 @@
 #ifndef HEADER_EVPERR_H
 # define HEADER_EVPERR_H
 
+# ifndef HEADER_SYMHACKS_H
+#  include <openssl/symhacks.h>
+# endif
+
 # ifdef  __cplusplus
 extern "C"
 # endif
@@ -20,11 +24,14 @@ int ERR_load_EVP_strings(void);
  * EVP function codes.
  */
 # define EVP_F_AESNI_INIT_KEY                             165
+# define EVP_F_AESNI_XTS_INIT_KEY                         207
 # define EVP_F_AES_GCM_CTRL                               196
 # define EVP_F_AES_INIT_KEY                               133
 # define EVP_F_AES_OCB_CIPHER                             169
 # define EVP_F_AES_T4_INIT_KEY                            178
+# define EVP_F_AES_T4_XTS_INIT_KEY                        208
 # define EVP_F_AES_WRAP_CIPHER                            170
+# define EVP_F_AES_XTS_INIT_KEY                           209
 # define EVP_F_ALG_MODULE_INIT                            177
 # define EVP_F_ARIA_CCM_INIT_KEY                          175
 # define EVP_F_ARIA_GCM_CTRL                              197
@@ -115,6 +122,7 @@ int ERR_load_EVP_strings(void);
 # define EVP_F_PKEY_SET_TYPE                              158
 # define EVP_F_RC2_MAGIC_TO_METH                          109
 # define EVP_F_RC5_CTRL                                   125
+# define EVP_F_R_32_12_16_INIT_KEY                        242
 # define EVP_F_S390X_AES_GCM_CTRL                         201
 # define EVP_F_UPDATE                                     173
 
@@ -124,6 +132,7 @@ int ERR_load_EVP_strings(void);
 # define EVP_R_AES_KEY_SETUP_FAILED                       143
 # define EVP_R_ARIA_KEY_SETUP_FAILED                      176
 # define EVP_R_BAD_DECRYPT                                100
+# define EVP_R_BAD_KEY_LENGTH                             195
 # define EVP_R_BUFFER_TOO_SMALL                           155
 # define EVP_R_CAMELLIA_KEY_SETUP_FAILED                  157
 # define EVP_R_CIPHER_PARAMETER_ERROR                     122
@@ -190,5 +199,6 @@ int ERR_load_EVP_strings(void);
 # define EVP_R_UNSUPPORTED_SALT_TYPE                      126
 # define EVP_R_WRAP_MODE_NOT_ALLOWED                      170
 # define EVP_R_WRONG_FINAL_BLOCK_LENGTH                   109
+# define EVP_R_XTS_DUPLICATED_KEYS                        183
 
 #endif
diff --git a/deps/openssl/openssl/include/openssl/kdferr.h b/deps/openssl/openssl/include/openssl/kdferr.h
index 6437c271dd6ab0..3f51bd0228ab8d 100644
--- a/deps/openssl/openssl/include/openssl/kdferr.h
+++ b/deps/openssl/openssl/include/openssl/kdferr.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,6 +11,10 @@
 #ifndef HEADER_KDFERR_H
 # define HEADER_KDFERR_H
 
+# ifndef HEADER_SYMHACKS_H
+#  include <openssl/symhacks.h>
+# endif
+
 # ifdef  __cplusplus
 extern "C"
 # endif
diff --git a/deps/openssl/openssl/include/openssl/objectserr.h b/deps/openssl/openssl/include/openssl/objectserr.h
index 02308dfac8fd72..02e166f1ac6671 100644
--- a/deps/openssl/openssl/include/openssl/objectserr.h
+++ b/deps/openssl/openssl/include/openssl/objectserr.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,6 +11,10 @@
 #ifndef HEADER_OBJERR_H
 # define HEADER_OBJERR_H
 
+# ifndef HEADER_SYMHACKS_H
+#  include <openssl/symhacks.h>
+# endif
+
 # ifdef  __cplusplus
 extern "C"
 # endif
diff --git a/deps/openssl/openssl/include/openssl/ocsperr.h b/deps/openssl/openssl/include/openssl/ocsperr.h
index 7d93b12d497ee0..8dd9e01a172a2e 100644
--- a/deps/openssl/openssl/include/openssl/ocsperr.h
+++ b/deps/openssl/openssl/include/openssl/ocsperr.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,6 +11,10 @@
 #ifndef HEADER_OCSPERR_H
 # define HEADER_OCSPERR_H
 
+# ifndef HEADER_SYMHACKS_H
+#  include <openssl/symhacks.h>
+# endif
+
 # include <openssl/opensslconf.h>
 
 # ifndef OPENSSL_NO_OCSP
diff --git a/deps/openssl/openssl/include/openssl/opensslconf.h b/deps/openssl/openssl/include/openssl/opensslconf.h
deleted file mode 100644
index 76c99d433ab886..00000000000000
--- a/deps/openssl/openssl/include/openssl/opensslconf.h
+++ /dev/null
@@ -1 +0,0 @@
-#include "../../config/opensslconf.h"
diff --git a/deps/openssl/openssl/include/openssl/opensslv.h b/deps/openssl/openssl/include/openssl/opensslv.h
index bdf44d47e599b4..c28e632c442504 100644
--- a/deps/openssl/openssl/include/openssl/opensslv.h
+++ b/deps/openssl/openssl/include/openssl/opensslv.h
@@ -39,8 +39,8 @@ extern "C" {
  * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
  *  major minor fix final patch/beta)
  */
-# define OPENSSL_VERSION_NUMBER  0x1010103fL
-# define OPENSSL_VERSION_TEXT    "OpenSSL 1.1.1c  28 May 2019"
+# define OPENSSL_VERSION_NUMBER  0x1010104fL
+# define OPENSSL_VERSION_TEXT    "OpenSSL 1.1.1d  10 Sep 2019"
 
 /*-
  * The macros below are to be used for shared library (.so, .dll, ...)
diff --git a/deps/openssl/openssl/include/openssl/pemerr.h b/deps/openssl/openssl/include/openssl/pemerr.h
index cd61b823d31750..0c45918f3c1d28 100644
--- a/deps/openssl/openssl/include/openssl/pemerr.h
+++ b/deps/openssl/openssl/include/openssl/pemerr.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,6 +11,10 @@
 #ifndef HEADER_PEMERR_H
 # define HEADER_PEMERR_H
 
+# ifndef HEADER_SYMHACKS_H
+#  include <openssl/symhacks.h>
+# endif
+
 # ifdef  __cplusplus
 extern "C"
 # endif
diff --git a/deps/openssl/openssl/include/openssl/pkcs12err.h b/deps/openssl/openssl/include/openssl/pkcs12err.h
index c7184ffe744d04..eff5eb26028214 100644
--- a/deps/openssl/openssl/include/openssl/pkcs12err.h
+++ b/deps/openssl/openssl/include/openssl/pkcs12err.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,6 +11,10 @@
 #ifndef HEADER_PKCS12ERR_H
 # define HEADER_PKCS12ERR_H
 
+# ifndef HEADER_SYMHACKS_H
+#  include <openssl/symhacks.h>
+# endif
+
 # ifdef  __cplusplus
 extern "C"
 # endif
diff --git a/deps/openssl/openssl/include/openssl/pkcs7err.h b/deps/openssl/openssl/include/openssl/pkcs7err.h
index 0ba418d7805d07..02e0299a3cecab 100644
--- a/deps/openssl/openssl/include/openssl/pkcs7err.h
+++ b/deps/openssl/openssl/include/openssl/pkcs7err.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,6 +11,10 @@
 #ifndef HEADER_PKCS7ERR_H
 # define HEADER_PKCS7ERR_H
 
+# ifndef HEADER_SYMHACKS_H
+#  include <openssl/symhacks.h>
+# endif
+
 # ifdef  __cplusplus
 extern "C"
 # endif
diff --git a/deps/openssl/openssl/include/openssl/randerr.h b/deps/openssl/openssl/include/openssl/randerr.h
index 599a2a18d41ff0..70d1a17a4c6bdb 100644
--- a/deps/openssl/openssl/include/openssl/randerr.h
+++ b/deps/openssl/openssl/include/openssl/randerr.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,6 +11,8 @@
 #ifndef HEADER_RANDERR_H
 # define HEADER_RANDERR_H
 
+# include <openssl/symhacks.h>
+
 # ifdef  __cplusplus
 extern "C"
 # endif
@@ -42,6 +44,7 @@ int ERR_load_RAND_strings(void);
 # define RAND_F_RAND_POOL_ADD_END                         114
 # define RAND_F_RAND_POOL_ATTACH                          124
 # define RAND_F_RAND_POOL_BYTES_NEEDED                    115
+# define RAND_F_RAND_POOL_GROW                            125
 # define RAND_F_RAND_POOL_NEW                             116
 # define RAND_F_RAND_WRITE_FILE                           112
 
diff --git a/deps/openssl/openssl/include/openssl/rsaerr.h b/deps/openssl/openssl/include/openssl/rsaerr.h
index d5bc01c1021848..59b15e13e96532 100644
--- a/deps/openssl/openssl/include/openssl/rsaerr.h
+++ b/deps/openssl/openssl/include/openssl/rsaerr.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,6 +11,10 @@
 #ifndef HEADER_RSAERR_H
 # define HEADER_RSAERR_H
 
+# ifndef HEADER_SYMHACKS_H
+#  include <openssl/symhacks.h>
+# endif
+
 # ifdef  __cplusplus
 extern "C"
 # endif
@@ -126,6 +130,7 @@ int ERR_load_RSA_strings(void);
 # define RSA_R_KEY_PRIME_NUM_INVALID                      165
 # define RSA_R_KEY_SIZE_TOO_SMALL                         120
 # define RSA_R_LAST_OCTET_INVALID                         134
+# define RSA_R_MISSING_PRIVATE_KEY                        179
 # define RSA_R_MGF1_DIGEST_NOT_ALLOWED                    152
 # define RSA_R_MODULUS_TOO_LARGE                          105
 # define RSA_R_MP_COEFFICIENT_NOT_INVERSE_OF_R            168
diff --git a/deps/openssl/openssl/include/openssl/ssl.h b/deps/openssl/openssl/include/openssl/ssl.h
index f93dc68fefdb55..6724ccf2d25211 100644
--- a/deps/openssl/openssl/include/openssl/ssl.h
+++ b/deps/openssl/openssl/include/openssl/ssl.h
@@ -1364,24 +1364,24 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
         SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CHAIN_CERT_STORE,0,(char *)(st))
 # define SSL_CTX_set1_chain_cert_store(ctx,st) \
         SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CHAIN_CERT_STORE,1,(char *)(st))
-# define SSL_set0_chain(ctx,sk) \
-        SSL_ctrl(ctx,SSL_CTRL_CHAIN,0,(char *)(sk))
-# define SSL_set1_chain(ctx,sk) \
-        SSL_ctrl(ctx,SSL_CTRL_CHAIN,1,(char *)(sk))
-# define SSL_add0_chain_cert(ctx,x509) \
-        SSL_ctrl(ctx,SSL_CTRL_CHAIN_CERT,0,(char *)(x509))
-# define SSL_add1_chain_cert(ctx,x509) \
-        SSL_ctrl(ctx,SSL_CTRL_CHAIN_CERT,1,(char *)(x509))
-# define SSL_get0_chain_certs(ctx,px509) \
-        SSL_ctrl(ctx,SSL_CTRL_GET_CHAIN_CERTS,0,px509)
-# define SSL_clear_chain_certs(ctx) \
-        SSL_set0_chain(ctx,NULL)
+# define SSL_set0_chain(s,sk) \
+        SSL_ctrl(s,SSL_CTRL_CHAIN,0,(char *)(sk))
+# define SSL_set1_chain(s,sk) \
+        SSL_ctrl(s,SSL_CTRL_CHAIN,1,(char *)(sk))
+# define SSL_add0_chain_cert(s,x509) \
+        SSL_ctrl(s,SSL_CTRL_CHAIN_CERT,0,(char *)(x509))
+# define SSL_add1_chain_cert(s,x509) \
+        SSL_ctrl(s,SSL_CTRL_CHAIN_CERT,1,(char *)(x509))
+# define SSL_get0_chain_certs(s,px509) \
+        SSL_ctrl(s,SSL_CTRL_GET_CHAIN_CERTS,0,px509)
+# define SSL_clear_chain_certs(s) \
+        SSL_set0_chain(s,NULL)
 # define SSL_build_cert_chain(s, flags) \
         SSL_ctrl(s,SSL_CTRL_BUILD_CERT_CHAIN, flags, NULL)
-# define SSL_select_current_cert(ctx,x509) \
-        SSL_ctrl(ctx,SSL_CTRL_SELECT_CURRENT_CERT,0,(char *)(x509))
-# define SSL_set_current_cert(ctx,op) \
-        SSL_ctrl(ctx,SSL_CTRL_SET_CURRENT_CERT, op, NULL)
+# define SSL_select_current_cert(s,x509) \
+        SSL_ctrl(s,SSL_CTRL_SELECT_CURRENT_CERT,0,(char *)(x509))
+# define SSL_set_current_cert(s,op) \
+        SSL_ctrl(s,SSL_CTRL_SET_CURRENT_CERT, op, NULL)
 # define SSL_set0_verify_cert_store(s,st) \
         SSL_ctrl(s,SSL_CTRL_SET_VERIFY_CERT_STORE,0,(char *)(st))
 # define SSL_set1_verify_cert_store(s,st) \
@@ -1390,34 +1390,34 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
         SSL_ctrl(s,SSL_CTRL_SET_CHAIN_CERT_STORE,0,(char *)(st))
 # define SSL_set1_chain_cert_store(s,st) \
         SSL_ctrl(s,SSL_CTRL_SET_CHAIN_CERT_STORE,1,(char *)(st))
-# define SSL_get1_groups(ctx, s) \
-        SSL_ctrl(ctx,SSL_CTRL_GET_GROUPS,0,(char *)(s))
+# define SSL_get1_groups(s, glist) \
+        SSL_ctrl(s,SSL_CTRL_GET_GROUPS,0,(int*)(glist))
 # define SSL_CTX_set1_groups(ctx, glist, glistlen) \
         SSL_CTX_ctrl(ctx,SSL_CTRL_SET_GROUPS,glistlen,(char *)(glist))
 # define SSL_CTX_set1_groups_list(ctx, s) \
         SSL_CTX_ctrl(ctx,SSL_CTRL_SET_GROUPS_LIST,0,(char *)(s))
-# define SSL_set1_groups(ctx, glist, glistlen) \
-        SSL_ctrl(ctx,SSL_CTRL_SET_GROUPS,glistlen,(char *)(glist))
-# define SSL_set1_groups_list(ctx, s) \
-        SSL_ctrl(ctx,SSL_CTRL_SET_GROUPS_LIST,0,(char *)(s))
+# define SSL_set1_groups(s, glist, glistlen) \
+        SSL_ctrl(s,SSL_CTRL_SET_GROUPS,glistlen,(char *)(glist))
+# define SSL_set1_groups_list(s, str) \
+        SSL_ctrl(s,SSL_CTRL_SET_GROUPS_LIST,0,(char *)(str))
 # define SSL_get_shared_group(s, n) \
         SSL_ctrl(s,SSL_CTRL_GET_SHARED_GROUP,n,NULL)
 # define SSL_CTX_set1_sigalgs(ctx, slist, slistlen) \
         SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SIGALGS,slistlen,(int *)(slist))
 # define SSL_CTX_set1_sigalgs_list(ctx, s) \
         SSL_CTX_ctrl(ctx,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)(s))
-# define SSL_set1_sigalgs(ctx, slist, slistlen) \
-        SSL_ctrl(ctx,SSL_CTRL_SET_SIGALGS,slistlen,(int *)(slist))
-# define SSL_set1_sigalgs_list(ctx, s) \
-        SSL_ctrl(ctx,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)(s))
+# define SSL_set1_sigalgs(s, slist, slistlen) \
+        SSL_ctrl(s,SSL_CTRL_SET_SIGALGS,slistlen,(int *)(slist))
+# define SSL_set1_sigalgs_list(s, str) \
+        SSL_ctrl(s,SSL_CTRL_SET_SIGALGS_LIST,0,(char *)(str))
 # define SSL_CTX_set1_client_sigalgs(ctx, slist, slistlen) \
         SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CLIENT_SIGALGS,slistlen,(int *)(slist))
 # define SSL_CTX_set1_client_sigalgs_list(ctx, s) \
         SSL_CTX_ctrl(ctx,SSL_CTRL_SET_CLIENT_SIGALGS_LIST,0,(char *)(s))
-# define SSL_set1_client_sigalgs(ctx, slist, slistlen) \
-        SSL_ctrl(ctx,SSL_CTRL_SET_CLIENT_SIGALGS,clistlen,(int *)(slist))
-# define SSL_set1_client_sigalgs_list(ctx, s) \
-        SSL_ctrl(ctx,SSL_CTRL_SET_CLIENT_SIGALGS_LIST,0,(char *)(s))
+# define SSL_set1_client_sigalgs(s, slist, slistlen) \
+        SSL_ctrl(s,SSL_CTRL_SET_CLIENT_SIGALGS,slistlen,(int *)(slist))
+# define SSL_set1_client_sigalgs_list(s, str) \
+        SSL_ctrl(s,SSL_CTRL_SET_CLIENT_SIGALGS_LIST,0,(char *)(str))
 # define SSL_get0_certificate_types(s, clist) \
         SSL_ctrl(s, SSL_CTRL_GET_CLIENT_CERT_TYPES, 0, (char *)(clist))
 # define SSL_CTX_set1_client_certificate_types(ctx, clist, clistlen) \
diff --git a/deps/openssl/openssl/include/openssl/sslerr.h b/deps/openssl/openssl/include/openssl/sslerr.h
index a50a075b42ec23..3d6850dea36e26 100644
--- a/deps/openssl/openssl/include/openssl/sslerr.h
+++ b/deps/openssl/openssl/include/openssl/sslerr.h
@@ -11,6 +11,10 @@
 #ifndef HEADER_SSLERR_H
 # define HEADER_SSLERR_H
 
+# ifndef HEADER_SYMHACKS_H
+#  include <openssl/symhacks.h>
+# endif
+
 # ifdef  __cplusplus
 extern "C"
 # endif
diff --git a/deps/openssl/openssl/include/openssl/store.h b/deps/openssl/openssl/include/openssl/store.h
index 7b43e8bd03ac2c..a40a7339e61752 100644
--- a/deps/openssl/openssl/include/openssl/store.h
+++ b/deps/openssl/openssl/include/openssl/store.h
@@ -1,5 +1,5 @@
 /*
- * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -85,7 +85,7 @@ OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx);
 int OSSL_STORE_eof(OSSL_STORE_CTX *ctx);
 
 /*
- * Check if an error occured
+ * Check if an error occurred
  * Returns 1 if it did, 0 otherwise.
  */
 int OSSL_STORE_error(OSSL_STORE_CTX *ctx);
@@ -117,7 +117,7 @@ int OSSL_STORE_close(OSSL_STORE_CTX *ctx);
  * Functions to generate OSSL_STORE_INFOs, one function for each type we
  * support having in them, as well as a generic constructor.
  *
- * In all cases, ownership of the object is transfered to the OSSL_STORE_INFO
+ * In all cases, ownership of the object is transferred to the OSSL_STORE_INFO
  * and will therefore be freed when the OSSL_STORE_INFO is freed.
  */
 OSSL_STORE_INFO *OSSL_STORE_INFO_new_NAME(char *name);
diff --git a/deps/openssl/openssl/include/openssl/storeerr.h b/deps/openssl/openssl/include/openssl/storeerr.h
index 33d0ab7903a20b..190eab07fb02ad 100644
--- a/deps/openssl/openssl/include/openssl/storeerr.h
+++ b/deps/openssl/openssl/include/openssl/storeerr.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,6 +11,10 @@
 #ifndef HEADER_OSSL_STOREERR_H
 # define HEADER_OSSL_STOREERR_H
 
+# ifndef HEADER_SYMHACKS_H
+#  include <openssl/symhacks.h>
+# endif
+
 # ifdef  __cplusplus
 extern "C"
 # endif
diff --git a/deps/openssl/openssl/include/openssl/tls1.h b/deps/openssl/openssl/include/openssl/tls1.h
index e13b5dd4bc65b5..76d9fda46e207e 100644
--- a/deps/openssl/openssl/include/openssl/tls1.h
+++ b/deps/openssl/openssl/include/openssl/tls1.h
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
  * Copyright 2005 Nokia. All rights reserved.
  *
@@ -1222,7 +1222,7 @@ __owur int SSL_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain)
 /*
  * extended master secret
  */
-#  define TLS_MD_EXTENDED_MASTER_SECRET_CONST    "\x65\x78\x74\x65\x63\x64\x65\x64\x20\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74"
+#  define TLS_MD_EXTENDED_MASTER_SECRET_CONST    "\x65\x78\x74\x65\x6e\x64\x65\x64\x20\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74"
 # endif
 
 /* TLS Session Ticket extension struct */
diff --git a/deps/openssl/openssl/include/openssl/tserr.h b/deps/openssl/openssl/include/openssl/tserr.h
index 3e0492565764e8..07f23339c81ab4 100644
--- a/deps/openssl/openssl/include/openssl/tserr.h
+++ b/deps/openssl/openssl/include/openssl/tserr.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,6 +11,10 @@
 #ifndef HEADER_TSERR_H
 # define HEADER_TSERR_H
 
+# ifndef HEADER_SYMHACKS_H
+#  include <openssl/symhacks.h>
+# endif
+
 # include <openssl/opensslconf.h>
 
 # ifndef OPENSSL_NO_TS
diff --git a/deps/openssl/openssl/include/openssl/uierr.h b/deps/openssl/openssl/include/openssl/uierr.h
index 72fd9a9db04af6..bd68864d0d845d 100644
--- a/deps/openssl/openssl/include/openssl/uierr.h
+++ b/deps/openssl/openssl/include/openssl/uierr.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,6 +11,10 @@
 #ifndef HEADER_UIERR_H
 # define HEADER_UIERR_H
 
+# ifndef HEADER_SYMHACKS_H
+#  include <openssl/symhacks.h>
+# endif
+
 # ifdef  __cplusplus
 extern "C"
 # endif
diff --git a/deps/openssl/openssl/include/openssl/x509err.h b/deps/openssl/openssl/include/openssl/x509err.h
index b1d6a87095c707..0273853172d985 100644
--- a/deps/openssl/openssl/include/openssl/x509err.h
+++ b/deps/openssl/openssl/include/openssl/x509err.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,6 +11,10 @@
 #ifndef HEADER_X509ERR_H
 # define HEADER_X509ERR_H
 
+# ifndef HEADER_SYMHACKS_H
+#  include <openssl/symhacks.h>
+# endif
+
 # ifdef  __cplusplus
 extern "C"
 # endif
@@ -93,6 +97,7 @@ int ERR_load_X509_strings(void);
 # define X509_R_CRL_ALREADY_DELTA                         127
 # define X509_R_CRL_VERIFY_FAILURE                        131
 # define X509_R_IDP_MISMATCH                              128
+# define X509_R_INVALID_ATTRIBUTES                        138
 # define X509_R_INVALID_DIRECTORY                         113
 # define X509_R_INVALID_FIELD_NAME                        119
 # define X509_R_INVALID_TRUST                             123
diff --git a/deps/openssl/openssl/include/openssl/x509v3.h b/deps/openssl/openssl/include/openssl/x509v3.h
index 9ea20275ac34b4..6c6eca38a582af 100644
--- a/deps/openssl/openssl/include/openssl/x509v3.h
+++ b/deps/openssl/openssl/include/openssl/x509v3.h
@@ -661,6 +661,8 @@ uint32_t X509_get_key_usage(X509 *x);
 uint32_t X509_get_extended_key_usage(X509 *x);
 const ASN1_OCTET_STRING *X509_get0_subject_key_id(X509 *x);
 const ASN1_OCTET_STRING *X509_get0_authority_key_id(X509 *x);
+const GENERAL_NAMES *X509_get0_authority_issuer(X509 *x);
+const ASN1_INTEGER *X509_get0_authority_serial(X509 *x);
 
 int X509_PURPOSE_get_count(void);
 X509_PURPOSE *X509_PURPOSE_get0(int idx);
diff --git a/deps/openssl/openssl/include/openssl/x509v3err.h b/deps/openssl/openssl/include/openssl/x509v3err.h
index 6b3df12b63e3c0..5f25442f12fd34 100644
--- a/deps/openssl/openssl/include/openssl/x509v3err.h
+++ b/deps/openssl/openssl/include/openssl/x509v3err.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,6 +11,10 @@
 #ifndef HEADER_X509V3ERR_H
 # define HEADER_X509V3ERR_H
 
+# ifndef HEADER_SYMHACKS_H
+#  include <openssl/symhacks.h>
+# endif
+
 # ifdef  __cplusplus
 extern "C"
 # endif
diff --git a/deps/openssl/openssl/ssl/d1_msg.c b/deps/openssl/openssl/ssl/d1_msg.c
index 5906e88ca68f69..6365b365e7f621 100644
--- a/deps/openssl/openssl/ssl/d1_msg.c
+++ b/deps/openssl/openssl/ssl/d1_msg.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2005-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2005-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -52,8 +52,7 @@ int dtls1_dispatch_alert(SSL *s)
         s->s3->alert_dispatch = 1;
         /* fprintf( stderr, "not done with alert\n" ); */
     } else {
-        if (s->s3->send_alert[0] == SSL3_AL_FATAL)
-            (void)BIO_flush(s->wbio);
+        (void)BIO_flush(s->wbio);
 
         if (s->msg_callback)
             s->msg_callback(1, s->version, SSL3_RT_ALERT, s->s3->send_alert,
diff --git a/deps/openssl/openssl/ssl/record/rec_layer_s3.c b/deps/openssl/openssl/ssl/record/rec_layer_s3.c
index b2f97ef905a408..982a06089c116b 100644
--- a/deps/openssl/openssl/ssl/record/rec_layer_s3.c
+++ b/deps/openssl/openssl/ssl/record/rec_layer_s3.c
@@ -373,6 +373,13 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, size_t len,
 
     s->rlayer.wnum = 0;
 
+    /*
+     * If we are supposed to be sending a KeyUpdate then go into init unless we
+     * have writes pending - in which case we should finish doing that first.
+     */
+    if (wb->left == 0 && s->key_update != SSL_KEY_UPDATE_NONE)
+        ossl_statem_set_in_init(s, 1);
+
     /*
      * When writing early data on the server side we could be "in_init" in
      * between receiving the EoED and the CF - but we don't want to handle those
@@ -628,8 +635,9 @@ int ssl3_write_bytes(SSL *s, int type, const void *buf_, size_t len,
              */
             s->s3->empty_fragment_done = 0;
 
-            if ((i == (int)n) && s->mode & SSL_MODE_RELEASE_BUFFERS &&
-                !SSL_IS_DTLS(s))
+            if (tmpwrit == n
+                    && (s->mode & SSL_MODE_RELEASE_BUFFERS) != 0
+                    && !SSL_IS_DTLS(s))
                 ssl3_release_write_buffer(s);
 
             *written = tot + tmpwrit;
diff --git a/deps/openssl/openssl/ssl/s3_lib.c b/deps/openssl/openssl/ssl/s3_lib.c
index 99ae48199c2d32..066bf47221e254 100644
--- a/deps/openssl/openssl/ssl/s3_lib.c
+++ b/deps/openssl/openssl/ssl/s3_lib.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
  * Copyright 2005 Nokia. All rights reserved.
  *
@@ -3567,6 +3567,7 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 
     case SSL_CTRL_GET_CHAIN_CERTS:
         *(STACK_OF(X509) **)parg = s->cert->key->chain;
+        ret = 1;
         break;
 
     case SSL_CTRL_SELECT_CURRENT_CERT:
@@ -3601,8 +3602,8 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 
             if (!s->session)
                 return 0;
-            clist = s->session->ext.supportedgroups;
-            clistlen = s->session->ext.supportedgroups_len;
+            clist = s->ext.peer_supportedgroups;
+            clistlen = s->ext.peer_supportedgroups_len;
             if (parg) {
                 size_t i;
                 int *cptr = parg;
@@ -3716,13 +3717,12 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 #ifndef OPENSSL_NO_EC
     case SSL_CTRL_GET_EC_POINT_FORMATS:
         {
-            SSL_SESSION *sess = s->session;
             const unsigned char **pformat = parg;
 
-            if (sess == NULL || sess->ext.ecpointformats == NULL)
+            if (s->ext.peer_ecpointformats == NULL)
                 return 0;
-            *pformat = sess->ext.ecpointformats;
-            return (int)sess->ext.ecpointformats_len;
+            *pformat = s->ext.peer_ecpointformats;
+            return (int)s->ext.peer_ecpointformats_len;
         }
 #endif
 
diff --git a/deps/openssl/openssl/ssl/ssl_cert.c b/deps/openssl/openssl/ssl/ssl_cert.c
index 33145078963d95..9df9fb96778d57 100644
--- a/deps/openssl/openssl/ssl/ssl_cert.c
+++ b/deps/openssl/openssl/ssl/ssl_cert.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -154,8 +154,6 @@ CERT *ssl_cert_dup(CERT *cert)
         ret->client_sigalgslen = cert->client_sigalgslen;
     } else
         ret->client_sigalgs = NULL;
-    /* Shared sigalgs also NULL */
-    ret->shared_sigalgs = NULL;
     /* Copy any custom client certificate types */
     if (cert->ctype) {
         ret->ctype = OPENSSL_memdup(cert->ctype, cert->ctype_len);
@@ -240,7 +238,6 @@ void ssl_cert_free(CERT *c)
     ssl_cert_clear_certs(c);
     OPENSSL_free(c->conf_sigalgs);
     OPENSSL_free(c->client_sigalgs);
-    OPENSSL_free(c->shared_sigalgs);
     OPENSSL_free(c->ctype);
     X509_STORE_free(c->verify_store);
     X509_STORE_free(c->chain_store);
diff --git a/deps/openssl/openssl/ssl/ssl_ciph.c b/deps/openssl/openssl/ssl/ssl_ciph.c
index b60d67aa0dcb6b..27a1b2ec68b3d0 100644
--- a/deps/openssl/openssl/ssl/ssl_ciph.c
+++ b/deps/openssl/openssl/ssl/ssl_ciph.c
@@ -1377,24 +1377,25 @@ int SSL_CTX_set_ciphersuites(SSL_CTX *ctx, const char *str)
 {
     int ret = set_ciphersuites(&(ctx->tls13_ciphersuites), str);
 
-    if (ret && ctx->cipher_list != NULL) {
-        /* We already have a cipher_list, so we need to update it */
+    if (ret && ctx->cipher_list != NULL)
         return update_cipher_list(&ctx->cipher_list, &ctx->cipher_list_by_id,
                                   ctx->tls13_ciphersuites);
-    }
 
     return ret;
 }
 
 int SSL_set_ciphersuites(SSL *s, const char *str)
 {
+    STACK_OF(SSL_CIPHER) *cipher_list;
     int ret = set_ciphersuites(&(s->tls13_ciphersuites), str);
 
-    if (ret && s->cipher_list != NULL) {
-        /* We already have a cipher_list, so we need to update it */
+    if (s->cipher_list == NULL) {
+        if ((cipher_list = SSL_get_ciphers(s)) != NULL)
+            s->cipher_list = sk_SSL_CIPHER_dup(cipher_list);
+    }
+    if (ret && s->cipher_list != NULL)
         return update_cipher_list(&s->cipher_list, &s->cipher_list_by_id,
                                   s->tls13_ciphersuites);
-    }
 
     return ret;
 }
diff --git a/deps/openssl/openssl/ssl/ssl_lib.c b/deps/openssl/openssl/ssl/ssl_lib.c
index f559bc10eff4ed..ac820cf9fe160c 100644
--- a/deps/openssl/openssl/ssl/ssl_lib.c
+++ b/deps/openssl/openssl/ssl/ssl_lib.c
@@ -628,6 +628,11 @@ int SSL_clear(SSL *s)
     /* Clear the verification result peername */
     X509_VERIFY_PARAM_move_peername(s->param, NULL);
 
+    /* Clear any shared connection state */
+    OPENSSL_free(s->shared_sigalgs);
+    s->shared_sigalgs = NULL;
+    s->shared_sigalgslen = 0;
+
     /*
      * Check to see if we were changed into a different method, if so, revert
      * back.
@@ -867,7 +872,7 @@ int SSL_up_ref(SSL *s)
 int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
                                    unsigned int sid_ctx_len)
 {
-    if (sid_ctx_len > sizeof(ctx->sid_ctx)) {
+    if (sid_ctx_len > SSL_MAX_SID_CTX_LENGTH) {
         SSLerr(SSL_F_SSL_CTX_SET_SESSION_ID_CONTEXT,
                SSL_R_SSL_SESSION_ID_CONTEXT_TOO_LONG);
         return 0;
@@ -1160,6 +1165,7 @@ void SSL_free(SSL *s)
     sk_SSL_CIPHER_free(s->cipher_list);
     sk_SSL_CIPHER_free(s->cipher_list_by_id);
     sk_SSL_CIPHER_free(s->tls13_ciphersuites);
+    sk_SSL_CIPHER_free(s->peer_ciphers);
 
     /* Make the next call work :-) */
     if (s->session != NULL) {
@@ -1172,13 +1178,16 @@ void SSL_free(SSL *s)
     clear_ciphers(s);
 
     ssl_cert_free(s->cert);
+    OPENSSL_free(s->shared_sigalgs);
     /* Free up if allocated */
 
     OPENSSL_free(s->ext.hostname);
     SSL_CTX_free(s->session_ctx);
 #ifndef OPENSSL_NO_EC
     OPENSSL_free(s->ext.ecpointformats);
+    OPENSSL_free(s->ext.peer_ecpointformats);
     OPENSSL_free(s->ext.supportedgroups);
+    OPENSSL_free(s->ext.peer_supportedgroups);
 #endif                          /* OPENSSL_NO_EC */
     sk_X509_EXTENSION_pop_free(s->ext.ocsp.exts, X509_EXTENSION_free);
 #ifndef OPENSSL_NO_OCSP
@@ -2437,9 +2446,9 @@ STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s)
 
 STACK_OF(SSL_CIPHER) *SSL_get_client_ciphers(const SSL *s)
 {
-    if ((s == NULL) || (s->session == NULL) || !s->server)
+    if ((s == NULL) || !s->server)
         return NULL;
-    return s->session->ciphers;
+    return s->peer_ciphers;
 }
 
 STACK_OF(SSL_CIPHER) *SSL_get1_supported_ciphers(SSL *s)
@@ -2578,13 +2587,12 @@ char *SSL_get_shared_ciphers(const SSL *s, char *buf, int size)
     int i;
 
     if (!s->server
-            || s->session == NULL
-            || s->session->ciphers == NULL
+            || s->peer_ciphers == NULL
             || size < 2)
         return NULL;
 
     p = buf;
-    clntsk = s->session->ciphers;
+    clntsk = s->peer_ciphers;
     srvrsk = SSL_get_ciphers(s);
     if (clntsk == NULL || srvrsk == NULL)
         return NULL;
diff --git a/deps/openssl/openssl/ssl/ssl_locl.h b/deps/openssl/openssl/ssl/ssl_locl.h
index 0cf3893e0648c5..25875c9f6d464f 100644
--- a/deps/openssl/openssl/ssl/ssl_locl.h
+++ b/deps/openssl/openssl/ssl/ssl_locl.h
@@ -552,7 +552,6 @@ struct ssl_session_st {
     const SSL_CIPHER *cipher;
     unsigned long cipher_id;    /* when ASN.1 loaded, this needs to be used to
                                  * load the 'cipher' structure */
-    STACK_OF(SSL_CIPHER) *ciphers; /* ciphers offered by the client */
     CRYPTO_EX_DATA ex_data;     /* application specific data */
     /*
      * These are used to make removal of session-ids more efficient and to
@@ -562,13 +561,7 @@ struct ssl_session_st {
 
     struct {
         char *hostname;
-# ifndef OPENSSL_NO_EC
-        size_t ecpointformats_len;
-        unsigned char *ecpointformats; /* peer's list */
-# endif                         /* OPENSSL_NO_EC */
-        size_t supportedgroups_len;
-        uint16_t *supportedgroups; /* peer's list */
-    /* RFC4507 info */
+        /* RFC4507 info */
         unsigned char *tick; /* Session ticket */
         size_t ticklen;      /* Session ticket length */
         /* Session lifetime hint in seconds */
@@ -1137,6 +1130,7 @@ struct ssl_st {
     /* Per connection DANE state */
     SSL_DANE dane;
     /* crypto */
+    STACK_OF(SSL_CIPHER) *peer_ciphers;
     STACK_OF(SSL_CIPHER) *cipher_list;
     STACK_OF(SSL_CIPHER) *cipher_list_by_id;
     /* TLSv1.3 specific ciphersuites */
@@ -1300,10 +1294,19 @@ struct ssl_st {
         size_t ecpointformats_len;
         /* our list */
         unsigned char *ecpointformats;
+
+        size_t peer_ecpointformats_len;
+        /* peer's list */
+        unsigned char *peer_ecpointformats;
 # endif                         /* OPENSSL_NO_EC */
         size_t supportedgroups_len;
         /* our list */
         uint16_t *supportedgroups;
+
+        size_t peer_supportedgroups_len;
+         /* peer's list */
+        uint16_t *peer_supportedgroups;
+
         /* TLS Session Ticket extension override */
         TLS_SESSION_TICKET_EXT *session_ticket;
         /* TLS Session Ticket extension callback */
@@ -1459,7 +1462,6 @@ struct ssl_st {
     size_t block_padding;
 
     CRYPTO_RWLOCK *lock;
-    RAND_DRBG *drbg;
 
     /* The number of TLS1.3 tickets to automatically send */
     size_t num_tickets;
@@ -1471,6 +1473,13 @@ struct ssl_st {
     /* Callback to determine if early_data is acceptable or not */
     SSL_allow_early_data_cb_fn allow_early_data_cb;
     void *allow_early_data_cb_data;
+
+    /*
+     * Signature algorithms shared by client and server: cached because these
+     * are used most often.
+     */
+    const struct sigalg_lookup_st **shared_sigalgs;
+    size_t shared_sigalgslen;
 };
 
 /*
@@ -1904,12 +1913,6 @@ typedef struct cert_st {
     uint16_t *client_sigalgs;
     /* Size of above array */
     size_t client_sigalgslen;
-    /*
-     * Signature algorithms shared by client and server: cached because these
-     * are used most often.
-     */
-    const SIGALG_LOOKUP **shared_sigalgs;
-    size_t shared_sigalgslen;
     /*
      * Certificate setup callback: if set is called whenever a certificate
      * may be required (client or server). the callback can then examine any
@@ -2240,8 +2243,8 @@ static ossl_inline int ssl_has_cert(const SSL *s, int idx)
 static ossl_inline void tls1_get_peer_groups(SSL *s, const uint16_t **pgroups,
                                              size_t *pgroupslen)
 {
-    *pgroups = s->session->ext.supportedgroups;
-    *pgroupslen = s->session->ext.supportedgroups_len;
+    *pgroups = s->ext.peer_supportedgroups;
+    *pgroupslen = s->ext.peer_supportedgroups_len;
 }
 
 # ifndef OPENSSL_UNIT_TEST
diff --git a/deps/openssl/openssl/ssl/ssl_sess.c b/deps/openssl/openssl/ssl/ssl_sess.c
index 5ad2792a1b4c90..52cfa7ef6d7f00 100644
--- a/deps/openssl/openssl/ssl/ssl_sess.c
+++ b/deps/openssl/openssl/ssl/ssl_sess.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  * Copyright 2005 Nokia. All rights reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
@@ -121,12 +121,7 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)
     dest->psk_identity_hint = NULL;
     dest->psk_identity = NULL;
 #endif
-    dest->ciphers = NULL;
     dest->ext.hostname = NULL;
-#ifndef OPENSSL_NO_EC
-    dest->ext.ecpointformats = NULL;
-    dest->ext.supportedgroups = NULL;
-#endif
     dest->ext.tick = NULL;
     dest->ext.alpn_selected = NULL;
 #ifndef OPENSSL_NO_SRP
@@ -176,12 +171,6 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)
     }
 #endif
 
-    if (src->ciphers != NULL) {
-        dest->ciphers = sk_SSL_CIPHER_dup(src->ciphers);
-        if (dest->ciphers == NULL)
-            goto err;
-    }
-
     if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL_SESSION,
                             &dest->ex_data, &src->ex_data)) {
         goto err;
@@ -193,23 +182,6 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket)
             goto err;
         }
     }
-#ifndef OPENSSL_NO_EC
-    if (src->ext.ecpointformats) {
-        dest->ext.ecpointformats =
-            OPENSSL_memdup(src->ext.ecpointformats,
-                           src->ext.ecpointformats_len);
-        if (dest->ext.ecpointformats == NULL)
-            goto err;
-    }
-    if (src->ext.supportedgroups) {
-        dest->ext.supportedgroups =
-            OPENSSL_memdup(src->ext.supportedgroups,
-                           src->ext.supportedgroups_len
-                                * sizeof(*src->ext.supportedgroups));
-        if (dest->ext.supportedgroups == NULL)
-            goto err;
-    }
-#endif
 
     if (ticket != 0 && src->ext.tick != NULL) {
         dest->ext.tick =
@@ -790,17 +762,8 @@ void SSL_SESSION_free(SSL_SESSION *ss)
     OPENSSL_cleanse(ss->session_id, sizeof(ss->session_id));
     X509_free(ss->peer);
     sk_X509_pop_free(ss->peer_chain, X509_free);
-    sk_SSL_CIPHER_free(ss->ciphers);
     OPENSSL_free(ss->ext.hostname);
     OPENSSL_free(ss->ext.tick);
-#ifndef OPENSSL_NO_EC
-    OPENSSL_free(ss->ext.ecpointformats);
-    ss->ext.ecpointformats = NULL;
-    ss->ext.ecpointformats_len = 0;
-    OPENSSL_free(ss->ext.supportedgroups);
-    ss->ext.supportedgroups = NULL;
-    ss->ext.supportedgroups_len = 0;
-#endif                          /* OPENSSL_NO_EC */
 #ifndef OPENSSL_NO_PSK
     OPENSSL_free(ss->psk_identity_hint);
     OPENSSL_free(ss->psk_identity);
diff --git a/deps/openssl/openssl/ssl/statem/extensions.c b/deps/openssl/openssl/ssl/statem/extensions.c
index b27608cbb199ef..24410991b29996 100644
--- a/deps/openssl/openssl/ssl/statem/extensions.c
+++ b/deps/openssl/openssl/ssl/statem/extensions.c
@@ -1040,18 +1040,18 @@ static int final_ec_pt_formats(SSL *s, unsigned int context, int sent)
      */
     if (s->ext.ecpointformats != NULL
             && s->ext.ecpointformats_len > 0
-            && s->session->ext.ecpointformats != NULL
-            && s->session->ext.ecpointformats_len > 0
+            && s->ext.peer_ecpointformats != NULL
+            && s->ext.peer_ecpointformats_len > 0
             && ((alg_k & SSL_kECDHE) || (alg_a & SSL_aECDSA))) {
         /* we are using an ECC cipher */
         size_t i;
-        unsigned char *list = s->session->ext.ecpointformats;
+        unsigned char *list = s->ext.peer_ecpointformats;
 
-        for (i = 0; i < s->session->ext.ecpointformats_len; i++) {
+        for (i = 0; i < s->ext.peer_ecpointformats_len; i++) {
             if (*list++ == TLSEXT_ECPOINTFORMAT_uncompressed)
                 break;
         }
-        if (i == s->session->ext.ecpointformats_len) {
+        if (i == s->ext.peer_ecpointformats_len) {
             SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_FINAL_EC_PT_FORMATS,
                      SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST);
             return 0;
@@ -1448,8 +1448,13 @@ int tls_psk_do_binder(SSL *s, const EVP_MD *md, const unsigned char *msgstart,
     unsigned char hash[EVP_MAX_MD_SIZE], binderkey[EVP_MAX_MD_SIZE];
     unsigned char finishedkey[EVP_MAX_MD_SIZE], tmpbinder[EVP_MAX_MD_SIZE];
     unsigned char *early_secret;
+#ifdef CHARSET_EBCDIC
+    static const unsigned char resumption_label[] = { 0x72, 0x65, 0x64, 0x20, 0x62, 0x69, 0x6E, 0x64, 0x65, 0x72, 0x00 };
+    static const unsigned char external_label[]   = { 0x65, 0x78, 0x74, 0x20, 0x62, 0x69, 0x6E, 0x64, 0x65, 0x72, 0x00 };
+#else
     static const unsigned char resumption_label[] = "res binder";
     static const unsigned char external_label[] = "ext binder";
+#endif
     const unsigned char *label;
     size_t bindersize, labelsize, hashsize;
     int hashsizei = EVP_MD_size(md);
@@ -1648,9 +1653,9 @@ static int final_early_data(SSL *s, unsigned int context, int sent)
             || s->early_data_state != SSL_EARLY_DATA_ACCEPTING
             || !s->ext.early_data_ok
             || s->hello_retry_request != SSL_HRR_NONE
-            || (s->ctx->allow_early_data_cb != NULL
-                && !s->ctx->allow_early_data_cb(s,
-                                         s->ctx->allow_early_data_cb_data))) {
+            || (s->allow_early_data_cb != NULL
+                && !s->allow_early_data_cb(s,
+                                         s->allow_early_data_cb_data))) {
         s->ext.early_data = SSL_EARLY_DATA_REJECTED;
     } else {
         s->ext.early_data = SSL_EARLY_DATA_ACCEPTED;
diff --git a/deps/openssl/openssl/ssl/statem/extensions_clnt.c b/deps/openssl/openssl/ssl/statem/extensions_clnt.c
index 3c7d84427f082e..f0ae642fa09857 100644
--- a/deps/openssl/openssl/ssl/statem/extensions_clnt.c
+++ b/deps/openssl/openssl/ssl/statem/extensions_clnt.c
@@ -1371,19 +1371,19 @@ int tls_parse_stoc_ec_pt_formats(SSL *s, PACKET *pkt, unsigned int context,
             return 0;
         }
 
-        s->session->ext.ecpointformats_len = 0;
-        OPENSSL_free(s->session->ext.ecpointformats);
-        s->session->ext.ecpointformats = OPENSSL_malloc(ecpointformats_len);
-        if (s->session->ext.ecpointformats == NULL) {
+        s->ext.peer_ecpointformats_len = 0;
+        OPENSSL_free(s->ext.peer_ecpointformats);
+        s->ext.peer_ecpointformats = OPENSSL_malloc(ecpointformats_len);
+        if (s->ext.peer_ecpointformats == NULL) {
             SSLfatal(s, SSL_AD_INTERNAL_ERROR,
                      SSL_F_TLS_PARSE_STOC_EC_PT_FORMATS, ERR_R_INTERNAL_ERROR);
             return 0;
         }
 
-        s->session->ext.ecpointformats_len = ecpointformats_len;
+        s->ext.peer_ecpointformats_len = ecpointformats_len;
 
         if (!PACKET_copy_bytes(&ecptformatlist,
-                               s->session->ext.ecpointformats,
+                               s->ext.peer_ecpointformats,
                                ecpointformats_len)) {
             SSLfatal(s, SSL_AD_INTERNAL_ERROR,
                      SSL_F_TLS_PARSE_STOC_EC_PT_FORMATS, ERR_R_INTERNAL_ERROR);
@@ -1858,8 +1858,8 @@ int tls_parse_stoc_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
         return 0;
     }
 
-    skey = ssl_generate_pkey(ckey);
-    if (skey == NULL) {
+    skey = EVP_PKEY_new();
+    if (skey == NULL || EVP_PKEY_copy_parameters(skey, ckey) <= 0) {
         SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_STOC_KEY_SHARE,
                  ERR_R_MALLOC_FAILURE);
         return 0;
diff --git a/deps/openssl/openssl/ssl/statem/extensions_srvr.c b/deps/openssl/openssl/ssl/statem/extensions_srvr.c
index 6301b4e77caf62..ab5453f63eccdb 100644
--- a/deps/openssl/openssl/ssl/statem/extensions_srvr.c
+++ b/deps/openssl/openssl/ssl/statem/extensions_srvr.c
@@ -254,8 +254,8 @@ int tls_parse_ctos_ec_pt_formats(SSL *s, PACKET *pkt, unsigned int context,
 
     if (!s->hit) {
         if (!PACKET_memdup(&ec_point_format_list,
-                           &s->session->ext.ecpointformats,
-                           &s->session->ext.ecpointformats_len)) {
+                           &s->ext.peer_ecpointformats,
+                           &s->ext.peer_ecpointformats_len)) {
             SSLfatal(s, SSL_AD_INTERNAL_ERROR,
                      SSL_F_TLS_PARSE_CTOS_EC_PT_FORMATS, ERR_R_INTERNAL_ERROR);
             return 0;
@@ -962,12 +962,12 @@ int tls_parse_ctos_supported_groups(SSL *s, PACKET *pkt, unsigned int context,
     }
 
     if (!s->hit || SSL_IS_TLS13(s)) {
-        OPENSSL_free(s->session->ext.supportedgroups);
-        s->session->ext.supportedgroups = NULL;
-        s->session->ext.supportedgroups_len = 0;
+        OPENSSL_free(s->ext.peer_supportedgroups);
+        s->ext.peer_supportedgroups = NULL;
+        s->ext.peer_supportedgroups_len = 0;
         if (!tls1_save_u16(&supported_groups_list,
-                           &s->session->ext.supportedgroups,
-                           &s->session->ext.supportedgroups_len)) {
+                           &s->ext.peer_supportedgroups,
+                           &s->ext.peer_supportedgroups_len)) {
             SSLfatal(s, SSL_AD_INTERNAL_ERROR,
                      SSL_F_TLS_PARSE_CTOS_SUPPORTED_GROUPS,
                      ERR_R_INTERNAL_ERROR);
@@ -1376,7 +1376,7 @@ EXT_RETURN tls_construct_stoc_ec_pt_formats(SSL *s, WPACKET *pkt,
     unsigned long alg_k = s->s3->tmp.new_cipher->algorithm_mkey;
     unsigned long alg_a = s->s3->tmp.new_cipher->algorithm_auth;
     int using_ecc = ((alg_k & SSL_kECDHE) || (alg_a & SSL_aECDSA))
-                    && (s->session->ext.ecpointformats != NULL);
+                    && (s->ext.peer_ecpointformats != NULL);
     const unsigned char *plist;
     size_t plistlen;
 
@@ -1487,6 +1487,10 @@ EXT_RETURN tls_construct_stoc_status_request(SSL *s, WPACKET *pkt,
                                              unsigned int context, X509 *x,
                                              size_t chainidx)
 {
+    /* We don't currently support this extension inside a CertificateRequest */
+    if (context == SSL_EXT_TLS1_3_CERTIFICATE_REQUEST)
+        return EXT_RETURN_NOT_SENT;
+
     if (!s->ext.status_expected)
         return EXT_RETURN_NOT_SENT;
 
diff --git a/deps/openssl/openssl/ssl/statem/statem_clnt.c b/deps/openssl/openssl/ssl/statem/statem_clnt.c
index 87800cd8351c12..6410414fb64a66 100644
--- a/deps/openssl/openssl/ssl/statem/statem_clnt.c
+++ b/deps/openssl/openssl/ssl/statem/statem_clnt.c
@@ -473,12 +473,6 @@ static WRITE_TRAN ossl_statem_client13_write_transition(SSL *s)
         return WRITE_TRAN_CONTINUE;
 
     case TLS_ST_CR_KEY_UPDATE:
-        if (s->key_update != SSL_KEY_UPDATE_NONE) {
-            st->hand_state = TLS_ST_CW_KEY_UPDATE;
-            return WRITE_TRAN_CONTINUE;
-        }
-        /* Fall through */
-
     case TLS_ST_CW_KEY_UPDATE:
     case TLS_ST_CR_SESSION_TICKET:
     case TLS_ST_CW_FINISHED:
diff --git a/deps/openssl/openssl/ssl/statem/statem_lib.c b/deps/openssl/openssl/ssl/statem/statem_lib.c
index c0482b0a90563d..22e9f0490e2d94 100644
--- a/deps/openssl/openssl/ssl/statem/statem_lib.c
+++ b/deps/openssl/openssl/ssl/statem/statem_lib.c
@@ -168,9 +168,19 @@ int tls_setup_handshake(SSL *s)
 static int get_cert_verify_tbs_data(SSL *s, unsigned char *tls13tbs,
                                     void **hdata, size_t *hdatalen)
 {
+#ifdef CHARSET_EBCDIC
+    static const char *servercontext = { 0x54, 0x4c, 0x53, 0x20, 0x31, 0x2e,
+     0x33, 0x2c, 0x20, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x43, 0x65,
+     0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x56, 0x65, 0x72,
+     0x69, 0x66, 0x79, 0x00 };
+    static const char *clientcontext = { 0x54, 0x4c, 0x53, 0x20, 0x31, 0x2e,
+     0x33, 0x2c, 0x20, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x20, 0x43, 0x65,
+     0x72, 0x74, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x65, 0x56, 0x65, 0x72,
+     0x69, 0x66, 0x79, 0x00 };
+#else
     static const char *servercontext = "TLS 1.3, server CertificateVerify";
     static const char *clientcontext = "TLS 1.3, client CertificateVerify";
-
+#endif
     if (SSL_IS_TLS13(s)) {
         size_t hashlen;
 
@@ -645,12 +655,9 @@ MSG_PROCESS_RETURN tls_process_key_update(SSL *s, PACKET *pkt)
     /*
      * If we get a request for us to update our sending keys too then, we need
      * to additionally send a KeyUpdate message. However that message should
-     * not also request an update (otherwise we get into an infinite loop). We
-     * ignore a request for us to update our sending keys too if we already
-     * sent close_notify.
+     * not also request an update (otherwise we get into an infinite loop).
      */
-    if (updatetype == SSL_KEY_UPDATE_REQUESTED
-            && (s->shutdown & SSL_SENT_SHUTDOWN) == 0)
+    if (updatetype == SSL_KEY_UPDATE_REQUESTED)
         s->key_update = SSL_KEY_UPDATE_NOT_REQUESTED;
 
     if (!tls13_update_key(s, 0)) {
diff --git a/deps/openssl/openssl/ssl/statem/statem_srvr.c b/deps/openssl/openssl/ssl/statem/statem_srvr.c
index d454326a9971f5..8cf9c40d15c007 100644
--- a/deps/openssl/openssl/ssl/statem/statem_srvr.c
+++ b/deps/openssl/openssl/ssl/statem/statem_srvr.c
@@ -502,12 +502,6 @@ static WRITE_TRAN ossl_statem_server13_write_transition(SSL *s)
         return WRITE_TRAN_CONTINUE;
 
     case TLS_ST_SR_KEY_UPDATE:
-        if (s->key_update != SSL_KEY_UPDATE_NONE) {
-            st->hand_state = TLS_ST_SW_KEY_UPDATE;
-            return WRITE_TRAN_CONTINUE;
-        }
-        /* Fall through */
-
     case TLS_ST_SW_KEY_UPDATE:
         st->hand_state = TLS_ST_OK;
         return WRITE_TRAN_CONTINUE;
@@ -1927,14 +1921,14 @@ static int tls_early_post_process_client_hello(SSL *s)
                 && master_key_length > 0) {
             s->session->master_key_length = master_key_length;
             s->hit = 1;
-            s->session->ciphers = ciphers;
+            s->peer_ciphers = ciphers;
             s->session->verify_result = X509_V_OK;
 
             ciphers = NULL;
 
             /* check if some cipher was preferred by call back */
             if (pref_cipher == NULL)
-                pref_cipher = ssl3_choose_cipher(s, s->session->ciphers,
+                pref_cipher = ssl3_choose_cipher(s, s->peer_ciphers,
                                                  SSL_get_ciphers(s));
             if (pref_cipher == NULL) {
                 SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE,
@@ -1945,9 +1939,9 @@ static int tls_early_post_process_client_hello(SSL *s)
 
             s->session->cipher = pref_cipher;
             sk_SSL_CIPHER_free(s->cipher_list);
-            s->cipher_list = sk_SSL_CIPHER_dup(s->session->ciphers);
+            s->cipher_list = sk_SSL_CIPHER_dup(s->peer_ciphers);
             sk_SSL_CIPHER_free(s->cipher_list_by_id);
-            s->cipher_list_by_id = sk_SSL_CIPHER_dup(s->session->ciphers);
+            s->cipher_list_by_id = sk_SSL_CIPHER_dup(s->peer_ciphers);
         }
     }
 
@@ -2047,12 +2041,12 @@ static int tls_early_post_process_client_hello(SSL *s)
 #endif
 
     /*
-     * Given s->session->ciphers and SSL_get_ciphers, we must pick a cipher
+     * Given s->peer_ciphers and SSL_get_ciphers, we must pick a cipher
      */
 
     if (!s->hit || SSL_IS_TLS13(s)) {
-        sk_SSL_CIPHER_free(s->session->ciphers);
-        s->session->ciphers = ciphers;
+        sk_SSL_CIPHER_free(s->peer_ciphers);
+        s->peer_ciphers = ciphers;
         if (ciphers == NULL) {
             SSLfatal(s, SSL_AD_INTERNAL_ERROR,
                      SSL_F_TLS_EARLY_POST_PROCESS_CLIENT_HELLO,
@@ -2068,6 +2062,10 @@ static int tls_early_post_process_client_hello(SSL *s)
 #else
         s->session->compress_meth = (comp == NULL) ? 0 : comp->id;
 #endif
+        if (!tls1_set_server_sigalgs(s)) {
+            /* SSLfatal() already called */
+            goto err;
+        }
     }
 
     sk_SSL_CIPHER_free(ciphers);
@@ -2235,31 +2233,25 @@ WORK_STATE tls_post_process_client_hello(SSL *s, WORK_STATE wst)
     if (wst == WORK_MORE_B) {
         if (!s->hit || SSL_IS_TLS13(s)) {
             /* Let cert callback update server certificates if required */
-            if (!s->hit) {
-                if (s->cert->cert_cb != NULL) {
-                    int rv = s->cert->cert_cb(s, s->cert->cert_cb_arg);
-                    if (rv == 0) {
-                        SSLfatal(s, SSL_AD_INTERNAL_ERROR,
-                                 SSL_F_TLS_POST_PROCESS_CLIENT_HELLO,
-                                 SSL_R_CERT_CB_ERROR);
-                        goto err;
-                    }
-                    if (rv < 0) {
-                        s->rwstate = SSL_X509_LOOKUP;
-                        return WORK_MORE_B;
-                    }
-                    s->rwstate = SSL_NOTHING;
-                }
-                if (!tls1_set_server_sigalgs(s)) {
-                    /* SSLfatal already called */
+            if (!s->hit && s->cert->cert_cb != NULL) {
+                int rv = s->cert->cert_cb(s, s->cert->cert_cb_arg);
+                if (rv == 0) {
+                    SSLfatal(s, SSL_AD_INTERNAL_ERROR,
+                             SSL_F_TLS_POST_PROCESS_CLIENT_HELLO,
+                             SSL_R_CERT_CB_ERROR);
                     goto err;
                 }
+                if (rv < 0) {
+                    s->rwstate = SSL_X509_LOOKUP;
+                    return WORK_MORE_B;
+                }
+                s->rwstate = SSL_NOTHING;
             }
 
             /* In TLSv1.3 we selected the ciphersuite before resumption */
             if (!SSL_IS_TLS13(s)) {
                 cipher =
-                    ssl3_choose_cipher(s, s->session->ciphers, SSL_get_ciphers(s));
+                    ssl3_choose_cipher(s, s->peer_ciphers, SSL_get_ciphers(s));
 
                 if (cipher == NULL) {
                     SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE,
diff --git a/deps/openssl/openssl/ssl/t1_lib.c b/deps/openssl/openssl/ssl/t1_lib.c
index 68cb237ea95ee6..b482019c4c17f9 100644
--- a/deps/openssl/openssl/ssl/t1_lib.c
+++ b/deps/openssl/openssl/ssl/t1_lib.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -21,6 +21,8 @@
 #include "ssl_locl.h"
 #include <openssl/ct.h>
 
+static const SIGALG_LOOKUP *find_sig_alg(SSL *s, X509 *x, EVP_PKEY *pkey);
+
 SSL3_ENC_METHOD const TLSv1_enc_data = {
     tls1_enc,
     tls1_mac,
@@ -465,11 +467,11 @@ static int tls1_check_pkey_comp(SSL *s, EVP_PKEY *pkey)
      * If point formats extension present check it, otherwise everything is
      * supported (see RFC4492).
      */
-    if (s->session->ext.ecpointformats == NULL)
+    if (s->ext.peer_ecpointformats == NULL)
         return 1;
 
-    for (i = 0; i < s->session->ext.ecpointformats_len; i++) {
-        if (s->session->ext.ecpointformats[i] == comp_id)
+    for (i = 0; i < s->ext.peer_ecpointformats_len; i++) {
+        if (s->ext.peer_ecpointformats[i] == comp_id)
             return 1;
     }
     return 0;
@@ -578,7 +580,6 @@ static int tls1_check_cert_param(SSL *s, X509 *x, int check_ee_md)
     if (check_ee_md && tls1_suiteb(s)) {
         int check_md;
         size_t i;
-        CERT *c = s->cert;
 
         /* Check to see we have necessary signing algorithm */
         if (group_id == TLSEXT_curve_P_256)
@@ -587,8 +588,8 @@ static int tls1_check_cert_param(SSL *s, X509 *x, int check_ee_md)
             check_md = NID_ecdsa_with_SHA384;
         else
             return 0;           /* Should never happen */
-        for (i = 0; i < c->shared_sigalgslen; i++) {
-            if (check_md == c->shared_sigalgs[i]->sigandhash)
+        for (i = 0; i < s->shared_sigalgslen; i++) {
+            if (check_md == s->shared_sigalgs[i]->sigandhash)
                 return 1;;
         }
         return 0;
@@ -1215,9 +1216,9 @@ int tls1_set_server_sigalgs(SSL *s)
     size_t i;
 
     /* Clear any shared signature algorithms */
-    OPENSSL_free(s->cert->shared_sigalgs);
-    s->cert->shared_sigalgs = NULL;
-    s->cert->shared_sigalgslen = 0;
+    OPENSSL_free(s->shared_sigalgs);
+    s->shared_sigalgs = NULL;
+    s->shared_sigalgslen = 0;
     /* Clear certificate validity flags */
     for (i = 0; i < SSL_PKEY_NUM; i++)
         s->s3->tmp.valid_flags[i] = 0;
@@ -1252,7 +1253,7 @@ int tls1_set_server_sigalgs(SSL *s)
                  SSL_F_TLS1_SET_SERVER_SIGALGS, ERR_R_INTERNAL_ERROR);
         return 0;
     }
-    if (s->cert->shared_sigalgs != NULL)
+    if (s->shared_sigalgs != NULL)
         return 1;
 
     /* Fatal error if no shared signature algorithms */
@@ -1724,9 +1725,9 @@ static int tls1_set_shared_sigalgs(SSL *s)
     CERT *c = s->cert;
     unsigned int is_suiteb = tls1_suiteb(s);
 
-    OPENSSL_free(c->shared_sigalgs);
-    c->shared_sigalgs = NULL;
-    c->shared_sigalgslen = 0;
+    OPENSSL_free(s->shared_sigalgs);
+    s->shared_sigalgs = NULL;
+    s->shared_sigalgslen = 0;
     /* If client use client signature algorithms if not NULL */
     if (!s->server && c->client_sigalgs && !is_suiteb) {
         conf = c->client_sigalgs;
@@ -1757,8 +1758,8 @@ static int tls1_set_shared_sigalgs(SSL *s)
     } else {
         salgs = NULL;
     }
-    c->shared_sigalgs = salgs;
-    c->shared_sigalgslen = nmatch;
+    s->shared_sigalgs = salgs;
+    s->shared_sigalgslen = nmatch;
     return 1;
 }
 
@@ -1819,7 +1820,6 @@ int tls1_process_sigalgs(SSL *s)
 {
     size_t i;
     uint32_t *pvalid = s->s3->tmp.valid_flags;
-    CERT *c = s->cert;
 
     if (!tls1_set_shared_sigalgs(s))
         return 0;
@@ -1827,8 +1827,8 @@ int tls1_process_sigalgs(SSL *s)
     for (i = 0; i < SSL_PKEY_NUM; i++)
         pvalid[i] = 0;
 
-    for (i = 0; i < c->shared_sigalgslen; i++) {
-        const SIGALG_LOOKUP *sigptr = c->shared_sigalgs[i];
+    for (i = 0; i < s->shared_sigalgslen; i++) {
+        const SIGALG_LOOKUP *sigptr = s->shared_sigalgs[i];
         int idx = sigptr->sig_idx;
 
         /* Ignore PKCS1 based sig algs in TLSv1.3 */
@@ -1875,12 +1875,12 @@ int SSL_get_shared_sigalgs(SSL *s, int idx,
                            unsigned char *rsig, unsigned char *rhash)
 {
     const SIGALG_LOOKUP *shsigalgs;
-    if (s->cert->shared_sigalgs == NULL
+    if (s->shared_sigalgs == NULL
         || idx < 0
-        || idx >= (int)s->cert->shared_sigalgslen
-        || s->cert->shared_sigalgslen > INT_MAX)
+        || idx >= (int)s->shared_sigalgslen
+        || s->shared_sigalgslen > INT_MAX)
         return 0;
-    shsigalgs = s->cert->shared_sigalgs[idx];
+    shsigalgs = s->shared_sigalgs[idx];
     if (phash != NULL)
         *phash = shsigalgs->hash;
     if (psign != NULL)
@@ -1891,7 +1891,7 @@ int SSL_get_shared_sigalgs(SSL *s, int idx,
         *rsig = (unsigned char)(shsigalgs->sigalg & 0xff);
     if (rhash != NULL)
         *rhash = (unsigned char)((shsigalgs->sigalg >> 8) & 0xff);
-    return (int)s->cert->shared_sigalgslen;
+    return (int)s->shared_sigalgslen;
 }
 
 /* Maximum possible number of unique entries in sigalgs array */
@@ -2072,18 +2072,36 @@ int tls1_set_sigalgs(CERT *c, const int *psig_nids, size_t salglen, int client)
     return 0;
 }
 
-static int tls1_check_sig_alg(CERT *c, X509 *x, int default_nid)
+static int tls1_check_sig_alg(SSL *s, X509 *x, int default_nid)
 {
-    int sig_nid;
+    int sig_nid, use_pc_sigalgs = 0;
     size_t i;
+    const SIGALG_LOOKUP *sigalg;
+    size_t sigalgslen;
     if (default_nid == -1)
         return 1;
     sig_nid = X509_get_signature_nid(x);
     if (default_nid)
         return sig_nid == default_nid ? 1 : 0;
-    for (i = 0; i < c->shared_sigalgslen; i++)
-        if (sig_nid == c->shared_sigalgs[i]->sigandhash)
+
+    if (SSL_IS_TLS13(s) && s->s3->tmp.peer_cert_sigalgs != NULL) {
+        /*
+         * If we're in TLSv1.3 then we only get here if we're checking the
+         * chain. If the peer has specified peer_cert_sigalgs then we use them
+         * otherwise we default to normal sigalgs.
+         */
+        sigalgslen = s->s3->tmp.peer_cert_sigalgslen;
+        use_pc_sigalgs = 1;
+    } else {
+        sigalgslen = s->shared_sigalgslen;
+    }
+    for (i = 0; i < sigalgslen; i++) {
+        sigalg = use_pc_sigalgs
+                 ? tls1_lookup_sigalg(s->s3->tmp.peer_cert_sigalgs[i])
+                 : s->shared_sigalgs[i];
+        if (sig_nid == sigalg->sigandhash)
             return 1;
+    }
     return 0;
 }
 
@@ -2240,14 +2258,21 @@ int tls1_check_chain(SSL *s, X509 *x, EVP_PKEY *pk, STACK_OF(X509) *chain,
             }
         }
         /* Check signature algorithm of each cert in chain */
-        if (!tls1_check_sig_alg(c, x, default_nid)) {
+        if (SSL_IS_TLS13(s)) {
+            /*
+             * We only get here if the application has called SSL_check_chain(),
+             * so check_flags is always set.
+             */
+            if (find_sig_alg(s, x, pk) != NULL)
+                rv |= CERT_PKEY_EE_SIGNATURE;
+        } else if (!tls1_check_sig_alg(s, x, default_nid)) {
             if (!check_flags)
                 goto end;
         } else
             rv |= CERT_PKEY_EE_SIGNATURE;
         rv |= CERT_PKEY_CA_SIGNATURE;
         for (i = 0; i < sk_X509_num(chain); i++) {
-            if (!tls1_check_sig_alg(c, sk_X509_value(chain, i), default_nid)) {
+            if (!tls1_check_sig_alg(s, sk_X509_value(chain, i), default_nid)) {
                 if (check_flags) {
                     rv &= ~CERT_PKEY_CA_SIGNATURE;
                     break;
@@ -2528,44 +2553,33 @@ static int tls12_get_cert_sigalg_idx(const SSL *s, const SIGALG_LOOKUP *lu)
 }
 
 /*
- * Returns true if |s| has a usable certificate configured for use
- * with signature scheme |sig|.
- * "Usable" includes a check for presence as well as applying
- * the signature_algorithm_cert restrictions sent by the peer (if any).
- * Returns false if no usable certificate is found.
+ * Checks the given cert against signature_algorithm_cert restrictions sent by
+ * the peer (if any) as well as whether the hash from the sigalg is usable with
+ * the key.
+ * Returns true if the cert is usable and false otherwise.
  */
-static int has_usable_cert(SSL *s, const SIGALG_LOOKUP *sig, int idx)
+static int check_cert_usable(SSL *s, const SIGALG_LOOKUP *sig, X509 *x,
+                             EVP_PKEY *pkey)
 {
     const SIGALG_LOOKUP *lu;
     int mdnid, pknid, default_mdnid;
-    int mandatory_md = 0;
     size_t i;
 
-    /* TLS 1.2 callers can override lu->sig_idx, but not TLS 1.3 callers. */
-    if (idx == -1)
-        idx = sig->sig_idx;
-    if (!ssl_has_cert(s, idx))
-        return 0;
     /* If the EVP_PKEY reports a mandatory digest, allow nothing else. */
     ERR_set_mark();
-    switch (EVP_PKEY_get_default_digest_nid(s->cert->pkeys[idx].privatekey,
-                                            &default_mdnid)) {
-    case 2:
-        mandatory_md = 1;
-        break;
-    case 1:
-        break;
-    default: /* If it didn't report a mandatory NID, for whatever reasons,
-              * just clear the error and allow all hashes to be used. */
-        ERR_pop_to_mark();
-    }
+    if (EVP_PKEY_get_default_digest_nid(pkey, &default_mdnid) == 2 &&
+        sig->hash != default_mdnid)
+            return 0;
+
+    /* If it didn't report a mandatory NID, for whatever reasons,
+     * just clear the error and allow all hashes to be used. */
+    ERR_pop_to_mark();
+
     if (s->s3->tmp.peer_cert_sigalgs != NULL) {
         for (i = 0; i < s->s3->tmp.peer_cert_sigalgslen; i++) {
             lu = tls1_lookup_sigalg(s->s3->tmp.peer_cert_sigalgs[i]);
             if (lu == NULL
-                || !X509_get_signature_info(s->cert->pkeys[idx].x509, &mdnid,
-                                            &pknid, NULL, NULL)
-                || (mandatory_md && mdnid != default_mdnid))
+                || !X509_get_signature_info(x, &mdnid, &pknid, NULL, NULL))
                 continue;
             /*
              * TODO this does not differentiate between the
@@ -2578,7 +2592,104 @@ static int has_usable_cert(SSL *s, const SIGALG_LOOKUP *sig, int idx)
         }
         return 0;
     }
-    return !mandatory_md || sig->hash == default_mdnid;
+    return 1;
+}
+
+/*
+ * Returns true if |s| has a usable certificate configured for use
+ * with signature scheme |sig|.
+ * "Usable" includes a check for presence as well as applying
+ * the signature_algorithm_cert restrictions sent by the peer (if any).
+ * Returns false if no usable certificate is found.
+ */
+static int has_usable_cert(SSL *s, const SIGALG_LOOKUP *sig, int idx)
+{
+    /* TLS 1.2 callers can override sig->sig_idx, but not TLS 1.3 callers. */
+    if (idx == -1)
+        idx = sig->sig_idx;
+    if (!ssl_has_cert(s, idx))
+        return 0;
+
+    return check_cert_usable(s, sig, s->cert->pkeys[idx].x509,
+                             s->cert->pkeys[idx].privatekey);
+}
+
+/*
+ * Returns true if the supplied cert |x| and key |pkey| is usable with the
+ * specified signature scheme |sig|, or false otherwise.
+ */
+static int is_cert_usable(SSL *s, const SIGALG_LOOKUP *sig, X509 *x,
+                          EVP_PKEY *pkey)
+{
+    size_t idx;
+
+    if (ssl_cert_lookup_by_pkey(pkey, &idx) == NULL)
+        return 0;
+
+    /* Check the key is consistent with the sig alg */
+    if ((int)idx != sig->sig_idx)
+        return 0;
+
+    return check_cert_usable(s, sig, x, pkey);
+}
+
+/*
+ * Find a signature scheme that works with the supplied certificate |x| and key
+ * |pkey|. |x| and |pkey| may be NULL in which case we additionally look at our
+ * available certs/keys to find one that works.
+ */
+static const SIGALG_LOOKUP *find_sig_alg(SSL *s, X509 *x, EVP_PKEY *pkey)
+{
+    const SIGALG_LOOKUP *lu = NULL;
+    size_t i;
+#ifndef OPENSSL_NO_EC
+    int curve = -1;
+#endif
+    EVP_PKEY *tmppkey;
+
+    /* Look for a shared sigalgs matching possible certificates */
+    for (i = 0; i < s->shared_sigalgslen; i++) {
+        lu = s->shared_sigalgs[i];
+
+        /* Skip SHA1, SHA224, DSA and RSA if not PSS */
+        if (lu->hash == NID_sha1
+            || lu->hash == NID_sha224
+            || lu->sig == EVP_PKEY_DSA
+            || lu->sig == EVP_PKEY_RSA)
+            continue;
+        /* Check that we have a cert, and signature_algorithms_cert */
+        if (!tls1_lookup_md(lu, NULL))
+            continue;
+        if ((pkey == NULL && !has_usable_cert(s, lu, -1))
+                || (pkey != NULL && !is_cert_usable(s, lu, x, pkey)))
+            continue;
+
+        tmppkey = (pkey != NULL) ? pkey
+                                 : s->cert->pkeys[lu->sig_idx].privatekey;
+
+        if (lu->sig == EVP_PKEY_EC) {
+#ifndef OPENSSL_NO_EC
+            if (curve == -1) {
+                EC_KEY *ec = EVP_PKEY_get0_EC_KEY(tmppkey);
+                curve = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
+            }
+            if (lu->curve != NID_undef && curve != lu->curve)
+                continue;
+#else
+            continue;
+#endif
+        } else if (lu->sig == EVP_PKEY_RSA_PSS) {
+            /* validate that key is large enough for the signature algorithm */
+            if (!rsa_pss_check_min_key_size(EVP_PKEY_get0(tmppkey), lu))
+                continue;
+        }
+        break;
+    }
+
+    if (i == s->shared_sigalgslen)
+        return NULL;
+
+    return lu;
 }
 
 /*
@@ -2601,48 +2712,8 @@ int tls_choose_sigalg(SSL *s, int fatalerrs)
     s->s3->tmp.sigalg = NULL;
 
     if (SSL_IS_TLS13(s)) {
-        size_t i;
-#ifndef OPENSSL_NO_EC
-        int curve = -1;
-#endif
-
-        /* Look for a certificate matching shared sigalgs */
-        for (i = 0; i < s->cert->shared_sigalgslen; i++) {
-            lu = s->cert->shared_sigalgs[i];
-            sig_idx = -1;
-
-            /* Skip SHA1, SHA224, DSA and RSA if not PSS */
-            if (lu->hash == NID_sha1
-                || lu->hash == NID_sha224
-                || lu->sig == EVP_PKEY_DSA
-                || lu->sig == EVP_PKEY_RSA)
-                continue;
-            /* Check that we have a cert, and signature_algorithms_cert */
-            if (!tls1_lookup_md(lu, NULL) || !has_usable_cert(s, lu, -1))
-                continue;
-            if (lu->sig == EVP_PKEY_EC) {
-#ifndef OPENSSL_NO_EC
-                if (curve == -1) {
-                    EC_KEY *ec = EVP_PKEY_get0_EC_KEY(s->cert->pkeys[SSL_PKEY_ECC].privatekey);
-
-                    curve = EC_GROUP_get_curve_name(EC_KEY_get0_group(ec));
-                }
-                if (lu->curve != NID_undef && curve != lu->curve)
-                    continue;
-#else
-                continue;
-#endif
-            } else if (lu->sig == EVP_PKEY_RSA_PSS) {
-                /* validate that key is large enough for the signature algorithm */
-                EVP_PKEY *pkey;
-
-                pkey = s->cert->pkeys[lu->sig_idx].privatekey;
-                if (!rsa_pss_check_min_key_size(EVP_PKEY_get0(pkey), lu))
-                    continue;
-            }
-            break;
-        }
-        if (i == s->cert->shared_sigalgslen) {
+        lu = find_sig_alg(s, NULL, NULL);
+        if (lu == NULL) {
             if (!fatalerrs)
                 return 1;
             SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_TLS_CHOOSE_SIGALG,
@@ -2675,8 +2746,8 @@ int tls_choose_sigalg(SSL *s, int fatalerrs)
                  * Find highest preference signature algorithm matching
                  * cert type
                  */
-                for (i = 0; i < s->cert->shared_sigalgslen; i++) {
-                    lu = s->cert->shared_sigalgs[i];
+                for (i = 0; i < s->shared_sigalgslen; i++) {
+                    lu = s->shared_sigalgs[i];
 
                     if (s->server) {
                         if ((sig_idx = tls12_get_cert_sigalg_idx(s, lu)) == -1)
@@ -2703,7 +2774,7 @@ int tls_choose_sigalg(SSL *s, int fatalerrs)
 #endif
                         break;
                 }
-                if (i == s->cert->shared_sigalgslen) {
+                if (i == s->shared_sigalgslen) {
                     if (!fatalerrs)
                         return 1;
                     SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE,
diff --git a/deps/openssl/openssl/ssl/tls13_enc.c b/deps/openssl/openssl/ssl/tls13_enc.c
index 1f956e61e9c1c8..b5f57a02f747f2 100644
--- a/deps/openssl/openssl/ssl/tls13_enc.c
+++ b/deps/openssl/openssl/ssl/tls13_enc.c
@@ -30,7 +30,11 @@ int tls13_hkdf_expand(SSL *s, const EVP_MD *md, const unsigned char *secret,
                              const unsigned char *data, size_t datalen,
                              unsigned char *out, size_t outlen, int fatal)
 {
+#ifdef CHARSET_EBCDIC
+    static const unsigned char label_prefix[] = { 0x74, 0x6C, 0x73, 0x31, 0x33, 0x20, 0x00 };
+#else
     static const unsigned char label_prefix[] = "tls13 ";
+#endif
     EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL);
     int ret;
     size_t hkdflabellen;
@@ -112,7 +116,11 @@ int tls13_hkdf_expand(SSL *s, const EVP_MD *md, const unsigned char *secret,
 int tls13_derive_key(SSL *s, const EVP_MD *md, const unsigned char *secret,
                      unsigned char *key, size_t keylen)
 {
-    static const unsigned char keylabel[] = "key";
+#ifdef CHARSET_EBCDIC
+  static const unsigned char keylabel[] ={ 0x6B, 0x65, 0x79, 0x00 };
+#else
+  static const unsigned char keylabel[] = "key";
+#endif
 
     return tls13_hkdf_expand(s, md, secret, keylabel, sizeof(keylabel) - 1,
                              NULL, 0, key, keylen, 1);
@@ -125,7 +133,11 @@ int tls13_derive_key(SSL *s, const EVP_MD *md, const unsigned char *secret,
 int tls13_derive_iv(SSL *s, const EVP_MD *md, const unsigned char *secret,
                     unsigned char *iv, size_t ivlen)
 {
-    static const unsigned char ivlabel[] = "iv";
+#ifdef CHARSET_EBCDIC
+  static const unsigned char ivlabel[] = { 0x69, 0x76, 0x00 };
+#else
+  static const unsigned char ivlabel[] = "iv";
+#endif
 
     return tls13_hkdf_expand(s, md, secret, ivlabel, sizeof(ivlabel) - 1,
                              NULL, 0, iv, ivlen, 1);
@@ -135,7 +147,11 @@ int tls13_derive_finishedkey(SSL *s, const EVP_MD *md,
                              const unsigned char *secret,
                              unsigned char *fin, size_t finlen)
 {
-    static const unsigned char finishedlabel[] = "finished";
+#ifdef CHARSET_EBCDIC
+  static const unsigned char finishedlabel[] = { 0x66, 0x69, 0x6E, 0x69, 0x73, 0x68, 0x65, 0x64, 0x00 };
+#else
+  static const unsigned char finishedlabel[] = "finished";
+#endif
 
     return tls13_hkdf_expand(s, md, secret, finishedlabel,
                              sizeof(finishedlabel) - 1, NULL, 0, fin, finlen, 1);
@@ -156,7 +172,11 @@ int tls13_generate_secret(SSL *s, const EVP_MD *md,
     int mdleni;
     int ret;
     EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_HKDF, NULL);
+#ifdef CHARSET_EBCDIC
+    static const char derived_secret_label[] = { 0x64, 0x65, 0x72, 0x69, 0x76, 0x65, 0x64, 0x00 };
+#else
     static const char derived_secret_label[] = "derived";
+#endif
     unsigned char preextractsec[EVP_MAX_MD_SIZE];
 
     if (pctx == NULL) {
@@ -409,6 +429,16 @@ static int derive_secret_key_and_iv(SSL *s, int sending, const EVP_MD *md,
 
 int tls13_change_cipher_state(SSL *s, int which)
 {
+#ifdef CHARSET_EBCDIC
+  static const unsigned char client_early_traffic[]       = {0x63, 0x20, 0x65, 0x20,       /*traffic*/0x74, 0x72, 0x61, 0x66, 0x66, 0x69, 0x63, 0x00};
+  static const unsigned char client_handshake_traffic[]   = {0x63, 0x20, 0x68, 0x73, 0x20, /*traffic*/0x74, 0x72, 0x61, 0x66, 0x66, 0x69, 0x63, 0x00};
+  static const unsigned char client_application_traffic[] = {0x63, 0x20, 0x61, 0x70, 0x20, /*traffic*/0x74, 0x72, 0x61, 0x66, 0x66, 0x69, 0x63, 0x00};
+  static const unsigned char server_handshake_traffic[]   = {0x73, 0x20, 0x68, 0x73, 0x20, /*traffic*/0x74, 0x72, 0x61, 0x66, 0x66, 0x69, 0x63, 0x00};
+  static const unsigned char server_application_traffic[] = {0x73, 0x20, 0x61, 0x70, 0x20, /*traffic*/0x74, 0x72, 0x61, 0x66, 0x66, 0x69, 0x63, 0x00};
+  static const unsigned char exporter_master_secret[] = {0x65, 0x78, 0x70, 0x20,                    /* master*/  0x6D, 0x61, 0x73, 0x74, 0x65, 0x72, 0x00};
+  static const unsigned char resumption_master_secret[] = {0x72, 0x65, 0x73, 0x20,                  /* master*/  0x6D, 0x61, 0x73, 0x74, 0x65, 0x72, 0x00};
+  static const unsigned char early_exporter_master_secret[] = {0x65, 0x20, 0x65, 0x78, 0x70, 0x20,  /* master*/  0x6D, 0x61, 0x73, 0x74, 0x65, 0x72, 0x00};
+#else
     static const unsigned char client_early_traffic[] = "c e traffic";
     static const unsigned char client_handshake_traffic[] = "c hs traffic";
     static const unsigned char client_application_traffic[] = "c ap traffic";
@@ -417,6 +447,7 @@ int tls13_change_cipher_state(SSL *s, int which)
     static const unsigned char exporter_master_secret[] = "exp master";
     static const unsigned char resumption_master_secret[] = "res master";
     static const unsigned char early_exporter_master_secret[] = "e exp master";
+#endif
     unsigned char *iv;
     unsigned char secret[EVP_MAX_MD_SIZE];
     unsigned char hashval[EVP_MAX_MD_SIZE];
@@ -684,7 +715,11 @@ int tls13_change_cipher_state(SSL *s, int which)
 
 int tls13_update_key(SSL *s, int sending)
 {
-    static const unsigned char application_traffic[] = "traffic upd";
+#ifdef CHARSET_EBCDIC
+  static const unsigned char application_traffic[] = { 0x74, 0x72 ,0x61 ,0x66 ,0x66 ,0x69 ,0x63 ,0x20 ,0x75 ,0x70 ,0x64, 0x00};
+#else
+  static const unsigned char application_traffic[] = "traffic upd";
+#endif
     const EVP_MD *md = ssl_handshake_md(s);
     size_t hashlen = EVP_MD_size(md);
     unsigned char *insecret, *iv;
@@ -741,7 +776,11 @@ int tls13_export_keying_material(SSL *s, unsigned char *out, size_t olen,
                                  size_t contextlen, int use_context)
 {
     unsigned char exportsecret[EVP_MAX_MD_SIZE];
+#ifdef CHARSET_EBCDIC
+    static const unsigned char exporterlabel[] = {0x65, 0x78, 0x70, 0x6F, 0x72, 0x74, 0x65, 0x72, 0x00};
+#else
     static const unsigned char exporterlabel[] = "exporter";
+#endif
     unsigned char hash[EVP_MAX_MD_SIZE], data[EVP_MAX_MD_SIZE];
     const EVP_MD *md = ssl_handshake_md(s);
     EVP_MD_CTX *ctx = EVP_MD_CTX_new();
@@ -778,7 +817,11 @@ int tls13_export_keying_material_early(SSL *s, unsigned char *out, size_t olen,
                                        const unsigned char *context,
                                        size_t contextlen)
 {
-    static const unsigned char exporterlabel[] = "exporter";
+#ifdef CHARSET_EBCDIC
+  static const unsigned char exporterlabel[] = {0x65, 0x78, 0x70, 0x6F, 0x72, 0x74, 0x65, 0x72, 0x00};
+#else
+  static const unsigned char exporterlabel[] = "exporter";
+#endif
     unsigned char exportsecret[EVP_MAX_MD_SIZE];
     unsigned char hash[EVP_MAX_MD_SIZE], data[EVP_MAX_MD_SIZE];
     const EVP_MD *md;
diff --git a/deps/openssl/openssl/test/bntest.c b/deps/openssl/openssl/test/bntest.c
index c68d7f6fb8796d..0bd9a06f728a5e 100644
--- a/deps/openssl/openssl/test/bntest.c
+++ b/deps/openssl/openssl/test/bntest.c
@@ -2169,18 +2169,50 @@ static int test_expmodone(void)
     return ret;
 }
 
-static int test_smallprime(void)
+static int test_smallprime(int kBits)
 {
-    static const int kBits = 10;
     BIGNUM *r;
     int st = 0;
 
-    if (!TEST_ptr(r = BN_new())
-            || !TEST_true(BN_generate_prime_ex(r, (int)kBits, 0,
-                                               NULL, NULL, NULL))
-            || !TEST_int_eq(BN_num_bits(r), kBits))
+    if (!TEST_ptr(r = BN_new()))
+        goto err;
+
+    if (kBits <= 1) {
+        if (!TEST_false(BN_generate_prime_ex(r, kBits, 0,
+                                             NULL, NULL, NULL)))
+            goto err;
+    } else {
+        if (!TEST_true(BN_generate_prime_ex(r, kBits, 0,
+                                            NULL, NULL, NULL))
+                || !TEST_int_eq(BN_num_bits(r), kBits))
+            goto err;
+    }
+
+    st = 1;
+ err:
+    BN_free(r);
+    return st;
+}
+
+static int test_smallsafeprime(int kBits)
+{
+    BIGNUM *r;
+    int st = 0;
+
+    if (!TEST_ptr(r = BN_new()))
         goto err;
 
+    if (kBits <= 5 && kBits != 3) {
+        if (!TEST_false(BN_generate_prime_ex(r, kBits, 1,
+                                             NULL, NULL, NULL)))
+            goto err;
+    } else {
+        if (!TEST_true(BN_generate_prime_ex(r, kBits, 1,
+                                            NULL, NULL, NULL))
+                || !TEST_int_eq(BN_num_bits(r), kBits))
+            goto err;
+    }
+
     st = 1;
  err:
     BN_free(r);
@@ -2405,7 +2437,8 @@ int setup_tests(void)
         ADD_TEST(test_badmod);
         ADD_TEST(test_expmodzero);
         ADD_TEST(test_expmodone);
-        ADD_TEST(test_smallprime);
+        ADD_ALL_TESTS(test_smallprime, 16);
+        ADD_ALL_TESTS(test_smallsafeprime, 16);
         ADD_TEST(test_swap);
         ADD_TEST(test_ctx_consttime_flag);
 #ifndef OPENSSL_NO_EC2M
diff --git a/deps/openssl/openssl/test/build.info b/deps/openssl/openssl/test/build.info
index a2fb0e2e1e7eae..1727f28626937b 100644
--- a/deps/openssl/openssl/test/build.info
+++ b/deps/openssl/openssl/test/build.info
@@ -12,7 +12,8 @@ IF[{- !$disabled{tests} -}]
   SOURCE[libtestutil.a]=testutil/basic_output.c testutil/output_helpers.c \
           testutil/driver.c testutil/tests.c testutil/cb.c testutil/stanza.c \
           testutil/format_output.c testutil/tap_bio.c \
-          testutil/test_cleanup.c testutil/main.c testutil/init.c
+          testutil/test_cleanup.c testutil/main.c testutil/init.c \
+          testutil/random.c
   INCLUDE[libtestutil.a]=../include
   DEPEND[libtestutil.a]=../libcrypto
 
diff --git a/deps/openssl/openssl/test/certs/mkcert.sh b/deps/openssl/openssl/test/certs/mkcert.sh
index bf61548dba72b4..ebb71c17785716 100755
--- a/deps/openssl/openssl/test/certs/mkcert.sh
+++ b/deps/openssl/openssl/test/certs/mkcert.sh
@@ -1,6 +1,6 @@
 #! /bin/bash
 #
-# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
 # Copyright (c) 2016 Viktor Dukhovni <openssl-users@dukhovni.org>.
 # All rights reserved.
 #
@@ -233,6 +233,35 @@ genee() {
 	    -set_serial 2 -days "${DAYS}" "$@"
 }
 
+geneenocsr() {
+    local OPTIND=1
+    local purpose=serverAuth
+
+    while getopts p: o
+    do
+        case $o in
+        p) purpose="$OPTARG";;
+        *) echo "Usage: $0 genee [-p EKU] cn certname cakeyname cacertname" >&2
+           return 1;;
+        esac
+    done
+
+    shift $((OPTIND - 1))
+    local cn=$1; shift
+    local cert=$1; shift
+    local cakey=$1; shift
+    local ca=$1; shift
+
+    exts=$(printf "%s\n%s\n%s\n%s\n%s\n[alts]\n%s\n" \
+	    "subjectKeyIdentifier = hash" \
+	    "authorityKeyIdentifier = keyid, issuer" \
+	    "basicConstraints = CA:false" \
+	    "extendedKeyUsage = $purpose" \
+	    "subjectAltName = @alts" "DNS=${cn}")
+	cert "$cert" "$exts" -CA "${ca}.pem" -CAkey "${cakey}.pem" \
+	    -set_serial 2 -days "${DAYS}" "$@"
+}
+
 genss() {
     local cn=$1; shift
     local key=$1; shift
diff --git a/deps/openssl/openssl/test/certs/server-pss-restrict-cert.pem b/deps/openssl/openssl/test/certs/server-pss-restrict-cert.pem
new file mode 100644
index 00000000000000..273363808a98e2
--- /dev/null
+++ b/deps/openssl/openssl/test/certs/server-pss-restrict-cert.pem
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDYjCCAkqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
+IENBMCAXDTE5MDgwODEwNDMxMFoYDzIxMTkwODA5MTA0MzEwWjAUMRIwEAYDVQQD
+DAlsb2NhbGhvc3QwggFSMD0GCSqGSIb3DQEBCjAwoA0wCwYJYIZIAWUDBAIBoRow
+GAYJKoZIhvcNAQEIMAsGCWCGSAFlAwQCAaIDAgEgA4IBDwAwggEKAoIBAQDDlygk
+sUEAajpdVquo9XIAyTd9ZJ+55hNmhBfhn3lHz3ryPD+0XlgCE9qsKwfR7iYaqmnN
+ilQnsxWpMGXAgOlC1+w5zh8qHvrI5wX+A6U9N8leIOSgFuFNP0FMMG7I677QzRxG
+FqKX1o4V73JWqnHCfnfHRyZY9xM0tYbJKNbRO7Hy4jKBPl3ptPHUoTltr4WYTOpg
+stcEamdiiif+0U4bQvVltNg9pzFEjkAktTUGn92W5CgLnsbPXxBo6a/kUlHcgmhY
+bpOXEjCPufZLgsQo8iF2Bq8eWMEsByjr0chQjzrfZAUVtD8Hmh2uMVAPQFAHUkaL
+j2tHukL+s9tAaWKNAgMBAAGjgY4wgYswHQYDVR0OBBYEFLqlLFaNrS8hbX6voiGi
+AfMYfsivMB8GA1UdIwQYMBaAFHB/Lq6DaFmYBCMqzes+F80k3QFJMAkGA1UdEwQC
+MAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwKQYDVR0RBCIwIIIeU2VydmVyIFJTQS1Q
+U1MgcmVzdHJpY3RlZCBjZXJ0MA0GCSqGSIb3DQEBCwUAA4IBAQAEhm9Skn2XfEZo
+Q+YMu6HIQZovRT3IljHvesjIby7KfS86SU4r+CG7qaPLw7jeIR92YMnihnaXRGGJ
+POixpHY6gapEzR2Sqg7c0ApGenDZ3uKnBUjf9LEorPmhrEHUsnHREXoPx5Lt5Nh/
+7WRNB/GKvbnAby+5HQBOvU6P8t37/zK1JjJhGNv0uvaYthQGk3r6nEhQG+O6JBSw
+H/auU4ClIB4fg8GWaMuupN5VMNP9mxpL9tONH8QRKs+KIQWMOsr83rOKwSHrrkIL
+/vDI5hPj9RHvjjta6FQx140wA6c8ZB59x9YIv1alJWf6s3+TM8bv70L/aBBT8+IM
+vwjUz9Gp
+-----END CERTIFICATE-----
diff --git a/deps/openssl/openssl/test/certs/server-pss-restrict-key.pem b/deps/openssl/openssl/test/certs/server-pss-restrict-key.pem
new file mode 100644
index 00000000000000..65032269c1e4e3
--- /dev/null
+++ b/deps/openssl/openssl/test/certs/server-pss-restrict-key.pem
@@ -0,0 +1,29 @@
+-----BEGIN PRIVATE KEY-----
+MIIE7wIBADA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAaEaMBgGCSqGSIb3
+DQEBCDALBglghkgBZQMEAgGiAwIBIASCBKkwggSlAgEAAoIBAQDDlygksUEAajpd
+Vquo9XIAyTd9ZJ+55hNmhBfhn3lHz3ryPD+0XlgCE9qsKwfR7iYaqmnNilQnsxWp
+MGXAgOlC1+w5zh8qHvrI5wX+A6U9N8leIOSgFuFNP0FMMG7I677QzRxGFqKX1o4V
+73JWqnHCfnfHRyZY9xM0tYbJKNbRO7Hy4jKBPl3ptPHUoTltr4WYTOpgstcEamdi
+iif+0U4bQvVltNg9pzFEjkAktTUGn92W5CgLnsbPXxBo6a/kUlHcgmhYbpOXEjCP
+ufZLgsQo8iF2Bq8eWMEsByjr0chQjzrfZAUVtD8Hmh2uMVAPQFAHUkaLj2tHukL+
+s9tAaWKNAgMBAAECggEBAIzgfwWOtmb6HHfGSXY085wlUlZ696EKWsboNdtI5i4W
+/1Mimi/sFC/K5SJFDCjlA4UJYZOuItdFYkCun1t8foaqx3cLQ98u2SuDWwmOzqG9
+YMjvoDy+viDJgtrBt8n4I0R5t/ezrgD3hPe/s/dAZRfVx6g9Ux2ZOLgqV57kT3X7
+6paEz3jrIMvuoXQCsi9Qh+eJQ23/sAcc7OHQ7uD8QJVudEBnSHQ+ttvOPXhr7tba
+8NuNVa6E/KewkKHRAZqBTJolCVyPtWmvfaDwdJtunCvyR1w3Rv1adZLK4YRFz+vc
+sOMK+K1c2aojA+/Fnba19inNq13j6Dwqmq8Ho7MZwHECgYEA6aSx7/93S1VGpxQ9
+KqFE4Fy9ylliC/hanc9qOcfEIo0tDus9lfpuPp+aOXML0msVkIfhCnaru32qtnaI
+AQkIbPhSZFvC/i6BibpArXINbDzTS/46zZHehXskjWFGw+iRm/YI7MBuCmWzSnFO
+YUwSKRIPKZKyXswFzP8RsQO/QbsCgYEA1k5SamQheuKdo/X40ShWTTOoDlpL4Sir
+b2zTnEqlHyMv8c7w880hPf4P+0pqrKyf7jmEykJvp1qSAmyMUCWzrKTr8gQ2sMyb
+zj90cEm++M5YIQh5lPJy4pGqmCliJXqkt+zT1xmnRASwMNQOnU2bBmXkve/ofb4M
+dEwyig/nZFcCgYBLWPilTD6dhce+NBGxwMZkkKQIMKEk+RfIEs7QCXNgLSUdzZFT
+36pT+caTxl1Go5AVxyw04qZpVZKLO1iK9O3Jrp9rjAgrTrYpw23+QWzAvjDqLfeq
+ueMIKvlTus5GeacTo9mm+DvEkJ2sYTQEvrKQmilXn950IdmxDYUYD/xK5wKBgQDQ
+5ON9BUGFUSQsUHVLG7CT7EhiRS41ubjyEfhrHm+53Ei9weQpIcjHbsERR8aXrmTu
+h26i4QOI88XjSv+ymC19mfzLmcPdrnQpJL1RPvFCAZDyEhrBT1sg8rCBRcV/lv68
+scMEpuLecFt2HR5pwt3b7LJ9Wj8bYoctTaDt5va8XQKBgQDCr4hZB5haAcKmNm/g
+PjlaLdrDEIuuBjxMzX1t3PXwsEene1cE731v6fbmrDUa8AuJyMY80xhGrTTDQfS3
+QOu/6wtcUv/JC/06OwEaUlT/kdYek+zYfBm3b1sKP3HVKSxCLTcPcC4aQoAFqbEy
+3kuSVh03vVBdaP//qMPyeue17w==
+-----END PRIVATE KEY-----
diff --git a/deps/openssl/openssl/test/certs/setup.sh b/deps/openssl/openssl/test/certs/setup.sh
index 53d4a807a7fb79..26b2f1ddfe02e7 100755
--- a/deps/openssl/openssl/test/certs/setup.sh
+++ b/deps/openssl/openssl/test/certs/setup.sh
@@ -369,3 +369,9 @@ REQMASK=MASK:0x800 ./mkcert.sh req badalt7-key "O = Bad NC Test Certificate 7" \
 OPENSSL_KEYALG=ec OPENSSL_KEYBITS=brainpoolP256r1 ./mkcert.sh genee \
     "Server ECDSA brainpoolP256r1 cert" server-ecdsa-brainpoolP256r1-key \
     server-ecdsa-brainpoolP256r1-cert rootkey rootcert
+
+openssl req -new -nodes -subj "/CN=localhost" \
+    -newkey rsa-pss -keyout server-pss-restrict-key.pem \
+    -pkeyopt rsa_pss_keygen_md:sha256 -pkeyopt rsa_pss_keygen_saltlen:32 | \
+    ./mkcert.sh geneenocsr "Server RSA-PSS restricted cert" \
+    server-pss-restrict-cert rootkey rootcert
diff --git a/deps/openssl/openssl/test/ct_test.c b/deps/openssl/openssl/test/ct_test.c
index f881d5f6a9088e..78d11ca98cf7ef 100644
--- a/deps/openssl/openssl/test/ct_test.c
+++ b/deps/openssl/openssl/test/ct_test.c
@@ -87,29 +87,10 @@ static void tear_down(CT_TEST_FIXTURE *fixture)
     OPENSSL_free(fixture);
 }
 
-static char *mk_file_path(const char *dir, const char *file)
-{
-# ifndef OPENSSL_SYS_VMS
-    const char *sep = "/";
-# else
-    const char *sep = "";
-# endif
-    size_t len = strlen(dir) + strlen(sep) + strlen(file) + 1;
-    char *full_file = OPENSSL_zalloc(len);
-
-    if (full_file != NULL) {
-        OPENSSL_strlcpy(full_file, dir, len);
-        OPENSSL_strlcat(full_file, sep, len);
-        OPENSSL_strlcat(full_file, file, len);
-    }
-
-    return full_file;
-}
-
 static X509 *load_pem_cert(const char *dir, const char *file)
 {
     X509 *cert = NULL;
-    char *file_path = mk_file_path(dir, file);
+    char *file_path = test_mk_file_path(dir, file);
 
     if (file_path != NULL) {
         BIO *cert_io = BIO_new_file(file_path, "r");
@@ -127,7 +108,7 @@ static int read_text_file(const char *dir, const char *file,
                           char *buffer, int buffer_length)
 {
     int len = -1;
-    char *file_path = mk_file_path(dir, file);
+    char *file_path = test_mk_file_path(dir, file);
 
     if (file_path != NULL) {
         BIO *file_io = BIO_new_file(file_path, "r");
diff --git a/deps/openssl/openssl/test/dhtest.c b/deps/openssl/openssl/test/dhtest.c
index 5b2fd6795f6d9b..9d5609b943abd1 100644
--- a/deps/openssl/openssl/test/dhtest.c
+++ b/deps/openssl/openssl/test/dhtest.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -17,6 +17,7 @@
 #include <openssl/bn.h>
 #include <openssl/rand.h>
 #include <openssl/err.h>
+#include <openssl/obj_mac.h>
 #include "testutil.h"
 
 #ifndef OPENSSL_NO_DH
@@ -62,6 +63,17 @@ static int dh_test(void)
         || !TEST_true(DH_set0_pqg(dh, p, q, g)))
         goto err1;
 
+    if (!DH_check(dh, &i))
+        goto err2;
+    if (!TEST_false(i & DH_CHECK_P_NOT_PRIME)
+            || !TEST_false(i & DH_CHECK_P_NOT_SAFE_PRIME)
+            || !TEST_false(i & DH_CHECK_INVALID_Q_VALUE)
+            || !TEST_false(i & DH_CHECK_Q_NOT_PRIME)
+            || !TEST_false(i & DH_UNABLE_TO_CHECK_GENERATOR)
+            || !TEST_false(i & DH_NOT_SUITABLE_GENERATOR)
+            || !TEST_false(i))
+        goto err2;
+
     /* test the combined getter for p, q, and g */
     DH_get0_pqg(dh, &p2, &q2, &g2);
     if (!TEST_ptr_eq(p2, p)
@@ -130,7 +142,8 @@ static int dh_test(void)
     if (!TEST_false(i & DH_CHECK_P_NOT_PRIME)
             || !TEST_false(i & DH_CHECK_P_NOT_SAFE_PRIME)
             || !TEST_false(i & DH_UNABLE_TO_CHECK_GENERATOR)
-            || !TEST_false(i & DH_NOT_SUITABLE_GENERATOR))
+            || !TEST_false(i & DH_NOT_SUITABLE_GENERATOR)
+            || !TEST_false(i))
         goto err3;
 
     DH_get0_pqg(a, &ap, NULL, &ag);
@@ -193,7 +206,7 @@ static int dh_test(void)
     BN_free(q);
     BN_free(g);
  err2:
-    /* an error occured before priv_key was assigned to dh */
+    /* an error occurred before priv_key was assigned to dh */
     BN_free(priv_key);
  err3:
  success:
@@ -609,6 +622,63 @@ static int rfc5114_test(void)
     TEST_error("Test failed RFC5114 set %d\n", i + 1);
     return 0;
 }
+
+static int rfc7919_test(void)
+{
+    DH *a = NULL, *b = NULL;
+    const BIGNUM *apub_key = NULL, *bpub_key = NULL;
+    unsigned char *abuf = NULL;
+    unsigned char *bbuf = NULL;
+    int i, alen, blen, aout, bout;
+    int ret = 0;
+
+    if (!TEST_ptr(a = DH_new_by_nid(NID_ffdhe2048)))
+         goto err;
+
+    if (!DH_check(a, &i))
+        goto err;
+    if (!TEST_false(i & DH_CHECK_P_NOT_PRIME)
+            || !TEST_false(i & DH_CHECK_P_NOT_SAFE_PRIME)
+            || !TEST_false(i & DH_UNABLE_TO_CHECK_GENERATOR)
+            || !TEST_false(i & DH_NOT_SUITABLE_GENERATOR)
+            || !TEST_false(i))
+        goto err;
+
+    if (!DH_generate_key(a))
+        goto err;
+    DH_get0_key(a, &apub_key, NULL);
+
+    /* now create another copy of the DH group for the peer */
+    if (!TEST_ptr(b = DH_new_by_nid(NID_ffdhe2048)))
+        goto err;
+
+    if (!DH_generate_key(b))
+        goto err;
+    DH_get0_key(b, &bpub_key, NULL);
+
+    alen = DH_size(a);
+    if (!TEST_ptr(abuf = OPENSSL_malloc(alen))
+            || !TEST_true((aout = DH_compute_key(abuf, bpub_key, a)) != -1))
+        goto err;
+
+    blen = DH_size(b);
+    if (!TEST_ptr(bbuf = OPENSSL_malloc(blen))
+            || !TEST_true((bout = DH_compute_key(bbuf, apub_key, b)) != -1))
+        goto err;
+
+    if (!TEST_true(aout >= 20)
+            || !TEST_mem_eq(abuf, aout, bbuf, bout))
+        goto err;
+
+    ret = 1;
+
+ err:
+    OPENSSL_free(abuf);
+    OPENSSL_free(bbuf);
+    DH_free(a);
+    DH_free(b);
+    return ret;
+}
 #endif
 
 
@@ -619,6 +689,7 @@ int setup_tests(void)
 #else
     ADD_TEST(dh_test);
     ADD_TEST(rfc5114_test);
+    ADD_TEST(rfc7919_test);
 #endif
     return 1;
 }
diff --git a/deps/openssl/openssl/test/dtlstest.c b/deps/openssl/openssl/test/dtlstest.c
index 9e6ed443822060..ab4d4c15c08024 100644
--- a/deps/openssl/openssl/test/dtlstest.c
+++ b/deps/openssl/openssl/test/dtlstest.c
@@ -96,7 +96,7 @@ static int test_dtls_unprocessed(int testidx)
 
     /*
      * Create the connection. We use "create_bare_ssl_connection" here so that
-     * we can force the connection to not do "SSL_read" once partly conencted.
+     * we can force the connection to not do "SSL_read" once partly connected.
      * We don't want to accidentally read the dummy records we injected because
      * they will fail to decrypt.
      */
diff --git a/deps/openssl/openssl/test/ectest.c b/deps/openssl/openssl/test/ectest.c
index 269ec4ef8f1155..136dc741ebfebc 100644
--- a/deps/openssl/openssl/test/ectest.c
+++ b/deps/openssl/openssl/test/ectest.c
@@ -1519,6 +1519,271 @@ static const unsigned char p521_explicit[] = {
     0xbb, 0x6f, 0xb7, 0x1e, 0x91, 0x38, 0x64, 0x09, 0x02, 0x01, 0x01,
 };
 
+/*
+ * Sometime we cannot compare nids for equality, as the built-in curve table
+ * includes aliases with different names for the same curve.
+ *
+ * This function returns TRUE (1) if the checked nids are identical, or if they
+ * alias to the same curve. FALSE (0) otherwise.
+ */
+static ossl_inline
+int are_ec_nids_compatible(int n1d, int n2d)
+{
+    int ret = 0;
+    switch (n1d) {
+# ifndef OPENSSL_NO_EC2M
+        case NID_sect113r1:
+        case NID_wap_wsg_idm_ecid_wtls4:
+            ret = (n2d == NID_sect113r1 || n2d == NID_wap_wsg_idm_ecid_wtls4);
+            break;
+        case NID_sect163k1:
+        case NID_wap_wsg_idm_ecid_wtls3:
+            ret = (n2d == NID_sect163k1 || n2d == NID_wap_wsg_idm_ecid_wtls3);
+            break;
+        case NID_sect233k1:
+        case NID_wap_wsg_idm_ecid_wtls10:
+            ret = (n2d == NID_sect233k1 || n2d == NID_wap_wsg_idm_ecid_wtls10);
+            break;
+        case NID_sect233r1:
+        case NID_wap_wsg_idm_ecid_wtls11:
+            ret = (n2d == NID_sect233r1 || n2d == NID_wap_wsg_idm_ecid_wtls11);
+            break;
+        case NID_X9_62_c2pnb163v1:
+        case NID_wap_wsg_idm_ecid_wtls5:
+            ret = (n2d == NID_X9_62_c2pnb163v1
+                   || n2d == NID_wap_wsg_idm_ecid_wtls5);
+            break;
+# endif /* OPENSSL_NO_EC2M */
+        case NID_secp112r1:
+        case NID_wap_wsg_idm_ecid_wtls6:
+            ret = (n2d == NID_secp112r1 || n2d == NID_wap_wsg_idm_ecid_wtls6);
+            break;
+        case NID_secp160r2:
+        case NID_wap_wsg_idm_ecid_wtls7:
+            ret = (n2d == NID_secp160r2 || n2d == NID_wap_wsg_idm_ecid_wtls7);
+            break;
+# ifdef OPENSSL_NO_EC_NISTP_64_GCC_128
+        case NID_secp224r1:
+        case NID_wap_wsg_idm_ecid_wtls12:
+            ret = (n2d == NID_secp224r1 || n2d == NID_wap_wsg_idm_ecid_wtls12);
+            break;
+# else
+        /*
+         * For SEC P-224 we want to ensure that the SECP nid is returned, as
+         * that is associated with a specialized method.
+         */
+        case NID_wap_wsg_idm_ecid_wtls12:
+            ret = (n2d == NID_secp224r1);
+            break;
+# endif /* def(OPENSSL_NO_EC_NISTP_64_GCC_128) */
+
+        default:
+            ret = (n1d == n2d);
+    }
+    return ret;
+}
+
+/*
+ * This checks that EC_GROUP_bew_from_ecparameters() returns a "named"
+ * EC_GROUP for built-in curves.
+ *
+ * Note that it is possible to retrieve an alternative alias that does not match
+ * the original nid.
+ *
+ * Ensure that the OPENSSL_EC_EXPLICIT_CURVE ASN1 flag is set.
+ */
+static int check_named_curve_from_ecparameters(int id)
+{
+    int ret = 0, nid, tnid;
+    EC_GROUP *group = NULL, *tgroup = NULL, *tmpg = NULL;
+    const EC_POINT *group_gen = NULL;
+    EC_POINT *other_gen = NULL;
+    BIGNUM *group_cofactor = NULL, *other_cofactor = NULL;
+    BIGNUM *other_gen_x = NULL, *other_gen_y = NULL;
+    const BIGNUM *group_order = NULL;
+    BIGNUM *other_order = NULL;
+    BN_CTX *bn_ctx = NULL;
+    static const unsigned char invalid_seed[] = "THIS IS NOT A VALID SEED";
+    static size_t invalid_seed_len = sizeof(invalid_seed);
+    ECPARAMETERS *params = NULL, *other_params = NULL;
+    EC_GROUP *g_ary[8] = {NULL};
+    EC_GROUP **g_next = &g_ary[0];
+    ECPARAMETERS *p_ary[8] = {NULL};
+    ECPARAMETERS **p_next = &p_ary[0];
+
+    /* Do some setup */
+    nid = curves[id].nid;
+    TEST_note("Curve %s", OBJ_nid2sn(nid));
+    if (!TEST_ptr(bn_ctx = BN_CTX_new()))
+        return ret;
+    BN_CTX_start(bn_ctx);
+
+    if (/* Allocations */
+        !TEST_ptr(group_cofactor = BN_CTX_get(bn_ctx))
+        || !TEST_ptr(other_gen_x = BN_CTX_get(bn_ctx))
+        || !TEST_ptr(other_gen_y = BN_CTX_get(bn_ctx))
+        || !TEST_ptr(other_order = BN_CTX_get(bn_ctx))
+        || !TEST_ptr(other_cofactor = BN_CTX_get(bn_ctx))
+        /* Generate reference group and params */
+        || !TEST_ptr(group = EC_GROUP_new_by_curve_name(nid))
+        || !TEST_ptr(params = EC_GROUP_get_ecparameters(group, NULL))
+        || !TEST_ptr(group_gen = EC_GROUP_get0_generator(group))
+        || !TEST_ptr(group_order = EC_GROUP_get0_order(group))
+        || !TEST_true(EC_GROUP_get_cofactor(group, group_cofactor, NULL))
+        /* compute `other_*` values */
+        || !TEST_ptr(tmpg = EC_GROUP_dup(group))
+        || !TEST_ptr(other_gen = EC_POINT_dup(group_gen, group))
+        || !TEST_true(EC_POINT_add(group, other_gen, group_gen, group_gen, NULL))
+        || !TEST_true(EC_POINT_get_affine_coordinates(group, other_gen,
+                      other_gen_x, other_gen_y, bn_ctx))
+        || !TEST_true(BN_copy(other_order, group_order))
+        || !TEST_true(BN_add_word(other_order, 1))
+        || !TEST_true(BN_copy(other_cofactor, group_cofactor))
+        || !TEST_true(BN_add_word(other_cofactor, 1)))
+        goto err;
+
+    EC_POINT_free(other_gen);
+    other_gen = NULL;
+
+    if (!TEST_ptr(other_gen = EC_POINT_new(tmpg))
+        || !TEST_true(EC_POINT_set_affine_coordinates(tmpg, other_gen,
+                                                      other_gen_x, other_gen_y,
+                                                      bn_ctx)))
+        goto err;
+
+    /*
+     * ###########################
+     * # Actual tests start here #
+     * ###########################
+     */
+
+    /*
+     * Creating a group from built-in explicit parameters returns a
+     * "named" EC_GROUP
+     */
+    if (!TEST_ptr(tgroup = *g_next++ = EC_GROUP_new_from_ecparameters(params))
+        || !TEST_int_ne((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef))
+        goto err;
+    /*
+     * We cannot always guarantee the names match, as the built-in table
+     * contains aliases for the same curve with different names.
+     */
+    if (!TEST_true(are_ec_nids_compatible(nid, tnid))) {
+        TEST_info("nid = %s, tnid = %s", OBJ_nid2sn(nid), OBJ_nid2sn(tnid));
+        goto err;
+    }
+    /* Ensure that the OPENSSL_EC_EXPLICIT_CURVE ASN1 flag is set. */
+    if (!TEST_int_eq(EC_GROUP_get_asn1_flag(tgroup), OPENSSL_EC_EXPLICIT_CURVE))
+        goto err;
+
+    /*
+     * An invalid seed in the parameters should be ignored: expect a "named"
+     * group.
+     */
+    if (!TEST_int_eq(EC_GROUP_set_seed(tmpg, invalid_seed, invalid_seed_len),
+                     invalid_seed_len)
+            || !TEST_ptr(other_params = *p_next++ =
+                         EC_GROUP_get_ecparameters(tmpg, NULL))
+            || !TEST_ptr(tgroup = *g_next++ =
+                          EC_GROUP_new_from_ecparameters(other_params))
+            || !TEST_int_ne((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef)
+            || !TEST_true(are_ec_nids_compatible(nid, tnid))
+            || !TEST_int_eq(EC_GROUP_get_asn1_flag(tgroup),
+                            OPENSSL_EC_EXPLICIT_CURVE)) {
+        TEST_info("nid = %s, tnid = %s", OBJ_nid2sn(nid), OBJ_nid2sn(tnid));
+        goto err;
+    }
+
+    /*
+     * A null seed in the parameters should be ignored, as it is optional:
+     * expect a "named" group.
+     */
+    if (!TEST_int_eq(EC_GROUP_set_seed(tmpg, NULL, 0), 1)
+            || !TEST_ptr(other_params = *p_next++ =
+                         EC_GROUP_get_ecparameters(tmpg, NULL))
+            || !TEST_ptr(tgroup = *g_next++ =
+                          EC_GROUP_new_from_ecparameters(other_params))
+            || !TEST_int_ne((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef)
+            || !TEST_true(are_ec_nids_compatible(nid, tnid))
+            || !TEST_int_eq(EC_GROUP_get_asn1_flag(tgroup),
+                            OPENSSL_EC_EXPLICIT_CURVE)) {
+        TEST_info("nid = %s, tnid = %s", OBJ_nid2sn(nid), OBJ_nid2sn(tnid));
+        goto err;
+    }
+
+    /*
+     * Check that changing any of the generator parameters does not yield a
+     * match with the built-in curves
+     */
+    if (/* Other gen, same group order & cofactor */
+        !TEST_true(EC_GROUP_set_generator(tmpg, other_gen, group_order,
+                                          group_cofactor))
+        || !TEST_ptr(other_params = *p_next++ =
+                     EC_GROUP_get_ecparameters(tmpg, NULL))
+        || !TEST_ptr(tgroup = *g_next++ =
+                      EC_GROUP_new_from_ecparameters(other_params))
+        || !TEST_int_eq((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef)
+        /* Same gen & cofactor, different order */
+        || !TEST_true(EC_GROUP_set_generator(tmpg, group_gen, other_order,
+                                             group_cofactor))
+        || !TEST_ptr(other_params = *p_next++ =
+                     EC_GROUP_get_ecparameters(tmpg, NULL))
+        || !TEST_ptr(tgroup = *g_next++ =
+                      EC_GROUP_new_from_ecparameters(other_params))
+        || !TEST_int_eq((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef)
+        /* The order is not an optional field, so this should fail */
+        || !TEST_false(EC_GROUP_set_generator(tmpg, group_gen, NULL,
+                                              group_cofactor))
+        /* Check that a wrong cofactor is ignored, and we still match */
+        || !TEST_true(EC_GROUP_set_generator(tmpg, group_gen, group_order,
+                                             other_cofactor))
+        || !TEST_ptr(other_params = *p_next++ =
+                     EC_GROUP_get_ecparameters(tmpg, NULL))
+        || !TEST_ptr(tgroup = *g_next++ =
+                      EC_GROUP_new_from_ecparameters(other_params))
+        || !TEST_int_ne((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef)
+        || !TEST_true(are_ec_nids_compatible(nid, tnid))
+        || !TEST_int_eq(EC_GROUP_get_asn1_flag(tgroup),
+                        OPENSSL_EC_EXPLICIT_CURVE)
+        /* Check that if the cofactor is not set then it still matches */
+        || !TEST_true(EC_GROUP_set_generator(tmpg, group_gen, group_order,
+                                             NULL))
+        || !TEST_ptr(other_params = *p_next++ =
+                     EC_GROUP_get_ecparameters(tmpg, NULL))
+        || !TEST_ptr(tgroup = *g_next++ =
+                      EC_GROUP_new_from_ecparameters(other_params))
+        || !TEST_int_ne((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef)
+        || !TEST_true(are_ec_nids_compatible(nid, tnid))
+        || !TEST_int_eq(EC_GROUP_get_asn1_flag(tgroup),
+                        OPENSSL_EC_EXPLICIT_CURVE)
+        /* check that restoring the generator passes */
+        || !TEST_true(EC_GROUP_set_generator(tmpg, group_gen, group_order,
+                                             group_cofactor))
+        || !TEST_ptr(other_params = *p_next++ =
+                     EC_GROUP_get_ecparameters(tmpg, NULL))
+        || !TEST_ptr(tgroup = *g_next++ =
+                      EC_GROUP_new_from_ecparameters(other_params))
+        || !TEST_int_ne((tnid = EC_GROUP_get_curve_name(tgroup)), NID_undef)
+        || !TEST_true(are_ec_nids_compatible(nid, tnid))
+        || !TEST_int_eq(EC_GROUP_get_asn1_flag(tgroup),
+                        OPENSSL_EC_EXPLICIT_CURVE))
+        goto err;
+
+    ret = 1;
+err:
+    for (g_next = &g_ary[0]; g_next < g_ary + OSSL_NELEM(g_ary); g_next++)
+        EC_GROUP_free(*g_next);
+    for (p_next = &p_ary[0]; p_next < p_ary + OSSL_NELEM(g_ary); p_next++)
+        ECPARAMETERS_free(*p_next);
+    ECPARAMETERS_free(params);
+    EC_POINT_free(other_gen);
+    EC_GROUP_free(tmpg);
+    EC_GROUP_free(group);
+    BN_CTX_end(bn_ctx);
+    BN_CTX_free(bn_ctx);
+    return ret;
+}
+
 static int parameter_test(void)
 {
     EC_GROUP *group = NULL, *group2 = NULL;
@@ -1561,6 +1826,179 @@ static int parameter_test(void)
     OPENSSL_free(buf);
     return r;
 }
+
+/*-
+ * random 256-bit explicit parameters curve, cofactor absent
+ * order:    0x0c38d96a9f892b88772ec2e39614a82f4f (132 bit)
+ * cofactor:   0x12bc94785251297abfafddf1565100da (125 bit)
+ */
+static const unsigned char params_cf_pass[] = {
+    0x30, 0x81, 0xcd, 0x02, 0x01, 0x01, 0x30, 0x2c, 0x06, 0x07, 0x2a, 0x86,
+    0x48, 0xce, 0x3d, 0x01, 0x01, 0x02, 0x21, 0x00, 0xe5, 0x00, 0x1f, 0xc5,
+    0xca, 0x71, 0x9d, 0x8e, 0xf7, 0x07, 0x4b, 0x48, 0x37, 0xf9, 0x33, 0x2d,
+    0x71, 0xbf, 0x79, 0xe7, 0xdc, 0x91, 0xc2, 0xff, 0xb6, 0x7b, 0xc3, 0x93,
+    0x44, 0x88, 0xe6, 0x91, 0x30, 0x44, 0x04, 0x20, 0xe5, 0x00, 0x1f, 0xc5,
+    0xca, 0x71, 0x9d, 0x8e, 0xf7, 0x07, 0x4b, 0x48, 0x37, 0xf9, 0x33, 0x2d,
+    0x71, 0xbf, 0x79, 0xe7, 0xdc, 0x91, 0xc2, 0xff, 0xb6, 0x7b, 0xc3, 0x93,
+    0x44, 0x88, 0xe6, 0x8e, 0x04, 0x20, 0x18, 0x8c, 0x59, 0x57, 0xc4, 0xbc,
+    0x85, 0x57, 0xc3, 0x66, 0x9f, 0x89, 0xd5, 0x92, 0x0d, 0x7e, 0x42, 0x27,
+    0x07, 0x64, 0xaa, 0x26, 0xed, 0x89, 0xc4, 0x09, 0x05, 0x4d, 0xc7, 0x23,
+    0x47, 0xda, 0x04, 0x41, 0x04, 0x1b, 0x6b, 0x41, 0x0b, 0xf9, 0xfb, 0x77,
+    0xfd, 0x50, 0xb7, 0x3e, 0x23, 0xa3, 0xec, 0x9a, 0x3b, 0x09, 0x31, 0x6b,
+    0xfa, 0xf6, 0xce, 0x1f, 0xff, 0xeb, 0x57, 0x93, 0x24, 0x70, 0xf3, 0xf4,
+    0xba, 0x7e, 0xfa, 0x86, 0x6e, 0x19, 0x89, 0xe3, 0x55, 0x6d, 0x5a, 0xe9,
+    0xc0, 0x3d, 0xbc, 0xfb, 0xaf, 0xad, 0xd4, 0x7e, 0xa6, 0xe5, 0xfa, 0x1a,
+    0x58, 0x07, 0x9e, 0x8f, 0x0d, 0x3b, 0xf7, 0x38, 0xca, 0x02, 0x11, 0x0c,
+    0x38, 0xd9, 0x6a, 0x9f, 0x89, 0x2b, 0x88, 0x77, 0x2e, 0xc2, 0xe3, 0x96,
+    0x14, 0xa8, 0x2f, 0x4f
+};
+
+/*-
+ * random 256-bit explicit parameters curve, cofactor absent
+ * order:    0x045a75c0c17228ebd9b169a10e34a22101 (131 bit)
+ * cofactor:   0x2e134b4ede82649f67a2e559d361e5fe (126 bit)
+ */
+static const unsigned char params_cf_fail[] = {
+    0x30, 0x81, 0xcd, 0x02, 0x01, 0x01, 0x30, 0x2c, 0x06, 0x07, 0x2a, 0x86,
+    0x48, 0xce, 0x3d, 0x01, 0x01, 0x02, 0x21, 0x00, 0xc8, 0x95, 0x27, 0x37,
+    0xe8, 0xe1, 0xfd, 0xcc, 0xf9, 0x6e, 0x0c, 0xa6, 0x21, 0xc1, 0x7d, 0x6b,
+    0x9d, 0x44, 0x42, 0xea, 0x73, 0x4e, 0x04, 0xb6, 0xac, 0x62, 0x50, 0xd0,
+    0x33, 0xc2, 0xea, 0x13, 0x30, 0x44, 0x04, 0x20, 0xc8, 0x95, 0x27, 0x37,
+    0xe8, 0xe1, 0xfd, 0xcc, 0xf9, 0x6e, 0x0c, 0xa6, 0x21, 0xc1, 0x7d, 0x6b,
+    0x9d, 0x44, 0x42, 0xea, 0x73, 0x4e, 0x04, 0xb6, 0xac, 0x62, 0x50, 0xd0,
+    0x33, 0xc2, 0xea, 0x10, 0x04, 0x20, 0xbf, 0xa6, 0xa8, 0x05, 0x1d, 0x09,
+    0xac, 0x70, 0x39, 0xbb, 0x4d, 0xb2, 0x90, 0x8a, 0x15, 0x41, 0x14, 0x1d,
+    0x11, 0x86, 0x9f, 0x13, 0xa2, 0x63, 0x1a, 0xda, 0x95, 0x22, 0x4d, 0x02,
+    0x15, 0x0a, 0x04, 0x41, 0x04, 0xaf, 0x16, 0x71, 0xf9, 0xc4, 0xc8, 0x59,
+    0x1d, 0xa3, 0x6f, 0xe7, 0xc3, 0x57, 0xa1, 0xfa, 0x9f, 0x49, 0x7c, 0x11,
+    0x27, 0x05, 0xa0, 0x7f, 0xff, 0xf9, 0xe0, 0xe7, 0x92, 0xdd, 0x9c, 0x24,
+    0x8e, 0xc7, 0xb9, 0x52, 0x71, 0x3f, 0xbc, 0x7f, 0x6a, 0x9f, 0x35, 0x70,
+    0xe1, 0x27, 0xd5, 0x35, 0x8a, 0x13, 0xfa, 0xa8, 0x33, 0x3e, 0xd4, 0x73,
+    0x1c, 0x14, 0x58, 0x9e, 0xc7, 0x0a, 0x87, 0x65, 0x8d, 0x02, 0x11, 0x04,
+    0x5a, 0x75, 0xc0, 0xc1, 0x72, 0x28, 0xeb, 0xd9, 0xb1, 0x69, 0xa1, 0x0e,
+    0x34, 0xa2, 0x21, 0x01
+};
+
+/*-
+ * Test two random 256-bit explicit parameters curves with absent cofactor.
+ * The two curves are chosen to roughly straddle the bounds at which the lib
+ * can compute the cofactor automatically, roughly 4*sqrt(p). So test that:
+ *
+ * - params_cf_pass: order is sufficiently close to p to compute cofactor
+ * - params_cf_fail: order is too far away from p to compute cofactor
+ *
+ * For standards-compliant curves, cofactor is chosen as small as possible.
+ * So you can see neither of these curves are fit for cryptographic use.
+ *
+ * Some standards even mandate an upper bound on the cofactor, e.g. SECG1 v2:
+ * h <= 2**(t/8) where t is the security level of the curve, for which the lib
+ * will always succeed in computing the cofactor. Neither of these curves
+ * conform to that -- this is just robustness testing.
+ */
+static int cofactor_range_test(void)
+{
+    EC_GROUP *group = NULL;
+    BIGNUM *cf = NULL;
+    int ret = 0;
+    const unsigned char *b1 = (const unsigned char *)params_cf_fail;
+    const unsigned char *b2 = (const unsigned char *)params_cf_pass;
+
+    if (!TEST_ptr(group = d2i_ECPKParameters(NULL, &b1, sizeof(params_cf_fail)))
+        || !TEST_BN_eq_zero(EC_GROUP_get0_cofactor(group))
+        || !TEST_ptr(group = d2i_ECPKParameters(&group, &b2,
+                                                sizeof(params_cf_pass)))
+        || !TEST_int_gt(BN_hex2bn(&cf, "12bc94785251297abfafddf1565100da"), 0)
+        || !TEST_BN_eq(cf, EC_GROUP_get0_cofactor(group)))
+        goto err;
+    ret = 1;
+ err:
+    BN_free(cf);
+    EC_GROUP_free(group);
+    return ret;
+}
+
+/*-
+ * For named curves, test that:
+ * - the lib correctly computes the cofactor if passed a NULL or zero cofactor
+ * - a nonsensical cofactor throws an error (negative test)
+ * - nonsensical orders throw errors (negative tests)
+ */
+static int cardinality_test(int n)
+{
+    int ret = 0;
+    int nid = curves[n].nid;
+    BN_CTX *ctx = NULL;
+    EC_GROUP *g1 = NULL, *g2 = NULL;
+    EC_POINT *g2_gen = NULL;
+    BIGNUM *g1_p = NULL, *g1_a = NULL, *g1_b = NULL, *g1_x = NULL, *g1_y = NULL,
+           *g1_order = NULL, *g1_cf = NULL, *g2_cf = NULL;
+
+    TEST_info("Curve %s cardinality test", OBJ_nid2sn(nid));
+
+    if (!TEST_ptr(ctx = BN_CTX_new())
+        || !TEST_ptr(g1 = EC_GROUP_new_by_curve_name(nid))
+        || !TEST_ptr(g2 = EC_GROUP_new(EC_GROUP_method_of(g1)))) {
+        EC_GROUP_free(g1);
+        EC_GROUP_free(g2);
+        BN_CTX_free(ctx);
+        return 0;
+    }
+
+    BN_CTX_start(ctx);
+    g1_p = BN_CTX_get(ctx);
+    g1_a = BN_CTX_get(ctx);
+    g1_b = BN_CTX_get(ctx);
+    g1_x = BN_CTX_get(ctx);
+    g1_y = BN_CTX_get(ctx);
+    g1_order = BN_CTX_get(ctx);
+    g1_cf = BN_CTX_get(ctx);
+
+    if (!TEST_ptr(g2_cf = BN_CTX_get(ctx))
+        /* pull out the explicit curve parameters */
+        || !TEST_true(EC_GROUP_get_curve(g1, g1_p, g1_a, g1_b, ctx))
+        || !TEST_true(EC_POINT_get_affine_coordinates(g1,
+                      EC_GROUP_get0_generator(g1), g1_x, g1_y, ctx))
+        || !TEST_true(BN_copy(g1_order, EC_GROUP_get0_order(g1)))
+        || !TEST_true(EC_GROUP_get_cofactor(g1, g1_cf, ctx))
+        /* construct g2 manually with g1 parameters */
+        || !TEST_true(EC_GROUP_set_curve(g2, g1_p, g1_a, g1_b, ctx))
+        || !TEST_ptr(g2_gen = EC_POINT_new(g2))
+        || !TEST_true(EC_POINT_set_affine_coordinates(g2, g2_gen, g1_x, g1_y, ctx))
+        /* pass NULL cofactor: lib should compute it */
+        || !TEST_true(EC_GROUP_set_generator(g2, g2_gen, g1_order, NULL))
+        || !TEST_true(EC_GROUP_get_cofactor(g2, g2_cf, ctx))
+        || !TEST_BN_eq(g1_cf, g2_cf)
+        /* pass zero cofactor: lib should compute it */
+        || !TEST_true(BN_set_word(g2_cf, 0))
+        || !TEST_true(EC_GROUP_set_generator(g2, g2_gen, g1_order, g2_cf))
+        || !TEST_true(EC_GROUP_get_cofactor(g2, g2_cf, ctx))
+        || !TEST_BN_eq(g1_cf, g2_cf)
+        /* negative test for invalid cofactor */
+        || !TEST_true(BN_set_word(g2_cf, 0))
+        || !TEST_true(BN_sub(g2_cf, g2_cf, BN_value_one()))
+        || !TEST_false(EC_GROUP_set_generator(g2, g2_gen, g1_order, g2_cf))
+        /* negative test for NULL order */
+        || !TEST_false(EC_GROUP_set_generator(g2, g2_gen, NULL, NULL))
+        /* negative test for zero order */
+        || !TEST_true(BN_set_word(g1_order, 0))
+        || !TEST_false(EC_GROUP_set_generator(g2, g2_gen, g1_order, NULL))
+        /* negative test for negative order */
+        || !TEST_true(BN_set_word(g2_cf, 0))
+        || !TEST_true(BN_sub(g2_cf, g2_cf, BN_value_one()))
+        || !TEST_false(EC_GROUP_set_generator(g2, g2_gen, g1_order, NULL))
+        /* negative test for too large order */
+        || !TEST_true(BN_lshift(g1_order, g1_p, 2))
+        || !TEST_false(EC_GROUP_set_generator(g2, g2_gen, g1_order, NULL)))
+        goto err;
+    ret = 1;
+ err:
+    EC_POINT_free(g2_gen);
+    EC_GROUP_free(g1);
+    EC_GROUP_free(g2);
+    BN_CTX_end(ctx);
+    BN_CTX_free(ctx);
+    return ret;
+}
 #endif
 
 int setup_tests(void)
@@ -1572,6 +2010,8 @@ int setup_tests(void)
         return 0;
 
     ADD_TEST(parameter_test);
+    ADD_TEST(cofactor_range_test);
+    ADD_ALL_TESTS(cardinality_test, crv_len);
     ADD_TEST(prime_field_tests);
 # ifndef OPENSSL_NO_EC2M
     ADD_TEST(char2_field_tests);
@@ -1583,7 +2023,9 @@ int setup_tests(void)
 # endif
     ADD_ALL_TESTS(internal_curve_test, crv_len);
     ADD_ALL_TESTS(internal_curve_test_method, crv_len);
-#endif
+
+    ADD_ALL_TESTS(check_named_curve_from_ecparameters, crv_len);
+#endif /* OPENSSL_NO_EC */
     return 1;
 }
 
diff --git a/deps/openssl/openssl/test/enginetest.c b/deps/openssl/openssl/test/enginetest.c
index be57f1618305c4..c3dc5bb7ff8d61 100644
--- a/deps/openssl/openssl/test/enginetest.c
+++ b/deps/openssl/openssl/test/enginetest.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -120,8 +120,12 @@ static int test_engines(void)
     display_engine_list();
 
     /*
-     * Depending on whether there's any hardware support compiled in, this
-     * remove may be destined to fail.
+     * At this point, we should have an empty list, unless some hardware
+     * support engine got added.  However, since we don't allow the config
+     * file to be loaded and don't otherwise load any built in engines,
+     * that is unlikely.  Still, we check, if for nothing else, then to
+     * notify that something is a little off (and might mean that |new_h1|
+     * wasn't unloaded when it should have)
      */
     if ((ptr = ENGINE_get_first()) != NULL) {
         if (!ENGINE_remove(ptr))
@@ -346,6 +350,15 @@ static int test_redirect(void)
 }
 #endif
 
+int global_init(void)
+{
+    /*
+     * If the config file gets loaded, the dynamic engine will be loaded,
+     * and that interferes with our test above.
+     */
+    return OPENSSL_init_crypto(OPENSSL_INIT_NO_LOAD_CONFIG, NULL);
+}
+
 int setup_tests(void)
 {
 #ifdef OPENSSL_NO_ENGINE
diff --git a/deps/openssl/openssl/test/evp_extra_test.c b/deps/openssl/openssl/test/evp_extra_test.c
index 8277f950b19a65..3ae6408f0967b5 100644
--- a/deps/openssl/openssl/test/evp_extra_test.c
+++ b/deps/openssl/openssl/test/evp_extra_test.c
@@ -300,7 +300,7 @@ static const unsigned char kExampleECPubKeyDER[] = {
 };
 
 /*
- * kExampleBadECKeyDER is a sample EC public key with a wrong OID
+ * kExampleBadECPubKeyDER is a sample EC public key with a wrong OID
  * 1.2.840.10045.2.2 instead of 1.2.840.10045.2.1 - EC Public Key
  */
 static const unsigned char kExampleBadECPubKeyDER[] = {
diff --git a/deps/openssl/openssl/test/evp_test.c b/deps/openssl/openssl/test/evp_test.c
index 7a3e41c8855695..abb51384e877bf 100644
--- a/deps/openssl/openssl/test/evp_test.c
+++ b/deps/openssl/openssl/test/evp_test.c
@@ -403,6 +403,28 @@ static int digest_test_run(EVP_TEST *t)
     }
 
     if (EVP_MD_flags(expected->digest) & EVP_MD_FLAG_XOF) {
+        EVP_MD_CTX *mctx_cpy;
+        char dont[] = "touch";
+
+        if (!TEST_ptr(mctx_cpy = EVP_MD_CTX_new())) {
+            goto err;
+        }
+        if (!EVP_MD_CTX_copy(mctx_cpy, mctx)) {
+            EVP_MD_CTX_free(mctx_cpy);
+            goto err;
+        }
+        if (!EVP_DigestFinalXOF(mctx_cpy, (unsigned char *)dont, 0)) {
+            EVP_MD_CTX_free(mctx_cpy);
+            t->err = "DIGESTFINALXOF_ERROR";
+            goto err;
+        }
+        if (!TEST_str_eq(dont, "touch")) {
+            EVP_MD_CTX_free(mctx_cpy);
+            t->err = "DIGESTFINALXOF_ERROR";
+            goto err;
+        }
+        EVP_MD_CTX_free(mctx_cpy);
+
         got_len = expected->output_len;
         if (!EVP_DigestFinalXOF(mctx, got, got_len)) {
             t->err = "DIGESTFINALXOF_ERROR";
@@ -532,7 +554,7 @@ static int cipher_test_parse(EVP_TEST *t, const char *keyword,
             else if (strcmp(value, "FALSE") == 0)
                 cdat->tag_late = 0;
             else
-                return 0;
+                return -1;
             return 1;
         }
     }
@@ -543,7 +565,7 @@ static int cipher_test_parse(EVP_TEST *t, const char *keyword,
         else if (strcmp(value, "DECRYPT") == 0)
             cdat->enc = 0;
         else
-            return 0;
+            return -1;
         return 1;
     }
     return 0;
@@ -923,7 +945,7 @@ static int mac_test_parse(EVP_TEST *t,
     if (strcmp(keyword, "Algorithm") == 0) {
         mdata->alg = OPENSSL_strdup(value);
         if (!mdata->alg)
-            return 0;
+            return -1;
         return 1;
     }
     if (strcmp(keyword, "Input") == 0)
@@ -1270,9 +1292,9 @@ static int pderive_test_parse(EVP_TEST *t,
     if (strcmp(keyword, "PeerKey") == 0) {
         EVP_PKEY *peer;
         if (find_key(&peer, value, public_keys) == 0)
-            return 0;
+            return -1;
         if (EVP_PKEY_derive_set_peer(kdata->ctx, peer) <= 0)
-            return 0;
+            return -1;
         return 1;
     }
     if (strcmp(keyword, "SharedSecret") == 0)
@@ -2120,7 +2142,7 @@ static int digestsigver_test_parse(EVP_TEST *t,
     }
     if (strcmp(keyword, "Ctrl") == 0) {
         if (mdata->pctx == NULL)
-            return 0;
+            return -1;
         return pkey_test_ctrl(t, mdata->pctx, value);
     }
     return 0;
diff --git a/deps/openssl/openssl/test/recipes/30-test_evp_data/evpciph.txt b/deps/openssl/openssl/test/recipes/30-test_evp_data/evpciph.txt
index 68eddca7b72844..29c317a1580eb4 100644
--- a/deps/openssl/openssl/test/recipes/30-test_evp_data/evpciph.txt
+++ b/deps/openssl/openssl/test/recipes/30-test_evp_data/evpciph.txt
@@ -1190,7 +1190,18 @@ Result = CIPHERFINAL_ERROR
 
 Title = AES XTS test vectors from IEEE Std 1619-2007
 
+# Using the same key twice for encryption is always banned.
 Cipher = aes-128-xts
+Operation = ENCRYPT
+Key = 0000000000000000000000000000000000000000000000000000000000000000
+IV = 00000000000000000000000000000000
+Plaintext = 0000000000000000000000000000000000000000000000000000000000000000
+Ciphertext = 917cf69ebd68b2ec9b9fe9a3eadda692cd43d2f59598ed858c02c2652fbf922e
+Result = KEY_SET_ERROR
+
+# Using the same key twice for decryption is allowed outside of FIPS mode.
+Cipher = aes-128-xts
+Operation = DECRYPT
 Key = 0000000000000000000000000000000000000000000000000000000000000000
 IV = 00000000000000000000000000000000
 Plaintext = 0000000000000000000000000000000000000000000000000000000000000000
diff --git a/deps/openssl/openssl/test/recipes/70-test_sslmessages.t b/deps/openssl/openssl/test/recipes/70-test_sslmessages.t
index 1e4676973a94e9..212791fc05e1a2 100644
--- a/deps/openssl/openssl/test/recipes/70-test_sslmessages.t
+++ b/deps/openssl/openssl/test/recipes/70-test_sslmessages.t
@@ -1,5 +1,5 @@
 #! /usr/bin/env perl
-# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.
 #
 # Licensed under the OpenSSL license (the "License").  You may not use
 # this file except in compliance with the License.  You can obtain a copy
@@ -95,58 +95,81 @@ my $proxy = TLSProxy::Proxy->new(
 
 @extensions = (
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SERVER_NAME,
+        TLSProxy::Message::CLIENT,
         checkhandshake::SERVER_NAME_CLI_EXTENSION],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_STATUS_REQUEST,
+        TLSProxy::Message::CLIENT,
         checkhandshake::STATUS_REQUEST_CLI_EXTENSION],
     (disabled("ec") ? () :
                       [TLSProxy::Message::MT_CLIENT_HELLO,
                        TLSProxy::Message::EXT_SUPPORTED_GROUPS,
+                       TLSProxy::Message::CLIENT,
                        checkhandshake::DEFAULT_EXTENSIONS]),
     (disabled("ec") ? () :
                       [TLSProxy::Message::MT_CLIENT_HELLO,
                        TLSProxy::Message::EXT_EC_POINT_FORMATS,
+                       TLSProxy::Message::CLIENT,
                        checkhandshake::DEFAULT_EXTENSIONS]),
     (disabled("tls1_2") ? () :
      [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SIG_ALGS,
+        TLSProxy::Message::CLIENT,
          checkhandshake::DEFAULT_EXTENSIONS]),
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ALPN,
+        TLSProxy::Message::CLIENT,
         checkhandshake::ALPN_CLI_EXTENSION],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SCT,
+        TLSProxy::Message::CLIENT,
         checkhandshake::SCT_CLI_EXTENSION],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ENCRYPT_THEN_MAC,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SESSION_TICKET,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_RENEGOTIATE,
+        TLSProxy::Message::CLIENT,
         checkhandshake::RENEGOTIATE_CLI_EXTENSION],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_NPN,
+        TLSProxy::Message::CLIENT,
         checkhandshake::NPN_CLI_EXTENSION],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SRP,
+        TLSProxy::Message::CLIENT,
         checkhandshake::SRP_CLI_EXTENSION],
 
     [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_RENEGOTIATE,
+        TLSProxy::Message::SERVER,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_ENCRYPT_THEN_MAC,
+        TLSProxy::Message::SERVER,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET,
+        TLSProxy::Message::SERVER,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SESSION_TICKET,
+        TLSProxy::Message::SERVER,
         checkhandshake::SESSION_TICKET_SRV_EXTENSION],
     [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SERVER_NAME,
+        TLSProxy::Message::SERVER,
         checkhandshake::SERVER_NAME_SRV_EXTENSION],
     [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_STATUS_REQUEST,
+        TLSProxy::Message::SERVER,
         checkhandshake::STATUS_REQUEST_SRV_EXTENSION],
     [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_ALPN,
+        TLSProxy::Message::SERVER,
         checkhandshake::ALPN_SRV_EXTENSION],
     [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SCT,
+        TLSProxy::Message::SERVER,
         checkhandshake::SCT_SRV_EXTENSION],
     [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_NPN,
+        TLSProxy::Message::SERVER,
         checkhandshake::NPN_SRV_EXTENSION],
     [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_EC_POINT_FORMATS,
+        TLSProxy::Message::SERVER,
         checkhandshake::EC_POINT_FORMAT_SRV_EXTENSION],
-    [0,0,0]
+    [0,0,0,0]
 );
 
 #Test 1: Check we get all the right messages for a default handshake
diff --git a/deps/openssl/openssl/test/recipes/70-test_tls13kexmodes.t b/deps/openssl/openssl/test/recipes/70-test_tls13kexmodes.t
index 716e260e5fa64b..98989b4703a5e4 100644
--- a/deps/openssl/openssl/test/recipes/70-test_tls13kexmodes.t
+++ b/deps/openssl/openssl/test/recipes/70-test_tls13kexmodes.t
@@ -1,5 +1,5 @@
 #! /usr/bin/env perl
-# Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved.
 #
 # Licensed under the OpenSSL license (the "License").  You may not use
 # this file except in compliance with the License.  You can obtain a copy
@@ -62,78 +62,112 @@ $ENV{CTLOG_FILE} = srctop_file("test", "ct", "log_list.conf");
 
 @extensions = (
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SERVER_NAME,
+        TLSProxy::Message::CLIENT,
         checkhandshake::SERVER_NAME_CLI_EXTENSION],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_STATUS_REQUEST,
+        TLSProxy::Message::CLIENT,
         checkhandshake::STATUS_REQUEST_CLI_EXTENSION],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_GROUPS,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EC_POINT_FORMATS,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SIG_ALGS,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ALPN,
+        TLSProxy::Message::CLIENT,
         checkhandshake::ALPN_CLI_EXTENSION],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SCT,
+        TLSProxy::Message::CLIENT,
         checkhandshake::SCT_CLI_EXTENSION],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ENCRYPT_THEN_MAC,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SESSION_TICKET,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_KEY_SHARE,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK_KEX_MODES,
+        TLSProxy::Message::CLIENT,
         checkhandshake::PSK_KEX_MODES_EXTENSION],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK,
+        TLSProxy::Message::CLIENT,
         checkhandshake::PSK_CLI_EXTENSION],
 
     [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS,
+        TLSProxy::Message::SERVER,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_KEY_SHARE,
+        TLSProxy::Message::SERVER,
         checkhandshake::KEY_SHARE_HRR_EXTENSION],
 
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SERVER_NAME,
+        TLSProxy::Message::CLIENT,
         checkhandshake::SERVER_NAME_CLI_EXTENSION],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_STATUS_REQUEST,
+        TLSProxy::Message::CLIENT,
         checkhandshake::STATUS_REQUEST_CLI_EXTENSION],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_GROUPS,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EC_POINT_FORMATS,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SIG_ALGS,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ALPN,
+        TLSProxy::Message::CLIENT,
         checkhandshake::ALPN_CLI_EXTENSION],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SCT,
+        TLSProxy::Message::CLIENT,
         checkhandshake::SCT_CLI_EXTENSION],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ENCRYPT_THEN_MAC,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SESSION_TICKET,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_KEY_SHARE,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK_KEX_MODES,
+        TLSProxy::Message::CLIENT,
         checkhandshake::PSK_KEX_MODES_EXTENSION],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK,
+        TLSProxy::Message::CLIENT,
         checkhandshake::PSK_CLI_EXTENSION],
 
     [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS,
+        TLSProxy::Message::SERVER,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_KEY_SHARE,
+        TLSProxy::Message::SERVER,
         checkhandshake::KEY_SHARE_SRV_EXTENSION],
     [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_PSK,
+        TLSProxy::Message::SERVER,
         checkhandshake::PSK_SRV_EXTENSION],
 
     [TLSProxy::Message::MT_CERTIFICATE, TLSProxy::Message::EXT_STATUS_REQUEST,
+        TLSProxy::Message::SERVER,
         checkhandshake::STATUS_REQUEST_SRV_EXTENSION],
-    [0,0,0]
+    [0,0,0,0]
 );
 
 use constant {
diff --git a/deps/openssl/openssl/test/recipes/70-test_tls13messages.t b/deps/openssl/openssl/test/recipes/70-test_tls13messages.t
index be6a2db5d68b87..171a12fa12b2f5 100644
--- a/deps/openssl/openssl/test/recipes/70-test_tls13messages.t
+++ b/deps/openssl/openssl/test/recipes/70-test_tls13messages.t
@@ -1,5 +1,5 @@
 #! /usr/bin/env perl
-# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.
 #
 # Licensed under the OpenSSL license (the "License").  You may not use
 # this file except in compliance with the License.  You can obtain a copy
@@ -62,92 +62,136 @@ $ENV{CTLOG_FILE} = srctop_file("test", "ct", "log_list.conf");
 
 @extensions = (
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SERVER_NAME,
+        TLSProxy::Message::CLIENT,
         checkhandshake::SERVER_NAME_CLI_EXTENSION],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_STATUS_REQUEST,
+        TLSProxy::Message::CLIENT,
         checkhandshake::STATUS_REQUEST_CLI_EXTENSION],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_GROUPS,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EC_POINT_FORMATS,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SIG_ALGS,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ALPN,
+        TLSProxy::Message::CLIENT,
         checkhandshake::ALPN_CLI_EXTENSION],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SCT,
+        TLSProxy::Message::CLIENT,
         checkhandshake::SCT_CLI_EXTENSION],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ENCRYPT_THEN_MAC,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SESSION_TICKET,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_KEY_SHARE,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK_KEX_MODES,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK,
+        TLSProxy::Message::CLIENT,
         checkhandshake::PSK_CLI_EXTENSION],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_POST_HANDSHAKE_AUTH,
+        TLSProxy::Message::CLIENT,
         checkhandshake::POST_HANDSHAKE_AUTH_CLI_EXTENSION],
 
     [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS,
+        TLSProxy::Message::SERVER,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_KEY_SHARE,
+        TLSProxy::Message::SERVER,
         checkhandshake::KEY_SHARE_HRR_EXTENSION],
 
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SERVER_NAME,
+        TLSProxy::Message::CLIENT,
         checkhandshake::SERVER_NAME_CLI_EXTENSION],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_STATUS_REQUEST,
+        TLSProxy::Message::CLIENT,
         checkhandshake::STATUS_REQUEST_CLI_EXTENSION],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_GROUPS,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EC_POINT_FORMATS,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SIG_ALGS,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ALPN,
+        TLSProxy::Message::CLIENT,
         checkhandshake::ALPN_CLI_EXTENSION],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SCT,
+        TLSProxy::Message::CLIENT,
         checkhandshake::SCT_CLI_EXTENSION],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_ENCRYPT_THEN_MAC,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_EXTENDED_MASTER_SECRET,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SESSION_TICKET,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_KEY_SHARE,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK_KEX_MODES,
+        TLSProxy::Message::CLIENT,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK,
+        TLSProxy::Message::CLIENT,
         checkhandshake::PSK_CLI_EXTENSION],
     [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_POST_HANDSHAKE_AUTH,
+        TLSProxy::Message::CLIENT,
         checkhandshake::POST_HANDSHAKE_AUTH_CLI_EXTENSION],
 
     [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS,
+        TLSProxy::Message::SERVER,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_KEY_SHARE,
+        TLSProxy::Message::SERVER,
         checkhandshake::DEFAULT_EXTENSIONS],
     [TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_PSK,
+        TLSProxy::Message::SERVER,
         checkhandshake::PSK_SRV_EXTENSION],
 
     [TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS, TLSProxy::Message::EXT_SERVER_NAME,
+        TLSProxy::Message::SERVER,
         checkhandshake::SERVER_NAME_SRV_EXTENSION],
     [TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS, TLSProxy::Message::EXT_ALPN,
+        TLSProxy::Message::SERVER,
         checkhandshake::ALPN_SRV_EXTENSION],
     [TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS, TLSProxy::Message::EXT_SUPPORTED_GROUPS,
+        TLSProxy::Message::SERVER,
         checkhandshake::SUPPORTED_GROUPS_SRV_EXTENSION],
 
+    [TLSProxy::Message::MT_CERTIFICATE_REQUEST, TLSProxy::Message::EXT_SIG_ALGS,
+        TLSProxy::Message::SERVER,
+        checkhandshake::DEFAULT_EXTENSIONS],
+
     [TLSProxy::Message::MT_CERTIFICATE, TLSProxy::Message::EXT_STATUS_REQUEST,
+        TLSProxy::Message::SERVER,
         checkhandshake::STATUS_REQUEST_SRV_EXTENSION],
     [TLSProxy::Message::MT_CERTIFICATE, TLSProxy::Message::EXT_SCT,
+        TLSProxy::Message::SERVER,
         checkhandshake::SCT_SRV_EXTENSION],
 
-    [0,0,0]
+    [0,0,0,0]
 );
 
 my $proxy = TLSProxy::Proxy->new(
@@ -163,7 +207,7 @@ $proxy->serverconnects(2);
 $proxy->clientflags("-sess_out ".$session);
 $proxy->sessionfile($session);
 $proxy->start() or plan skip_all => "Unable to start up Proxy for tests";
-plan tests => 16;
+plan tests => 17;
 checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE,
                checkhandshake::DEFAULT_EXTENSIONS,
                "Default handshake test");
@@ -179,7 +223,7 @@ checkhandshake($proxy, checkhandshake::RESUME_HANDSHAKE,
                "Resumption handshake test");
 
 SKIP: {
-    skip "No OCSP support in this OpenSSL build", 3
+    skip "No OCSP support in this OpenSSL build", 4
         if disabled("ct") || disabled("ec") || disabled("ocsp");
     #Test 3: A status_request handshake (client request only)
     $proxy->clear();
@@ -210,9 +254,23 @@ SKIP: {
                    | checkhandshake::STATUS_REQUEST_CLI_EXTENSION
                    | checkhandshake::STATUS_REQUEST_SRV_EXTENSION,
                    "status_request handshake test");
+
+    #Test 6: A status_request handshake (client and server) with client auth
+    $proxy->clear();
+    $proxy->clientflags("-status -enable_pha -cert "
+                        .srctop_file("apps", "server.pem"));
+    $proxy->serverflags("-Verify 5 -status_file "
+                        .srctop_file("test", "recipes", "ocsp-response.der"));
+    $proxy->start();
+    checkhandshake($proxy, checkhandshake::CLIENT_AUTH_HANDSHAKE,
+                   checkhandshake::DEFAULT_EXTENSIONS
+                   | checkhandshake::STATUS_REQUEST_CLI_EXTENSION
+                   | checkhandshake::STATUS_REQUEST_SRV_EXTENSION
+                   | checkhandshake::POST_HANDSHAKE_AUTH_CLI_EXTENSION,
+                   "status_request handshake with client auth test");
 }
 
-#Test 6: A client auth handshake
+#Test 7: A client auth handshake
 $proxy->clear();
 $proxy->clientflags("-enable_pha -cert ".srctop_file("apps", "server.pem"));
 $proxy->serverflags("-Verify 5");
@@ -222,7 +280,7 @@ checkhandshake($proxy, checkhandshake::CLIENT_AUTH_HANDSHAKE,
                checkhandshake::POST_HANDSHAKE_AUTH_CLI_EXTENSION,
                "Client auth handshake test");
 
-#Test 7: Server name handshake (no client request)
+#Test 8: Server name handshake (no client request)
 $proxy->clear();
 $proxy->clientflags("-noservername");
 $proxy->start();
@@ -231,7 +289,7 @@ checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE,
                & ~checkhandshake::SERVER_NAME_CLI_EXTENSION,
                "Server name handshake test (client)");
 
-#Test 8: Server name handshake (server support only)
+#Test 9: Server name handshake (server support only)
 $proxy->clear();
 $proxy->clientflags("-noservername");
 $proxy->serverflags("-servername testhost");
@@ -241,7 +299,7 @@ checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE,
                & ~checkhandshake::SERVER_NAME_CLI_EXTENSION,
                "Server name handshake test (server)");
 
-#Test 9: Server name handshake (client and server)
+#Test 10: Server name handshake (client and server)
 $proxy->clear();
 $proxy->clientflags("-servername testhost");
 $proxy->serverflags("-servername testhost");
@@ -251,7 +309,7 @@ checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE,
                | checkhandshake::SERVER_NAME_SRV_EXTENSION,
                "Server name handshake test");
 
-#Test 10: ALPN handshake (client request only)
+#Test 11: ALPN handshake (client request only)
 $proxy->clear();
 $proxy->clientflags("-alpn test");
 $proxy->start();
@@ -260,7 +318,7 @@ checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE,
                | checkhandshake::ALPN_CLI_EXTENSION,
                "ALPN handshake test (client)");
 
-#Test 11: ALPN handshake (server support only)
+#Test 12: ALPN handshake (server support only)
 $proxy->clear();
 $proxy->serverflags("-alpn test");
 $proxy->start();
@@ -268,7 +326,7 @@ checkhandshake($proxy, checkhandshake::DEFAULT_HANDSHAKE,
                checkhandshake::DEFAULT_EXTENSIONS,
                "ALPN handshake test (server)");
 
-#Test 12: ALPN handshake (client and server)
+#Test 13: ALPN handshake (client and server)
 $proxy->clear();
 $proxy->clientflags("-alpn test");
 $proxy->serverflags("-alpn test");
@@ -283,7 +341,7 @@ SKIP: {
     skip "No CT, EC or OCSP support in this OpenSSL build", 1
         if disabled("ct") || disabled("ec") || disabled("ocsp");
 
-    #Test 13: SCT handshake (client request only)
+    #Test 14: SCT handshake (client request only)
     $proxy->clear();
     #Note: -ct also sends status_request
     $proxy->clientflags("-ct");
@@ -300,10 +358,7 @@ SKIP: {
                    "SCT handshake test");
 }
 
-
-
-
-#Test 14: HRR Handshake
+#Test 15: HRR Handshake
 $proxy->clear();
 $proxy->serverflags("-curves P-256");
 $proxy->start();
@@ -312,7 +367,7 @@ checkhandshake($proxy, checkhandshake::HRR_HANDSHAKE,
                | checkhandshake::KEY_SHARE_HRR_EXTENSION,
                "HRR handshake test");
 
-#Test 15: Resumption handshake with HRR
+#Test 16: Resumption handshake with HRR
 $proxy->clear();
 $proxy->clientflags("-sess_in ".$session);
 $proxy->serverflags("-curves P-256");
@@ -324,7 +379,7 @@ checkhandshake($proxy, checkhandshake::HRR_RESUME_HANDSHAKE,
                 | checkhandshake::PSK_SRV_EXTENSION),
                "Resumption handshake with HRR test");
 
-#Test 16: Acceptable but non preferred key_share
+#Test 17: Acceptable but non preferred key_share
 $proxy->clear();
 $proxy->clientflags("-curves P-256");
 $proxy->start();
diff --git a/deps/openssl/openssl/test/recipes/80-test_cms.t b/deps/openssl/openssl/test/recipes/80-test_cms.t
index b57ca66dac5855..5dc6a3aebe0142 100644
--- a/deps/openssl/openssl/test/recipes/80-test_cms.t
+++ b/deps/openssl/openssl/test/recipes/80-test_cms.t
@@ -21,12 +21,13 @@ setup("test_cms");
 plan skip_all => "CMS is not supported by this OpenSSL build"
     if disabled("cms");
 
+my $datadir = srctop_dir("test", "recipes", "80-test_cms_data");
 my $smdir    = srctop_dir("test", "smime-certs");
 my $smcont   = srctop_file("test", "smcont.txt");
 my ($no_des, $no_dh, $no_dsa, $no_ec, $no_ec2m, $no_rc2, $no_zlib)
     = disabled qw/des dh dsa ec ec2m rc2 zlib/;
 
-plan tests => 4;
+plan tests => 6;
 
 my @smime_pkcs7_tests = (
 
@@ -400,6 +401,26 @@ my @smime_cms_param_tests = (
     ]
     );
 
+my @contenttype_cms_test = (
+    [ "signed content test - check that content type is added to additional signerinfo, RSA keys",
+      [ "-sign", "-binary", "-nodetach", "-stream", "-in", $smcont, "-outform", "DER",
+        "-signer", catfile($smdir, "smrsa1.pem"), "-md", "SHA256",
+        "-out", "test.cms" ],
+      [ "-resign", "-binary", "-nodetach", "-in", "test.cms", "-inform", "DER", "-outform", "DER",
+        "-signer", catfile($smdir, "smrsa2.pem"), "-md", "SHA256",
+        "-out", "test2.cms" ],
+      [ "-verify", "-in", "test2.cms", "-inform", "DER",
+        "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
+    ],
+);
+
+my @incorrect_attribute_cms_test = (
+    "bad_signtime_attr.cms",
+    "no_ct_attr.cms",
+    "no_md_attr.cms",
+    "ct_multiple_attr.cms"
+);
+
 subtest "CMS => PKCS#7 compatibility tests\n" => sub {
     plan tests => scalar @smime_pkcs7_tests;
 
@@ -493,6 +514,52 @@ subtest "CMS <=> CMS consistency tests, modified key parameters\n" => sub {
     }
 };
 
+# Returns the number of matches of a Content Type Attribute in a binary file.
+sub contentType_matches {
+  # Read in a binary file
+  my ($in) = @_;
+  open (HEX_IN, "$in") or die("open failed for $in : $!");
+  binmode(HEX_IN);
+  local $/;
+  my $str = <HEX_IN>;
+
+  # Find ASN1 data for a Content Type Attribute (with a OID of PKCS7 data)
+  my @c = $str =~ /\x30\x18\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x09\x03\x31\x0B\x06\x09\x2A\x86\x48\x86\xF7\x0D\x01\x07\x01/gs;
+
+  close(HEX_IN);
+  return scalar(@c);
+}
+
+subtest "CMS Check the content type attribute is added for additional signers\n" => sub {
+    plan tests =>
+        (scalar @contenttype_cms_test);
+
+    foreach (@contenttype_cms_test) {
+      SKIP: {
+          my $skip_reason = check_availability($$_[0]);
+          skip $skip_reason, 1 if $skip_reason;
+
+          ok(run(app(["openssl", "cms", @{$$_[1]}]))
+             && run(app(["openssl", "cms", @{$$_[2]}]))
+             && contentType_matches("test2.cms") == 2
+             && run(app(["openssl", "cms", @{$$_[3]}])),
+             $$_[0]);
+        }
+    }
+};
+
+subtest "CMS Check that bad attributes fail when verifying signers\n" => sub {
+    plan tests =>
+        (scalar @incorrect_attribute_cms_test);
+
+    foreach my $name (@incorrect_attribute_cms_test) {
+        ok(!run(app(["openssl", "cms", "-verify", "-in",
+                     catfile($datadir, $name), "-inform", "DER", "-CAfile",
+                     catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ])),
+            $name);
+    }
+};
+
 unlink "test.cms";
 unlink "test2.cms";
 unlink "smtst.txt";
diff --git a/deps/openssl/openssl/test/recipes/80-test_cms_data/bad_signtime_attr.cms b/deps/openssl/openssl/test/recipes/80-test_cms_data/bad_signtime_attr.cms
new file mode 100644
index 0000000000000000000000000000000000000000..048a49358140a23cde5bf505f6a727a0feff28ec
GIT binary patch
literal 1524
zcmXqLVB^$k^Jx3d%gD~OpuwPliILHe*MOUiGoj6cF_oExiO~Q_3FCqWl?ImJ;QZXw
z@{Gh1g`E7n^wc7SlGNf7h2;FalGMBsg|z%41^<H7yx?FT1!v!2h0>DDoXnC+g_3-Q
zjKsW@oKzhJAf=F~kdz5CKu=GP0Sp#2F&7v#G3OXGF@-E(W@2Pw;$*mKIqlstZv_Vf
zUbs^kSy>qjTnxDlIN6v(S=fY`LcI;e3`9U2E*@T(<?coKr3Hqv2GSsLW*(6ckSl}r
zeLa0$6@r2t6@v2fOAO@1c@2#X%ngCi$imnlN}Sio*ud1t49YcdCC(N(0~v@dqR6(m
zLM&1?G-zT}LUunRD+6;ABR>OBoQtW6k&)s0`rDh?|88+CYC0w<Z&s8)Jty^=%w5Y<
z7iMs+_`$$Xz<>DhCAA$Bt~!c!-Q2GHy!GJi6<a4(_pKLVzW;q~;C`c>*FS!EAbLoi
z?XsxDV~gxhPp^HRx^0WpkNr+>f95Uqyw^VS*OLdCEnl`=`S<7Pms0-dB{RK*OQk(;
zylS5k_vz84Z)*gd*56%M>c7Y}iBIO;>Pi<)`@<&<*77nh+G4<Ylh4LUiM#FJoG)v|
zV<&~>MIS$PJK18zv1j(SSLWsYE@Ak-s!=9riB48h;Tx{zIC+!RlI8ptlsAh$<vX7p
zyH2wG@+I$_w46s}FM9s?OtSLy`uo4i;n)qu8%Imp<E1<|-HBvkW@KPooL~@Vzyl0N
zSz$)T|13-f3<i849zTf3!py|_z(5wn=VK9L5qZ{oe(72hy=3{TEDzjzPQR;N@xH}C
z9we>IB4HrbAaZhIFjsQ5SakPZmk(tfD^;F7-IjwK2f#E0i~~l7vb`Oy<*eHROJ6xn
z+Z-C45yUQYMY~qjoz255FZlZ1|6ex$*j`y-py|C^uI!h8{R`nk|EfDyINXS8HG2DP
zcc)2d!(WCEmOr(Ot8-ek&5k_y$~9*<>)pfi-5A#tZ89zKihSv|{NcT=swXA$I8rA6
z?r_;1l*=sT?VY(JGWYFHq3T2zgJiR^hMA}2WgMmns%1`bymKZk-urf7zH!sSKlu&Y
zj=paEeXwOy5Bo0nW3#$yMO`=PZBqELMe+K-;GXt7!4en3KAW8Wb+uMLdU?-hK9`-B
zFSeL3;At_jRpxrjz`>g(6~FqtgzL*KGQQ3(xx#v1Dqg)h`}O5d3)8nO0kP+E44W9A
z1JmJSV9qxPq)x6v&b7!z$pUW!33w*vWHtoK!3rNn1ARD$lf_VpMd814-ZyE><k0U?
zKF1y&X1j8jlf&y#;mSvAGdezU2}m0u$0aa7u{1F<gqa=rJY$uy^ucek)giG@oMoqJ
z=sujgkD=PAR^KOR<7z8k%c9p(6BAb6IQb;Xt~J=^reWZeUA1TQl|AD*L)Oaue7S3*
zh{c|YSEufrVz{Ore`)Pv#tC=z%`N7{Ogbo>_3r+jQ1RSFy<YB0eQh5TtlCm)nT~Pa
z*s)chJF<cG*=lyzMUI>J-^+v?3OcNy(sxX4iQDgx85<6tUubb*Z%sPSFNNJ#BA@a!
zvf7p`*XfqLBJk(r|Ij-bxl%#XJiZw9x1VdA`@4ER>+$!Sz8gJ~e!ceX>-lbH7H=`I
z{$XvHJNwD*z@0NXA5`>jF}(0_g=k}-QpZLGC61|=tS6Nw8t#5kaAev-P%#7xQchMw
UeqiBd2`<fy3@nTcqacMW01?wcCjbBd

literal 0
HcmV?d00001

diff --git a/deps/openssl/openssl/test/recipes/80-test_cms_data/ct_multiple_attr.cms b/deps/openssl/openssl/test/recipes/80-test_cms_data/ct_multiple_attr.cms
new file mode 100644
index 0000000000000000000000000000000000000000..974db6ef9a43d6f9cf05f99545a08fe19f2c3a1b
GIT binary patch
literal 1549
zcmXqLVB^$k^Jx3d%gD~OpuwPliILHe*MOUiGoj6cF_oExiO~Q_3FCqWl?ImJ;QZXw
z@{Gh1g`E7n^wc7SlGNf7h2;FalGMBsg|z%41^<H7yx?FT1!v!2h0>DDoXnC+g_3-Q
zjKsW@oKzhJAf=F~kdz5CKu=GP0Sp#2F&7v#G3OXGF@-E(W@2Pw;$*mKIqlstZv_Vf
zUbs^kSy>qjTnxDlIN6v(S=fY`LcI;e3`9U2E*@T(<?coKr3Hqv2GSsLW*(6ckSl}r
zeLa0$6@r2t6@v2fOAO@1c@2#X%ngCi$imnlN}Sio*ud1t49YcdCC(N(0~v@dqR6(m
zLM&1?G-zT}LUunRD+6;ABR>OBoQtW6k&)s0`rDh?|88+CYC0w<Z&s8)Jty^=%w5Y<
z7iMs+_`$$Xz<>DhCAA$Bt~!c!-Q2GHy!GJi6<a4(_pKLVzW;q~;C`c>*FS!EAbLoi
z?XsxDV~gxhPp^HRx^0WpkNr+>f95Uqyw^VS*OLdCEnl`=`S<7Pms0-dB{RK*OQk(;
zylS5k_vz84Z)*gd*56%M>c7Y}iBIO;>Pi<)`@<&<*77nh+G4<Ylh4LUiM#FJoG)v|
zV<&~>MIS$PJK18zv1j(SSLWsYE@Ak-s!=9riB48h;Tx{zIC+!RlI8ptlsAh$<vX7p
zyH2wG@+I$_w46s}FM9s?OtSLy`uo4i;n)qu8%Imp<E1<|-HBvkW@KPooL~@Vzyl0N
zSz$)T|13-f3<i849zTf3!py|_z(5wn=VK9L5qZ{oe(72hy=3{TEDzjzPQR;N@xH}C
z9we>IB4HrbAaZhIFjsQ5SakPZmk(tfD^;F7-IjwK2f#E0i~~l7vb`Oy<*eHROJ6xn
z+Z-C45yUQYMY~qjoz255FZlZ1|6ex$*j`y-py|C^uI!h8{R`nk|EfDyINXS8HG2DP
zcc)2d!(WCEmOr(Ot8-ek&5k_y$~9*<>)pfi-5A#tZ89zKihSv|{NcT=swXA$I8rA6
z?r_;1l*=sT?VY(JGWYFHq3T2zgJiR^hMA}2WgMmns%1`bymKZk-urf7zH!sSKlu&Y
zj=paEeXwOy5Bo0nW3#$yMO`=PZBqELMe+K-;GXt7!4en3KAW8Wb+uMLdU?-hK9`-B
zFSeL3;At_jRpxrjz`>g(6~FqtgzL*KGQQ3(xx#v1Dqg)h`}O5d3)8nO0kP+E44arh
z>F^IQ=Nkl4Cs!foTI8Z+L1VLl1UwgWG8+OVVWkfv9vK<9GEP=QeqfHZ1ZPnr6B9$@
zC<A?jEQ_HMi^6~9yl>K$$)Vq)e2zUl%y#84Cx_Rg!j+HKW^{by5|B1RP6WV=$kN2f
zu=(4Orjx7*$sxH5?gc*lZ8A%4nRw~`bC;KA=n4OQ5Z1jfvdoR~&&H*Hjm6UU9ysk)
zA1C2k)+@BC&p~$HoUCbb7K*Wr??f0H8Y`BbS^w<u-fNZXB0uLmD?Ii5(2O;Iot+Fc
zcAPk~T5Zn1W#-#U_tdO3IoJI6+3x4^PtILQlrQ<YsIN~YHtU@A@slanwS0}XBtE@-
z=&zjfdQX`{%Qu?-YZ7{+FZ6+F&Q0l8?<dz+oaGZMh-iNKTjq~x&!JUmxu0~`URz+)
z;V!&hsj_#0lkD5aT5m1yY<u79B77-)!Gq(G5!}o_(iJOI?<o8$KJj`wqobG|N5_q4
SemCS6t$QbCAHWa|DSZJvQA`~G

literal 0
HcmV?d00001

diff --git a/deps/openssl/openssl/test/recipes/80-test_cms_data/no_ct_attr.cms b/deps/openssl/openssl/test/recipes/80-test_cms_data/no_ct_attr.cms
new file mode 100644
index 0000000000000000000000000000000000000000..64b688b91c3a866a3e79ccc3bd324538de4bf668
GIT binary patch
literal 1496
zcmXqLVB^$k^Jx3d%gD~OpuwPliILHe*MOUiGoj6cF_oExiO~Q_3FCqWl?ImJ;QZXw
z@{Gh1g`E7n^wc7SlGNf7h2;FalGMBsg|z%41^<H7yx?FT1!v!2h0>DDoXnC+g_3-Q
zjKsW@oKzhJAf=F~kdz5CKu=GP0Sp#2F&7v#G3OXGF@-E(W@2Pw;$*mKIqlstZv_Vf
zUbs^kSy>qjTnxDlIN6v(S=fY`LcI;e3`9U2E*@T(<?coKr3Hqv2GSsLW*(6ckSl}r
zeLa0$6@r2t6@v2fOAO@1c@2#X%ngCi$imnlN}Sio*ud1t49YcdCC(N(0~v@dqR6(m
zLM&1?G-zT}LUunRD+6;ABR>OBoQtW6k&)s0`rDh?|88+CYC0w<Z&s8)Jty^=%w5Y<
z7iMs+_`$$Xz<>DhCAA$Bt~!c!-Q2GHy!GJi6<a4(_pKLVzW;q~;C`c>*FS!EAbLoi
z?XsxDV~gxhPp^HRx^0WpkNr+>f95Uqyw^VS*OLdCEnl`=`S<7Pms0-dB{RK*OQk(;
zylS5k_vz84Z)*gd*56%M>c7Y}iBIO;>Pi<)`@<&<*77nh+G4<Ylh4LUiM#FJoG)v|
zV<&~>MIS$PJK18zv1j(SSLWsYE@Ak-s!=9riB48h;Tx{zIC+!RlI8ptlsAh$<vX7p
zyH2wG@+I$_w46s}FM9s?OtSLy`uo4i;n)qu8%Imp<E1<|-HBvkW@KPooL~@Vzyl0N
zSz$)T|13-f3<i849zTf3!py|_z(5wn=VK9L5qZ{oe(72hy=3{TEDzjzPQR;N@xH}C
z9we>IB4HrbAaZhIFjsQ5SakPZmk(tfD^;F7-IjwK2f#E0i~~l7vb`Oy<*eHROJ6xn
z+Z-C45yUQYMY~qjoz255FZlZ1|6ex$*j`y-py|C^uI!h8{R`nk|EfDyINXS8HG2DP
zcc)2d!(WCEmOr(Ot8-ek&5k_y$~9*<>)pfi-5A#tZ89zKihSv|{NcT=swXA$I8rA6
z?r_;1l*=sT?VY(JGWYFHq3T2zgJiR^hMA}2WgMmns%1`bymKZk-urf7zH!sSKlu&Y
zj=paEeXwOy5Bo0nW3#$yMO`=PZBqELMe+K-;GXt7!4en3KAW8Wb+uMLdU?-hK9`-B
zFSeL3;At_jRpxrjz`>g(6~FqtgzL*KGQQ3(xx#v1Dqg)h`}O5d3)8nO0kP+E44W8F
z1JmJgV9qxPq)x6v&b7!z$pU|1Hi4BloUDfYz|3a}&TU2p#>OU52KoqD7DFW#h5yQV
z-=r;*L%&D)9D8_}?aE<J4zEXrD<7@R==jJbAZ>&kpTIoD(!|J+xZT7>C~6VkkJ-ux
z?#d;}92YH>|8Sz@ar%ndrK!R*az7;fef&`8yn~ZO%HC(6Zd#gW&ylY@Qk*H3Bcie{
z$=UwM3`XAS60364%<8-ev%G!Wt149=zx;amt6st7zwKYw@6vf)(Y@2|&bf`Df|DkE
z`sO~>{-wvHsP9kye>nS{vvSq-{{9754qE=0sLLd!I<I6)gt_{T0An@%lI`Mhf}cuS
zt$6(p>%8auYJ5A7`|X4L1hw6hH0GFht@@TQk%7m!bYYIe#?%w<bEF-8bu(H+56NkN
z*W4uRkn+HR<LP`6C-%87EWOHp|GS#icHdoXmiXQJnYTFo*;9>$UV8^Js~f33gcPIz
DrxG<9

literal 0
HcmV?d00001

diff --git a/deps/openssl/openssl/test/recipes/80-test_cms_data/no_md_attr.cms b/deps/openssl/openssl/test/recipes/80-test_cms_data/no_md_attr.cms
new file mode 100644
index 0000000000000000000000000000000000000000..d0a3afa523be6757207e6b876b3f2e7bac60e533
GIT binary patch
literal 1473
zcmXqLVB^$k^Jx3d%gD~OpuwPliILHe*MOUiGoj6cF_oExiO~Q_3FCqWl?ImJ;QZXw
z@{Gh1g`E7n^wc7SlGNf7h2;FalGMBsg|z%41^<H7yx?FT1!v!2h0>DDoXnC+g_3-Q
zjKsW@oKzhJAf=F~kdz5CKu=GP0Sp#2F&7v#G3OXGF@-E(W@2Pw;$*mKIqlstZv_Vf
zUbs^kSy>qjTnxDlIN6v(S=fY`LcI;e3`9U2E*@T(<?coKr3Hqv2GSsLW*(6ckSl}r
zeLa0$6@r2t6@v2fOAO@1c@2#X%ngCi$imnlN}Sio*ud1t49YcdCC(N(0~v@dqR6(m
zLM&1?G-zT}LUunRD+6;ABR>OBoQtW6k&)s0`rDh?|88+CYC0w<Z&s8)Jty^=%w5Y<
z7iMs+_`$$Xz<>DhCAA$Bt~!c!-Q2GHy!GJi6<a4(_pKLVzW;q~;C`c>*FS!EAbLoi
z?XsxDV~gxhPp^HRx^0WpkNr+>f95Uqyw^VS*OLdCEnl`=`S<7Pms0-dB{RK*OQk(;
zylS5k_vz84Z)*gd*56%M>c7Y}iBIO;>Pi<)`@<&<*77nh+G4<Ylh4LUiM#FJoG)v|
zV<&~>MIS$PJK18zv1j(SSLWsYE@Ak-s!=9riB48h;Tx{zIC+!RlI8ptlsAh$<vX7p
zyH2wG@+I$_w46s}FM9s?OtSLy`uo4i;n)qu8%Imp<E1<|-HBvkW@KPooL~@Vzyl0N
zSz$)T|13-f3<i849zTf3!py|_z(5wn=VK9L5qZ{oe(72hy=3{TEDzjzPQR;N@xH}C
z9we>IB4HrbAaZhIFjsQ5SakPZmk(tfD^;F7-IjwK2f#E0i~~l7vb`Oy<*eHROJ6xn
z+Z-C45yUQYMY~qjoz255FZlZ1|6ex$*j`y-py|C^uI!h8{R`nk|EfDyINXS8HG2DP
zcc)2d!(WCEmOr(Ot8-ek&5k_y$~9*<>)pfi-5A#tZ89zKihSv|{NcT=swXA$I8rA6
z?r_;1l*=sT?VY(JGWYFHq3T2zgJiR^hMA}2WgMmns%1`bymKZk-urf7zH!sSKlu&Y
zj=paEeXwOy5Bo0nW3#$yMO`=PZBqELMe+K-;GXt7!4en3KAW8Wb+uMLdU?-hK9`-B
zFSeL3;At_jRpxrjz`>g(6~FqtgzL*KGQQ3(xx#v1Dqg)h`}O5d3)8nO0kP+E44W9Y
z0Mp?HV9qxPq)x6v&b7!z$pQ-l33w*vWHtoK!3rNnU<QJ5I9Uz(f!Wd$oDYo*%nS^p
zkRuM5d03hl8Jq$PXP9eew0AZX%{Ts%{Z;Ptu7vy963L&ZFL<@RY4-HvcP}bl&YipP
zbC*~{Q3F#l^VZoMm1njtEj%UEesYu7vVb*WA15z&%e4~qJND|_+r2x!Sh;OCKb!W-
zFt6-We%`jNm)GT~O>lg8RIc5x+f80)<BiE)Rf(S?FU^X|-}{=S<AvSA&2l`_^%sg>
z&wSjL5}3!?s=LzpTe*+^LA5Z8sW*?AeX(~wn!3AjOF^%3>UW!$EPM)1eVebJXs*oq
zy2o_hp|t5bo@XzLwp<Gql}~QG@N{8@WzpwAt=)g$o|;^Jlk;b13a_=_+=c(etiBw%
a8<+S^<Cs$|qsh{gpr1Ay9yM4)N=yI>(=g`%

literal 0
HcmV?d00001

diff --git a/deps/openssl/openssl/test/recipes/90-test_sslapi.t b/deps/openssl/openssl/test/recipes/90-test_sslapi.t
index 633df477364c90..adbcb4fe68862f 100644
--- a/deps/openssl/openssl/test/recipes/90-test_sslapi.t
+++ b/deps/openssl/openssl/test/recipes/90-test_sslapi.t
@@ -1,5 +1,5 @@
 #! /usr/bin/env perl
-# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
 #
 # Licensed under the OpenSSL license (the "License").  You may not use
 # this file except in compliance with the License.  You can obtain a copy
@@ -8,7 +8,7 @@
 
 
 use OpenSSL::Test::Utils;
-use OpenSSL::Test qw/:DEFAULT srctop_file/;
+use OpenSSL::Test qw/:DEFAULT srctop_file srctop_dir/;
 use File::Temp qw(tempfile);
 
 setup("test_sslapi");
@@ -20,8 +20,7 @@ plan tests => 1;
 
 (undef, my $tmpfilename) = tempfile();
 
-ok(run(test(["sslapitest", srctop_file("apps", "server.pem"),
-             srctop_file("apps", "server.pem"),
+ok(run(test(["sslapitest", srctop_dir("test", "certs"),
              srctop_file("test", "recipes", "90-test_sslapi_data",
                          "passwd.txt"), $tmpfilename])),
              "running sslapitest");
diff --git a/deps/openssl/openssl/test/ssl-tests/20-cert-select.conf b/deps/openssl/openssl/test/ssl-tests/20-cert-select.conf
index 0bcd23d7f0693c..93f3a1ff689a13 100644
--- a/deps/openssl/openssl/test/ssl-tests/20-cert-select.conf
+++ b/deps/openssl/openssl/test/ssl-tests/20-cert-select.conf
@@ -1,6 +1,6 @@
 # Generated with generate_ssl_tests.pl
 
-num_tests = 51
+num_tests = 56
 
 test-0 = 0-ECDSA CipherString Selection
 test-1 = 1-ECDSA CipherString Selection
@@ -24,35 +24,40 @@ test-18 = 18-RSA-PSS Signature Algorithm Selection
 test-19 = 19-RSA-PSS Certificate Legacy Signature Algorithm Selection
 test-20 = 20-RSA-PSS Certificate Unified Signature Algorithm Selection
 test-21 = 21-Only RSA-PSS Certificate
-test-22 = 22-RSA-PSS Certificate, no PSS signature algorithms
-test-23 = 23-RSA key exchange with all RSA certificate types
-test-24 = 24-RSA key exchange with only RSA-PSS certificate
-test-25 = 25-Suite B P-256 Hash Algorithm Selection
-test-26 = 26-Suite B P-384 Hash Algorithm Selection
-test-27 = 27-TLS 1.2 Ed25519 Client Auth
-test-28 = 28-TLS 1.2 Ed448 Client Auth
-test-29 = 29-Only RSA-PSS Certificate, TLS v1.1
-test-30 = 30-TLS 1.3 ECDSA Signature Algorithm Selection
-test-31 = 31-TLS 1.3 ECDSA Signature Algorithm Selection compressed point
-test-32 = 32-TLS 1.3 ECDSA Signature Algorithm Selection SHA1
-test-33 = 33-TLS 1.3 ECDSA Signature Algorithm Selection with PSS
-test-34 = 34-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS
-test-35 = 35-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate
-test-36 = 36-TLS 1.3 RSA Signature Algorithm Selection, no PSS
-test-37 = 37-TLS 1.3 RSA-PSS Signature Algorithm Selection
-test-38 = 38-TLS 1.3 Ed25519 Signature Algorithm Selection
-test-39 = 39-TLS 1.3 Ed448 Signature Algorithm Selection
-test-40 = 40-TLS 1.3 Ed25519 CipherString and Groups Selection
-test-41 = 41-TLS 1.3 Ed448 CipherString and Groups Selection
-test-42 = 42-TLS 1.3 RSA Client Auth Signature Algorithm Selection
-test-43 = 43-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names
-test-44 = 44-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection
-test-45 = 45-TLS 1.3 Ed25519 Client Auth
-test-46 = 46-TLS 1.3 Ed448 Client Auth
-test-47 = 47-TLS 1.3 ECDSA with brainpool
-test-48 = 48-TLS 1.2 DSA Certificate Test
-test-49 = 49-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms
-test-50 = 50-TLS 1.3 DSA Certificate Test
+test-22 = 22-Only RSA-PSS Certificate Valid Signature Algorithms
+test-23 = 23-RSA-PSS Certificate, no PSS signature algorithms
+test-24 = 24-Only RSA-PSS Restricted Certificate
+test-25 = 25-RSA-PSS Restricted Certificate Valid Signature Algorithms
+test-26 = 26-RSA-PSS Restricted Cert client prefers invalid Signature Algorithm
+test-27 = 27-RSA-PSS Restricted Certificate Invalid Signature Algorithms
+test-28 = 28-RSA key exchange with all RSA certificate types
+test-29 = 29-RSA key exchange with only RSA-PSS certificate
+test-30 = 30-Suite B P-256 Hash Algorithm Selection
+test-31 = 31-Suite B P-384 Hash Algorithm Selection
+test-32 = 32-TLS 1.2 Ed25519 Client Auth
+test-33 = 33-TLS 1.2 Ed448 Client Auth
+test-34 = 34-Only RSA-PSS Certificate, TLS v1.1
+test-35 = 35-TLS 1.3 ECDSA Signature Algorithm Selection
+test-36 = 36-TLS 1.3 ECDSA Signature Algorithm Selection compressed point
+test-37 = 37-TLS 1.3 ECDSA Signature Algorithm Selection SHA1
+test-38 = 38-TLS 1.3 ECDSA Signature Algorithm Selection with PSS
+test-39 = 39-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS
+test-40 = 40-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate
+test-41 = 41-TLS 1.3 RSA Signature Algorithm Selection, no PSS
+test-42 = 42-TLS 1.3 RSA-PSS Signature Algorithm Selection
+test-43 = 43-TLS 1.3 Ed25519 Signature Algorithm Selection
+test-44 = 44-TLS 1.3 Ed448 Signature Algorithm Selection
+test-45 = 45-TLS 1.3 Ed25519 CipherString and Groups Selection
+test-46 = 46-TLS 1.3 Ed448 CipherString and Groups Selection
+test-47 = 47-TLS 1.3 RSA Client Auth Signature Algorithm Selection
+test-48 = 48-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names
+test-49 = 49-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection
+test-50 = 50-TLS 1.3 Ed25519 Client Auth
+test-51 = 51-TLS 1.3 Ed448 Client Auth
+test-52 = 52-TLS 1.3 ECDSA with brainpool
+test-53 = 53-TLS 1.2 DSA Certificate Test
+test-54 = 54-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms
+test-55 = 55-TLS 1.3 DSA Certificate Test
 # ===========================================================
 
 [0-ECDSA CipherString Selection]
@@ -775,89 +780,220 @@ ExpectedServerSignType = RSA-PSS
 
 # ===========================================================
 
-[22-RSA-PSS Certificate, no PSS signature algorithms]
-ssl_conf = 22-RSA-PSS Certificate, no PSS signature algorithms-ssl
+[22-Only RSA-PSS Certificate Valid Signature Algorithms]
+ssl_conf = 22-Only RSA-PSS Certificate Valid Signature Algorithms-ssl
 
-[22-RSA-PSS Certificate, no PSS signature algorithms-ssl]
-server = 22-RSA-PSS Certificate, no PSS signature algorithms-server
-client = 22-RSA-PSS Certificate, no PSS signature algorithms-client
+[22-Only RSA-PSS Certificate Valid Signature Algorithms-ssl]
+server = 22-Only RSA-PSS Certificate Valid Signature Algorithms-server
+client = 22-Only RSA-PSS Certificate Valid Signature Algorithms-client
 
-[22-RSA-PSS Certificate, no PSS signature algorithms-server]
+[22-Only RSA-PSS Certificate Valid Signature Algorithms-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem
 CipherString = DEFAULT
 PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem
 
-[22-RSA-PSS Certificate, no PSS signature algorithms-client]
+[22-Only RSA-PSS Certificate Valid Signature Algorithms-client]
 CipherString = DEFAULT
-SignatureAlgorithms = RSA+SHA256
+SignatureAlgorithms = rsa_pss_pss_sha512
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
 [test-22]
+ExpectedResult = Success
+ExpectedServerCertType = RSA-PSS
+ExpectedServerSignHash = SHA512
+ExpectedServerSignType = RSA-PSS
+
+
+# ===========================================================
+
+[23-RSA-PSS Certificate, no PSS signature algorithms]
+ssl_conf = 23-RSA-PSS Certificate, no PSS signature algorithms-ssl
+
+[23-RSA-PSS Certificate, no PSS signature algorithms-ssl]
+server = 23-RSA-PSS Certificate, no PSS signature algorithms-server
+client = 23-RSA-PSS Certificate, no PSS signature algorithms-client
+
+[23-RSA-PSS Certificate, no PSS signature algorithms-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem
+
+[23-RSA-PSS Certificate, no PSS signature algorithms-client]
+CipherString = DEFAULT
+SignatureAlgorithms = RSA+SHA256
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-23]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[24-Only RSA-PSS Restricted Certificate]
+ssl_conf = 24-Only RSA-PSS Restricted Certificate-ssl
+
+[24-Only RSA-PSS Restricted Certificate-ssl]
+server = 24-Only RSA-PSS Restricted Certificate-server
+client = 24-Only RSA-PSS Restricted Certificate-client
+
+[24-Only RSA-PSS Restricted Certificate-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-restrict-cert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-restrict-key.pem
+
+[24-Only RSA-PSS Restricted Certificate-client]
+CipherString = DEFAULT
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-24]
+ExpectedResult = Success
+ExpectedServerCertType = RSA-PSS
+ExpectedServerSignHash = SHA256
+ExpectedServerSignType = RSA-PSS
+
+
+# ===========================================================
+
+[25-RSA-PSS Restricted Certificate Valid Signature Algorithms]
+ssl_conf = 25-RSA-PSS Restricted Certificate Valid Signature Algorithms-ssl
+
+[25-RSA-PSS Restricted Certificate Valid Signature Algorithms-ssl]
+server = 25-RSA-PSS Restricted Certificate Valid Signature Algorithms-server
+client = 25-RSA-PSS Restricted Certificate Valid Signature Algorithms-client
+
+[25-RSA-PSS Restricted Certificate Valid Signature Algorithms-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-restrict-cert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-restrict-key.pem
+
+[25-RSA-PSS Restricted Certificate Valid Signature Algorithms-client]
+CipherString = DEFAULT
+SignatureAlgorithms = rsa_pss_pss_sha256:rsa_pss_pss_sha512
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-25]
+ExpectedResult = Success
+ExpectedServerCertType = RSA-PSS
+ExpectedServerSignHash = SHA256
+ExpectedServerSignType = RSA-PSS
+
+
+# ===========================================================
+
+[26-RSA-PSS Restricted Cert client prefers invalid Signature Algorithm]
+ssl_conf = 26-RSA-PSS Restricted Cert client prefers invalid Signature Algorithm-ssl
+
+[26-RSA-PSS Restricted Cert client prefers invalid Signature Algorithm-ssl]
+server = 26-RSA-PSS Restricted Cert client prefers invalid Signature Algorithm-server
+client = 26-RSA-PSS Restricted Cert client prefers invalid Signature Algorithm-client
+
+[26-RSA-PSS Restricted Cert client prefers invalid Signature Algorithm-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-restrict-cert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-restrict-key.pem
+
+[26-RSA-PSS Restricted Cert client prefers invalid Signature Algorithm-client]
+CipherString = DEFAULT
+SignatureAlgorithms = rsa_pss_pss_sha512:rsa_pss_pss_sha256
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-26]
+ExpectedResult = Success
+ExpectedServerCertType = RSA-PSS
+ExpectedServerSignHash = SHA256
+ExpectedServerSignType = RSA-PSS
+
+
+# ===========================================================
+
+[27-RSA-PSS Restricted Certificate Invalid Signature Algorithms]
+ssl_conf = 27-RSA-PSS Restricted Certificate Invalid Signature Algorithms-ssl
+
+[27-RSA-PSS Restricted Certificate Invalid Signature Algorithms-ssl]
+server = 27-RSA-PSS Restricted Certificate Invalid Signature Algorithms-server
+client = 27-RSA-PSS Restricted Certificate Invalid Signature Algorithms-client
+
+[27-RSA-PSS Restricted Certificate Invalid Signature Algorithms-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-restrict-cert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-restrict-key.pem
+
+[27-RSA-PSS Restricted Certificate Invalid Signature Algorithms-client]
+CipherString = DEFAULT
+SignatureAlgorithms = rsa_pss_pss_sha512
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-27]
 ExpectedResult = ServerFail
 
 
 # ===========================================================
 
-[23-RSA key exchange with all RSA certificate types]
-ssl_conf = 23-RSA key exchange with all RSA certificate types-ssl
+[28-RSA key exchange with all RSA certificate types]
+ssl_conf = 28-RSA key exchange with all RSA certificate types-ssl
 
-[23-RSA key exchange with all RSA certificate types-ssl]
-server = 23-RSA key exchange with all RSA certificate types-server
-client = 23-RSA key exchange with all RSA certificate types-client
+[28-RSA key exchange with all RSA certificate types-ssl]
+server = 28-RSA key exchange with all RSA certificate types-server
+client = 28-RSA key exchange with all RSA certificate types-client
 
-[23-RSA key exchange with all RSA certificate types-server]
+[28-RSA key exchange with all RSA certificate types-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 PSS.Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem
 PSS.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
-[23-RSA key exchange with all RSA certificate types-client]
+[28-RSA key exchange with all RSA certificate types-client]
 CipherString = kRSA
 MaxProtocol = TLSv1.2
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-23]
+[test-28]
 ExpectedResult = Success
 ExpectedServerCertType = RSA
 
 
 # ===========================================================
 
-[24-RSA key exchange with only RSA-PSS certificate]
-ssl_conf = 24-RSA key exchange with only RSA-PSS certificate-ssl
+[29-RSA key exchange with only RSA-PSS certificate]
+ssl_conf = 29-RSA key exchange with only RSA-PSS certificate-ssl
 
-[24-RSA key exchange with only RSA-PSS certificate-ssl]
-server = 24-RSA key exchange with only RSA-PSS certificate-server
-client = 24-RSA key exchange with only RSA-PSS certificate-client
+[29-RSA key exchange with only RSA-PSS certificate-ssl]
+server = 29-RSA key exchange with only RSA-PSS certificate-server
+client = 29-RSA key exchange with only RSA-PSS certificate-client
 
-[24-RSA key exchange with only RSA-PSS certificate-server]
+[29-RSA key exchange with only RSA-PSS certificate-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem
 CipherString = DEFAULT
 PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem
 
-[24-RSA key exchange with only RSA-PSS certificate-client]
+[29-RSA key exchange with only RSA-PSS certificate-client]
 CipherString = kRSA
 MaxProtocol = TLSv1.2
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-24]
+[test-29]
 ExpectedResult = ServerFail
 
 
 # ===========================================================
 
-[25-Suite B P-256 Hash Algorithm Selection]
-ssl_conf = 25-Suite B P-256 Hash Algorithm Selection-ssl
+[30-Suite B P-256 Hash Algorithm Selection]
+ssl_conf = 30-Suite B P-256 Hash Algorithm Selection-ssl
 
-[25-Suite B P-256 Hash Algorithm Selection-ssl]
-server = 25-Suite B P-256 Hash Algorithm Selection-server
-client = 25-Suite B P-256 Hash Algorithm Selection-client
+[30-Suite B P-256 Hash Algorithm Selection-ssl]
+server = 30-Suite B P-256 Hash Algorithm Selection-server
+client = 30-Suite B P-256 Hash Algorithm Selection-client
 
-[25-Suite B P-256 Hash Algorithm Selection-server]
+[30-Suite B P-256 Hash Algorithm Selection-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = SUITEB128
 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/p256-server-cert.pem
@@ -865,13 +1001,13 @@ ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/p256-server-key.pem
 MaxProtocol = TLSv1.2
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
-[25-Suite B P-256 Hash Algorithm Selection-client]
+[30-Suite B P-256 Hash Algorithm Selection-client]
 CipherString = DEFAULT
 SignatureAlgorithms = ECDSA+SHA384:ECDSA+SHA256
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/p384-root.pem
 VerifyMode = Peer
 
-[test-25]
+[test-30]
 ExpectedResult = Success
 ExpectedServerCertType = P-256
 ExpectedServerSignHash = SHA256
@@ -880,14 +1016,14 @@ ExpectedServerSignType = EC
 
 # ===========================================================
 
-[26-Suite B P-384 Hash Algorithm Selection]
-ssl_conf = 26-Suite B P-384 Hash Algorithm Selection-ssl
+[31-Suite B P-384 Hash Algorithm Selection]
+ssl_conf = 31-Suite B P-384 Hash Algorithm Selection-ssl
 
-[26-Suite B P-384 Hash Algorithm Selection-ssl]
-server = 26-Suite B P-384 Hash Algorithm Selection-server
-client = 26-Suite B P-384 Hash Algorithm Selection-client
+[31-Suite B P-384 Hash Algorithm Selection-ssl]
+server = 31-Suite B P-384 Hash Algorithm Selection-server
+client = 31-Suite B P-384 Hash Algorithm Selection-client
 
-[26-Suite B P-384 Hash Algorithm Selection-server]
+[31-Suite B P-384 Hash Algorithm Selection-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = SUITEB128
 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/p384-server-cert.pem
@@ -895,13 +1031,13 @@ ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/p384-server-key.pem
 MaxProtocol = TLSv1.2
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
-[26-Suite B P-384 Hash Algorithm Selection-client]
+[31-Suite B P-384 Hash Algorithm Selection-client]
 CipherString = DEFAULT
 SignatureAlgorithms = ECDSA+SHA256:ECDSA+SHA384
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/p384-root.pem
 VerifyMode = Peer
 
-[test-26]
+[test-31]
 ExpectedResult = Success
 ExpectedServerCertType = P-384
 ExpectedServerSignHash = SHA384
@@ -910,21 +1046,21 @@ ExpectedServerSignType = EC
 
 # ===========================================================
 
-[27-TLS 1.2 Ed25519 Client Auth]
-ssl_conf = 27-TLS 1.2 Ed25519 Client Auth-ssl
+[32-TLS 1.2 Ed25519 Client Auth]
+ssl_conf = 32-TLS 1.2 Ed25519 Client Auth-ssl
 
-[27-TLS 1.2 Ed25519 Client Auth-ssl]
-server = 27-TLS 1.2 Ed25519 Client Auth-server
-client = 27-TLS 1.2 Ed25519 Client Auth-client
+[32-TLS 1.2 Ed25519 Client Auth-ssl]
+server = 32-TLS 1.2 Ed25519 Client Auth-server
+client = 32-TLS 1.2 Ed25519 Client Auth-client
 
-[27-TLS 1.2 Ed25519 Client Auth-server]
+[32-TLS 1.2 Ed25519 Client Auth-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
 VerifyMode = Require
 
-[27-TLS 1.2 Ed25519 Client Auth-client]
+[32-TLS 1.2 Ed25519 Client Auth-client]
 CipherString = DEFAULT
 Ed25519.Certificate = ${ENV::TEST_CERTS_DIR}/client-ed25519-cert.pem
 Ed25519.PrivateKey = ${ENV::TEST_CERTS_DIR}/client-ed25519-key.pem
@@ -933,7 +1069,7 @@ MinProtocol = TLSv1.2
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-27]
+[test-32]
 ExpectedClientCertType = Ed25519
 ExpectedClientSignType = Ed25519
 ExpectedResult = Success
@@ -941,21 +1077,21 @@ ExpectedResult = Success
 
 # ===========================================================
 
-[28-TLS 1.2 Ed448 Client Auth]
-ssl_conf = 28-TLS 1.2 Ed448 Client Auth-ssl
+[33-TLS 1.2 Ed448 Client Auth]
+ssl_conf = 33-TLS 1.2 Ed448 Client Auth-ssl
 
-[28-TLS 1.2 Ed448 Client Auth-ssl]
-server = 28-TLS 1.2 Ed448 Client Auth-server
-client = 28-TLS 1.2 Ed448 Client Auth-client
+[33-TLS 1.2 Ed448 Client Auth-ssl]
+server = 33-TLS 1.2 Ed448 Client Auth-server
+client = 33-TLS 1.2 Ed448 Client Auth-client
 
-[28-TLS 1.2 Ed448 Client Auth-server]
+[33-TLS 1.2 Ed448 Client Auth-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
 VerifyMode = Require
 
-[28-TLS 1.2 Ed448 Client Auth-client]
+[33-TLS 1.2 Ed448 Client Auth-client]
 CipherString = DEFAULT
 Ed448.Certificate = ${ENV::TEST_CERTS_DIR}/client-ed448-cert.pem
 Ed448.PrivateKey = ${ENV::TEST_CERTS_DIR}/client-ed448-key.pem
@@ -964,7 +1100,7 @@ MinProtocol = TLSv1.2
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-28]
+[test-33]
 ExpectedClientCertType = Ed448
 ExpectedClientSignType = Ed448
 ExpectedResult = Success
@@ -972,38 +1108,38 @@ ExpectedResult = Success
 
 # ===========================================================
 
-[29-Only RSA-PSS Certificate, TLS v1.1]
-ssl_conf = 29-Only RSA-PSS Certificate, TLS v1.1-ssl
+[34-Only RSA-PSS Certificate, TLS v1.1]
+ssl_conf = 34-Only RSA-PSS Certificate, TLS v1.1-ssl
 
-[29-Only RSA-PSS Certificate, TLS v1.1-ssl]
-server = 29-Only RSA-PSS Certificate, TLS v1.1-server
-client = 29-Only RSA-PSS Certificate, TLS v1.1-client
+[34-Only RSA-PSS Certificate, TLS v1.1-ssl]
+server = 34-Only RSA-PSS Certificate, TLS v1.1-server
+client = 34-Only RSA-PSS Certificate, TLS v1.1-client
 
-[29-Only RSA-PSS Certificate, TLS v1.1-server]
+[34-Only RSA-PSS Certificate, TLS v1.1-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/server-pss-cert.pem
 CipherString = DEFAULT
 PrivateKey = ${ENV::TEST_CERTS_DIR}/server-pss-key.pem
 
-[29-Only RSA-PSS Certificate, TLS v1.1-client]
+[34-Only RSA-PSS Certificate, TLS v1.1-client]
 CipherString = DEFAULT
 MaxProtocol = TLSv1.1
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-29]
+[test-34]
 ExpectedResult = ServerFail
 
 
 # ===========================================================
 
-[30-TLS 1.3 ECDSA Signature Algorithm Selection]
-ssl_conf = 30-TLS 1.3 ECDSA Signature Algorithm Selection-ssl
+[35-TLS 1.3 ECDSA Signature Algorithm Selection]
+ssl_conf = 35-TLS 1.3 ECDSA Signature Algorithm Selection-ssl
 
-[30-TLS 1.3 ECDSA Signature Algorithm Selection-ssl]
-server = 30-TLS 1.3 ECDSA Signature Algorithm Selection-server
-client = 30-TLS 1.3 ECDSA Signature Algorithm Selection-client
+[35-TLS 1.3 ECDSA Signature Algorithm Selection-ssl]
+server = 35-TLS 1.3 ECDSA Signature Algorithm Selection-server
+client = 35-TLS 1.3 ECDSA Signature Algorithm Selection-client
 
-[30-TLS 1.3 ECDSA Signature Algorithm Selection-server]
+[35-TLS 1.3 ECDSA Signature Algorithm Selection-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
@@ -1016,13 +1152,13 @@ MaxProtocol = TLSv1.3
 MinProtocol = TLSv1.3
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
-[30-TLS 1.3 ECDSA Signature Algorithm Selection-client]
+[35-TLS 1.3 ECDSA Signature Algorithm Selection-client]
 CipherString = DEFAULT
 SignatureAlgorithms = ECDSA+SHA256
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-30]
+[test-35]
 ExpectedResult = Success
 ExpectedServerCANames = empty
 ExpectedServerCertType = P-256
@@ -1032,14 +1168,14 @@ ExpectedServerSignType = EC
 
 # ===========================================================
 
-[31-TLS 1.3 ECDSA Signature Algorithm Selection compressed point]
-ssl_conf = 31-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-ssl
+[36-TLS 1.3 ECDSA Signature Algorithm Selection compressed point]
+ssl_conf = 36-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-ssl
 
-[31-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-ssl]
-server = 31-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-server
-client = 31-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-client
+[36-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-ssl]
+server = 36-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-server
+client = 36-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-client
 
-[31-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-server]
+[36-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-cecdsa-cert.pem
@@ -1048,13 +1184,13 @@ MaxProtocol = TLSv1.3
 MinProtocol = TLSv1.3
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
-[31-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-client]
+[36-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-client]
 CipherString = DEFAULT
 SignatureAlgorithms = ECDSA+SHA256
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-31]
+[test-36]
 ExpectedResult = Success
 ExpectedServerCANames = empty
 ExpectedServerCertType = P-256
@@ -1064,14 +1200,14 @@ ExpectedServerSignType = EC
 
 # ===========================================================
 
-[32-TLS 1.3 ECDSA Signature Algorithm Selection SHA1]
-ssl_conf = 32-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-ssl
+[37-TLS 1.3 ECDSA Signature Algorithm Selection SHA1]
+ssl_conf = 37-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-ssl
 
-[32-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-ssl]
-server = 32-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-server
-client = 32-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-client
+[37-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-ssl]
+server = 37-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-server
+client = 37-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-client
 
-[32-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-server]
+[37-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
@@ -1084,26 +1220,26 @@ MaxProtocol = TLSv1.3
 MinProtocol = TLSv1.3
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
-[32-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-client]
+[37-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-client]
 CipherString = DEFAULT
 SignatureAlgorithms = ECDSA+SHA1
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-32]
+[test-37]
 ExpectedResult = ServerFail
 
 
 # ===========================================================
 
-[33-TLS 1.3 ECDSA Signature Algorithm Selection with PSS]
-ssl_conf = 33-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-ssl
+[38-TLS 1.3 ECDSA Signature Algorithm Selection with PSS]
+ssl_conf = 38-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-ssl
 
-[33-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-ssl]
-server = 33-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-server
-client = 33-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-client
+[38-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-ssl]
+server = 38-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-server
+client = 38-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-client
 
-[33-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-server]
+[38-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
@@ -1116,14 +1252,14 @@ MaxProtocol = TLSv1.3
 MinProtocol = TLSv1.3
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
-[33-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-client]
+[38-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-client]
 CipherString = DEFAULT
 RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
 SignatureAlgorithms = ECDSA+SHA256:RSA-PSS+SHA256
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-33]
+[test-38]
 ExpectedResult = Success
 ExpectedServerCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem
 ExpectedServerCertType = P-256
@@ -1133,14 +1269,14 @@ ExpectedServerSignType = EC
 
 # ===========================================================
 
-[34-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS]
-ssl_conf = 34-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-ssl
+[39-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS]
+ssl_conf = 39-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-ssl
 
-[34-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-ssl]
-server = 34-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-server
-client = 34-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-client
+[39-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-ssl]
+server = 39-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-server
+client = 39-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-client
 
-[34-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-server]
+[39-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
@@ -1153,13 +1289,13 @@ MaxProtocol = TLSv1.3
 MinProtocol = TLSv1.3
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
-[34-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-client]
+[39-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-client]
 CipherString = DEFAULT
 SignatureAlgorithms = ECDSA+SHA384:RSA-PSS+SHA384
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-34]
+[test-39]
 ExpectedResult = Success
 ExpectedServerCertType = RSA
 ExpectedServerSignHash = SHA384
@@ -1168,40 +1304,40 @@ ExpectedServerSignType = RSA-PSS
 
 # ===========================================================
 
-[35-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate]
-ssl_conf = 35-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl
+[40-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate]
+ssl_conf = 40-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl
 
-[35-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl]
-server = 35-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-server
-client = 35-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-client
+[40-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl]
+server = 40-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-server
+client = 40-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-client
 
-[35-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-server]
+[40-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 MaxProtocol = TLSv1.3
 MinProtocol = TLSv1.3
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
-[35-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-client]
+[40-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-client]
 CipherString = DEFAULT
 SignatureAlgorithms = ECDSA+SHA256
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-35]
+[test-40]
 ExpectedResult = ServerFail
 
 
 # ===========================================================
 
-[36-TLS 1.3 RSA Signature Algorithm Selection, no PSS]
-ssl_conf = 36-TLS 1.3 RSA Signature Algorithm Selection, no PSS-ssl
+[41-TLS 1.3 RSA Signature Algorithm Selection, no PSS]
+ssl_conf = 41-TLS 1.3 RSA Signature Algorithm Selection, no PSS-ssl
 
-[36-TLS 1.3 RSA Signature Algorithm Selection, no PSS-ssl]
-server = 36-TLS 1.3 RSA Signature Algorithm Selection, no PSS-server
-client = 36-TLS 1.3 RSA Signature Algorithm Selection, no PSS-client
+[41-TLS 1.3 RSA Signature Algorithm Selection, no PSS-ssl]
+server = 41-TLS 1.3 RSA Signature Algorithm Selection, no PSS-server
+client = 41-TLS 1.3 RSA Signature Algorithm Selection, no PSS-client
 
-[36-TLS 1.3 RSA Signature Algorithm Selection, no PSS-server]
+[41-TLS 1.3 RSA Signature Algorithm Selection, no PSS-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
@@ -1214,26 +1350,26 @@ MaxProtocol = TLSv1.3
 MinProtocol = TLSv1.3
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
-[36-TLS 1.3 RSA Signature Algorithm Selection, no PSS-client]
+[41-TLS 1.3 RSA Signature Algorithm Selection, no PSS-client]
 CipherString = DEFAULT
 SignatureAlgorithms = RSA+SHA256
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-36]
+[test-41]
 ExpectedResult = ServerFail
 
 
 # ===========================================================
 
-[37-TLS 1.3 RSA-PSS Signature Algorithm Selection]
-ssl_conf = 37-TLS 1.3 RSA-PSS Signature Algorithm Selection-ssl
+[42-TLS 1.3 RSA-PSS Signature Algorithm Selection]
+ssl_conf = 42-TLS 1.3 RSA-PSS Signature Algorithm Selection-ssl
 
-[37-TLS 1.3 RSA-PSS Signature Algorithm Selection-ssl]
-server = 37-TLS 1.3 RSA-PSS Signature Algorithm Selection-server
-client = 37-TLS 1.3 RSA-PSS Signature Algorithm Selection-client
+[42-TLS 1.3 RSA-PSS Signature Algorithm Selection-ssl]
+server = 42-TLS 1.3 RSA-PSS Signature Algorithm Selection-server
+client = 42-TLS 1.3 RSA-PSS Signature Algorithm Selection-client
 
-[37-TLS 1.3 RSA-PSS Signature Algorithm Selection-server]
+[42-TLS 1.3 RSA-PSS Signature Algorithm Selection-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
@@ -1246,13 +1382,13 @@ MaxProtocol = TLSv1.3
 MinProtocol = TLSv1.3
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
-[37-TLS 1.3 RSA-PSS Signature Algorithm Selection-client]
+[42-TLS 1.3 RSA-PSS Signature Algorithm Selection-client]
 CipherString = DEFAULT
 SignatureAlgorithms = RSA-PSS+SHA256
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-37]
+[test-42]
 ExpectedResult = Success
 ExpectedServerCertType = RSA
 ExpectedServerSignHash = SHA256
@@ -1261,14 +1397,14 @@ ExpectedServerSignType = RSA-PSS
 
 # ===========================================================
 
-[38-TLS 1.3 Ed25519 Signature Algorithm Selection]
-ssl_conf = 38-TLS 1.3 Ed25519 Signature Algorithm Selection-ssl
+[43-TLS 1.3 Ed25519 Signature Algorithm Selection]
+ssl_conf = 43-TLS 1.3 Ed25519 Signature Algorithm Selection-ssl
 
-[38-TLS 1.3 Ed25519 Signature Algorithm Selection-ssl]
-server = 38-TLS 1.3 Ed25519 Signature Algorithm Selection-server
-client = 38-TLS 1.3 Ed25519 Signature Algorithm Selection-client
+[43-TLS 1.3 Ed25519 Signature Algorithm Selection-ssl]
+server = 43-TLS 1.3 Ed25519 Signature Algorithm Selection-server
+client = 43-TLS 1.3 Ed25519 Signature Algorithm Selection-client
 
-[38-TLS 1.3 Ed25519 Signature Algorithm Selection-server]
+[43-TLS 1.3 Ed25519 Signature Algorithm Selection-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
@@ -1281,13 +1417,13 @@ MaxProtocol = TLSv1.3
 MinProtocol = TLSv1.3
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
-[38-TLS 1.3 Ed25519 Signature Algorithm Selection-client]
+[43-TLS 1.3 Ed25519 Signature Algorithm Selection-client]
 CipherString = DEFAULT
 SignatureAlgorithms = ed25519
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-38]
+[test-43]
 ExpectedResult = Success
 ExpectedServerCertType = Ed25519
 ExpectedServerSignType = Ed25519
@@ -1295,14 +1431,14 @@ ExpectedServerSignType = Ed25519
 
 # ===========================================================
 
-[39-TLS 1.3 Ed448 Signature Algorithm Selection]
-ssl_conf = 39-TLS 1.3 Ed448 Signature Algorithm Selection-ssl
+[44-TLS 1.3 Ed448 Signature Algorithm Selection]
+ssl_conf = 44-TLS 1.3 Ed448 Signature Algorithm Selection-ssl
 
-[39-TLS 1.3 Ed448 Signature Algorithm Selection-ssl]
-server = 39-TLS 1.3 Ed448 Signature Algorithm Selection-server
-client = 39-TLS 1.3 Ed448 Signature Algorithm Selection-client
+[44-TLS 1.3 Ed448 Signature Algorithm Selection-ssl]
+server = 44-TLS 1.3 Ed448 Signature Algorithm Selection-server
+client = 44-TLS 1.3 Ed448 Signature Algorithm Selection-client
 
-[39-TLS 1.3 Ed448 Signature Algorithm Selection-server]
+[44-TLS 1.3 Ed448 Signature Algorithm Selection-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
@@ -1315,13 +1451,13 @@ MaxProtocol = TLSv1.3
 MinProtocol = TLSv1.3
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
-[39-TLS 1.3 Ed448 Signature Algorithm Selection-client]
+[44-TLS 1.3 Ed448 Signature Algorithm Selection-client]
 CipherString = DEFAULT
 SignatureAlgorithms = ed448
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-39]
+[test-44]
 ExpectedResult = Success
 ExpectedServerCertType = Ed448
 ExpectedServerSignType = Ed448
@@ -1329,14 +1465,14 @@ ExpectedServerSignType = Ed448
 
 # ===========================================================
 
-[40-TLS 1.3 Ed25519 CipherString and Groups Selection]
-ssl_conf = 40-TLS 1.3 Ed25519 CipherString and Groups Selection-ssl
+[45-TLS 1.3 Ed25519 CipherString and Groups Selection]
+ssl_conf = 45-TLS 1.3 Ed25519 CipherString and Groups Selection-ssl
 
-[40-TLS 1.3 Ed25519 CipherString and Groups Selection-ssl]
-server = 40-TLS 1.3 Ed25519 CipherString and Groups Selection-server
-client = 40-TLS 1.3 Ed25519 CipherString and Groups Selection-client
+[45-TLS 1.3 Ed25519 CipherString and Groups Selection-ssl]
+server = 45-TLS 1.3 Ed25519 CipherString and Groups Selection-server
+client = 45-TLS 1.3 Ed25519 CipherString and Groups Selection-client
 
-[40-TLS 1.3 Ed25519 CipherString and Groups Selection-server]
+[45-TLS 1.3 Ed25519 CipherString and Groups Selection-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
@@ -1349,14 +1485,14 @@ MaxProtocol = TLSv1.3
 MinProtocol = TLSv1.3
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
-[40-TLS 1.3 Ed25519 CipherString and Groups Selection-client]
+[45-TLS 1.3 Ed25519 CipherString and Groups Selection-client]
 CipherString = DEFAULT
 Groups = X25519
 SignatureAlgorithms = ECDSA+SHA256:ed25519
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-40]
+[test-45]
 ExpectedResult = Success
 ExpectedServerCertType = P-256
 ExpectedServerSignType = EC
@@ -1364,14 +1500,14 @@ ExpectedServerSignType = EC
 
 # ===========================================================
 
-[41-TLS 1.3 Ed448 CipherString and Groups Selection]
-ssl_conf = 41-TLS 1.3 Ed448 CipherString and Groups Selection-ssl
+[46-TLS 1.3 Ed448 CipherString and Groups Selection]
+ssl_conf = 46-TLS 1.3 Ed448 CipherString and Groups Selection-ssl
 
-[41-TLS 1.3 Ed448 CipherString and Groups Selection-ssl]
-server = 41-TLS 1.3 Ed448 CipherString and Groups Selection-server
-client = 41-TLS 1.3 Ed448 CipherString and Groups Selection-client
+[46-TLS 1.3 Ed448 CipherString and Groups Selection-ssl]
+server = 46-TLS 1.3 Ed448 CipherString and Groups Selection-server
+client = 46-TLS 1.3 Ed448 CipherString and Groups Selection-client
 
-[41-TLS 1.3 Ed448 CipherString and Groups Selection-server]
+[46-TLS 1.3 Ed448 CipherString and Groups Selection-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
@@ -1384,14 +1520,14 @@ MaxProtocol = TLSv1.3
 MinProtocol = TLSv1.3
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
-[41-TLS 1.3 Ed448 CipherString and Groups Selection-client]
+[46-TLS 1.3 Ed448 CipherString and Groups Selection-client]
 CipherString = DEFAULT
 Groups = X448
 SignatureAlgorithms = ECDSA+SHA256:ed448
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-41]
+[test-46]
 ExpectedResult = Success
 ExpectedServerCertType = P-256
 ExpectedServerSignType = EC
@@ -1399,14 +1535,14 @@ ExpectedServerSignType = EC
 
 # ===========================================================
 
-[42-TLS 1.3 RSA Client Auth Signature Algorithm Selection]
-ssl_conf = 42-TLS 1.3 RSA Client Auth Signature Algorithm Selection-ssl
+[47-TLS 1.3 RSA Client Auth Signature Algorithm Selection]
+ssl_conf = 47-TLS 1.3 RSA Client Auth Signature Algorithm Selection-ssl
 
-[42-TLS 1.3 RSA Client Auth Signature Algorithm Selection-ssl]
-server = 42-TLS 1.3 RSA Client Auth Signature Algorithm Selection-server
-client = 42-TLS 1.3 RSA Client Auth Signature Algorithm Selection-client
+[47-TLS 1.3 RSA Client Auth Signature Algorithm Selection-ssl]
+server = 47-TLS 1.3 RSA Client Auth Signature Algorithm Selection-server
+client = 47-TLS 1.3 RSA Client Auth Signature Algorithm Selection-client
 
-[42-TLS 1.3 RSA Client Auth Signature Algorithm Selection-server]
+[47-TLS 1.3 RSA Client Auth Signature Algorithm Selection-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 ClientSignatureAlgorithms = PSS+SHA256
@@ -1414,7 +1550,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
 VerifyMode = Require
 
-[42-TLS 1.3 RSA Client Auth Signature Algorithm Selection-client]
+[47-TLS 1.3 RSA Client Auth Signature Algorithm Selection-client]
 CipherString = DEFAULT
 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-client-chain.pem
 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-key.pem
@@ -1425,7 +1561,7 @@ RSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-42]
+[test-47]
 ExpectedClientCANames = empty
 ExpectedClientCertType = RSA
 ExpectedClientSignHash = SHA256
@@ -1435,14 +1571,14 @@ ExpectedResult = Success
 
 # ===========================================================
 
-[43-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names]
-ssl_conf = 43-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-ssl
+[48-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names]
+ssl_conf = 48-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-ssl
 
-[43-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-ssl]
-server = 43-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-server
-client = 43-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-client
+[48-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-ssl]
+server = 48-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-server
+client = 48-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-client
 
-[43-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-server]
+[48-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 ClientSignatureAlgorithms = PSS+SHA256
@@ -1451,7 +1587,7 @@ RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
 VerifyMode = Require
 
-[43-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-client]
+[48-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-client]
 CipherString = DEFAULT
 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-client-chain.pem
 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-key.pem
@@ -1462,7 +1598,7 @@ RSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-43]
+[test-48]
 ExpectedClientCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem
 ExpectedClientCertType = RSA
 ExpectedClientSignHash = SHA256
@@ -1472,14 +1608,14 @@ ExpectedResult = Success
 
 # ===========================================================
 
-[44-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection]
-ssl_conf = 44-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-ssl
+[49-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection]
+ssl_conf = 49-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-ssl
 
-[44-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-ssl]
-server = 44-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-server
-client = 44-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-client
+[49-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-ssl]
+server = 49-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-server
+client = 49-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-client
 
-[44-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-server]
+[49-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 ClientSignatureAlgorithms = ECDSA+SHA256
@@ -1487,7 +1623,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
 VerifyMode = Require
 
-[44-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-client]
+[49-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-client]
 CipherString = DEFAULT
 ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-client-chain.pem
 ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-key.pem
@@ -1498,7 +1634,7 @@ RSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-44]
+[test-49]
 ExpectedClientCertType = P-256
 ExpectedClientSignHash = SHA256
 ExpectedClientSignType = EC
@@ -1507,21 +1643,21 @@ ExpectedResult = Success
 
 # ===========================================================
 
-[45-TLS 1.3 Ed25519 Client Auth]
-ssl_conf = 45-TLS 1.3 Ed25519 Client Auth-ssl
+[50-TLS 1.3 Ed25519 Client Auth]
+ssl_conf = 50-TLS 1.3 Ed25519 Client Auth-ssl
 
-[45-TLS 1.3 Ed25519 Client Auth-ssl]
-server = 45-TLS 1.3 Ed25519 Client Auth-server
-client = 45-TLS 1.3 Ed25519 Client Auth-client
+[50-TLS 1.3 Ed25519 Client Auth-ssl]
+server = 50-TLS 1.3 Ed25519 Client Auth-server
+client = 50-TLS 1.3 Ed25519 Client Auth-client
 
-[45-TLS 1.3 Ed25519 Client Auth-server]
+[50-TLS 1.3 Ed25519 Client Auth-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
 VerifyMode = Require
 
-[45-TLS 1.3 Ed25519 Client Auth-client]
+[50-TLS 1.3 Ed25519 Client Auth-client]
 CipherString = DEFAULT
 EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/client-ed25519-cert.pem
 EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/client-ed25519-key.pem
@@ -1530,7 +1666,7 @@ MinProtocol = TLSv1.3
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-45]
+[test-50]
 ExpectedClientCertType = Ed25519
 ExpectedClientSignType = Ed25519
 ExpectedResult = Success
@@ -1538,21 +1674,21 @@ ExpectedResult = Success
 
 # ===========================================================
 
-[46-TLS 1.3 Ed448 Client Auth]
-ssl_conf = 46-TLS 1.3 Ed448 Client Auth-ssl
+[51-TLS 1.3 Ed448 Client Auth]
+ssl_conf = 51-TLS 1.3 Ed448 Client Auth-ssl
 
-[46-TLS 1.3 Ed448 Client Auth-ssl]
-server = 46-TLS 1.3 Ed448 Client Auth-server
-client = 46-TLS 1.3 Ed448 Client Auth-client
+[51-TLS 1.3 Ed448 Client Auth-ssl]
+server = 51-TLS 1.3 Ed448 Client Auth-server
+client = 51-TLS 1.3 Ed448 Client Auth-client
 
-[46-TLS 1.3 Ed448 Client Auth-server]
+[51-TLS 1.3 Ed448 Client Auth-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
 VerifyMode = Require
 
-[46-TLS 1.3 Ed448 Client Auth-client]
+[51-TLS 1.3 Ed448 Client Auth-client]
 CipherString = DEFAULT
 EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/client-ed448-cert.pem
 EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/client-ed448-key.pem
@@ -1561,7 +1697,7 @@ MinProtocol = TLSv1.3
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-46]
+[test-51]
 ExpectedClientCertType = Ed448
 ExpectedClientSignType = Ed448
 ExpectedResult = Success
@@ -1569,20 +1705,20 @@ ExpectedResult = Success
 
 # ===========================================================
 
-[47-TLS 1.3 ECDSA with brainpool]
-ssl_conf = 47-TLS 1.3 ECDSA with brainpool-ssl
+[52-TLS 1.3 ECDSA with brainpool]
+ssl_conf = 52-TLS 1.3 ECDSA with brainpool-ssl
 
-[47-TLS 1.3 ECDSA with brainpool-ssl]
-server = 47-TLS 1.3 ECDSA with brainpool-server
-client = 47-TLS 1.3 ECDSA with brainpool-client
+[52-TLS 1.3 ECDSA with brainpool-ssl]
+server = 52-TLS 1.3 ECDSA with brainpool-server
+client = 52-TLS 1.3 ECDSA with brainpool-client
 
-[47-TLS 1.3 ECDSA with brainpool-server]
+[52-TLS 1.3 ECDSA with brainpool-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-cert.pem
 CipherString = DEFAULT
 Groups = brainpoolP256r1
 PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-brainpoolP256r1-key.pem
 
-[47-TLS 1.3 ECDSA with brainpool-client]
+[52-TLS 1.3 ECDSA with brainpool-client]
 CipherString = DEFAULT
 Groups = brainpoolP256r1
 MaxProtocol = TLSv1.3
@@ -1591,20 +1727,20 @@ RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-47]
+[test-52]
 ExpectedResult = ServerFail
 
 
 # ===========================================================
 
-[48-TLS 1.2 DSA Certificate Test]
-ssl_conf = 48-TLS 1.2 DSA Certificate Test-ssl
+[53-TLS 1.2 DSA Certificate Test]
+ssl_conf = 53-TLS 1.2 DSA Certificate Test-ssl
 
-[48-TLS 1.2 DSA Certificate Test-ssl]
-server = 48-TLS 1.2 DSA Certificate Test-server
-client = 48-TLS 1.2 DSA Certificate Test-client
+[53-TLS 1.2 DSA Certificate Test-ssl]
+server = 53-TLS 1.2 DSA Certificate Test-server
+client = 53-TLS 1.2 DSA Certificate Test-client
 
-[48-TLS 1.2 DSA Certificate Test-server]
+[53-TLS 1.2 DSA Certificate Test-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = ALL
 DHParameters = ${ENV::TEST_CERTS_DIR}/dhp2048.pem
@@ -1614,26 +1750,26 @@ MaxProtocol = TLSv1.2
 MinProtocol = TLSv1.2
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
-[48-TLS 1.2 DSA Certificate Test-client]
+[53-TLS 1.2 DSA Certificate Test-client]
 CipherString = ALL
 SignatureAlgorithms = DSA+SHA256:DSA+SHA1
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-48]
+[test-53]
 ExpectedResult = Success
 
 
 # ===========================================================
 
-[49-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms]
-ssl_conf = 49-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-ssl
+[54-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms]
+ssl_conf = 54-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-ssl
 
-[49-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-ssl]
-server = 49-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-server
-client = 49-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-client
+[54-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-ssl]
+server = 54-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-server
+client = 54-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-client
 
-[49-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-server]
+[54-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = DEFAULT
 ClientSignatureAlgorithms = ECDSA+SHA1:DSA+SHA256:RSA+SHA256
@@ -1641,25 +1777,25 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
 VerifyMode = Request
 
-[49-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-client]
+[54-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-client]
 CipherString = DEFAULT
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-49]
+[test-54]
 ExpectedResult = ServerFail
 
 
 # ===========================================================
 
-[50-TLS 1.3 DSA Certificate Test]
-ssl_conf = 50-TLS 1.3 DSA Certificate Test-ssl
+[55-TLS 1.3 DSA Certificate Test]
+ssl_conf = 55-TLS 1.3 DSA Certificate Test-ssl
 
-[50-TLS 1.3 DSA Certificate Test-ssl]
-server = 50-TLS 1.3 DSA Certificate Test-server
-client = 50-TLS 1.3 DSA Certificate Test-client
+[55-TLS 1.3 DSA Certificate Test-ssl]
+server = 55-TLS 1.3 DSA Certificate Test-server
+client = 55-TLS 1.3 DSA Certificate Test-client
 
-[50-TLS 1.3 DSA Certificate Test-server]
+[55-TLS 1.3 DSA Certificate Test-server]
 Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
 CipherString = ALL
 DSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-dsa-cert.pem
@@ -1668,13 +1804,13 @@ MaxProtocol = TLSv1.3
 MinProtocol = TLSv1.3
 PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
 
-[50-TLS 1.3 DSA Certificate Test-client]
+[55-TLS 1.3 DSA Certificate Test-client]
 CipherString = ALL
 SignatureAlgorithms = DSA+SHA1:DSA+SHA256:ECDSA+SHA256
 VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
 VerifyMode = Peer
 
-[test-50]
+[test-55]
 ExpectedResult = ServerFail
 
 
diff --git a/deps/openssl/openssl/test/ssl-tests/20-cert-select.conf.in b/deps/openssl/openssl/test/ssl-tests/20-cert-select.conf.in
index bdf53c6e1ebe88..5e9bfede5dba99 100644
--- a/deps/openssl/openssl/test/ssl-tests/20-cert-select.conf.in
+++ b/deps/openssl/openssl/test/ssl-tests/20-cert-select.conf.in
@@ -36,6 +36,12 @@ my $server_pss_only = {
     "PrivateKey" => test_pem("server-pss-key.pem"),
 };
 
+my $server_pss_restrict_only = {
+    "Certificate" => test_pem("server-pss-restrict-cert.pem"),
+    "PrivateKey" => test_pem("server-pss-restrict-key.pem"),
+};
+
+
 my $server_rsa_all = {
     "PSS.Certificate" => test_pem("server-pss-cert.pem"),
     "PSS.PrivateKey" => test_pem("server-pss-key.pem"),
@@ -379,6 +385,19 @@ our @tests = (
             "ExpectedResult" => "Success"
         },
     },
+    {
+        name => "Only RSA-PSS Certificate Valid Signature Algorithms",
+        server => $server_pss_only,
+        client => {
+            "SignatureAlgorithms" => "rsa_pss_pss_sha512",
+        },
+        test   => {
+            "ExpectedServerCertType" => "RSA-PSS",
+            "ExpectedServerSignHash" => "SHA512",
+            "ExpectedServerSignType" => "RSA-PSS",
+            "ExpectedResult" => "Success"
+        },
+    },
     {
         name => "RSA-PSS Certificate, no PSS signature algorithms",
         server => $server_pss_only,
@@ -389,6 +408,53 @@ our @tests = (
             "ExpectedResult" => "ServerFail"
         },
     },
+    {
+        name => "Only RSA-PSS Restricted Certificate",
+        server => $server_pss_restrict_only,
+        client => {},
+        test   => {
+            "ExpectedServerCertType" => "RSA-PSS",
+            "ExpectedServerSignHash" => "SHA256",
+            "ExpectedServerSignType" => "RSA-PSS",
+            "ExpectedResult" => "Success"
+        },
+    },
+    {
+        name => "RSA-PSS Restricted Certificate Valid Signature Algorithms",
+        server => $server_pss_restrict_only,
+        client => {
+            "SignatureAlgorithms" => "rsa_pss_pss_sha256:rsa_pss_pss_sha512",
+        },
+        test   => {
+            "ExpectedServerCertType" => "RSA-PSS",
+            "ExpectedServerSignHash" => "SHA256",
+            "ExpectedServerSignType" => "RSA-PSS",
+            "ExpectedResult" => "Success"
+        },
+    },
+    {
+        name => "RSA-PSS Restricted Cert client prefers invalid Signature Algorithm",
+        server => $server_pss_restrict_only,
+        client => {
+            "SignatureAlgorithms" => "rsa_pss_pss_sha512:rsa_pss_pss_sha256",
+        },
+        test   => {
+            "ExpectedServerCertType" => "RSA-PSS",
+            "ExpectedServerSignHash" => "SHA256",
+            "ExpectedServerSignType" => "RSA-PSS",
+            "ExpectedResult" => "Success"
+        },
+    },
+    {
+        name => "RSA-PSS Restricted Certificate Invalid Signature Algorithms",
+        server => $server_pss_restrict_only,
+        client => {
+            "SignatureAlgorithms" => "rsa_pss_pss_sha512",
+        },
+        test   => {
+            "ExpectedResult" => "ServerFail"
+        },
+    },
     {
         name => "RSA key exchange with all RSA certificate types",
         server => $server_rsa_all,
diff --git a/deps/openssl/openssl/test/sslapitest.c b/deps/openssl/openssl/test/sslapitest.c
index 2261fe4a7a9cd0..7a142268fa764a 100644
--- a/deps/openssl/openssl/test/sslapitest.c
+++ b/deps/openssl/openssl/test/sslapitest.c
@@ -42,6 +42,7 @@ static int find_session_cb_cnt = 0;
 static SSL_SESSION *create_a_psk(SSL *ssl);
 #endif
 
+static char *certsdir = NULL;
 static char *cert = NULL;
 static char *privkey = NULL;
 static char *srpvfile = NULL;
@@ -3288,6 +3289,142 @@ static int test_ciphersuite_change(void)
     return testresult;
 }
 
+/*
+ * Test TLSv1.3 Cipher Suite
+ * Test 0 = Set TLS1.3 cipher on context
+ * Test 1 = Set TLS1.3 cipher on SSL
+ * Test 2 = Set TLS1.3 and TLS1.2 cipher on context
+ * Test 3 = Set TLS1.3 and TLS1.2 cipher on SSL
+ */
+static int test_tls13_ciphersuite(int idx)
+{
+    SSL_CTX *sctx = NULL, *cctx = NULL;
+    SSL *serverssl = NULL, *clientssl = NULL;
+    static const char *t13_ciphers[] = {
+        TLS1_3_RFC_AES_128_GCM_SHA256,
+        TLS1_3_RFC_AES_256_GCM_SHA384,
+        TLS1_3_RFC_AES_128_CCM_SHA256,
+# if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
+        TLS1_3_RFC_CHACHA20_POLY1305_SHA256,
+        TLS1_3_RFC_AES_256_GCM_SHA384 ":" TLS1_3_RFC_CHACHA20_POLY1305_SHA256,
+# endif
+        TLS1_3_RFC_AES_128_CCM_8_SHA256 ":" TLS1_3_RFC_AES_128_CCM_SHA256
+    };
+    const char *t13_cipher = NULL;
+    const char *t12_cipher = NULL;
+    const char *negotiated_scipher;
+    const char *negotiated_ccipher;
+    int set_at_ctx = 0;
+    int set_at_ssl = 0;
+    int testresult = 0;
+    int max_ver;
+    size_t i;
+
+    switch (idx) {
+        case 0:
+            set_at_ctx = 1;
+            break;
+        case 1:
+            set_at_ssl = 1;
+            break;
+        case 2:
+            set_at_ctx = 1;
+            t12_cipher = TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256;
+            break;
+        case 3:
+            set_at_ssl = 1;
+            t12_cipher = TLS1_TXT_ECDHE_RSA_WITH_AES_128_GCM_SHA256;
+            break;
+    }
+
+    for (max_ver = TLS1_2_VERSION; max_ver <= TLS1_3_VERSION; max_ver++) {
+# ifdef OPENSSL_NO_TLS1_2
+        if (max_ver == TLS1_2_VERSION)
+            continue;
+# endif
+        for (i = 0; i < OSSL_NELEM(t13_ciphers); i++) {
+            t13_cipher = t13_ciphers[i];
+            if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(),
+                                               TLS_client_method(),
+                                               TLS1_VERSION, max_ver,
+                                               &sctx, &cctx, cert, privkey)))
+                goto end;
+
+            if (set_at_ctx) {
+                if (!TEST_true(SSL_CTX_set_ciphersuites(sctx, t13_cipher))
+                    || !TEST_true(SSL_CTX_set_ciphersuites(cctx, t13_cipher)))
+                    goto end;
+                if (t12_cipher != NULL) {
+                    if (!TEST_true(SSL_CTX_set_cipher_list(sctx, t12_cipher))
+                        || !TEST_true(SSL_CTX_set_cipher_list(cctx,
+                                                              t12_cipher)))
+                        goto end;
+                }
+            }
+
+            if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl,
+                                              &clientssl, NULL, NULL)))
+                goto end;
+
+            if (set_at_ssl) {
+                if (!TEST_true(SSL_set_ciphersuites(serverssl, t13_cipher))
+                    || !TEST_true(SSL_set_ciphersuites(clientssl, t13_cipher)))
+                    goto end;
+                if (t12_cipher != NULL) {
+                    if (!TEST_true(SSL_set_cipher_list(serverssl, t12_cipher))
+                        || !TEST_true(SSL_set_cipher_list(clientssl,
+                                                          t12_cipher)))
+                        goto end;
+                }
+            }
+
+            if (!TEST_true(create_ssl_connection(serverssl, clientssl,
+                                                 SSL_ERROR_NONE)))
+                goto end;
+
+            negotiated_scipher = SSL_CIPHER_get_name(SSL_get_current_cipher(
+                                                                 serverssl));
+            negotiated_ccipher = SSL_CIPHER_get_name(SSL_get_current_cipher(
+                                                                 clientssl));
+            if (!TEST_str_eq(negotiated_scipher, negotiated_ccipher))
+                goto end;
+
+            /*
+             * TEST_strn_eq is used below because t13_cipher can contain
+             * multiple ciphersuites
+             */
+            if (max_ver == TLS1_3_VERSION
+                && !TEST_strn_eq(t13_cipher, negotiated_scipher,
+                                 strlen(negotiated_scipher)))
+                goto end;
+
+# ifndef OPENSSL_NO_TLS1_2
+            /* Below validation is not done when t12_cipher is NULL */
+            if (max_ver == TLS1_2_VERSION && t12_cipher != NULL
+                && !TEST_str_eq(t12_cipher, negotiated_scipher))
+                goto end;
+# endif
+
+            SSL_free(serverssl);
+            serverssl = NULL;
+            SSL_free(clientssl);
+            clientssl = NULL;
+            SSL_CTX_free(sctx);
+            sctx = NULL;
+            SSL_CTX_free(cctx);
+            cctx = NULL;
+        }
+    }
+
+    testresult = 1;
+ end:
+    SSL_free(serverssl);
+    SSL_free(clientssl);
+    SSL_CTX_free(sctx);
+    SSL_CTX_free(cctx);
+    return testresult;
+}
+
 /*
  * Test TLSv1.3 PSKs
  * Test 0 = Test new style callbacks
@@ -4290,7 +4427,95 @@ static int test_key_update(void)
                 || !TEST_int_eq(SSL_read(serverssl, buf, sizeof(buf)),
                                          strlen(mess)))
             goto end;
+
+        if (!TEST_int_eq(SSL_write(serverssl, mess, strlen(mess)), strlen(mess))
+                || !TEST_int_eq(SSL_read(clientssl, buf, sizeof(buf)),
+                                         strlen(mess)))
+            goto end;
+    }
+
+    testresult = 1;
+
+ end:
+    SSL_free(serverssl);
+    SSL_free(clientssl);
+    SSL_CTX_free(sctx);
+    SSL_CTX_free(cctx);
+
+    return testresult;
+}
+
+/*
+ * Test we can handle a KeyUpdate (update requested) message while write data
+ * is pending.
+ * Test 0: Client sends KeyUpdate while Server is writing
+ * Test 1: Server sends KeyUpdate while Client is writing
+ */
+static int test_key_update_in_write(int tst)
+{
+    SSL_CTX *cctx = NULL, *sctx = NULL;
+    SSL *clientssl = NULL, *serverssl = NULL;
+    int testresult = 0;
+    char buf[20];
+    static char *mess = "A test message";
+    BIO *bretry = BIO_new(bio_s_always_retry());
+    BIO *tmp = NULL;
+    SSL *peerupdate = NULL, *peerwrite = NULL;
+
+    if (!TEST_ptr(bretry)
+            || !TEST_true(create_ssl_ctx_pair(TLS_server_method(),
+                                              TLS_client_method(),
+                                              TLS1_3_VERSION,
+                                              0,
+                                              &sctx, &cctx, cert, privkey))
+            || !TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl,
+                                             NULL, NULL))
+            || !TEST_true(create_ssl_connection(serverssl, clientssl,
+                                                SSL_ERROR_NONE)))
+        goto end;
+
+    peerupdate = tst == 0 ? clientssl : serverssl;
+    peerwrite = tst == 0 ? serverssl : clientssl;
+
+    if (!TEST_true(SSL_key_update(peerupdate, SSL_KEY_UPDATE_REQUESTED))
+            || !TEST_true(SSL_do_handshake(peerupdate)))
+        goto end;
+
+    /* Swap the writing endpoint's write BIO to force a retry */
+    tmp = SSL_get_wbio(peerwrite);
+    if (!TEST_ptr(tmp) || !TEST_true(BIO_up_ref(tmp))) {
+        tmp = NULL;
+        goto end;
     }
+    SSL_set0_wbio(peerwrite, bretry);
+    bretry = NULL;
+
+    /* Write data that we know will fail with SSL_ERROR_WANT_WRITE */
+    if (!TEST_int_eq(SSL_write(peerwrite, mess, strlen(mess)), -1)
+            || !TEST_int_eq(SSL_get_error(peerwrite, 0), SSL_ERROR_WANT_WRITE))
+        goto end;
+
+    /* Reinstate the original writing endpoint's write BIO */
+    SSL_set0_wbio(peerwrite, tmp);
+    tmp = NULL;
+
+    /* Now read some data - we will read the key update */
+    if (!TEST_int_eq(SSL_read(peerwrite, buf, sizeof(buf)), -1)
+            || !TEST_int_eq(SSL_get_error(peerwrite, 0), SSL_ERROR_WANT_READ))
+        goto end;
+
+    /*
+     * Complete the write we started previously and read it from the other
+     * endpoint
+     */
+    if (!TEST_int_eq(SSL_write(peerwrite, mess, strlen(mess)), strlen(mess))
+            || !TEST_int_eq(SSL_read(peerupdate, buf, sizeof(buf)), strlen(mess)))
+        goto end;
+
+    /* Write more data to ensure we send the KeyUpdate message back */
+    if (!TEST_int_eq(SSL_write(peerwrite, mess, strlen(mess)), strlen(mess))
+            || !TEST_int_eq(SSL_read(peerupdate, buf, sizeof(buf)), strlen(mess)))
+        goto end;
 
     testresult = 1;
 
@@ -4299,6 +4524,8 @@ static int test_key_update(void)
     SSL_free(clientssl);
     SSL_CTX_free(sctx);
     SSL_CTX_free(cctx);
+    BIO_free(bretry);
+    BIO_free(tmp);
 
     return testresult;
 }
@@ -5572,6 +5799,12 @@ static int cert_cb_cnt;
 static int cert_cb(SSL *s, void *arg)
 {
     SSL_CTX *ctx = (SSL_CTX *)arg;
+    BIO *in = NULL;
+    EVP_PKEY *pkey = NULL;
+    X509 *x509 = NULL, *rootx = NULL;
+    STACK_OF(X509) *chain = NULL;
+    char *rootfile = NULL, *ecdsacert = NULL, *ecdsakey = NULL;
+    int ret = 0;
 
     if (cert_cb_cnt == 0) {
         /* Suspend the handshake */
@@ -5592,10 +5825,60 @@ static int cert_cb(SSL *s, void *arg)
             return 0;
         cert_cb_cnt++;
         return 1;
+    } else if (cert_cb_cnt == 3) {
+        int rv;
+
+        rootfile = test_mk_file_path(certsdir, "rootcert.pem");
+        ecdsacert = test_mk_file_path(certsdir, "server-ecdsa-cert.pem");
+        ecdsakey = test_mk_file_path(certsdir, "server-ecdsa-key.pem");
+        if (!TEST_ptr(rootfile) || !TEST_ptr(ecdsacert) || !TEST_ptr(ecdsakey))
+            goto out;
+        chain = sk_X509_new_null();
+        if (!TEST_ptr(chain))
+            goto out;
+        if (!TEST_ptr(in = BIO_new(BIO_s_file()))
+                || !TEST_int_ge(BIO_read_filename(in, rootfile), 0)
+                || !TEST_ptr(rootx = PEM_read_bio_X509(in, NULL, NULL, NULL))
+                || !TEST_true(sk_X509_push(chain, rootx)))
+            goto out;
+        rootx = NULL;
+        BIO_free(in);
+        if (!TEST_ptr(in = BIO_new(BIO_s_file()))
+                || !TEST_int_ge(BIO_read_filename(in, ecdsacert), 0)
+                || !TEST_ptr(x509 = PEM_read_bio_X509(in, NULL, NULL, NULL)))
+            goto out;
+        BIO_free(in);
+        if (!TEST_ptr(in = BIO_new(BIO_s_file()))
+                || !TEST_int_ge(BIO_read_filename(in, ecdsakey), 0)
+                || !TEST_ptr(pkey = PEM_read_bio_PrivateKey(in, NULL, NULL, NULL)))
+            goto out;
+        rv = SSL_check_chain(s, x509, pkey, chain);
+        /*
+         * If the cert doesn't show as valid here (e.g., because we don't
+         * have any shared sigalgs), then we will not set it, and there will
+         * be no certificate at all on the SSL or SSL_CTX.  This, in turn,
+         * will cause tls_choose_sigalgs() to fail the connection.
+         */
+        if ((rv & (CERT_PKEY_VALID | CERT_PKEY_CA_SIGNATURE))
+                == (CERT_PKEY_VALID | CERT_PKEY_CA_SIGNATURE)) {
+            if (!SSL_use_cert_and_key(s, x509, pkey, NULL, 1))
+                goto out;
+        }
+
+        ret = 1;
     }
 
     /* Abort the handshake */
-    return 0;
+ out:
+    OPENSSL_free(ecdsacert);
+    OPENSSL_free(ecdsakey);
+    OPENSSL_free(rootfile);
+    BIO_free(in);
+    EVP_PKEY_free(pkey);
+    X509_free(x509);
+    X509_free(rootx);
+    sk_X509_pop_free(chain, X509_free);
+    return ret;
 }
 
 /*
@@ -5603,6 +5886,10 @@ static int cert_cb(SSL *s, void *arg)
  * Test 0: Callback fails
  * Test 1: Success - no SSL_set_SSL_CTX() in the callback
  * Test 2: Success - SSL_set_SSL_CTX() in the callback
+ * Test 3: Success - Call SSL_check_chain from the callback
+ * Test 4: Failure - SSL_check_chain fails from callback due to bad cert in the
+ *                   chain
+ * Test 5: Failure - SSL_check_chain fails from callback due to bad ee cert
  */
 static int test_cert_cb_int(int prot, int tst)
 {
@@ -5610,6 +5897,12 @@ static int test_cert_cb_int(int prot, int tst)
     SSL *clientssl = NULL, *serverssl = NULL;
     int testresult = 0, ret;
 
+#ifdef OPENSSL_NO_EC
+    /* We use an EC cert in these tests, so we skip in a no-ec build */
+    if (tst >= 3)
+        return 1;
+#endif
+
     if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(),
                                        TLS_client_method(),
                                        TLS1_VERSION,
@@ -5619,8 +5912,11 @@ static int test_cert_cb_int(int prot, int tst)
 
     if (tst == 0)
         cert_cb_cnt = -1;
+    else if (tst >= 3)
+        cert_cb_cnt = 3;
     else
         cert_cb_cnt = 0;
+
     if (tst == 2)
         snictx = SSL_CTX_new(TLS_server_method());
     SSL_CTX_set_cert_cb(sctx, cert_cb, snictx);
@@ -5629,9 +5925,28 @@ static int test_cert_cb_int(int prot, int tst)
                                       NULL, NULL)))
         goto end;
 
+    if (tst == 4) {
+        /*
+         * We cause SSL_check_chain() to fail by specifying sig_algs that
+         * the chain doesn't meet (the root uses an RSA cert)
+         */
+        if (!TEST_true(SSL_set1_sigalgs_list(clientssl,
+                                             "ecdsa_secp256r1_sha256")))
+            goto end;
+    } else if (tst == 5) {
+        /*
+         * We cause SSL_check_chain() to fail by specifying sig_algs that
+         * the ee cert doesn't meet (the ee uses an ECDSA cert)
+         */
+        if (!TEST_true(SSL_set1_sigalgs_list(clientssl,
+                           "rsa_pss_rsae_sha256:rsa_pkcs1_sha256")))
+            goto end;
+    }
+
     ret = create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE);
-    if (!TEST_true(tst == 0 ? !ret : ret)
-            || (tst > 0 && !TEST_int_eq(cert_cb_cnt, 2))) {
+    if (!TEST_true(tst == 0 || tst == 4 || tst == 5 ? !ret : ret)
+            || (tst > 0
+                && !TEST_int_eq((cert_cb_cnt - 2) * (cert_cb_cnt - 3), 0))) {
         goto end;
     }
 
@@ -5892,10 +6207,9 @@ static int test_ca_names(int tst)
 
 int setup_tests(void)
 {
-    if (!TEST_ptr(cert = test_get_argument(0))
-            || !TEST_ptr(privkey = test_get_argument(1))
-            || !TEST_ptr(srpvfile = test_get_argument(2))
-            || !TEST_ptr(tmpfilename = test_get_argument(3)))
+    if (!TEST_ptr(certsdir = test_get_argument(0))
+            || !TEST_ptr(srpvfile = test_get_argument(1))
+            || !TEST_ptr(tmpfilename = test_get_argument(2)))
         return 0;
 
     if (getenv("OPENSSL_TEST_GETCOUNTS") != NULL) {
@@ -5914,6 +6228,16 @@ int setup_tests(void)
 #endif
     }
 
+    cert = test_mk_file_path(certsdir, "servercert.pem");
+    if (cert == NULL)
+        return 0;
+
+    privkey = test_mk_file_path(certsdir, "serverkey.pem");
+    if (privkey == NULL) {
+        OPENSSL_free(cert);
+        return 0;
+    }
+
     ADD_TEST(test_large_message_tls);
     ADD_TEST(test_large_message_tls_read_ahead);
 #ifndef OPENSSL_NO_DTLS
@@ -5966,6 +6290,7 @@ int setup_tests(void)
 #ifndef OPENSSL_NO_TLS1_3
     ADD_ALL_TESTS(test_set_ciphersuite, 10);
     ADD_TEST(test_ciphersuite_change);
+    ADD_ALL_TESTS(test_tls13_ciphersuite, 4);
 #ifdef OPENSSL_NO_PSK
     ADD_ALL_TESTS(test_tls13_psk, 1);
 #else
@@ -5982,6 +6307,7 @@ int setup_tests(void)
 #ifndef OPENSSL_NO_TLS1_3
     ADD_ALL_TESTS(test_export_key_mat_early, 3);
     ADD_TEST(test_key_update);
+    ADD_ALL_TESTS(test_key_update_in_write, 2);
 #endif
     ADD_ALL_TESTS(test_ssl_clear, 2);
     ADD_ALL_TESTS(test_max_fragment_len_ext, OSSL_NELEM(max_fragment_len_test));
@@ -5993,7 +6319,7 @@ int setup_tests(void)
     ADD_ALL_TESTS(test_ssl_get_shared_ciphers, OSSL_NELEM(shared_ciphers_data));
     ADD_ALL_TESTS(test_ticket_callbacks, 12);
     ADD_ALL_TESTS(test_shutdown, 7);
-    ADD_ALL_TESTS(test_cert_cb, 3);
+    ADD_ALL_TESTS(test_cert_cb, 6);
     ADD_ALL_TESTS(test_client_cert_cb, 2);
     ADD_ALL_TESTS(test_ca_names, 3);
     return 1;
@@ -6001,5 +6327,8 @@ int setup_tests(void)
 
 void cleanup_tests(void)
 {
+    OPENSSL_free(cert);
+    OPENSSL_free(privkey);
     bio_s_mempacket_test_free();
+    bio_s_always_retry_free();
 }
diff --git a/deps/openssl/openssl/test/ssltestlib.c b/deps/openssl/openssl/test/ssltestlib.c
index 05139be7507ade..456afdf4716e07 100644
--- a/deps/openssl/openssl/test/ssltestlib.c
+++ b/deps/openssl/openssl/test/ssltestlib.c
@@ -62,9 +62,11 @@ static int tls_dump_puts(BIO *bp, const char *str);
 /* Choose a sufficiently large type likely to be unused for this custom BIO */
 #define BIO_TYPE_TLS_DUMP_FILTER  (0x80 | BIO_TYPE_FILTER)
 #define BIO_TYPE_MEMPACKET_TEST    0x81
+#define BIO_TYPE_ALWAYS_RETRY      0x82
 
 static BIO_METHOD *method_tls_dump = NULL;
 static BIO_METHOD *meth_mem = NULL;
+static BIO_METHOD *meth_always_retry = NULL;
 
 /* Note: Not thread safe! */
 const BIO_METHOD *bio_f_tls_dump_filter(void)
@@ -612,6 +614,100 @@ static int mempacket_test_puts(BIO *bio, const char *str)
     return mempacket_test_write(bio, str, strlen(str));
 }
 
+static int always_retry_new(BIO *bi);
+static int always_retry_free(BIO *a);
+static int always_retry_read(BIO *b, char *out, int outl);
+static int always_retry_write(BIO *b, const char *in, int inl);
+static long always_retry_ctrl(BIO *b, int cmd, long num, void *ptr);
+static int always_retry_gets(BIO *bp, char *buf, int size);
+static int always_retry_puts(BIO *bp, const char *str);
+
+const BIO_METHOD *bio_s_always_retry(void)
+{
+    if (meth_always_retry == NULL) {
+        if (!TEST_ptr(meth_always_retry = BIO_meth_new(BIO_TYPE_ALWAYS_RETRY,
+                                                       "Always Retry"))
+            || !TEST_true(BIO_meth_set_write(meth_always_retry,
+                                             always_retry_write))
+            || !TEST_true(BIO_meth_set_read(meth_always_retry,
+                                            always_retry_read))
+            || !TEST_true(BIO_meth_set_puts(meth_always_retry,
+                                            always_retry_puts))
+            || !TEST_true(BIO_meth_set_gets(meth_always_retry,
+                                            always_retry_gets))
+            || !TEST_true(BIO_meth_set_ctrl(meth_always_retry,
+                                            always_retry_ctrl))
+            || !TEST_true(BIO_meth_set_create(meth_always_retry,
+                                              always_retry_new))
+            || !TEST_true(BIO_meth_set_destroy(meth_always_retry,
+                                               always_retry_free)))
+            return NULL;
+    }
+    return meth_always_retry;
+}
+
+void bio_s_always_retry_free(void)
+{
+    BIO_meth_free(meth_always_retry);
+}
+
+static int always_retry_new(BIO *bio)
+{
+    BIO_set_init(bio, 1);
+    return 1;
+}
+
+static int always_retry_free(BIO *bio)
+{
+    BIO_set_data(bio, NULL);
+    BIO_set_init(bio, 0);
+    return 1;
+}
+
+static int always_retry_read(BIO *bio, char *out, int outl)
+{
+    BIO_set_retry_read(bio);
+    return -1;
+}
+
+static int always_retry_write(BIO *bio, const char *in, int inl)
+{
+    BIO_set_retry_write(bio);
+    return -1;
+}
+
+static long always_retry_ctrl(BIO *bio, int cmd, long num, void *ptr)
+{
+    long ret = 1;
+
+    switch (cmd) {
+    case BIO_CTRL_FLUSH:
+        BIO_set_retry_write(bio);
+        /* fall through */
+    case BIO_CTRL_EOF:
+    case BIO_CTRL_RESET:
+    case BIO_CTRL_DUP:
+    case BIO_CTRL_PUSH:
+    case BIO_CTRL_POP:
+    default:
+        ret = 0;
+        break;
+    }
+    return ret;
+}
+
+static int always_retry_gets(BIO *bio, char *buf, int size)
+{
+    BIO_set_retry_read(bio);
+    return -1;
+}
+
+static int always_retry_puts(BIO *bio, const char *str)
+{
+    BIO_set_retry_write(bio);
+    return -1;
+}
+
 int create_ssl_ctx_pair(const SSL_METHOD *sm, const SSL_METHOD *cm,
                         int min_proto_version, int max_proto_version,
                         SSL_CTX **sctx, SSL_CTX **cctx, char *certfile,
@@ -824,7 +920,7 @@ int create_ssl_connection(SSL *serverssl, SSL *clientssl, int want)
     /*
      * We attempt to read some data on the client side which we expect to fail.
      * This will ensure we have received the NewSessionTicket in TLSv1.3 where
-     * appropriate. We do this twice because there are 2 NewSesionTickets.
+     * appropriate. We do this twice because there are 2 NewSessionTickets.
      */
     for (i = 0; i < 2; i++) {
         if (SSL_read_ex(clientssl, &buf, sizeof(buf), &readbytes) > 0) {
diff --git a/deps/openssl/openssl/test/ssltestlib.h b/deps/openssl/openssl/test/ssltestlib.h
index fa19e7d80d6ef3..56e323f5bc34e5 100644
--- a/deps/openssl/openssl/test/ssltestlib.h
+++ b/deps/openssl/openssl/test/ssltestlib.h
@@ -30,6 +30,9 @@ void bio_f_tls_dump_filter_free(void);
 const BIO_METHOD *bio_s_mempacket_test(void);
 void bio_s_mempacket_test_free(void);
 
+const BIO_METHOD *bio_s_always_retry(void);
+void bio_s_always_retry_free(void);
+
 /* Packet types - value 0 is reserved */
 #define INJECT_PACKET                   1
 #define INJECT_PACKET_IGNORE_REC_SEQ    2
diff --git a/deps/openssl/openssl/test/testutil.h b/deps/openssl/openssl/test/testutil.h
index 639190564777f6..2a610d7bffca02 100644
--- a/deps/openssl/openssl/test/testutil.h
+++ b/deps/openssl/openssl/test/testutil.h
@@ -1,5 +1,5 @@
 /*
- * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2014-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -454,4 +454,15 @@ void test_clearstanza(STANZA *s);
  */
 char *glue_strings(const char *list[], size_t *out_len);
 
+/*
+ * Pseudo random number generator of low quality but having repeatability
+ * across platforms.  The two calls are replacements for random(3) and
+ * srandom(3).
+ */
+uint32_t test_random(void);
+void test_random_seed(uint32_t sd);
+
+/* Create a file path from a directory and a filename */
+char *test_mk_file_path(const char *dir, const char *file);
+
 #endif                          /* HEADER_TESTUTIL_H */
diff --git a/deps/openssl/openssl/test/testutil/driver.c b/deps/openssl/openssl/test/testutil/driver.c
index 6e9914c48d8885..670f5b80ceeba6 100644
--- a/deps/openssl/openssl/test/testutil/driver.c
+++ b/deps/openssl/openssl/test/testutil/driver.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -112,7 +112,7 @@ void setup_test_framework()
             seed = (int)time(NULL);
         test_printf_stdout("%*s# RAND SEED %d\n", subtest_level(), "", seed);
         test_flush_stdout();
-        srand(seed);
+        test_random_seed(seed);
     }
 
 #ifndef OPENSSL_NO_CRYPTO_MDEBUG
@@ -190,7 +190,7 @@ int run_tests(const char *test_prog_name)
         permute[i] = i;
     if (seed != 0)
         for (i = num_tests - 1; i >= 1; i--) {
-            j = rand() % (1 + i);
+            j = test_random() % (1 + i);
             ii = permute[j];
             permute[j] = permute[i];
             permute[i] = ii;
@@ -228,7 +228,7 @@ int run_tests(const char *test_prog_name)
                 jstep = 1;
             else
                 do
-                    jstep = rand() % all_tests[i].num;
+                    jstep = test_random() % all_tests[i].num;
                 while (jstep == 0 || gcd(all_tests[i].num, jstep) != 1);
 
             for (jj = 0; jj < all_tests[i].num; jj++) {
@@ -297,3 +297,21 @@ char *glue_strings(const char *list[], size_t *out_len)
     return ret;
 }
 
+char *test_mk_file_path(const char *dir, const char *file)
+{
+# ifndef OPENSSL_SYS_VMS
+    const char *sep = "/";
+# else
+    const char *sep = "";
+# endif
+    size_t len = strlen(dir) + strlen(sep) + strlen(file) + 1;
+    char *full_file = OPENSSL_zalloc(len);
+
+    if (full_file != NULL) {
+        OPENSSL_strlcpy(full_file, dir, len);
+        OPENSSL_strlcat(full_file, sep, len);
+        OPENSSL_strlcat(full_file, file, len);
+    }
+
+    return full_file;
+}
diff --git a/deps/openssl/openssl/test/testutil/random.c b/deps/openssl/openssl/test/testutil/random.c
new file mode 100644
index 00000000000000..45d0bb5f058974
--- /dev/null
+++ b/deps/openssl/openssl/test/testutil/random.c
@@ -0,0 +1,40 @@
+/*
+ * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License 2.0 (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include "../testutil.h"
+
+/*
+ * This is an implementation of the algorithm used by the GNU C library's
+ * random(3) pseudorandom number generator as described:
+ *      https://www.mscs.dal.ca/~selinger/random/
+ */
+static uint32_t test_random_state[31];
+
+uint32_t test_random(void) {
+    static unsigned int pos = 3;
+
+    if (pos == 31)
+        pos = 0;
+    test_random_state[pos] += test_random_state[(pos + 28) % 31];
+    return test_random_state[pos++] / 2;
+}
+
+void test_random_seed(uint32_t sd) {
+    int i;
+    int32_t s;
+    const unsigned int mod = (1u << 31) - 1;
+
+    test_random_state[0] = sd;
+    for (i = 1; i < 31; i++) {
+        s = (int32_t)test_random_state[i - 1];
+        test_random_state[i] = (uint32_t)((16807 * (int64_t)s) % mod);
+    }
+    for (i = 34; i < 344; i++)
+        test_random();
+}
diff --git a/deps/openssl/openssl/util/find-doc-nits b/deps/openssl/openssl/util/find-doc-nits
index 7340782662a9ae..699887a2674460 100755
--- a/deps/openssl/openssl/util/find-doc-nits
+++ b/deps/openssl/openssl/util/find-doc-nits
@@ -137,17 +137,17 @@ sub name_synopsis()
     }
 }
 
-# Check if SECTION is located before BEFORE
+# Check if SECTION ($3) is located before BEFORE ($4)
 sub check_section_location()
 {
-    my $filename = shift;
+    my $id = shift;
     my $contents = shift;
     my $section = shift;
     my $before = shift;
 
-    return unless $contents =~ /=head1 $section/
-        and $contents =~ /=head1 $before/;
-    print "$filename: $section should be placed before $before section\n"
+    return
+        unless $contents =~ /=head1 $section/ and $contents =~ /=head1 $before/;
+    print "$id $section should be placed before $before section\n"
         if $contents =~ /=head1 $before.*=head1 $section/ms;
 }
 
@@ -164,15 +164,15 @@ sub check()
         close POD;
     }
 
-    # Check if EXAMPLES is located after RETURN VALUES section.
-    &check_section_location($filename, $contents, "RETURN VALUES", "EXAMPLES") if $filename =~ m|man3/|;
-    # Check if HISTORY is located after SEE ALSO
-    &check_section_location($filename, $contents, "SEE ALSO", "HISTORY") if $filename =~ m|man3/|;
-    # Check if SEE ALSO is located after EXAMPLES
-    &check_section_location($filename, $contents, "EXAMPLES", "SEE ALSO") if $filename =~ m|man3/|;
-
     my $id = "${filename}:1:";
 
+    # Check ordering of some sections in man3
+    if ( $filename =~ m|man3/| ) {
+        &check_section_location($id, $contents, "RETURN VALUES", "EXAMPLES");
+        &check_section_location($id, $contents, "SEE ALSO", "HISTORY");
+        &check_section_location($id, $contents, "EXAMPLES", "SEE ALSO");
+    }
+
     &name_synopsis($id, $filename, $contents)
         unless $contents =~ /=for comment generic/
             or $filename =~ m@man[157]/@;
@@ -183,6 +183,10 @@ sub check()
         if $contents !~ /=cut\n$/;
     print "$id more than one cut line.\n"
         if $contents =~ /=cut.*=cut/ms;
+    print "$id EXAMPLE not EXAMPLES section.\n"
+        if $contents =~ /=head1 EXAMPLE[^S]/;
+    print "$id WARNING not WARNINGS section.\n"
+        if $contents =~ /=head1 WARNING[^S]/;
     print "$id missing copyright\n"
         if $contents !~ /Copyright .* The OpenSSL Project Authors/;
     print "$id copyright not last\n"
diff --git a/deps/openssl/openssl/util/libcrypto.num b/deps/openssl/openssl/util/libcrypto.num
index 474f9f950d1f4d..bf8b803c4c6782 100644
--- a/deps/openssl/openssl/util/libcrypto.num
+++ b/deps/openssl/openssl/util/libcrypto.num
@@ -4580,3 +4580,5 @@ EVP_PKEY_meth_get_digest_custom         4533	1_1_1	EXIST::FUNCTION:
 OPENSSL_INIT_set_config_filename        4534	1_1_1b	EXIST::FUNCTION:STDIO
 OPENSSL_INIT_set_config_file_flags      4535	1_1_1b	EXIST::FUNCTION:STDIO
 EVP_PKEY_get0_engine                    4536	1_1_1c	EXIST::FUNCTION:ENGINE
+X509_get0_authority_serial              4537	1_1_1d	EXIST::FUNCTION:
+X509_get0_authority_issuer              4538	1_1_1d	EXIST::FUNCTION:
diff --git a/deps/openssl/openssl/util/mkdef.pl b/deps/openssl/openssl/util/mkdef.pl
index bcbb475832d451..3ac79821b020dd 100755
--- a/deps/openssl/openssl/util/mkdef.pl
+++ b/deps/openssl/openssl/util/mkdef.pl
@@ -1,5 +1,5 @@
 #! /usr/bin/env perl
-# Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
 #
 # Licensed under the OpenSSL license (the "License").  You may not use
 # this file except in compliance with the License.  You can obtain a copy
@@ -360,7 +360,7 @@ sub do_defs
 
 		# params: symbol, alias, platforms, kind
 		# The reason to put this subroutine in a variable is that
-		# it will otherwise create it's own, unshared, version of
+		# it will otherwise create its own, unshared, version of
 		# %tag and %variant...
 		my $make_variant = sub
 		{
diff --git a/deps/openssl/openssl/util/mkerr.pl b/deps/openssl/openssl/util/mkerr.pl
index 0ea02961a5fdea..df085fb3dbdf05 100755
--- a/deps/openssl/openssl/util/mkerr.pl
+++ b/deps/openssl/openssl/util/mkerr.pl
@@ -1,5 +1,5 @@
 #! /usr/bin/env perl
-# Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 1999-2019 The OpenSSL Project Authors. All Rights Reserved.
 #
 # Licensed under the OpenSSL license (the "License").  You may not use
 # this file except in compliance with the License.  You can obtain a copy
@@ -417,9 +417,7 @@ sub help
 &phase("Writing files");
 my $newstate = 0;
 foreach my $lib ( keys %errorfile ) {
-    if ( ! $fnew{$lib} && ! $rnew{$lib} ) {
-        next unless $rebuild;
-    }
+    next if ! $fnew{$lib} && ! $rnew{$lib} && ! $rebuild;
     next if scalar keys %modules > 0 && !$modules{$lib};
     next if $nowrite;
     print STDERR "$lib: $fnew{$lib} new functions\n" if $fnew{$lib};
@@ -455,6 +453,8 @@ sub help
 #ifndef HEADER_${lib}ERR_H
 # define HEADER_${lib}ERR_H
 
+# include <openssl/symhacks.h>
+
 EOF
     if ( $internal ) {
         # Declare the load function because the generate C file
diff --git a/deps/openssl/openssl/util/perl/OpenSSL/Test.pm b/deps/openssl/openssl/util/perl/OpenSSL/Test.pm
index 9564b26046b997..49fb88feb7dad0 100644
--- a/deps/openssl/openssl/util/perl/OpenSSL/Test.pm
+++ b/deps/openssl/openssl/util/perl/OpenSSL/Test.pm
@@ -1,4 +1,4 @@
-# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
 #
 # Licensed under the OpenSSL license (the "License").  You may not use
 # this file except in compliance with the License.  You can obtain a copy
@@ -65,6 +65,7 @@ use File::Spec::Functions qw/file_name_is_absolute curdir canonpath splitdir
                              rel2abs/;
 use File::Path 2.00 qw/rmtree mkpath/;
 use File::Basename;
+use Cwd qw/abs_path/;
 
 my $level = 0;
 
@@ -164,13 +165,13 @@ C<indir> takes some additional options OPTS that affect the subdirectory:
 
 =item B<create =E<gt> 0|1>
 
-When set to 1 (or any value that perl preceives as true), the subdirectory
+When set to 1 (or any value that perl perceives as true), the subdirectory
 will be created if it doesn't already exist.  This happens before BLOCK
 is executed.
 
 =item B<cleanup =E<gt> 0|1>
 
-When set to 1 (or any value that perl preceives as true), the subdirectory
+When set to 1 (or any value that perl perceives as true), the subdirectory
 will be cleaned out and removed.  This happens both before and after BLOCK
 is executed.
 
@@ -869,8 +870,8 @@ failures will result in a C<BAIL_OUT> at the end of its run.
 sub __env {
     (my $recipe_datadir = basename($0)) =~ s/\.t$/_data/i;
 
-    $directories{SRCTOP}  = $ENV{SRCTOP} || $ENV{TOP};
-    $directories{BLDTOP}  = $ENV{BLDTOP} || $ENV{TOP};
+    $directories{SRCTOP}  = abs_path($ENV{SRCTOP} || $ENV{TOP});
+    $directories{BLDTOP}  = abs_path($ENV{BLDTOP} || $ENV{TOP});
     $directories{BLDAPPS} = $ENV{BIN_D}  || __bldtop_dir("apps");
     $directories{SRCAPPS} =                 __srctop_dir("apps");
     $directories{BLDFUZZ} =                 __bldtop_dir("fuzz");
diff --git a/deps/openssl/openssl/util/perl/TLSProxy/CertificateRequest.pm b/deps/openssl/openssl/util/perl/TLSProxy/CertificateRequest.pm
new file mode 100644
index 00000000000000..bc4105335dc7d3
--- /dev/null
+++ b/deps/openssl/openssl/util/perl/TLSProxy/CertificateRequest.pm
@@ -0,0 +1,105 @@
+# Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the Apache License 2.0 (the "License").  You may not use
+# this file except in compliance with the License.  You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+use strict;
+
+package TLSProxy::CertificateRequest;
+
+use vars '@ISA';
+push @ISA, 'TLSProxy::Message';
+
+sub new
+{
+    my $class = shift;
+    my ($server,
+        $data,
+        $records,
+        $startoffset,
+        $message_frag_lens) = @_;
+
+    my $self = $class->SUPER::new(
+        $server,
+        TLSProxy::Message::MT_CERTIFICATE_REQUEST,
+        $data,
+        $records,
+        $startoffset,
+        $message_frag_lens);
+
+    $self->{extension_data} = "";
+
+    return $self;
+}
+
+sub parse
+{
+    my $self = shift;
+    my $ptr = 1;
+
+    if (TLSProxy::Proxy->is_tls13()) {
+        my $request_ctx_len = unpack('C', $self->data);
+        my $request_ctx = substr($self->data, $ptr, $request_ctx_len);
+        $ptr += $request_ctx_len;
+
+        my $extensions_len = unpack('n', substr($self->data, $ptr));
+        $ptr += 2;
+        my $extension_data = substr($self->data, $ptr);
+        if (length($extension_data) != $extensions_len) {
+            die "Invalid extension length\n";
+        }
+        my %extensions = ();
+        while (length($extension_data) >= 4) {
+            my ($type, $size) = unpack("nn", $extension_data);
+            my $extdata = substr($extension_data, 4, $size);
+            $extension_data = substr($extension_data, 4 + $size);
+            $extensions{$type} = $extdata;
+        }
+        $self->extension_data(\%extensions);
+
+        print "    Extensions Len:".$extensions_len."\n";
+    }
+    # else parse TLSv1.2 version - we don't support that at the moment
+}
+
+#Reconstruct the on-the-wire message data following changes
+sub set_message_contents
+{
+    my $self = shift;
+    my $data;
+    my $extensions = "";
+
+    foreach my $key (keys %{$self->extension_data}) {
+        my $extdata = ${$self->extension_data}{$key};
+        $extensions .= pack("n", $key);
+        $extensions .= pack("n", length($extdata));
+        $extensions .= $extdata;
+    }
+
+    $data = pack('n', length($extensions));
+    $data .= $extensions;
+    $self->data($data);
+}
+
+#Read/write accessors
+sub extension_data
+{
+    my $self = shift;
+    if (@_) {
+        $self->{extension_data} = shift;
+    }
+    return $self->{extension_data};
+}
+sub set_extension
+{
+    my ($self, $ext_type, $ext_data) = @_;
+    $self->{extension_data}{$ext_type} = $ext_data;
+}
+sub delete_extension
+{
+    my ($self, $ext_type) = @_;
+    delete $self->{extension_data}{$ext_type};
+}
+1;
diff --git a/deps/openssl/openssl/util/perl/TLSProxy/Message.pm b/deps/openssl/openssl/util/perl/TLSProxy/Message.pm
index 5682ae3e1582be..10b61560746a9d 100644
--- a/deps/openssl/openssl/util/perl/TLSProxy/Message.pm
+++ b/deps/openssl/openssl/util/perl/TLSProxy/Message.pm
@@ -129,6 +129,11 @@ use constant {
     CIPHER_TLS13_AES_256_GCM_SHA384 => 0x1302
 };
 
+use constant {
+    CLIENT => 0,
+    SERVER => 1
+};
+
 my $payload = "";
 my $messlen = -1;
 my $mt;
@@ -338,6 +343,15 @@ sub create_message
             [@message_frag_lens]
         );
         $message->parse();
+    } elsif ($mt == MT_CERTIFICATE_REQUEST) {
+        $message = TLSProxy::CertificateRequest->new(
+            $server,
+            $data,
+            [@message_rec_list],
+            $startoffset,
+            [@message_frag_lens]
+        );
+        $message->parse();
     } elsif ($mt == MT_CERTIFICATE_VERIFY) {
         $message = TLSProxy::CertificateVerify->new(
             $server,
diff --git a/deps/openssl/openssl/util/perl/TLSProxy/Proxy.pm b/deps/openssl/openssl/util/perl/TLSProxy/Proxy.pm
index f7bca02e58aa63..71acaff9b41bc2 100644
--- a/deps/openssl/openssl/util/perl/TLSProxy/Proxy.pm
+++ b/deps/openssl/openssl/util/perl/TLSProxy/Proxy.pm
@@ -19,6 +19,7 @@ use TLSProxy::ClientHello;
 use TLSProxy::ServerHello;
 use TLSProxy::EncryptedExtensions;
 use TLSProxy::Certificate;
+use TLSProxy::CertificateRequest;
 use TLSProxy::CertificateVerify;
 use TLSProxy::ServerKeyExchange;
 use TLSProxy::NewSessionTicket;
diff --git a/deps/openssl/openssl/util/perl/checkhandshake.pm b/deps/openssl/openssl/util/perl/checkhandshake.pm
index c53b96d5ee2fb8..04441b5615801e 100644
--- a/deps/openssl/openssl/util/perl/checkhandshake.pm
+++ b/deps/openssl/openssl/util/perl/checkhandshake.pm
@@ -1,5 +1,5 @@
 #! /usr/bin/env perl
-# Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.
 #
 # Licensed under the OpenSSL license (the "License").  You may not use
 # this file except in compliance with the License.  You can obtain a copy
@@ -116,7 +116,8 @@ sub checkhandshake($$$$)
                     && $message->mt() != TLSProxy::Message::MT_SERVER_HELLO
                     && $message->mt() !=
                        TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS
-                    && $message->mt() != TLSProxy::Message::MT_CERTIFICATE);
+                    && $message->mt() != TLSProxy::Message::MT_CERTIFICATE
+                    && $message->mt() != TLSProxy::Message::MT_CERTIFICATE_REQUEST);
 
             next if $message->mt() == TLSProxy::Message::MT_CERTIFICATE
                     && !TLSProxy::Proxy::is_tls13();
@@ -124,7 +125,7 @@ sub checkhandshake($$$$)
             my $extchnum = 1;
             my $extshnum = 1;
             for (my $extloop = 0;
-                    $extensions[$extloop][2] != 0;
+                    $extensions[$extloop][3] != 0;
                     $extloop++) {
                 $extchnum = 2 if $extensions[$extloop][0] != TLSProxy::Message::MT_CLIENT_HELLO
                                  && TLSProxy::Proxy::is_tls13();
@@ -135,6 +136,7 @@ sub checkhandshake($$$$)
                 next if $extensions[$extloop][0] == TLSProxy::Message::MT_SERVER_HELLO
                                  && $extshnum != $shnum;
                 next if ($message->mt() != $extensions[$extloop][0]);
+                next if ($message->server() != $extensions[$extloop][2]);
                 $numtests++;
             }
             $numtests++;
@@ -182,7 +184,8 @@ sub checkhandshake($$$$)
                     && $message->mt() != TLSProxy::Message::MT_SERVER_HELLO
                     && $message->mt() !=
                        TLSProxy::Message::MT_ENCRYPTED_EXTENSIONS
-                    && $message->mt() != TLSProxy::Message::MT_CERTIFICATE);
+                    && $message->mt() != TLSProxy::Message::MT_CERTIFICATE
+                    && $message->mt() != TLSProxy::Message::MT_CERTIFICATE_REQUEST);
 
             next if $message->mt() == TLSProxy::Message::MT_CERTIFICATE
                     && !TLSProxy::Proxy::is_tls13();
@@ -197,7 +200,7 @@ sub checkhandshake($$$$)
             my $msgexts = $message->extension_data();
             my $extchnum = 1;
             my $extshnum = 1;
-            for (my $extloop = 0, $extcount = 0; $extensions[$extloop][2] != 0;
+            for (my $extloop = 0, $extcount = 0; $extensions[$extloop][3] != 0;
                                 $extloop++) {
                 #In TLSv1.3 we can have two ClientHellos if there has been a
                 #HelloRetryRequest, and they may have different extensions. Skip
@@ -211,12 +214,13 @@ sub checkhandshake($$$$)
                 next if $extensions[$extloop][0] == TLSProxy::Message::MT_SERVER_HELLO
                                  && $extshnum != $shnum;
                 next if ($message->mt() != $extensions[$extloop][0]);
-                ok (($extensions[$extloop][2] & $exttype) == 0
+                next if ($message->server() != $extensions[$extloop][2]);
+                ok (($extensions[$extloop][3] & $exttype) == 0
                       || defined ($msgexts->{$extensions[$extloop][1]}),
                     "Extension presence check (Message: ".$message->mt()
-                    ." Extension: ".($extensions[$extloop][2] & $exttype).", "
+                    ." Extension: ".($extensions[$extloop][3] & $exttype).", "
                     .$extloop.")");
-                $extcount++ if (($extensions[$extloop][2] & $exttype) != 0);
+                $extcount++ if (($extensions[$extloop][3] & $exttype) != 0);
             }
             ok($extcount == keys %$msgexts, "Extensions count mismatch ("
                                             .$extcount.", ".(keys %$msgexts)

From 5eb013b8540c3426ff7f9c8fdc20110ad9a8e757 Mon Sep 17 00:00:00 2001
From: Sam Roberts <vieuxtech@gmail.com>
Date: Fri, 13 Sep 2019 09:16:08 -0700
Subject: [PATCH 09/65] deps: update archs files for OpenSSL-1.1.1

After an OpenSSL source update, all the config files need to be
regenerated and comitted by:
    $ cd deps/openssl/config
    $ make
    $ git add deps/openssl/config/archs
    $ git add deps/openssl/openssl/crypto/include/internal/bn_conf.h
    $ git add deps/openssl/openssl/crypto/include/internal/dso_conf.h
    $ git add deps/openssl/openssl/include/openssl/opensslconf.h
    $ git commit

PR-URL: https://github.com/nodejs/node/pull/29550
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
---
 .../config/archs/BSD-x86/asm/configdata.pm    |    52 +-
 .../archs/BSD-x86/asm/crypto/buildinf.h       |    19 +-
 .../config/archs/BSD-x86/asm/openssl-cl.gypi  |     1 -
 .../config/archs/BSD-x86/asm/openssl.gypi     |     4 +-
 .../archs/BSD-x86/asm_avx2/configdata.pm      |    52 +-
 .../archs/BSD-x86/asm_avx2/crypto/buildinf.h  |    17 +-
 .../archs/BSD-x86/asm_avx2/openssl-cl.gypi    |     1 -
 .../archs/BSD-x86/asm_avx2/openssl.gypi       |     4 +-
 .../config/archs/BSD-x86/no-asm/configdata.pm |    14 +-
 .../archs/BSD-x86/no-asm/crypto/buildinf.h    |     2 +-
 .../config/archs/BSD-x86_64/asm/configdata.pm |    58 +-
 .../archs/BSD-x86_64/asm/crypto/buildinf.h    |    19 +-
 .../archs/BSD-x86_64/asm/openssl-cl.gypi      |     2 -
 .../config/archs/BSD-x86_64/asm/openssl.gypi  |     6 +-
 .../archs/BSD-x86_64/asm_avx2/configdata.pm   |    58 +-
 .../BSD-x86_64/asm_avx2/crypto/buildinf.h     |    19 +-
 .../archs/BSD-x86_64/asm_avx2/openssl-cl.gypi |     2 -
 .../archs/BSD-x86_64/asm_avx2/openssl.gypi    |     6 +-
 .../archs/BSD-x86_64/no-asm/configdata.pm     |    18 +-
 .../archs/BSD-x86_64/no-asm/crypto/buildinf.h |     2 +-
 .../config/archs/VC-WIN32/asm/configdata.pm   |    58 +-
 .../archs/VC-WIN32/asm/crypto/buildinf.h      |     2 +-
 .../config/archs/VC-WIN32/asm/openssl-cl.gypi |     1 -
 .../config/archs/VC-WIN32/asm/openssl.gypi    |     4 +-
 .../archs/VC-WIN32/asm_avx2/configdata.pm     |    58 +-
 .../archs/VC-WIN32/asm_avx2/crypto/buildinf.h |     2 +-
 .../archs/VC-WIN32/asm_avx2/openssl-cl.gypi   |     1 -
 .../archs/VC-WIN32/asm_avx2/openssl.gypi      |     4 +-
 .../archs/VC-WIN32/no-asm/configdata.pm       |    20 +-
 .../archs/VC-WIN32/no-asm/crypto/buildinf.h   |     2 +-
 .../archs/VC-WIN64-ARM/no-asm/configdata.pm   |    20 +-
 .../VC-WIN64-ARM/no-asm/crypto/buildinf.h     |     2 +-
 .../config/archs/VC-WIN64A/asm/configdata.pm  |    60 +-
 .../archs/VC-WIN64A/asm/crypto/buildinf.h     |     2 +-
 .../archs/VC-WIN64A/asm/openssl-cl.gypi       |     2 -
 .../config/archs/VC-WIN64A/asm/openssl.gypi   |     6 +-
 .../archs/VC-WIN64A/asm_avx2/configdata.pm    |    60 +-
 .../VC-WIN64A/asm_avx2/crypto/buildinf.h      |     2 +-
 .../archs/VC-WIN64A/asm_avx2/openssl-cl.gypi  |     2 -
 .../archs/VC-WIN64A/asm_avx2/openssl.gypi     |     6 +-
 .../archs/VC-WIN64A/no-asm/configdata.pm      |    20 +-
 .../archs/VC-WIN64A/no-asm/crypto/buildinf.h  |     2 +-
 .../config/archs/aix-gcc/asm/configdata.pm    |    20 +-
 .../archs/aix-gcc/asm/crypto/buildinf.h       |     2 +-
 .../archs/aix-gcc/asm_avx2/configdata.pm      |    20 +-
 .../archs/aix-gcc/asm_avx2/crypto/buildinf.h  |     2 +-
 .../config/archs/aix-gcc/no-asm/configdata.pm |    20 +-
 .../archs/aix-gcc/no-asm/crypto/buildinf.h    |     2 +-
 .../config/archs/aix64-gcc/asm/configdata.pm  |    20 +-
 .../archs/aix64-gcc/asm/crypto/buildinf.h     |     2 +-
 .../archs/aix64-gcc/asm_avx2/configdata.pm    |    20 +-
 .../aix64-gcc/asm_avx2/crypto/buildinf.h      |     2 +-
 .../archs/aix64-gcc/no-asm/configdata.pm      |    20 +-
 .../archs/aix64-gcc/no-asm/crypto/buildinf.h  |     2 +-
 .../archs/darwin-i386-cc/asm/configdata.pm    |    56 +-
 .../darwin-i386-cc/asm/crypto/buildinf.h      |    17 +-
 .../archs/darwin-i386-cc/asm/openssl-cl.gypi  |     1 -
 .../archs/darwin-i386-cc/asm/openssl.gypi     |     4 +-
 .../darwin-i386-cc/asm_avx2/configdata.pm     |    56 +-
 .../darwin-i386-cc/asm_avx2/crypto/buildinf.h |    17 +-
 .../darwin-i386-cc/asm_avx2/openssl-cl.gypi   |     1 -
 .../darwin-i386-cc/asm_avx2/openssl.gypi      |     4 +-
 .../archs/darwin-i386-cc/no-asm/configdata.pm |    18 +-
 .../darwin-i386-cc/no-asm/crypto/buildinf.h   |     2 +-
 .../darwin64-x86_64-cc/asm/configdata.pm      |    58 +-
 .../darwin64-x86_64-cc/asm/crypto/buildinf.h  |    17 +-
 .../darwin64-x86_64-cc/asm/openssl-cl.gypi    |     2 -
 .../archs/darwin64-x86_64-cc/asm/openssl.gypi |     6 +-
 .../darwin64-x86_64-cc/asm_avx2/configdata.pm |    58 +-
 .../asm_avx2/crypto/buildinf.h                |    17 +-
 .../asm_avx2/openssl-cl.gypi                  |     2 -
 .../darwin64-x86_64-cc/asm_avx2/openssl.gypi  |     6 +-
 .../darwin64-x86_64-cc/no-asm/configdata.pm   |    18 +-
 .../no-asm/crypto/buildinf.h                  |     2 +-
 .../archs/linux-aarch64/asm/configdata.pm     |    18 +-
 .../archs/linux-aarch64/asm/crypto/buildinf.h |     2 +-
 .../asm/crypto/sha/keccak1600-armv8.S         |    26 +-
 .../linux-aarch64/asm_avx2/configdata.pm      |    18 +-
 .../linux-aarch64/asm_avx2/crypto/buildinf.h  |     2 +-
 .../asm_avx2/crypto/sha/keccak1600-armv8.S    |    26 +-
 .../archs/linux-aarch64/no-asm/configdata.pm  |    18 +-
 .../linux-aarch64/no-asm/crypto/buildinf.h    |     2 +-
 .../archs/linux-armv4/asm/configdata.pm       |    18 +-
 .../archs/linux-armv4/asm/crypto/buildinf.h   |     2 +-
 .../asm/crypto/sha/keccak1600-armv4.S         |   222 +-
 .../archs/linux-armv4/asm_avx2/configdata.pm  |    18 +-
 .../linux-armv4/asm_avx2/crypto/buildinf.h    |     2 +-
 .../asm_avx2/crypto/sha/keccak1600-armv4.S    |   222 +-
 .../archs/linux-armv4/no-asm/configdata.pm    |    18 +-
 .../linux-armv4/no-asm/crypto/buildinf.h      |     2 +-
 .../config/archs/linux-elf/asm/configdata.pm  |    56 +-
 .../archs/linux-elf/asm/crypto/buildinf.h     |    14 +-
 .../archs/linux-elf/asm/openssl-cl.gypi       |     1 -
 .../config/archs/linux-elf/asm/openssl.gypi   |     4 +-
 .../archs/linux-elf/asm_avx2/configdata.pm    |    56 +-
 .../linux-elf/asm_avx2/crypto/buildinf.h      |    15 +-
 .../archs/linux-elf/asm_avx2/openssl-cl.gypi  |     1 -
 .../archs/linux-elf/asm_avx2/openssl.gypi     |     4 +-
 .../archs/linux-elf/no-asm/configdata.pm      |    18 +-
 .../archs/linux-elf/no-asm/crypto/buildinf.h  |     2 +-
 .../config/archs/linux-ppc/asm/configdata.pm  |    18 +-
 .../archs/linux-ppc/asm/crypto/buildinf.h     |     2 +-
 .../archs/linux-ppc/asm_avx2/configdata.pm    |    18 +-
 .../linux-ppc/asm_avx2/crypto/buildinf.h      |     2 +-
 .../archs/linux-ppc/no-asm/configdata.pm      |    18 +-
 .../archs/linux-ppc/no-asm/crypto/buildinf.h  |     2 +-
 .../archs/linux-ppc64/asm/configdata.pm       |    18 +-
 .../archs/linux-ppc64/asm/crypto/buildinf.h   |     2 +-
 .../archs/linux-ppc64/asm_avx2/configdata.pm  |    18 +-
 .../linux-ppc64/asm_avx2/crypto/buildinf.h    |     2 +-
 .../archs/linux-ppc64/no-asm/configdata.pm    |    18 +-
 .../linux-ppc64/no-asm/crypto/buildinf.h      |     2 +-
 .../archs/linux-ppc64le/asm/configdata.pm     |    18 +-
 .../archs/linux-ppc64le/asm/crypto/buildinf.h |     2 +-
 .../linux-ppc64le/asm_avx2/configdata.pm      |    18 +-
 .../linux-ppc64le/asm_avx2/crypto/buildinf.h  |     2 +-
 .../archs/linux-ppc64le/no-asm/configdata.pm  |    18 +-
 .../linux-ppc64le/no-asm/crypto/buildinf.h    |     2 +-
 .../config/archs/linux-x32/asm/configdata.pm  |    58 +-
 .../archs/linux-x32/asm/crypto/buildinf.h     |    15 +-
 .../archs/linux-x32/asm/openssl-cl.gypi       |     2 -
 .../config/archs/linux-x32/asm/openssl.gypi   |     6 +-
 .../archs/linux-x32/asm_avx2/configdata.pm    |    58 +-
 .../linux-x32/asm_avx2/crypto/buildinf.h      |    15 +-
 .../archs/linux-x32/asm_avx2/openssl-cl.gypi  |     2 -
 .../archs/linux-x32/asm_avx2/openssl.gypi     |     6 +-
 .../archs/linux-x32/no-asm/configdata.pm      |    18 +-
 .../archs/linux-x32/no-asm/crypto/buildinf.h  |     2 +-
 .../archs/linux-x86_64/asm/configdata.pm      |    58 +-
 .../archs/linux-x86_64/asm/crypto/buildinf.h  |    15 +-
 .../archs/linux-x86_64/asm/openssl-cl.gypi    |     2 -
 .../archs/linux-x86_64/asm/openssl.gypi       |     6 +-
 .../archs/linux-x86_64/asm_avx2/configdata.pm |    58 +-
 .../linux-x86_64/asm_avx2/crypto/buildinf.h   |    15 +-
 .../linux-x86_64/asm_avx2/openssl-cl.gypi     |     2 -
 .../archs/linux-x86_64/asm_avx2/openssl.gypi  |     6 +-
 .../archs/linux-x86_64/no-asm/configdata.pm   |    18 +-
 .../linux-x86_64/no-asm/crypto/buildinf.h     |     2 +-
 .../archs/linux32-s390x/asm/configdata.pm     |    15 +-
 .../archs/linux32-s390x/asm/crypto/buildinf.h |     2 +-
 .../linux32-s390x/asm_avx2/configdata.pm      |    15 +-
 .../linux32-s390x/asm_avx2/crypto/buildinf.h  |     2 +-
 .../archs/linux32-s390x/no-asm/configdata.pm  |    18 +-
 .../linux32-s390x/no-asm/crypto/buildinf.h    |     2 +-
 .../archs/linux64-mips64/asm/configdata.pm    |   852 +-
 .../linux64-mips64/asm/crypto/bn/bn-mips.S    |     2 +-
 .../linux64-mips64/asm/crypto/buildinf.h      |    24 +-
 .../asm/crypto/include/internal/dso_conf.h    |     4 +-
 .../archs/linux64-mips64/asm/openssl-cl.gypi  |     1 -
 .../archs/linux64-mips64/asm/openssl.gypi     |     1 -
 .../linux64-mips64/asm_avx2/configdata.pm     | 15988 ++++++++++++++++
 .../asm_avx2/crypto/aes/aes-mips.S            |  1874 ++
 .../asm_avx2/crypto/bn/bn-mips.S              |  2180 +++
 .../asm_avx2/crypto/bn/mips-mont.S            |   282 +
 .../linux64-mips64/asm_avx2/crypto/buildinf.h |    36 +
 .../crypto/include/internal/bn_conf.h         |    28 +
 .../crypto/include/internal/dso_conf.h        |    17 +
 .../asm_avx2/crypto/poly1305/poly1305-mips.S  |   333 +
 .../asm_avx2/crypto/sha/sha1-mips.S           |  3039 +++
 .../asm_avx2/crypto/sha/sha256-mips.S         |  3036 +++
 .../asm_avx2/crypto/sha/sha512-mips.S         |  3204 ++++
 .../asm_avx2/include/openssl/opensslconf.h    |   198 +
 .../linux64-mips64/asm_avx2/include/progs.h   |   507 +
 .../linux64-mips64/asm_avx2/openssl-cl.gypi   |    86 +
 .../linux64-mips64/asm_avx2/openssl.gypi      |   723 +
 .../archs/linux64-mips64/no-asm/configdata.pm |   848 +-
 .../linux64-mips64/no-asm/crypto/buildinf.h   |     2 +-
 .../no-asm/crypto/include/internal/dso_conf.h |     4 +-
 .../archs/linux64-s390x/asm/configdata.pm     |    15 +-
 .../archs/linux64-s390x/asm/crypto/buildinf.h |     2 +-
 .../linux64-s390x/asm_avx2/configdata.pm      |    15 +-
 .../linux64-s390x/asm_avx2/crypto/buildinf.h  |     2 +-
 .../archs/linux64-s390x/no-asm/configdata.pm  |    18 +-
 .../linux64-s390x/no-asm/crypto/buildinf.h    |     2 +-
 .../archs/solaris-x86-gcc/asm/configdata.pm   |    56 +-
 .../solaris-x86-gcc/asm/crypto/buildinf.h     |    15 +-
 .../archs/solaris-x86-gcc/asm/openssl-cl.gypi |     1 -
 .../archs/solaris-x86-gcc/asm/openssl.gypi    |     4 +-
 .../solaris-x86-gcc/asm_avx2/configdata.pm    |    56 +-
 .../asm_avx2/crypto/buildinf.h                |    15 +-
 .../solaris-x86-gcc/asm_avx2/openssl-cl.gypi  |     1 -
 .../solaris-x86-gcc/asm_avx2/openssl.gypi     |     4 +-
 .../solaris-x86-gcc/no-asm/configdata.pm      |    18 +-
 .../solaris-x86-gcc/no-asm/crypto/buildinf.h  |     2 +-
 .../solaris64-x86_64-gcc/asm/configdata.pm    |    58 +-
 .../asm/crypto/buildinf.h                     |    15 +-
 .../solaris64-x86_64-gcc/asm/openssl-cl.gypi  |     2 -
 .../solaris64-x86_64-gcc/asm/openssl.gypi     |     6 +-
 .../asm_avx2/configdata.pm                    |    58 +-
 .../asm_avx2/crypto/buildinf.h                |    15 +-
 .../asm_avx2/openssl-cl.gypi                  |     2 -
 .../asm_avx2/openssl.gypi                     |     6 +-
 .../solaris64-x86_64-gcc/no-asm/configdata.pm |    18 +-
 .../no-asm/crypto/buildinf.h                  |     2 +-
 .../openssl/crypto/include/internal/bn_conf.h |     1 +
 .../crypto/include/internal/dso_conf.h        |     1 +
 .../openssl/include/openssl/opensslconf.h     |     1 +
 197 files changed, 34115 insertions(+), 2136 deletions(-)
 create mode 100644 deps/openssl/config/archs/linux64-mips64/asm_avx2/configdata.pm
 create mode 100644 deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/aes/aes-mips.S
 create mode 100644 deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/bn/bn-mips.S
 create mode 100644 deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/bn/mips-mont.S
 create mode 100644 deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/buildinf.h
 create mode 100644 deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/include/internal/bn_conf.h
 create mode 100644 deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/include/internal/dso_conf.h
 create mode 100644 deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/poly1305/poly1305-mips.S
 create mode 100644 deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/sha/sha1-mips.S
 create mode 100644 deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/sha/sha256-mips.S
 create mode 100644 deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/sha/sha512-mips.S
 create mode 100644 deps/openssl/config/archs/linux64-mips64/asm_avx2/include/openssl/opensslconf.h
 create mode 100644 deps/openssl/config/archs/linux64-mips64/asm_avx2/include/progs.h
 create mode 100644 deps/openssl/config/archs/linux64-mips64/asm_avx2/openssl-cl.gypi
 create mode 100644 deps/openssl/config/archs/linux64-mips64/asm_avx2/openssl.gypi
 create mode 100644 deps/openssl/openssl/crypto/include/internal/bn_conf.h
 create mode 100644 deps/openssl/openssl/crypto/include/internal/dso_conf.h
 create mode 100644 deps/openssl/openssl/include/openssl/opensslconf.h

diff --git a/deps/openssl/config/archs/BSD-x86/asm/configdata.pm b/deps/openssl/config/archs/BSD-x86/asm/configdata.pm
index 767b366c5fd67c..60838a7aa0d12e 100644
--- a/deps/openssl/config/archs/BSD-x86/asm/configdata.pm
+++ b/deps/openssl/config/archs/BSD-x86/asm/configdata.pm
@@ -48,7 +48,7 @@ our %config = (
   export_var_as_fn => "0",
   includes => [  ],
   lflags => [  ],
-  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_BN_ASM_PART_WORDS", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "RC4_ASM", "MD5_ASM", "RMD160_ASM", "AES_ASM", "VPAES_ASM", "WHIRLPOOL_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "POLY1305_ASM" ],
+  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_BN_ASM_PART_WORDS", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "RC4_ASM", "MD5_ASM", "RMD160_ASM", "VPAES_ASM", "WHIRLPOOL_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "POLY1305_ASM" ],
   libdir => "",
   major => "1",
   makedepprog => "\$(CROSS_COMPILE)gcc",
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "BSD-x86",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -124,8 +124,8 @@ our %target = (
   RANLIB => "ranlib",
   RC => "windres",
   _conf_fname_int => [ "Configurations/00-base-templates.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/shared-info.pl" ],
-  aes_asm_src => "aes-586.s vpaes-x86.s aesni-x86.s",
-  aes_obj => "aes-586.o vpaes-x86.o aesni-x86.o",
+  aes_asm_src => "aes_core.c aes_cbc.c vpaes-x86.s aesni-x86.s",
+  aes_obj => "aes_core.o aes_cbc.o vpaes-x86.o aesni-x86.o",
   apps_aux_src => "",
   apps_init_src => "",
   apps_obj => "",
@@ -1683,8 +1683,9 @@ our %unified_info = (
                 {
                     "deps" =>
                         [
-                            "crypto/aes/aes-586.o",
+                            "crypto/aes/aes_cbc.o",
                             "crypto/aes/aes_cfb.o",
+                            "crypto/aes/aes_core.o",
                             "crypto/aes/aes_ecb.o",
                             "crypto/aes/aes_ige.o",
                             "crypto/aes/aes_misc.o",
@@ -3226,6 +3227,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -4839,12 +4841,6 @@ our %unified_info = (
                     "include",
                     "apps",
                 ],
-            "crypto/aes/aes-586.o" =>
-                [
-                    ".",
-                    "crypto/include",
-                    "include",
-                ],
             "crypto/aes/aes-armv4.o" =>
                 [
                     "crypto",
@@ -4861,12 +4857,24 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
+            "crypto/aes/aes_cbc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
             "crypto/aes/aes_cfb.o" =>
                 [
                     ".",
                     "crypto/include",
                     "include",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     ".",
@@ -9985,6 +9993,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -10618,14 +10630,18 @@ our %unified_info = (
                 [
                     "apps/x509.c",
                 ],
-            "crypto/aes/aes-586.o" =>
+            "crypto/aes/aes_cbc.o" =>
                 [
-                    "crypto/aes/aes-586.s",
+                    "crypto/aes/aes_cbc.c",
                 ],
             "crypto/aes/aes_cfb.o" =>
                 [
                     "crypto/aes/aes_cfb.c",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    "crypto/aes/aes_core.c",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     "crypto/aes/aes_ecb.c",
@@ -13319,8 +13335,9 @@ our %unified_info = (
                 ],
             "libcrypto" =>
                 [
-                    "crypto/aes/aes-586.o",
+                    "crypto/aes/aes_cbc.o",
                     "crypto/aes/aes_cfb.o",
+                    "crypto/aes/aes_core.o",
                     "crypto/aes/aes_ecb.o",
                     "crypto/aes/aes_ige.o",
                     "crypto/aes/aes_misc.o",
@@ -15223,6 +15240,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15568,6 +15586,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/BSD-x86/asm/crypto/buildinf.h b/deps/openssl/config/archs/BSD-x86/asm/crypto/buildinf.h
index 77c385daaa303c..feabbb00ba4bc3 100644
--- a/deps/openssl/config/archs/BSD-x86/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/BSD-x86/asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: BSD-x86"
-#define DATE "built on: Mon Jul 22 14:54:03 2019 UTC"
+#define DATE "built on: Fri Sep 13 15:57:16 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
@@ -36,13 +36,12 @@ static const char compiler_flags[] = {
     'M',' ','-','D','S','H','A','2','5','6','_','A','S','M',' ','-',
     'D','S','H','A','5','1','2','_','A','S','M',' ','-','D','R','C',
     '4','_','A','S','M',' ','-','D','M','D','5','_','A','S','M',' ',
-    '-','D','R','M','D','1','6','0','_','A','S','M',' ','-','D','A',
-    'E','S','_','A','S','M',' ','-','D','V','P','A','E','S','_','A',
-    'S','M',' ','-','D','W','H','I','R','L','P','O','O','L','_','A',
-    'S','M',' ','-','D','G','H','A','S','H','_','A','S','M',' ','-',
-    'D','E','C','P','_','N','I','S','T','Z','2','5','6','_','A','S',
-    'M',' ','-','D','P','O','L','Y','1','3','0','5','_','A','S','M',
-    ' ','-','D','_','T','H','R','E','A','D','_','S','A','F','E',' ',
-    '-','D','_','R','E','E','N','T','R','A','N','T',' ','-','D','N',
-    'D','E','B','U','G','\0'
+    '-','D','R','M','D','1','6','0','_','A','S','M',' ','-','D','V',
+    'P','A','E','S','_','A','S','M',' ','-','D','W','H','I','R','L',
+    'P','O','O','L','_','A','S','M',' ','-','D','G','H','A','S','H',
+    '_','A','S','M',' ','-','D','E','C','P','_','N','I','S','T','Z',
+    '2','5','6','_','A','S','M',' ','-','D','P','O','L','Y','1','3',
+    '0','5','_','A','S','M',' ','-','D','_','T','H','R','E','A','D',
+    '_','S','A','F','E',' ','-','D','_','R','E','E','N','T','R','A',
+    'N','T',' ','-','D','N','D','E','B','U','G','\0'
 };
diff --git a/deps/openssl/config/archs/BSD-x86/asm/openssl-cl.gypi b/deps/openssl/config/archs/BSD-x86/asm/openssl-cl.gypi
index 14d7b29778f3c0..96efa1c4bb1118 100644
--- a/deps/openssl/config/archs/BSD-x86/asm/openssl-cl.gypi
+++ b/deps/openssl/config/archs/BSD-x86/asm/openssl-cl.gypi
@@ -15,7 +15,6 @@
       'RC4_ASM',
       'MD5_ASM',
       'RMD160_ASM',
-      'AES_ASM',
       'VPAES_ASM',
       'WHIRLPOOL_ASM',
       'GHASH_ASM',
diff --git a/deps/openssl/config/archs/BSD-x86/asm/openssl.gypi b/deps/openssl/config/archs/BSD-x86/asm/openssl.gypi
index 677da3cdab0458..5e6af396479e3a 100644
--- a/deps/openssl/config/archs/BSD-x86/asm/openssl.gypi
+++ b/deps/openssl/config/archs/BSD-x86/asm/openssl.gypi
@@ -45,7 +45,9 @@
       'openssl/ssl/t1_trce.c',
       'openssl/ssl/tls13_enc.c',
       'openssl/ssl/tls_srp.c',
+      'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
+      'openssl/crypto/aes/aes_core.c',
       'openssl/crypto/aes/aes_ecb.c',
       'openssl/crypto/aes/aes_ige.c',
       'openssl/crypto/aes/aes_misc.c',
@@ -672,7 +674,6 @@
       'openssl/engines/e_padlock.c',
     ],
     'openssl_sources_BSD-x86': [
-      './config/archs/BSD-x86/asm/crypto/aes/aes-586.s',
       './config/archs/BSD-x86/asm/crypto/aes/aesni-x86.s',
       './config/archs/BSD-x86/asm/crypto/aes/vpaes-x86.s',
       './config/archs/BSD-x86/asm/crypto/bf/bf-586.s',
@@ -712,7 +713,6 @@
       'RC4_ASM',
       'MD5_ASM',
       'RMD160_ASM',
-      'AES_ASM',
       'VPAES_ASM',
       'WHIRLPOOL_ASM',
       'GHASH_ASM',
diff --git a/deps/openssl/config/archs/BSD-x86/asm_avx2/configdata.pm b/deps/openssl/config/archs/BSD-x86/asm_avx2/configdata.pm
index b47803a3a49ab0..15ac34550bee59 100644
--- a/deps/openssl/config/archs/BSD-x86/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/BSD-x86/asm_avx2/configdata.pm
@@ -48,7 +48,7 @@ our %config = (
   export_var_as_fn => "0",
   includes => [  ],
   lflags => [  ],
-  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_BN_ASM_PART_WORDS", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "RC4_ASM", "MD5_ASM", "RMD160_ASM", "AES_ASM", "VPAES_ASM", "WHIRLPOOL_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "POLY1305_ASM" ],
+  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_BN_ASM_PART_WORDS", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "RC4_ASM", "MD5_ASM", "RMD160_ASM", "VPAES_ASM", "WHIRLPOOL_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "POLY1305_ASM" ],
   libdir => "",
   major => "1",
   makedepprog => "\$(CROSS_COMPILE)../config/fake_gcc.pl",
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "BSD-x86",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -124,8 +124,8 @@ our %target = (
   RANLIB => "ranlib",
   RC => "windres",
   _conf_fname_int => [ "Configurations/00-base-templates.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/shared-info.pl" ],
-  aes_asm_src => "aes-586.s vpaes-x86.s aesni-x86.s",
-  aes_obj => "aes-586.o vpaes-x86.o aesni-x86.o",
+  aes_asm_src => "aes_core.c aes_cbc.c vpaes-x86.s aesni-x86.s",
+  aes_obj => "aes_core.o aes_cbc.o vpaes-x86.o aesni-x86.o",
   apps_aux_src => "",
   apps_init_src => "",
   apps_obj => "",
@@ -1683,8 +1683,9 @@ our %unified_info = (
                 {
                     "deps" =>
                         [
-                            "crypto/aes/aes-586.o",
+                            "crypto/aes/aes_cbc.o",
                             "crypto/aes/aes_cfb.o",
+                            "crypto/aes/aes_core.o",
                             "crypto/aes/aes_ecb.o",
                             "crypto/aes/aes_ige.o",
                             "crypto/aes/aes_misc.o",
@@ -3226,6 +3227,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -4839,12 +4841,6 @@ our %unified_info = (
                     "include",
                     "apps",
                 ],
-            "crypto/aes/aes-586.o" =>
-                [
-                    ".",
-                    "crypto/include",
-                    "include",
-                ],
             "crypto/aes/aes-armv4.o" =>
                 [
                     "crypto",
@@ -4861,12 +4857,24 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
+            "crypto/aes/aes_cbc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
             "crypto/aes/aes_cfb.o" =>
                 [
                     ".",
                     "crypto/include",
                     "include",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     ".",
@@ -9985,6 +9993,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -10618,14 +10630,18 @@ our %unified_info = (
                 [
                     "apps/x509.c",
                 ],
-            "crypto/aes/aes-586.o" =>
+            "crypto/aes/aes_cbc.o" =>
                 [
-                    "crypto/aes/aes-586.s",
+                    "crypto/aes/aes_cbc.c",
                 ],
             "crypto/aes/aes_cfb.o" =>
                 [
                     "crypto/aes/aes_cfb.c",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    "crypto/aes/aes_core.c",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     "crypto/aes/aes_ecb.c",
@@ -13319,8 +13335,9 @@ our %unified_info = (
                 ],
             "libcrypto" =>
                 [
-                    "crypto/aes/aes-586.o",
+                    "crypto/aes/aes_cbc.o",
                     "crypto/aes/aes_cfb.o",
+                    "crypto/aes/aes_core.o",
                     "crypto/aes/aes_ecb.o",
                     "crypto/aes/aes_ige.o",
                     "crypto/aes/aes_misc.o",
@@ -15223,6 +15240,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15568,6 +15586,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/BSD-x86/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/BSD-x86/asm_avx2/crypto/buildinf.h
index ed9e2ccbb47b7c..e3bc6a9e02edd8 100644
--- a/deps/openssl/config/archs/BSD-x86/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/BSD-x86/asm_avx2/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: BSD-x86"
-#define DATE "built on: Mon Jul 22 14:54:06 2019 UTC"
+#define DATE "built on: Fri Sep 13 15:57:23 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
@@ -38,12 +38,11 @@ static const char compiler_flags[] = {
     ' ','-','D','S','H','A','5','1','2','_','A','S','M',' ','-','D',
     'R','C','4','_','A','S','M',' ','-','D','M','D','5','_','A','S',
     'M',' ','-','D','R','M','D','1','6','0','_','A','S','M',' ','-',
-    'D','A','E','S','_','A','S','M',' ','-','D','V','P','A','E','S',
-    '_','A','S','M',' ','-','D','W','H','I','R','L','P','O','O','L',
-    '_','A','S','M',' ','-','D','G','H','A','S','H','_','A','S','M',
-    ' ','-','D','E','C','P','_','N','I','S','T','Z','2','5','6','_',
-    'A','S','M',' ','-','D','P','O','L','Y','1','3','0','5','_','A',
-    'S','M',' ','-','D','_','T','H','R','E','A','D','_','S','A','F',
-    'E',' ','-','D','_','R','E','E','N','T','R','A','N','T',' ','-',
-    'D','N','D','E','B','U','G','\0'
+    'D','V','P','A','E','S','_','A','S','M',' ','-','D','W','H','I',
+    'R','L','P','O','O','L','_','A','S','M',' ','-','D','G','H','A',
+    'S','H','_','A','S','M',' ','-','D','E','C','P','_','N','I','S',
+    'T','Z','2','5','6','_','A','S','M',' ','-','D','P','O','L','Y',
+    '1','3','0','5','_','A','S','M',' ','-','D','_','T','H','R','E',
+    'A','D','_','S','A','F','E',' ','-','D','_','R','E','E','N','T',
+    'R','A','N','T',' ','-','D','N','D','E','B','U','G','\0'
 };
diff --git a/deps/openssl/config/archs/BSD-x86/asm_avx2/openssl-cl.gypi b/deps/openssl/config/archs/BSD-x86/asm_avx2/openssl-cl.gypi
index 14d7b29778f3c0..96efa1c4bb1118 100644
--- a/deps/openssl/config/archs/BSD-x86/asm_avx2/openssl-cl.gypi
+++ b/deps/openssl/config/archs/BSD-x86/asm_avx2/openssl-cl.gypi
@@ -15,7 +15,6 @@
       'RC4_ASM',
       'MD5_ASM',
       'RMD160_ASM',
-      'AES_ASM',
       'VPAES_ASM',
       'WHIRLPOOL_ASM',
       'GHASH_ASM',
diff --git a/deps/openssl/config/archs/BSD-x86/asm_avx2/openssl.gypi b/deps/openssl/config/archs/BSD-x86/asm_avx2/openssl.gypi
index a4b46f71186fce..0645934ea717a8 100644
--- a/deps/openssl/config/archs/BSD-x86/asm_avx2/openssl.gypi
+++ b/deps/openssl/config/archs/BSD-x86/asm_avx2/openssl.gypi
@@ -45,7 +45,9 @@
       'openssl/ssl/t1_trce.c',
       'openssl/ssl/tls13_enc.c',
       'openssl/ssl/tls_srp.c',
+      'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
+      'openssl/crypto/aes/aes_core.c',
       'openssl/crypto/aes/aes_ecb.c',
       'openssl/crypto/aes/aes_ige.c',
       'openssl/crypto/aes/aes_misc.c',
@@ -672,7 +674,6 @@
       'openssl/engines/e_padlock.c',
     ],
     'openssl_sources_BSD-x86': [
-      './config/archs/BSD-x86/asm_avx2/crypto/aes/aes-586.s',
       './config/archs/BSD-x86/asm_avx2/crypto/aes/aesni-x86.s',
       './config/archs/BSD-x86/asm_avx2/crypto/aes/vpaes-x86.s',
       './config/archs/BSD-x86/asm_avx2/crypto/bf/bf-586.s',
@@ -712,7 +713,6 @@
       'RC4_ASM',
       'MD5_ASM',
       'RMD160_ASM',
-      'AES_ASM',
       'VPAES_ASM',
       'WHIRLPOOL_ASM',
       'GHASH_ASM',
diff --git a/deps/openssl/config/archs/BSD-x86/no-asm/configdata.pm b/deps/openssl/config/archs/BSD-x86/no-asm/configdata.pm
index 3bcb1cb3f10c0f..c406c0cc9873b8 100644
--- a/deps/openssl/config/archs/BSD-x86/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/BSD-x86/no-asm/configdata.pm
@@ -110,8 +110,8 @@ our %config = (
   sourcedir => ".",
   target => "BSD-x86",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -3212,6 +3212,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -9899,6 +9900,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15077,6 +15082,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15422,6 +15428,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/BSD-x86/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/BSD-x86/no-asm/crypto/buildinf.h
index 507d98f23d6edd..c1c537b3fb0604 100644
--- a/deps/openssl/config/archs/BSD-x86/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/BSD-x86/no-asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: BSD-x86"
-#define DATE "built on: Mon Jul 22 14:54:09 2019 UTC"
+#define DATE "built on: Fri Sep 13 15:57:29 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/BSD-x86_64/asm/configdata.pm b/deps/openssl/config/archs/BSD-x86_64/asm/configdata.pm
index 068dd9fb50fb7d..958b30cc6a1612 100644
--- a/deps/openssl/config/archs/BSD-x86_64/asm/configdata.pm
+++ b/deps/openssl/config/archs/BSD-x86_64/asm/configdata.pm
@@ -48,7 +48,7 @@ our %config = (
   export_var_as_fn => "0",
   includes => [  ],
   lflags => [  ],
-  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_MONT5", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "KECCAK1600_ASM", "RC4_ASM", "MD5_ASM", "AES_ASM", "VPAES_ASM", "BSAES_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "X25519_ASM", "POLY1305_ASM" ],
+  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_MONT5", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "KECCAK1600_ASM", "RC4_ASM", "MD5_ASM", "VPAES_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "X25519_ASM", "POLY1305_ASM" ],
   libdir => "",
   major => "1",
   makedepprog => "\$(CROSS_COMPILE)gcc",
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "BSD-x86_64",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -124,8 +124,8 @@ our %target = (
   RANLIB => "ranlib",
   RC => "windres",
   _conf_fname_int => [ "Configurations/00-base-templates.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/10-main.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/shared-info.pl" ],
-  aes_asm_src => "aes-x86_64.s vpaes-x86_64.s bsaes-x86_64.s aesni-x86_64.s aesni-sha1-x86_64.s aesni-sha256-x86_64.s aesni-mb-x86_64.s",
-  aes_obj => "aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o",
+  aes_asm_src => "aes_core.c aes_cbc.c vpaes-x86_64.s aesni-x86_64.s aesni-sha1-x86_64.s aesni-sha256-x86_64.s aesni-mb-x86_64.s",
+  aes_obj => "aes_core.o aes_cbc.o vpaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o",
   apps_aux_src => "",
   apps_init_src => "",
   apps_obj => "",
@@ -1692,8 +1692,9 @@ our %unified_info = (
                 {
                     "deps" =>
                         [
-                            "crypto/aes/aes-x86_64.o",
+                            "crypto/aes/aes_cbc.o",
                             "crypto/aes/aes_cfb.o",
+                            "crypto/aes/aes_core.o",
                             "crypto/aes/aes_ecb.o",
                             "crypto/aes/aes_ige.o",
                             "crypto/aes/aes_misc.o",
@@ -1703,7 +1704,6 @@ our %unified_info = (
                             "crypto/aes/aesni-sha1-x86_64.o",
                             "crypto/aes/aesni-sha256-x86_64.o",
                             "crypto/aes/aesni-x86_64.o",
-                            "crypto/aes/bsaes-x86_64.o",
                             "crypto/aes/vpaes-x86_64.o",
                         ],
                     "products" =>
@@ -3259,6 +3259,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -4900,7 +4901,7 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/aes/aes-x86_64.o" =>
+            "crypto/aes/aes_cbc.o" =>
                 [
                     ".",
                     "crypto/include",
@@ -4912,6 +4913,12 @@ our %unified_info = (
                     "crypto/include",
                     "include",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     ".",
@@ -4982,12 +4989,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/aes/bsaes-x86_64.o" =>
-                [
-                    ".",
-                    "crypto/include",
-                    "include",
-                ],
             "crypto/aes/vpaes-x86_64.o" =>
                 [
                     ".",
@@ -7956,10 +7957,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -10100,6 +10097,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -10733,14 +10734,18 @@ our %unified_info = (
                 [
                     "apps/x509.c",
                 ],
-            "crypto/aes/aes-x86_64.o" =>
+            "crypto/aes/aes_cbc.o" =>
                 [
-                    "crypto/aes/aes-x86_64.s",
+                    "crypto/aes/aes_cbc.c",
                 ],
             "crypto/aes/aes_cfb.o" =>
                 [
                     "crypto/aes/aes_cfb.c",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    "crypto/aes/aes_core.c",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     "crypto/aes/aes_ecb.c",
@@ -10777,10 +10782,6 @@ our %unified_info = (
                 [
                     "crypto/aes/aesni-x86_64.s",
                 ],
-            "crypto/aes/bsaes-x86_64.o" =>
-                [
-                    "crypto/aes/bsaes-x86_64.s",
-                ],
             "crypto/aes/vpaes-x86_64.o" =>
                 [
                     "crypto/aes/vpaes-x86_64.s",
@@ -13478,8 +13479,9 @@ our %unified_info = (
                 ],
             "libcrypto" =>
                 [
-                    "crypto/aes/aes-x86_64.o",
+                    "crypto/aes/aes_cbc.o",
                     "crypto/aes/aes_cfb.o",
+                    "crypto/aes/aes_core.o",
                     "crypto/aes/aes_ecb.o",
                     "crypto/aes/aes_ige.o",
                     "crypto/aes/aes_misc.o",
@@ -13489,7 +13491,6 @@ our %unified_info = (
                     "crypto/aes/aesni-sha1-x86_64.o",
                     "crypto/aes/aesni-sha256-x86_64.o",
                     "crypto/aes/aesni-x86_64.o",
-                    "crypto/aes/bsaes-x86_64.o",
                     "crypto/aes/vpaes-x86_64.o",
                     "crypto/aria/aria.o",
                     "crypto/asn1/a_bitstr.o",
@@ -15393,6 +15394,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15738,6 +15740,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/BSD-x86_64/asm/crypto/buildinf.h b/deps/openssl/config/archs/BSD-x86_64/asm/crypto/buildinf.h
index 0c62ca8d17630d..3eb8d7ca6bad4a 100644
--- a/deps/openssl/config/archs/BSD-x86_64/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/BSD-x86_64/asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: BSD-x86_64"
-#define DATE "built on: Wed Jun 12 20:53:27 2019 UTC"
+#define DATE "built on: Fri Sep 13 15:57:33 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
@@ -35,13 +35,12 @@ static const char compiler_flags[] = {
     '_','A','S','M',' ','-','D','S','H','A','5','1','2','_','A','S',
     'M',' ','-','D','K','E','C','C','A','K','1','6','0','0','_','A',
     'S','M',' ','-','D','R','C','4','_','A','S','M',' ','-','D','M',
-    'D','5','_','A','S','M',' ','-','D','A','E','S','_','A','S','M',
-    ' ','-','D','V','P','A','E','S','_','A','S','M',' ','-','D','B',
-    'S','A','E','S','_','A','S','M',' ','-','D','G','H','A','S','H',
-    '_','A','S','M',' ','-','D','E','C','P','_','N','I','S','T','Z',
-    '2','5','6','_','A','S','M',' ','-','D','X','2','5','5','1','9',
-    '_','A','S','M',' ','-','D','P','O','L','Y','1','3','0','5','_',
-    'A','S','M',' ','-','D','_','T','H','R','E','A','D','_','S','A',
-    'F','E',' ','-','D','_','R','E','E','N','T','R','A','N','T',' ',
-    '-','D','N','D','E','B','U','G','\0'
+    'D','5','_','A','S','M',' ','-','D','V','P','A','E','S','_','A',
+    'S','M',' ','-','D','G','H','A','S','H','_','A','S','M',' ','-',
+    'D','E','C','P','_','N','I','S','T','Z','2','5','6','_','A','S',
+    'M',' ','-','D','X','2','5','5','1','9','_','A','S','M',' ','-',
+    'D','P','O','L','Y','1','3','0','5','_','A','S','M',' ','-','D',
+    '_','T','H','R','E','A','D','_','S','A','F','E',' ','-','D','_',
+    'R','E','E','N','T','R','A','N','T',' ','-','D','N','D','E','B',
+    'U','G','\0'
 };
diff --git a/deps/openssl/config/archs/BSD-x86_64/asm/openssl-cl.gypi b/deps/openssl/config/archs/BSD-x86_64/asm/openssl-cl.gypi
index fc37c33c969934..046ed1ab79500b 100644
--- a/deps/openssl/config/archs/BSD-x86_64/asm/openssl-cl.gypi
+++ b/deps/openssl/config/archs/BSD-x86_64/asm/openssl-cl.gypi
@@ -15,9 +15,7 @@
       'KECCAK1600_ASM',
       'RC4_ASM',
       'MD5_ASM',
-      'AES_ASM',
       'VPAES_ASM',
-      'BSAES_ASM',
       'GHASH_ASM',
       'ECP_NISTZ256_ASM',
       'X25519_ASM',
diff --git a/deps/openssl/config/archs/BSD-x86_64/asm/openssl.gypi b/deps/openssl/config/archs/BSD-x86_64/asm/openssl.gypi
index cbfe13a9055491..08b438900a5857 100644
--- a/deps/openssl/config/archs/BSD-x86_64/asm/openssl.gypi
+++ b/deps/openssl/config/archs/BSD-x86_64/asm/openssl.gypi
@@ -45,7 +45,9 @@
       'openssl/ssl/t1_trce.c',
       'openssl/ssl/tls13_enc.c',
       'openssl/ssl/tls_srp.c',
+      'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
+      'openssl/crypto/aes/aes_core.c',
       'openssl/crypto/aes/aes_ecb.c',
       'openssl/crypto/aes/aes_ige.c',
       'openssl/crypto/aes/aes_misc.c',
@@ -676,12 +678,10 @@
       'openssl/engines/e_padlock.c',
     ],
     'openssl_sources_BSD-x86_64': [
-      './config/archs/BSD-x86_64/asm/crypto/aes/aes-x86_64.s',
       './config/archs/BSD-x86_64/asm/crypto/aes/aesni-mb-x86_64.s',
       './config/archs/BSD-x86_64/asm/crypto/aes/aesni-sha1-x86_64.s',
       './config/archs/BSD-x86_64/asm/crypto/aes/aesni-sha256-x86_64.s',
       './config/archs/BSD-x86_64/asm/crypto/aes/aesni-x86_64.s',
-      './config/archs/BSD-x86_64/asm/crypto/aes/bsaes-x86_64.s',
       './config/archs/BSD-x86_64/asm/crypto/aes/vpaes-x86_64.s',
       './config/archs/BSD-x86_64/asm/crypto/bn/rsaz-avx2.s',
       './config/archs/BSD-x86_64/asm/crypto/bn/rsaz-x86_64.s',
@@ -723,9 +723,7 @@
       'KECCAK1600_ASM',
       'RC4_ASM',
       'MD5_ASM',
-      'AES_ASM',
       'VPAES_ASM',
-      'BSAES_ASM',
       'GHASH_ASM',
       'ECP_NISTZ256_ASM',
       'X25519_ASM',
diff --git a/deps/openssl/config/archs/BSD-x86_64/asm_avx2/configdata.pm b/deps/openssl/config/archs/BSD-x86_64/asm_avx2/configdata.pm
index 2cbfd330978b5f..bf9459acade3c8 100644
--- a/deps/openssl/config/archs/BSD-x86_64/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/BSD-x86_64/asm_avx2/configdata.pm
@@ -48,7 +48,7 @@ our %config = (
   export_var_as_fn => "0",
   includes => [  ],
   lflags => [  ],
-  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_MONT5", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "KECCAK1600_ASM", "RC4_ASM", "MD5_ASM", "AES_ASM", "VPAES_ASM", "BSAES_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "X25519_ASM", "POLY1305_ASM" ],
+  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_MONT5", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "KECCAK1600_ASM", "RC4_ASM", "MD5_ASM", "VPAES_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "X25519_ASM", "POLY1305_ASM" ],
   libdir => "",
   major => "1",
   makedepprog => "\$(CROSS_COMPILE)../config/fake_gcc.pl",
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "BSD-x86_64",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -124,8 +124,8 @@ our %target = (
   RANLIB => "ranlib",
   RC => "windres",
   _conf_fname_int => [ "Configurations/00-base-templates.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/10-main.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/shared-info.pl" ],
-  aes_asm_src => "aes-x86_64.s vpaes-x86_64.s bsaes-x86_64.s aesni-x86_64.s aesni-sha1-x86_64.s aesni-sha256-x86_64.s aesni-mb-x86_64.s",
-  aes_obj => "aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o",
+  aes_asm_src => "aes_core.c aes_cbc.c vpaes-x86_64.s aesni-x86_64.s aesni-sha1-x86_64.s aesni-sha256-x86_64.s aesni-mb-x86_64.s",
+  aes_obj => "aes_core.o aes_cbc.o vpaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o",
   apps_aux_src => "",
   apps_init_src => "",
   apps_obj => "",
@@ -1692,8 +1692,9 @@ our %unified_info = (
                 {
                     "deps" =>
                         [
-                            "crypto/aes/aes-x86_64.o",
+                            "crypto/aes/aes_cbc.o",
                             "crypto/aes/aes_cfb.o",
+                            "crypto/aes/aes_core.o",
                             "crypto/aes/aes_ecb.o",
                             "crypto/aes/aes_ige.o",
                             "crypto/aes/aes_misc.o",
@@ -1703,7 +1704,6 @@ our %unified_info = (
                             "crypto/aes/aesni-sha1-x86_64.o",
                             "crypto/aes/aesni-sha256-x86_64.o",
                             "crypto/aes/aesni-x86_64.o",
-                            "crypto/aes/bsaes-x86_64.o",
                             "crypto/aes/vpaes-x86_64.o",
                         ],
                     "products" =>
@@ -3259,6 +3259,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -4900,7 +4901,7 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/aes/aes-x86_64.o" =>
+            "crypto/aes/aes_cbc.o" =>
                 [
                     ".",
                     "crypto/include",
@@ -4912,6 +4913,12 @@ our %unified_info = (
                     "crypto/include",
                     "include",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     ".",
@@ -4982,12 +4989,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/aes/bsaes-x86_64.o" =>
-                [
-                    ".",
-                    "crypto/include",
-                    "include",
-                ],
             "crypto/aes/vpaes-x86_64.o" =>
                 [
                     ".",
@@ -7956,10 +7957,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -10100,6 +10097,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -10733,14 +10734,18 @@ our %unified_info = (
                 [
                     "apps/x509.c",
                 ],
-            "crypto/aes/aes-x86_64.o" =>
+            "crypto/aes/aes_cbc.o" =>
                 [
-                    "crypto/aes/aes-x86_64.s",
+                    "crypto/aes/aes_cbc.c",
                 ],
             "crypto/aes/aes_cfb.o" =>
                 [
                     "crypto/aes/aes_cfb.c",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    "crypto/aes/aes_core.c",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     "crypto/aes/aes_ecb.c",
@@ -10777,10 +10782,6 @@ our %unified_info = (
                 [
                     "crypto/aes/aesni-x86_64.s",
                 ],
-            "crypto/aes/bsaes-x86_64.o" =>
-                [
-                    "crypto/aes/bsaes-x86_64.s",
-                ],
             "crypto/aes/vpaes-x86_64.o" =>
                 [
                     "crypto/aes/vpaes-x86_64.s",
@@ -13478,8 +13479,9 @@ our %unified_info = (
                 ],
             "libcrypto" =>
                 [
-                    "crypto/aes/aes-x86_64.o",
+                    "crypto/aes/aes_cbc.o",
                     "crypto/aes/aes_cfb.o",
+                    "crypto/aes/aes_core.o",
                     "crypto/aes/aes_ecb.o",
                     "crypto/aes/aes_ige.o",
                     "crypto/aes/aes_misc.o",
@@ -13489,7 +13491,6 @@ our %unified_info = (
                     "crypto/aes/aesni-sha1-x86_64.o",
                     "crypto/aes/aesni-sha256-x86_64.o",
                     "crypto/aes/aesni-x86_64.o",
-                    "crypto/aes/bsaes-x86_64.o",
                     "crypto/aes/vpaes-x86_64.o",
                     "crypto/aria/aria.o",
                     "crypto/asn1/a_bitstr.o",
@@ -15393,6 +15394,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15738,6 +15740,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/BSD-x86_64/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/BSD-x86_64/asm_avx2/crypto/buildinf.h
index 2692ef00bbc6e1..c9ffd0c3c093bf 100644
--- a/deps/openssl/config/archs/BSD-x86_64/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/BSD-x86_64/asm_avx2/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: BSD-x86_64"
-#define DATE "built on: Wed Jun 12 20:53:36 2019 UTC"
+#define DATE "built on: Fri Sep 13 15:57:48 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
@@ -36,13 +36,12 @@ static const char compiler_flags[] = {
     '5','6','_','A','S','M',' ','-','D','S','H','A','5','1','2','_',
     'A','S','M',' ','-','D','K','E','C','C','A','K','1','6','0','0',
     '_','A','S','M',' ','-','D','R','C','4','_','A','S','M',' ','-',
-    'D','M','D','5','_','A','S','M',' ','-','D','A','E','S','_','A',
-    'S','M',' ','-','D','V','P','A','E','S','_','A','S','M',' ','-',
-    'D','B','S','A','E','S','_','A','S','M',' ','-','D','G','H','A',
-    'S','H','_','A','S','M',' ','-','D','E','C','P','_','N','I','S',
-    'T','Z','2','5','6','_','A','S','M',' ','-','D','X','2','5','5',
-    '1','9','_','A','S','M',' ','-','D','P','O','L','Y','1','3','0',
-    '5','_','A','S','M',' ','-','D','_','T','H','R','E','A','D','_',
-    'S','A','F','E',' ','-','D','_','R','E','E','N','T','R','A','N',
-    'T',' ','-','D','N','D','E','B','U','G','\0'
+    'D','M','D','5','_','A','S','M',' ','-','D','V','P','A','E','S',
+    '_','A','S','M',' ','-','D','G','H','A','S','H','_','A','S','M',
+    ' ','-','D','E','C','P','_','N','I','S','T','Z','2','5','6','_',
+    'A','S','M',' ','-','D','X','2','5','5','1','9','_','A','S','M',
+    ' ','-','D','P','O','L','Y','1','3','0','5','_','A','S','M',' ',
+    '-','D','_','T','H','R','E','A','D','_','S','A','F','E',' ','-',
+    'D','_','R','E','E','N','T','R','A','N','T',' ','-','D','N','D',
+    'E','B','U','G','\0'
 };
diff --git a/deps/openssl/config/archs/BSD-x86_64/asm_avx2/openssl-cl.gypi b/deps/openssl/config/archs/BSD-x86_64/asm_avx2/openssl-cl.gypi
index fc37c33c969934..046ed1ab79500b 100644
--- a/deps/openssl/config/archs/BSD-x86_64/asm_avx2/openssl-cl.gypi
+++ b/deps/openssl/config/archs/BSD-x86_64/asm_avx2/openssl-cl.gypi
@@ -15,9 +15,7 @@
       'KECCAK1600_ASM',
       'RC4_ASM',
       'MD5_ASM',
-      'AES_ASM',
       'VPAES_ASM',
-      'BSAES_ASM',
       'GHASH_ASM',
       'ECP_NISTZ256_ASM',
       'X25519_ASM',
diff --git a/deps/openssl/config/archs/BSD-x86_64/asm_avx2/openssl.gypi b/deps/openssl/config/archs/BSD-x86_64/asm_avx2/openssl.gypi
index 883e23c2bec700..e9ccff96476c79 100644
--- a/deps/openssl/config/archs/BSD-x86_64/asm_avx2/openssl.gypi
+++ b/deps/openssl/config/archs/BSD-x86_64/asm_avx2/openssl.gypi
@@ -45,7 +45,9 @@
       'openssl/ssl/t1_trce.c',
       'openssl/ssl/tls13_enc.c',
       'openssl/ssl/tls_srp.c',
+      'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
+      'openssl/crypto/aes/aes_core.c',
       'openssl/crypto/aes/aes_ecb.c',
       'openssl/crypto/aes/aes_ige.c',
       'openssl/crypto/aes/aes_misc.c',
@@ -676,12 +678,10 @@
       'openssl/engines/e_padlock.c',
     ],
     'openssl_sources_BSD-x86_64': [
-      './config/archs/BSD-x86_64/asm_avx2/crypto/aes/aes-x86_64.s',
       './config/archs/BSD-x86_64/asm_avx2/crypto/aes/aesni-mb-x86_64.s',
       './config/archs/BSD-x86_64/asm_avx2/crypto/aes/aesni-sha1-x86_64.s',
       './config/archs/BSD-x86_64/asm_avx2/crypto/aes/aesni-sha256-x86_64.s',
       './config/archs/BSD-x86_64/asm_avx2/crypto/aes/aesni-x86_64.s',
-      './config/archs/BSD-x86_64/asm_avx2/crypto/aes/bsaes-x86_64.s',
       './config/archs/BSD-x86_64/asm_avx2/crypto/aes/vpaes-x86_64.s',
       './config/archs/BSD-x86_64/asm_avx2/crypto/bn/rsaz-avx2.s',
       './config/archs/BSD-x86_64/asm_avx2/crypto/bn/rsaz-x86_64.s',
@@ -723,9 +723,7 @@
       'KECCAK1600_ASM',
       'RC4_ASM',
       'MD5_ASM',
-      'AES_ASM',
       'VPAES_ASM',
-      'BSAES_ASM',
       'GHASH_ASM',
       'ECP_NISTZ256_ASM',
       'X25519_ASM',
diff --git a/deps/openssl/config/archs/BSD-x86_64/no-asm/configdata.pm b/deps/openssl/config/archs/BSD-x86_64/no-asm/configdata.pm
index 8a783acc3db639..84e3b187535590 100644
--- a/deps/openssl/config/archs/BSD-x86_64/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/BSD-x86_64/no-asm/configdata.pm
@@ -110,8 +110,8 @@ our %config = (
   sourcedir => ".",
   target => "BSD-x86_64",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -3221,6 +3221,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7828,10 +7829,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -9924,6 +9921,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15102,6 +15103,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15447,6 +15449,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/BSD-x86_64/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/BSD-x86_64/no-asm/crypto/buildinf.h
index 9ef21c3c404f42..7702df5969293b 100644
--- a/deps/openssl/config/archs/BSD-x86_64/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/BSD-x86_64/no-asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: BSD-x86_64"
-#define DATE "built on: Wed Jun 12 20:53:45 2019 UTC"
+#define DATE "built on: Fri Sep 13 15:58:03 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/VC-WIN32/asm/configdata.pm b/deps/openssl/config/archs/VC-WIN32/asm/configdata.pm
index 112c031938ad6c..ecd5ebea5fdb19 100644
--- a/deps/openssl/config/archs/VC-WIN32/asm/configdata.pm
+++ b/deps/openssl/config/archs/VC-WIN32/asm/configdata.pm
@@ -53,7 +53,7 @@ our %config = (
   export_var_as_fn => "1",
   includes => [  ],
   lflags => [  ],
-  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_BN_ASM_PART_WORDS", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "RC4_ASM", "MD5_ASM", "RMD160_ASM", "AES_ASM", "VPAES_ASM", "WHIRLPOOL_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "POLY1305_ASM" ],
+  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_BN_ASM_PART_WORDS", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "RC4_ASM", "MD5_ASM", "RMD160_ASM", "VPAES_ASM", "WHIRLPOOL_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "POLY1305_ASM" ],
   libdir => "",
   major => "1",
   minor => "1.1",
@@ -115,8 +115,8 @@ our %config = (
   sourcedir => ".",
   target => "VC-WIN32",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -132,11 +132,11 @@ our %target = (
   LDFLAGS => "/nologo /debug",
   MT => "mt",
   MTFLAGS => "-nologo",
-  RANLIB => "CODE(0x557a75a28f28)",
+  RANLIB => "CODE(0x56535777ac98)",
   RC => "rc",
   _conf_fname_int => [ "Configurations/00-base-templates.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/10-main.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/shared-info.pl" ],
-  aes_asm_src => "aes-586.s vpaes-x86.s aesni-x86.s",
-  aes_obj => "aes-586.o vpaes-x86.o aesni-x86.o",
+  aes_asm_src => "aes_core.c aes_cbc.c vpaes-x86.s aesni-x86.s",
+  aes_obj => "aes_core.o aes_cbc.o vpaes-x86.o aesni-x86.o",
   apps_aux_src => "win32_init.c",
   apps_init_src => "",
   apps_obj => "win32_init.o",
@@ -1714,8 +1714,9 @@ our %unified_info = (
                 {
                     "deps" =>
                         [
-                            "crypto/aes/aes-586.o",
+                            "crypto/aes/aes_cbc.o",
                             "crypto/aes/aes_cfb.o",
+                            "crypto/aes/aes_core.o",
                             "crypto/aes/aes_ecb.o",
                             "crypto/aes/aes_ige.o",
                             "crypto/aes/aes_misc.o",
@@ -3256,6 +3257,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -4891,12 +4893,6 @@ our %unified_info = (
                     "include",
                     "apps",
                 ],
-            "crypto/aes/aes-586.o" =>
-                [
-                    ".",
-                    "crypto/include",
-                    "include",
-                ],
             "crypto/aes/aes-armv4.o" =>
                 [
                     "crypto",
@@ -4913,12 +4909,24 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
+            "crypto/aes/aes_cbc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
             "crypto/aes/aes_cfb.o" =>
                 [
                     ".",
                     "crypto/include",
                     "include",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     ".",
@@ -7897,10 +7905,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -10035,6 +10039,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -10646,14 +10654,18 @@ our %unified_info = (
                 [
                     "apps/x509.c",
                 ],
-            "crypto/aes/aes-586.o" =>
+            "crypto/aes/aes_cbc.o" =>
                 [
-                    "crypto/aes/aes-586.s",
+                    "crypto/aes/aes_cbc.c",
                 ],
             "crypto/aes/aes_cfb.o" =>
                 [
                     "crypto/aes/aes_cfb.c",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    "crypto/aes/aes_core.c",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     "crypto/aes/aes_ecb.c",
@@ -13343,8 +13355,9 @@ our %unified_info = (
                 ],
             "libcrypto" =>
                 [
-                    "crypto/aes/aes-586.o",
+                    "crypto/aes/aes_cbc.o",
                     "crypto/aes/aes_cfb.o",
+                    "crypto/aes/aes_core.o",
                     "crypto/aes/aes_ecb.o",
                     "crypto/aes/aes_ige.o",
                     "crypto/aes/aes_misc.o",
@@ -15246,6 +15259,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15591,6 +15605,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/VC-WIN32/asm/crypto/buildinf.h b/deps/openssl/config/archs/VC-WIN32/asm/crypto/buildinf.h
index 058b2db124e506..b0dfdc7a561045 100644
--- a/deps/openssl/config/archs/VC-WIN32/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/VC-WIN32/asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: "
-#define DATE "built on: Wed Jun 12 20:57:03 2019 UTC"
+#define DATE "built on: Fri Sep 13 16:03:33 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/VC-WIN32/asm/openssl-cl.gypi b/deps/openssl/config/archs/VC-WIN32/asm/openssl-cl.gypi
index 0599fc39d8fc49..5028da71f3d37c 100644
--- a/deps/openssl/config/archs/VC-WIN32/asm/openssl-cl.gypi
+++ b/deps/openssl/config/archs/VC-WIN32/asm/openssl-cl.gypi
@@ -20,7 +20,6 @@
       'RC4_ASM',
       'MD5_ASM',
       'RMD160_ASM',
-      'AES_ASM',
       'VPAES_ASM',
       'WHIRLPOOL_ASM',
       'GHASH_ASM',
diff --git a/deps/openssl/config/archs/VC-WIN32/asm/openssl.gypi b/deps/openssl/config/archs/VC-WIN32/asm/openssl.gypi
index e5baf5bc16e0e8..a718f985ec9427 100644
--- a/deps/openssl/config/archs/VC-WIN32/asm/openssl.gypi
+++ b/deps/openssl/config/archs/VC-WIN32/asm/openssl.gypi
@@ -45,7 +45,9 @@
       'openssl/ssl/t1_trce.c',
       'openssl/ssl/tls13_enc.c',
       'openssl/ssl/tls_srp.c',
+      'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
+      'openssl/crypto/aes/aes_core.c',
       'openssl/crypto/aes/aes_ecb.c',
       'openssl/crypto/aes/aes_ige.c',
       'openssl/crypto/aes/aes_misc.c',
@@ -671,7 +673,6 @@
       'openssl/engines/e_padlock.c',
     ],
     'openssl_sources_VC-WIN32': [
-      './config/archs/VC-WIN32/asm/crypto/aes/aes-586.asm',
       './config/archs/VC-WIN32/asm/crypto/aes/aesni-x86.asm',
       './config/archs/VC-WIN32/asm/crypto/aes/vpaes-x86.asm',
       './config/archs/VC-WIN32/asm/crypto/bf/bf-586.asm',
@@ -716,7 +717,6 @@
       'RC4_ASM',
       'MD5_ASM',
       'RMD160_ASM',
-      'AES_ASM',
       'VPAES_ASM',
       'WHIRLPOOL_ASM',
       'GHASH_ASM',
diff --git a/deps/openssl/config/archs/VC-WIN32/asm_avx2/configdata.pm b/deps/openssl/config/archs/VC-WIN32/asm_avx2/configdata.pm
index ed6c58379c61b6..f0ae44934c40be 100644
--- a/deps/openssl/config/archs/VC-WIN32/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/VC-WIN32/asm_avx2/configdata.pm
@@ -53,7 +53,7 @@ our %config = (
   export_var_as_fn => "1",
   includes => [  ],
   lflags => [  ],
-  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_BN_ASM_PART_WORDS", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "RC4_ASM", "MD5_ASM", "RMD160_ASM", "AES_ASM", "VPAES_ASM", "WHIRLPOOL_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "POLY1305_ASM" ],
+  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_BN_ASM_PART_WORDS", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "RC4_ASM", "MD5_ASM", "RMD160_ASM", "VPAES_ASM", "WHIRLPOOL_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "POLY1305_ASM" ],
   libdir => "",
   major => "1",
   minor => "1.1",
@@ -115,8 +115,8 @@ our %config = (
   sourcedir => ".",
   target => "VC-WIN32",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -132,11 +132,11 @@ our %target = (
   LDFLAGS => "/nologo /debug",
   MT => "mt",
   MTFLAGS => "-nologo",
-  RANLIB => "CODE(0x558cc0187db8)",
+  RANLIB => "CODE(0x55a934dbe798)",
   RC => "rc",
   _conf_fname_int => [ "Configurations/00-base-templates.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/10-main.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/shared-info.pl" ],
-  aes_asm_src => "aes-586.s vpaes-x86.s aesni-x86.s",
-  aes_obj => "aes-586.o vpaes-x86.o aesni-x86.o",
+  aes_asm_src => "aes_core.c aes_cbc.c vpaes-x86.s aesni-x86.s",
+  aes_obj => "aes_core.o aes_cbc.o vpaes-x86.o aesni-x86.o",
   apps_aux_src => "win32_init.c",
   apps_init_src => "",
   apps_obj => "win32_init.o",
@@ -1714,8 +1714,9 @@ our %unified_info = (
                 {
                     "deps" =>
                         [
-                            "crypto/aes/aes-586.o",
+                            "crypto/aes/aes_cbc.o",
                             "crypto/aes/aes_cfb.o",
+                            "crypto/aes/aes_core.o",
                             "crypto/aes/aes_ecb.o",
                             "crypto/aes/aes_ige.o",
                             "crypto/aes/aes_misc.o",
@@ -3256,6 +3257,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -4891,12 +4893,6 @@ our %unified_info = (
                     "include",
                     "apps",
                 ],
-            "crypto/aes/aes-586.o" =>
-                [
-                    ".",
-                    "crypto/include",
-                    "include",
-                ],
             "crypto/aes/aes-armv4.o" =>
                 [
                     "crypto",
@@ -4913,12 +4909,24 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
+            "crypto/aes/aes_cbc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
             "crypto/aes/aes_cfb.o" =>
                 [
                     ".",
                     "crypto/include",
                     "include",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     ".",
@@ -7897,10 +7905,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -10035,6 +10039,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -10646,14 +10654,18 @@ our %unified_info = (
                 [
                     "apps/x509.c",
                 ],
-            "crypto/aes/aes-586.o" =>
+            "crypto/aes/aes_cbc.o" =>
                 [
-                    "crypto/aes/aes-586.s",
+                    "crypto/aes/aes_cbc.c",
                 ],
             "crypto/aes/aes_cfb.o" =>
                 [
                     "crypto/aes/aes_cfb.c",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    "crypto/aes/aes_core.c",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     "crypto/aes/aes_ecb.c",
@@ -13343,8 +13355,9 @@ our %unified_info = (
                 ],
             "libcrypto" =>
                 [
-                    "crypto/aes/aes-586.o",
+                    "crypto/aes/aes_cbc.o",
                     "crypto/aes/aes_cfb.o",
+                    "crypto/aes/aes_core.o",
                     "crypto/aes/aes_ecb.o",
                     "crypto/aes/aes_ige.o",
                     "crypto/aes/aes_misc.o",
@@ -15246,6 +15259,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15591,6 +15605,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/VC-WIN32/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/VC-WIN32/asm_avx2/crypto/buildinf.h
index 4c9937145802da..6aeb27ba400834 100644
--- a/deps/openssl/config/archs/VC-WIN32/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/VC-WIN32/asm_avx2/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: "
-#define DATE "built on: Wed Jun 12 20:57:08 2019 UTC"
+#define DATE "built on: Fri Sep 13 16:03:39 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/VC-WIN32/asm_avx2/openssl-cl.gypi b/deps/openssl/config/archs/VC-WIN32/asm_avx2/openssl-cl.gypi
index 0599fc39d8fc49..5028da71f3d37c 100644
--- a/deps/openssl/config/archs/VC-WIN32/asm_avx2/openssl-cl.gypi
+++ b/deps/openssl/config/archs/VC-WIN32/asm_avx2/openssl-cl.gypi
@@ -20,7 +20,6 @@
       'RC4_ASM',
       'MD5_ASM',
       'RMD160_ASM',
-      'AES_ASM',
       'VPAES_ASM',
       'WHIRLPOOL_ASM',
       'GHASH_ASM',
diff --git a/deps/openssl/config/archs/VC-WIN32/asm_avx2/openssl.gypi b/deps/openssl/config/archs/VC-WIN32/asm_avx2/openssl.gypi
index e0d6a8f1363383..a5bb5f58ee45b3 100644
--- a/deps/openssl/config/archs/VC-WIN32/asm_avx2/openssl.gypi
+++ b/deps/openssl/config/archs/VC-WIN32/asm_avx2/openssl.gypi
@@ -45,7 +45,9 @@
       'openssl/ssl/t1_trce.c',
       'openssl/ssl/tls13_enc.c',
       'openssl/ssl/tls_srp.c',
+      'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
+      'openssl/crypto/aes/aes_core.c',
       'openssl/crypto/aes/aes_ecb.c',
       'openssl/crypto/aes/aes_ige.c',
       'openssl/crypto/aes/aes_misc.c',
@@ -671,7 +673,6 @@
       'openssl/engines/e_padlock.c',
     ],
     'openssl_sources_VC-WIN32': [
-      './config/archs/VC-WIN32/asm_avx2/crypto/aes/aes-586.asm',
       './config/archs/VC-WIN32/asm_avx2/crypto/aes/aesni-x86.asm',
       './config/archs/VC-WIN32/asm_avx2/crypto/aes/vpaes-x86.asm',
       './config/archs/VC-WIN32/asm_avx2/crypto/bf/bf-586.asm',
@@ -716,7 +717,6 @@
       'RC4_ASM',
       'MD5_ASM',
       'RMD160_ASM',
-      'AES_ASM',
       'VPAES_ASM',
       'WHIRLPOOL_ASM',
       'GHASH_ASM',
diff --git a/deps/openssl/config/archs/VC-WIN32/no-asm/configdata.pm b/deps/openssl/config/archs/VC-WIN32/no-asm/configdata.pm
index 4441443ea330e7..16ff6d982004a3 100644
--- a/deps/openssl/config/archs/VC-WIN32/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/VC-WIN32/no-asm/configdata.pm
@@ -114,8 +114,8 @@ our %config = (
   sourcedir => ".",
   target => "VC-WIN32",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -131,7 +131,7 @@ our %target = (
   LDFLAGS => "/nologo /debug",
   MT => "mt",
   MTFLAGS => "-nologo",
-  RANLIB => "CODE(0x55bca9ad89d8)",
+  RANLIB => "CODE(0x55ddfff979c8)",
   RC => "rc",
   _conf_fname_int => [ "Configurations/00-base-templates.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/10-main.conf", "Configurations/10-main.conf", "Configurations/shared-info.pl" ],
   aes_asm_src => "aes_core.c aes_cbc.c",
@@ -3242,6 +3242,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7853,10 +7854,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -9949,6 +9946,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15100,6 +15101,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15445,6 +15447,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/VC-WIN32/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/VC-WIN32/no-asm/crypto/buildinf.h
index c94d1e62d74cb5..916cdacd502875 100644
--- a/deps/openssl/config/archs/VC-WIN32/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/VC-WIN32/no-asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: "
-#define DATE "built on: Wed Jun 12 20:57:14 2019 UTC"
+#define DATE "built on: Fri Sep 13 16:03:44 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/configdata.pm b/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/configdata.pm
index 2772e9210d6e86..1d006b56d6bc9e 100644
--- a/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/configdata.pm
@@ -113,8 +113,8 @@ our %config = (
   sourcedir => ".",
   target => "VC-WIN64-ARM",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -128,7 +128,7 @@ our %target = (
   LDFLAGS => "/nologo /debug",
   MT => "mt",
   MTFLAGS => "-nologo",
-  RANLIB => "CODE(0x55648ae1bb98)",
+  RANLIB => "CODE(0x55cd56acf3f8)",
   RC => "rc",
   _conf_fname_int => [ "Configurations/00-base-templates.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/10-main.conf", "Configurations/50-win-onecore.conf", "Configurations/shared-info.pl" ],
   aes_asm_src => "aes_core.c aes_cbc.c",
@@ -3236,6 +3236,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7847,10 +7848,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -9943,6 +9940,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15094,6 +15095,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15439,6 +15441,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/crypto/buildinf.h
index 1a01fe8598c2a4..3e790eb5d64363 100644
--- a/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/VC-WIN64-ARM/no-asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: VC-WIN64-ARM"
-#define DATE "built on: Wed Jun 12 20:57:18 2019 UTC"
+#define DATE "built on: Fri Sep 13 16:03:47 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/VC-WIN64A/asm/configdata.pm b/deps/openssl/config/archs/VC-WIN64A/asm/configdata.pm
index 00285eb24a4619..fd72727b52092d 100644
--- a/deps/openssl/config/archs/VC-WIN64A/asm/configdata.pm
+++ b/deps/openssl/config/archs/VC-WIN64A/asm/configdata.pm
@@ -54,7 +54,7 @@ our %config = (
   export_var_as_fn => "1",
   includes => [  ],
   lflags => [  ],
-  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_MONT5", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "KECCAK1600_ASM", "RC4_ASM", "MD5_ASM", "AES_ASM", "VPAES_ASM", "BSAES_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "X25519_ASM", "POLY1305_ASM" ],
+  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_MONT5", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "KECCAK1600_ASM", "RC4_ASM", "MD5_ASM", "VPAES_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "X25519_ASM", "POLY1305_ASM" ],
   libdir => "",
   major => "1",
   minor => "1.1",
@@ -116,8 +116,8 @@ our %config = (
   sourcedir => ".",
   target => "VC-WIN64A",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -133,11 +133,11 @@ our %target = (
   LDFLAGS => "/nologo /debug",
   MT => "mt",
   MTFLAGS => "-nologo",
-  RANLIB => "CODE(0x556a36060c78)",
+  RANLIB => "CODE(0x560295a39668)",
   RC => "rc",
   _conf_fname_int => [ "Configurations/00-base-templates.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/10-main.conf", "Configurations/10-main.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/shared-info.pl" ],
-  aes_asm_src => "aes-x86_64.s vpaes-x86_64.s bsaes-x86_64.s aesni-x86_64.s aesni-sha1-x86_64.s aesni-sha256-x86_64.s aesni-mb-x86_64.s",
-  aes_obj => "aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o",
+  aes_asm_src => "aes_core.c aes_cbc.c vpaes-x86_64.s aesni-x86_64.s aesni-sha1-x86_64.s aesni-sha256-x86_64.s aesni-mb-x86_64.s",
+  aes_obj => "aes_core.o aes_cbc.o vpaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o",
   apps_aux_src => "win32_init.c",
   apps_init_src => "",
   apps_obj => "win32_init.o",
@@ -1716,8 +1716,9 @@ our %unified_info = (
                 {
                     "deps" =>
                         [
-                            "crypto/aes/aes-x86_64.o",
+                            "crypto/aes/aes_cbc.o",
                             "crypto/aes/aes_cfb.o",
+                            "crypto/aes/aes_core.o",
                             "crypto/aes/aes_ecb.o",
                             "crypto/aes/aes_ige.o",
                             "crypto/aes/aes_misc.o",
@@ -1727,7 +1728,6 @@ our %unified_info = (
                             "crypto/aes/aesni-sha1-x86_64.o",
                             "crypto/aes/aesni-sha256-x86_64.o",
                             "crypto/aes/aesni-x86_64.o",
-                            "crypto/aes/bsaes-x86_64.o",
                             "crypto/aes/vpaes-x86_64.o",
                         ],
                     "products" =>
@@ -3269,6 +3269,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -4920,7 +4921,7 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/aes/aes-x86_64.o" =>
+            "crypto/aes/aes_cbc.o" =>
                 [
                     ".",
                     "crypto/include",
@@ -4932,6 +4933,12 @@ our %unified_info = (
                     "crypto/include",
                     "include",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     ".",
@@ -5002,12 +5009,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/aes/bsaes-x86_64.o" =>
-                [
-                    ".",
-                    "crypto/include",
-                    "include",
-                ],
             "crypto/aes/vpaes-x86_64.o" =>
                 [
                     ".",
@@ -7970,10 +7971,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -10114,6 +10111,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -10725,14 +10726,18 @@ our %unified_info = (
                 [
                     "apps/x509.c",
                 ],
-            "crypto/aes/aes-x86_64.o" =>
+            "crypto/aes/aes_cbc.o" =>
                 [
-                    "crypto/aes/aes-x86_64.s",
+                    "crypto/aes/aes_cbc.c",
                 ],
             "crypto/aes/aes_cfb.o" =>
                 [
                     "crypto/aes/aes_cfb.c",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    "crypto/aes/aes_core.c",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     "crypto/aes/aes_ecb.c",
@@ -10769,10 +10774,6 @@ our %unified_info = (
                 [
                     "crypto/aes/aesni-x86_64.s",
                 ],
-            "crypto/aes/bsaes-x86_64.o" =>
-                [
-                    "crypto/aes/bsaes-x86_64.s",
-                ],
             "crypto/aes/vpaes-x86_64.o" =>
                 [
                     "crypto/aes/vpaes-x86_64.s",
@@ -13466,8 +13467,9 @@ our %unified_info = (
                 ],
             "libcrypto" =>
                 [
-                    "crypto/aes/aes-x86_64.o",
+                    "crypto/aes/aes_cbc.o",
                     "crypto/aes/aes_cfb.o",
+                    "crypto/aes/aes_core.o",
                     "crypto/aes/aes_ecb.o",
                     "crypto/aes/aes_ige.o",
                     "crypto/aes/aes_misc.o",
@@ -13477,7 +13479,6 @@ our %unified_info = (
                     "crypto/aes/aesni-sha1-x86_64.o",
                     "crypto/aes/aesni-sha256-x86_64.o",
                     "crypto/aes/aesni-x86_64.o",
-                    "crypto/aes/bsaes-x86_64.o",
                     "crypto/aes/vpaes-x86_64.o",
                     "crypto/aria/aria.o",
                     "crypto/asn1/a_bitstr.o",
@@ -15380,6 +15381,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15725,6 +15727,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/VC-WIN64A/asm/crypto/buildinf.h b/deps/openssl/config/archs/VC-WIN64A/asm/crypto/buildinf.h
index 4da5fb0fb5a39d..eba30a9c2857ac 100644
--- a/deps/openssl/config/archs/VC-WIN64A/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/VC-WIN64A/asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: "
-#define DATE "built on: Wed Jun 12 20:56:41 2019 UTC"
+#define DATE "built on: Fri Sep 13 16:02:58 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/VC-WIN64A/asm/openssl-cl.gypi b/deps/openssl/config/archs/VC-WIN64A/asm/openssl-cl.gypi
index 662070cb9d2125..2d20ac387916a0 100644
--- a/deps/openssl/config/archs/VC-WIN64A/asm/openssl-cl.gypi
+++ b/deps/openssl/config/archs/VC-WIN64A/asm/openssl-cl.gypi
@@ -20,9 +20,7 @@
       'KECCAK1600_ASM',
       'RC4_ASM',
       'MD5_ASM',
-      'AES_ASM',
       'VPAES_ASM',
-      'BSAES_ASM',
       'GHASH_ASM',
       'ECP_NISTZ256_ASM',
       'X25519_ASM',
diff --git a/deps/openssl/config/archs/VC-WIN64A/asm/openssl.gypi b/deps/openssl/config/archs/VC-WIN64A/asm/openssl.gypi
index da853be2754872..20ef5e5d4b3a08 100644
--- a/deps/openssl/config/archs/VC-WIN64A/asm/openssl.gypi
+++ b/deps/openssl/config/archs/VC-WIN64A/asm/openssl.gypi
@@ -45,7 +45,9 @@
       'openssl/ssl/t1_trce.c',
       'openssl/ssl/tls13_enc.c',
       'openssl/ssl/tls_srp.c',
+      'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
+      'openssl/crypto/aes/aes_core.c',
       'openssl/crypto/aes/aes_ecb.c',
       'openssl/crypto/aes/aes_ige.c',
       'openssl/crypto/aes/aes_misc.c',
@@ -675,12 +677,10 @@
       'openssl/engines/e_padlock.c',
     ],
     'openssl_sources_VC-WIN64A': [
-      './config/archs/VC-WIN64A/asm/crypto/aes/aes-x86_64.asm',
       './config/archs/VC-WIN64A/asm/crypto/aes/aesni-mb-x86_64.asm',
       './config/archs/VC-WIN64A/asm/crypto/aes/aesni-sha1-x86_64.asm',
       './config/archs/VC-WIN64A/asm/crypto/aes/aesni-sha256-x86_64.asm',
       './config/archs/VC-WIN64A/asm/crypto/aes/aesni-x86_64.asm',
-      './config/archs/VC-WIN64A/asm/crypto/aes/bsaes-x86_64.asm',
       './config/archs/VC-WIN64A/asm/crypto/aes/vpaes-x86_64.asm',
       './config/archs/VC-WIN64A/asm/crypto/bn/rsaz-avx2.asm',
       './config/archs/VC-WIN64A/asm/crypto/bn/rsaz-x86_64.asm',
@@ -727,9 +727,7 @@
       'KECCAK1600_ASM',
       'RC4_ASM',
       'MD5_ASM',
-      'AES_ASM',
       'VPAES_ASM',
-      'BSAES_ASM',
       'GHASH_ASM',
       'ECP_NISTZ256_ASM',
       'X25519_ASM',
diff --git a/deps/openssl/config/archs/VC-WIN64A/asm_avx2/configdata.pm b/deps/openssl/config/archs/VC-WIN64A/asm_avx2/configdata.pm
index dd484b65e0355c..1a22e6b6ed13c0 100644
--- a/deps/openssl/config/archs/VC-WIN64A/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/VC-WIN64A/asm_avx2/configdata.pm
@@ -54,7 +54,7 @@ our %config = (
   export_var_as_fn => "1",
   includes => [  ],
   lflags => [  ],
-  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_MONT5", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "KECCAK1600_ASM", "RC4_ASM", "MD5_ASM", "AES_ASM", "VPAES_ASM", "BSAES_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "X25519_ASM", "POLY1305_ASM" ],
+  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_MONT5", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "KECCAK1600_ASM", "RC4_ASM", "MD5_ASM", "VPAES_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "X25519_ASM", "POLY1305_ASM" ],
   libdir => "",
   major => "1",
   minor => "1.1",
@@ -116,8 +116,8 @@ our %config = (
   sourcedir => ".",
   target => "VC-WIN64A",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -133,11 +133,11 @@ our %target = (
   LDFLAGS => "/nologo /debug",
   MT => "mt",
   MTFLAGS => "-nologo",
-  RANLIB => "CODE(0x555ae63ae078)",
+  RANLIB => "CODE(0x562305dbe5d8)",
   RC => "rc",
   _conf_fname_int => [ "Configurations/00-base-templates.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/10-main.conf", "Configurations/10-main.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/shared-info.pl" ],
-  aes_asm_src => "aes-x86_64.s vpaes-x86_64.s bsaes-x86_64.s aesni-x86_64.s aesni-sha1-x86_64.s aesni-sha256-x86_64.s aesni-mb-x86_64.s",
-  aes_obj => "aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o",
+  aes_asm_src => "aes_core.c aes_cbc.c vpaes-x86_64.s aesni-x86_64.s aesni-sha1-x86_64.s aesni-sha256-x86_64.s aesni-mb-x86_64.s",
+  aes_obj => "aes_core.o aes_cbc.o vpaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o",
   apps_aux_src => "win32_init.c",
   apps_init_src => "",
   apps_obj => "win32_init.o",
@@ -1716,8 +1716,9 @@ our %unified_info = (
                 {
                     "deps" =>
                         [
-                            "crypto/aes/aes-x86_64.o",
+                            "crypto/aes/aes_cbc.o",
                             "crypto/aes/aes_cfb.o",
+                            "crypto/aes/aes_core.o",
                             "crypto/aes/aes_ecb.o",
                             "crypto/aes/aes_ige.o",
                             "crypto/aes/aes_misc.o",
@@ -1727,7 +1728,6 @@ our %unified_info = (
                             "crypto/aes/aesni-sha1-x86_64.o",
                             "crypto/aes/aesni-sha256-x86_64.o",
                             "crypto/aes/aesni-x86_64.o",
-                            "crypto/aes/bsaes-x86_64.o",
                             "crypto/aes/vpaes-x86_64.o",
                         ],
                     "products" =>
@@ -3269,6 +3269,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -4920,7 +4921,7 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/aes/aes-x86_64.o" =>
+            "crypto/aes/aes_cbc.o" =>
                 [
                     ".",
                     "crypto/include",
@@ -4932,6 +4933,12 @@ our %unified_info = (
                     "crypto/include",
                     "include",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     ".",
@@ -5002,12 +5009,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/aes/bsaes-x86_64.o" =>
-                [
-                    ".",
-                    "crypto/include",
-                    "include",
-                ],
             "crypto/aes/vpaes-x86_64.o" =>
                 [
                     ".",
@@ -7970,10 +7971,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -10114,6 +10111,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -10725,14 +10726,18 @@ our %unified_info = (
                 [
                     "apps/x509.c",
                 ],
-            "crypto/aes/aes-x86_64.o" =>
+            "crypto/aes/aes_cbc.o" =>
                 [
-                    "crypto/aes/aes-x86_64.s",
+                    "crypto/aes/aes_cbc.c",
                 ],
             "crypto/aes/aes_cfb.o" =>
                 [
                     "crypto/aes/aes_cfb.c",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    "crypto/aes/aes_core.c",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     "crypto/aes/aes_ecb.c",
@@ -10769,10 +10774,6 @@ our %unified_info = (
                 [
                     "crypto/aes/aesni-x86_64.s",
                 ],
-            "crypto/aes/bsaes-x86_64.o" =>
-                [
-                    "crypto/aes/bsaes-x86_64.s",
-                ],
             "crypto/aes/vpaes-x86_64.o" =>
                 [
                     "crypto/aes/vpaes-x86_64.s",
@@ -13466,8 +13467,9 @@ our %unified_info = (
                 ],
             "libcrypto" =>
                 [
-                    "crypto/aes/aes-x86_64.o",
+                    "crypto/aes/aes_cbc.o",
                     "crypto/aes/aes_cfb.o",
+                    "crypto/aes/aes_core.o",
                     "crypto/aes/aes_ecb.o",
                     "crypto/aes/aes_ige.o",
                     "crypto/aes/aes_misc.o",
@@ -13477,7 +13479,6 @@ our %unified_info = (
                     "crypto/aes/aesni-sha1-x86_64.o",
                     "crypto/aes/aesni-sha256-x86_64.o",
                     "crypto/aes/aesni-x86_64.o",
-                    "crypto/aes/bsaes-x86_64.o",
                     "crypto/aes/vpaes-x86_64.o",
                     "crypto/aria/aria.o",
                     "crypto/asn1/a_bitstr.o",
@@ -15380,6 +15381,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15725,6 +15727,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/VC-WIN64A/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/VC-WIN64A/asm_avx2/crypto/buildinf.h
index a1c260c8a8aad6..8b7c50ce9a5416 100644
--- a/deps/openssl/config/archs/VC-WIN64A/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/VC-WIN64A/asm_avx2/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: "
-#define DATE "built on: Wed Jun 12 20:56:51 2019 UTC"
+#define DATE "built on: Fri Sep 13 16:03:14 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/VC-WIN64A/asm_avx2/openssl-cl.gypi b/deps/openssl/config/archs/VC-WIN64A/asm_avx2/openssl-cl.gypi
index 662070cb9d2125..2d20ac387916a0 100644
--- a/deps/openssl/config/archs/VC-WIN64A/asm_avx2/openssl-cl.gypi
+++ b/deps/openssl/config/archs/VC-WIN64A/asm_avx2/openssl-cl.gypi
@@ -20,9 +20,7 @@
       'KECCAK1600_ASM',
       'RC4_ASM',
       'MD5_ASM',
-      'AES_ASM',
       'VPAES_ASM',
-      'BSAES_ASM',
       'GHASH_ASM',
       'ECP_NISTZ256_ASM',
       'X25519_ASM',
diff --git a/deps/openssl/config/archs/VC-WIN64A/asm_avx2/openssl.gypi b/deps/openssl/config/archs/VC-WIN64A/asm_avx2/openssl.gypi
index 062a5e4910e0b7..53d15ad06c0ecb 100644
--- a/deps/openssl/config/archs/VC-WIN64A/asm_avx2/openssl.gypi
+++ b/deps/openssl/config/archs/VC-WIN64A/asm_avx2/openssl.gypi
@@ -45,7 +45,9 @@
       'openssl/ssl/t1_trce.c',
       'openssl/ssl/tls13_enc.c',
       'openssl/ssl/tls_srp.c',
+      'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
+      'openssl/crypto/aes/aes_core.c',
       'openssl/crypto/aes/aes_ecb.c',
       'openssl/crypto/aes/aes_ige.c',
       'openssl/crypto/aes/aes_misc.c',
@@ -675,12 +677,10 @@
       'openssl/engines/e_padlock.c',
     ],
     'openssl_sources_VC-WIN64A': [
-      './config/archs/VC-WIN64A/asm_avx2/crypto/aes/aes-x86_64.asm',
       './config/archs/VC-WIN64A/asm_avx2/crypto/aes/aesni-mb-x86_64.asm',
       './config/archs/VC-WIN64A/asm_avx2/crypto/aes/aesni-sha1-x86_64.asm',
       './config/archs/VC-WIN64A/asm_avx2/crypto/aes/aesni-sha256-x86_64.asm',
       './config/archs/VC-WIN64A/asm_avx2/crypto/aes/aesni-x86_64.asm',
-      './config/archs/VC-WIN64A/asm_avx2/crypto/aes/bsaes-x86_64.asm',
       './config/archs/VC-WIN64A/asm_avx2/crypto/aes/vpaes-x86_64.asm',
       './config/archs/VC-WIN64A/asm_avx2/crypto/bn/rsaz-avx2.asm',
       './config/archs/VC-WIN64A/asm_avx2/crypto/bn/rsaz-x86_64.asm',
@@ -727,9 +727,7 @@
       'KECCAK1600_ASM',
       'RC4_ASM',
       'MD5_ASM',
-      'AES_ASM',
       'VPAES_ASM',
-      'BSAES_ASM',
       'GHASH_ASM',
       'ECP_NISTZ256_ASM',
       'X25519_ASM',
diff --git a/deps/openssl/config/archs/VC-WIN64A/no-asm/configdata.pm b/deps/openssl/config/archs/VC-WIN64A/no-asm/configdata.pm
index 0fb65ec6913418..fdebb6f709d6b6 100644
--- a/deps/openssl/config/archs/VC-WIN64A/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/VC-WIN64A/no-asm/configdata.pm
@@ -115,8 +115,8 @@ our %config = (
   sourcedir => ".",
   target => "VC-WIN64A",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -132,7 +132,7 @@ our %target = (
   LDFLAGS => "/nologo /debug",
   MT => "mt",
   MTFLAGS => "-nologo",
-  RANLIB => "CODE(0x55e934b6f2a8)",
+  RANLIB => "CODE(0x557a48128d28)",
   RC => "rc",
   _conf_fname_int => [ "Configurations/00-base-templates.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/10-main.conf", "Configurations/10-main.conf", "Configurations/10-main.conf", "Configurations/shared-info.pl" ],
   aes_asm_src => "aes_core.c aes_cbc.c",
@@ -3244,6 +3244,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7855,10 +7856,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -9951,6 +9948,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15102,6 +15103,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15447,6 +15449,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/VC-WIN64A/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/VC-WIN64A/no-asm/crypto/buildinf.h
index 15402bbf23ddbe..fae2f1183e9277 100644
--- a/deps/openssl/config/archs/VC-WIN64A/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/VC-WIN64A/no-asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: "
-#define DATE "built on: Wed Jun 12 20:57:01 2019 UTC"
+#define DATE "built on: Fri Sep 13 16:03:30 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/aix-gcc/asm/configdata.pm b/deps/openssl/config/archs/aix-gcc/asm/configdata.pm
index a110f704dee5c4..b79cebd14c344b 100644
--- a/deps/openssl/config/archs/aix-gcc/asm/configdata.pm
+++ b/deps/openssl/config/archs/aix-gcc/asm/configdata.pm
@@ -110,8 +110,8 @@ our %config = (
   sourcedir => ".",
   target => "aix-gcc",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -170,7 +170,7 @@ our %target = (
   modes_obj => "ghashp8-ppc.o",
   module_cflags => "",
   module_cxxflags => "",
-  module_ldflags => "-Wl,-G,-bsymbolic,-bexpall",
+  module_ldflags => "-Wl,-G,-bsymbolic,-bnoentry",
   padlock_asm_src => "",
   padlock_obj => "",
   perlasm_scheme => "aix32",
@@ -3236,6 +3236,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7873,10 +7874,6 @@ our %unified_info = (
                     "crypto/include",
                     "include",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -10011,6 +10008,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15249,6 +15250,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15594,6 +15596,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/aix-gcc/asm/crypto/buildinf.h b/deps/openssl/config/archs/aix-gcc/asm/crypto/buildinf.h
index 90465026876528..23bf3c386089ea 100644
--- a/deps/openssl/config/archs/aix-gcc/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/aix-gcc/asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: aix-gcc"
-#define DATE "built on: Wed Jun 12 20:53:10 2019 UTC"
+#define DATE "built on: Fri Sep 13 15:56:47 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/aix-gcc/asm_avx2/configdata.pm b/deps/openssl/config/archs/aix-gcc/asm_avx2/configdata.pm
index 5e64aad3f74723..52c1848ab07914 100644
--- a/deps/openssl/config/archs/aix-gcc/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/aix-gcc/asm_avx2/configdata.pm
@@ -110,8 +110,8 @@ our %config = (
   sourcedir => ".",
   target => "aix-gcc",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -170,7 +170,7 @@ our %target = (
   modes_obj => "ghashp8-ppc.o",
   module_cflags => "",
   module_cxxflags => "",
-  module_ldflags => "-Wl,-G,-bsymbolic,-bexpall",
+  module_ldflags => "-Wl,-G,-bsymbolic,-bnoentry",
   padlock_asm_src => "",
   padlock_obj => "",
   perlasm_scheme => "aix32",
@@ -3236,6 +3236,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7873,10 +7874,6 @@ our %unified_info = (
                     "crypto/include",
                     "include",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -10011,6 +10008,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15249,6 +15250,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15594,6 +15596,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/aix-gcc/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/aix-gcc/asm_avx2/crypto/buildinf.h
index d9df13921d02a4..553eaaf94c54aa 100644
--- a/deps/openssl/config/archs/aix-gcc/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/aix-gcc/asm_avx2/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: aix-gcc"
-#define DATE "built on: Wed Jun 12 20:53:13 2019 UTC"
+#define DATE "built on: Fri Sep 13 15:56:53 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/aix-gcc/no-asm/configdata.pm b/deps/openssl/config/archs/aix-gcc/no-asm/configdata.pm
index 2040d26004df56..48bc45df709b75 100644
--- a/deps/openssl/config/archs/aix-gcc/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/aix-gcc/no-asm/configdata.pm
@@ -110,8 +110,8 @@ our %config = (
   sourcedir => ".",
   target => "aix-gcc",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -170,7 +170,7 @@ our %target = (
   modes_obj => "",
   module_cflags => "",
   module_cxxflags => "",
-  module_ldflags => "-Wl,-G,-bsymbolic,-bexpall",
+  module_ldflags => "-Wl,-G,-bsymbolic,-bnoentry",
   padlock_asm_src => "",
   padlock_obj => "",
   perlasm_scheme => "aix32",
@@ -3222,6 +3222,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7823,10 +7824,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -9919,6 +9916,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15092,6 +15093,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15437,6 +15439,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/aix-gcc/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/aix-gcc/no-asm/crypto/buildinf.h
index 95c174ecd1aad1..a3c2c5a66f7e4e 100644
--- a/deps/openssl/config/archs/aix-gcc/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/aix-gcc/no-asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: aix-gcc"
-#define DATE "built on: Wed Jun 12 20:53:16 2019 UTC"
+#define DATE "built on: Fri Sep 13 15:56:58 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/aix64-gcc/asm/configdata.pm b/deps/openssl/config/archs/aix64-gcc/asm/configdata.pm
index bba88e2ef2d956..a91a3c0878db81 100644
--- a/deps/openssl/config/archs/aix64-gcc/asm/configdata.pm
+++ b/deps/openssl/config/archs/aix64-gcc/asm/configdata.pm
@@ -110,8 +110,8 @@ our %config = (
   sourcedir => ".",
   target => "aix64-gcc",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -170,7 +170,7 @@ our %target = (
   modes_obj => "ghashp8-ppc.o",
   module_cflags => "",
   module_cxxflags => "",
-  module_ldflags => "-Wl,-G,-bsymbolic,-bexpall",
+  module_ldflags => "-Wl,-G,-bsymbolic,-bnoentry",
   padlock_asm_src => "",
   padlock_obj => "",
   perlasm_scheme => "aix64",
@@ -3239,6 +3239,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7894,10 +7895,6 @@ our %unified_info = (
                     "crypto/include",
                     "include",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -10032,6 +10029,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15285,6 +15286,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15630,6 +15632,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/aix64-gcc/asm/crypto/buildinf.h b/deps/openssl/config/archs/aix64-gcc/asm/crypto/buildinf.h
index 1f064d0e093fc3..4ec1ec8283c301 100644
--- a/deps/openssl/config/archs/aix64-gcc/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/aix64-gcc/asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: aix64-gcc"
-#define DATE "built on: Wed Jun 12 20:53:19 2019 UTC"
+#define DATE "built on: Fri Sep 13 15:57:01 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/aix64-gcc/asm_avx2/configdata.pm b/deps/openssl/config/archs/aix64-gcc/asm_avx2/configdata.pm
index ecd2182d17d6d8..56f615362d9a45 100644
--- a/deps/openssl/config/archs/aix64-gcc/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/aix64-gcc/asm_avx2/configdata.pm
@@ -110,8 +110,8 @@ our %config = (
   sourcedir => ".",
   target => "aix64-gcc",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -170,7 +170,7 @@ our %target = (
   modes_obj => "ghashp8-ppc.o",
   module_cflags => "",
   module_cxxflags => "",
-  module_ldflags => "-Wl,-G,-bsymbolic,-bexpall",
+  module_ldflags => "-Wl,-G,-bsymbolic,-bnoentry",
   padlock_asm_src => "",
   padlock_obj => "",
   perlasm_scheme => "aix64",
@@ -3239,6 +3239,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7894,10 +7895,6 @@ our %unified_info = (
                     "crypto/include",
                     "include",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -10032,6 +10029,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15285,6 +15286,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15630,6 +15632,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/aix64-gcc/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/aix64-gcc/asm_avx2/crypto/buildinf.h
index 14fd251fa70d72..fe20db38c0347d 100644
--- a/deps/openssl/config/archs/aix64-gcc/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/aix64-gcc/asm_avx2/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: aix64-gcc"
-#define DATE "built on: Wed Jun 12 20:53:22 2019 UTC"
+#define DATE "built on: Fri Sep 13 15:57:07 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/aix64-gcc/no-asm/configdata.pm b/deps/openssl/config/archs/aix64-gcc/no-asm/configdata.pm
index ea434bf09d4118..d37f8ad8b04179 100644
--- a/deps/openssl/config/archs/aix64-gcc/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/aix64-gcc/no-asm/configdata.pm
@@ -110,8 +110,8 @@ our %config = (
   sourcedir => ".",
   target => "aix64-gcc",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -170,7 +170,7 @@ our %target = (
   modes_obj => "",
   module_cflags => "",
   module_cxxflags => "",
-  module_ldflags => "-Wl,-G,-bsymbolic,-bexpall",
+  module_ldflags => "-Wl,-G,-bsymbolic,-bnoentry",
   padlock_asm_src => "",
   padlock_obj => "",
   perlasm_scheme => "aix64",
@@ -3222,6 +3222,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7823,10 +7824,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -9919,6 +9916,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15092,6 +15093,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15437,6 +15439,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/aix64-gcc/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/aix64-gcc/no-asm/crypto/buildinf.h
index 8684a8c5442691..533bf0b9e3e4a7 100644
--- a/deps/openssl/config/archs/aix64-gcc/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/aix64-gcc/no-asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: aix64-gcc"
-#define DATE "built on: Wed Jun 12 20:53:25 2019 UTC"
+#define DATE "built on: Fri Sep 13 15:57:13 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/darwin-i386-cc/asm/configdata.pm b/deps/openssl/config/archs/darwin-i386-cc/asm/configdata.pm
index bb042f080a6a37..d9ceb02bb7bc17 100644
--- a/deps/openssl/config/archs/darwin-i386-cc/asm/configdata.pm
+++ b/deps/openssl/config/archs/darwin-i386-cc/asm/configdata.pm
@@ -48,7 +48,7 @@ our %config = (
   export_var_as_fn => "0",
   includes => [  ],
   lflags => [  ],
-  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_BN_ASM_PART_WORDS", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "RC4_ASM", "MD5_ASM", "RMD160_ASM", "AES_ASM", "VPAES_ASM", "WHIRLPOOL_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "POLY1305_ASM" ],
+  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_BN_ASM_PART_WORDS", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "RC4_ASM", "MD5_ASM", "RMD160_ASM", "VPAES_ASM", "WHIRLPOOL_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "POLY1305_ASM" ],
   libdir => "",
   major => "1",
   makedepprog => "\$(CROSS_COMPILE)gcc",
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "darwin-i386-cc",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -124,8 +124,8 @@ our %target = (
   RANLIB => "ranlib -c",
   RC => "windres",
   _conf_fname_int => [ "Configurations/00-base-templates.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/shared-info.pl" ],
-  aes_asm_src => "aes-586.s vpaes-x86.s aesni-x86.s",
-  aes_obj => "aes-586.o vpaes-x86.o aesni-x86.o",
+  aes_asm_src => "aes_core.c aes_cbc.c vpaes-x86.s aesni-x86.s",
+  aes_obj => "aes_core.o aes_cbc.o vpaes-x86.o aesni-x86.o",
   apps_aux_src => "",
   apps_init_src => "",
   apps_obj => "",
@@ -1684,8 +1684,9 @@ our %unified_info = (
                 {
                     "deps" =>
                         [
-                            "crypto/aes/aes-586.o",
+                            "crypto/aes/aes_cbc.o",
                             "crypto/aes/aes_cfb.o",
+                            "crypto/aes/aes_core.o",
                             "crypto/aes/aes_ecb.o",
                             "crypto/aes/aes_ige.o",
                             "crypto/aes/aes_misc.o",
@@ -3226,6 +3227,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -4839,12 +4841,6 @@ our %unified_info = (
                     "include",
                     "apps",
                 ],
-            "crypto/aes/aes-586.o" =>
-                [
-                    ".",
-                    "crypto/include",
-                    "include",
-                ],
             "crypto/aes/aes-armv4.o" =>
                 [
                     "crypto",
@@ -4861,12 +4857,24 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
+            "crypto/aes/aes_cbc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
             "crypto/aes/aes_cfb.o" =>
                 [
                     ".",
                     "crypto/include",
                     "include",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     ".",
@@ -7845,10 +7853,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -9983,6 +9987,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -10616,14 +10624,18 @@ our %unified_info = (
                 [
                     "apps/x509.c",
                 ],
-            "crypto/aes/aes-586.o" =>
+            "crypto/aes/aes_cbc.o" =>
                 [
-                    "crypto/aes/aes-586.s",
+                    "crypto/aes/aes_cbc.c",
                 ],
             "crypto/aes/aes_cfb.o" =>
                 [
                     "crypto/aes/aes_cfb.c",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    "crypto/aes/aes_core.c",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     "crypto/aes/aes_ecb.c",
@@ -13313,8 +13325,9 @@ our %unified_info = (
                 ],
             "libcrypto" =>
                 [
-                    "crypto/aes/aes-586.o",
+                    "crypto/aes/aes_cbc.o",
                     "crypto/aes/aes_cfb.o",
+                    "crypto/aes/aes_core.o",
                     "crypto/aes/aes_ecb.o",
                     "crypto/aes/aes_ige.o",
                     "crypto/aes/aes_misc.o",
@@ -15216,6 +15229,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15561,6 +15575,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/darwin-i386-cc/asm/crypto/buildinf.h b/deps/openssl/config/archs/darwin-i386-cc/asm/crypto/buildinf.h
index 02b60782aa5cd9..abd541341f17ee 100644
--- a/deps/openssl/config/archs/darwin-i386-cc/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/darwin-i386-cc/asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: darwin-i386-cc"
-#define DATE "built on: Wed Jun 12 20:54:07 2019 UTC"
+#define DATE "built on: Fri Sep 13 15:58:40 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
@@ -36,12 +36,11 @@ static const char compiler_flags[] = {
     'S','H','A','2','5','6','_','A','S','M',' ','-','D','S','H','A',
     '5','1','2','_','A','S','M',' ','-','D','R','C','4','_','A','S',
     'M',' ','-','D','M','D','5','_','A','S','M',' ','-','D','R','M',
-    'D','1','6','0','_','A','S','M',' ','-','D','A','E','S','_','A',
-    'S','M',' ','-','D','V','P','A','E','S','_','A','S','M',' ','-',
-    'D','W','H','I','R','L','P','O','O','L','_','A','S','M',' ','-',
-    'D','G','H','A','S','H','_','A','S','M',' ','-','D','E','C','P',
-    '_','N','I','S','T','Z','2','5','6','_','A','S','M',' ','-','D',
-    'P','O','L','Y','1','3','0','5','_','A','S','M',' ','-','D','_',
-    'R','E','E','N','T','R','A','N','T',' ','-','D','N','D','E','B',
-    'U','G','\0'
+    'D','1','6','0','_','A','S','M',' ','-','D','V','P','A','E','S',
+    '_','A','S','M',' ','-','D','W','H','I','R','L','P','O','O','L',
+    '_','A','S','M',' ','-','D','G','H','A','S','H','_','A','S','M',
+    ' ','-','D','E','C','P','_','N','I','S','T','Z','2','5','6','_',
+    'A','S','M',' ','-','D','P','O','L','Y','1','3','0','5','_','A',
+    'S','M',' ','-','D','_','R','E','E','N','T','R','A','N','T',' ',
+    '-','D','N','D','E','B','U','G','\0'
 };
diff --git a/deps/openssl/config/archs/darwin-i386-cc/asm/openssl-cl.gypi b/deps/openssl/config/archs/darwin-i386-cc/asm/openssl-cl.gypi
index fa431835b0427e..35d5734b533f73 100644
--- a/deps/openssl/config/archs/darwin-i386-cc/asm/openssl-cl.gypi
+++ b/deps/openssl/config/archs/darwin-i386-cc/asm/openssl-cl.gypi
@@ -15,7 +15,6 @@
       'RC4_ASM',
       'MD5_ASM',
       'RMD160_ASM',
-      'AES_ASM',
       'VPAES_ASM',
       'WHIRLPOOL_ASM',
       'GHASH_ASM',
diff --git a/deps/openssl/config/archs/darwin-i386-cc/asm/openssl.gypi b/deps/openssl/config/archs/darwin-i386-cc/asm/openssl.gypi
index 495e20768e29dc..38d1fdcc00e68c 100644
--- a/deps/openssl/config/archs/darwin-i386-cc/asm/openssl.gypi
+++ b/deps/openssl/config/archs/darwin-i386-cc/asm/openssl.gypi
@@ -45,7 +45,9 @@
       'openssl/ssl/t1_trce.c',
       'openssl/ssl/tls13_enc.c',
       'openssl/ssl/tls_srp.c',
+      'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
+      'openssl/crypto/aes/aes_core.c',
       'openssl/crypto/aes/aes_ecb.c',
       'openssl/crypto/aes/aes_ige.c',
       'openssl/crypto/aes/aes_misc.c',
@@ -671,7 +673,6 @@
       'openssl/engines/e_padlock.c',
     ],
     'openssl_sources_darwin-i386-cc': [
-      './config/archs/darwin-i386-cc/asm/crypto/aes/aes-586.s',
       './config/archs/darwin-i386-cc/asm/crypto/aes/aesni-x86.s',
       './config/archs/darwin-i386-cc/asm/crypto/aes/vpaes-x86.s',
       './config/archs/darwin-i386-cc/asm/crypto/bf/bf-586.s',
@@ -711,7 +712,6 @@
       'RC4_ASM',
       'MD5_ASM',
       'RMD160_ASM',
-      'AES_ASM',
       'VPAES_ASM',
       'WHIRLPOOL_ASM',
       'GHASH_ASM',
diff --git a/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/configdata.pm b/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/configdata.pm
index e8bd163cc426b8..e6aed64bed36d2 100644
--- a/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/configdata.pm
@@ -48,7 +48,7 @@ our %config = (
   export_var_as_fn => "0",
   includes => [  ],
   lflags => [  ],
-  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_BN_ASM_PART_WORDS", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "RC4_ASM", "MD5_ASM", "RMD160_ASM", "AES_ASM", "VPAES_ASM", "WHIRLPOOL_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "POLY1305_ASM" ],
+  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_BN_ASM_PART_WORDS", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "RC4_ASM", "MD5_ASM", "RMD160_ASM", "VPAES_ASM", "WHIRLPOOL_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "POLY1305_ASM" ],
   libdir => "",
   major => "1",
   makedepprog => "\$(CROSS_COMPILE)../config/fake_gcc.pl",
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "darwin-i386-cc",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -124,8 +124,8 @@ our %target = (
   RANLIB => "ranlib -c",
   RC => "windres",
   _conf_fname_int => [ "Configurations/00-base-templates.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/shared-info.pl" ],
-  aes_asm_src => "aes-586.s vpaes-x86.s aesni-x86.s",
-  aes_obj => "aes-586.o vpaes-x86.o aesni-x86.o",
+  aes_asm_src => "aes_core.c aes_cbc.c vpaes-x86.s aesni-x86.s",
+  aes_obj => "aes_core.o aes_cbc.o vpaes-x86.o aesni-x86.o",
   apps_aux_src => "",
   apps_init_src => "",
   apps_obj => "",
@@ -1684,8 +1684,9 @@ our %unified_info = (
                 {
                     "deps" =>
                         [
-                            "crypto/aes/aes-586.o",
+                            "crypto/aes/aes_cbc.o",
                             "crypto/aes/aes_cfb.o",
+                            "crypto/aes/aes_core.o",
                             "crypto/aes/aes_ecb.o",
                             "crypto/aes/aes_ige.o",
                             "crypto/aes/aes_misc.o",
@@ -3226,6 +3227,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -4839,12 +4841,6 @@ our %unified_info = (
                     "include",
                     "apps",
                 ],
-            "crypto/aes/aes-586.o" =>
-                [
-                    ".",
-                    "crypto/include",
-                    "include",
-                ],
             "crypto/aes/aes-armv4.o" =>
                 [
                     "crypto",
@@ -4861,12 +4857,24 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
+            "crypto/aes/aes_cbc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
             "crypto/aes/aes_cfb.o" =>
                 [
                     ".",
                     "crypto/include",
                     "include",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     ".",
@@ -7845,10 +7853,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -9983,6 +9987,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -10616,14 +10624,18 @@ our %unified_info = (
                 [
                     "apps/x509.c",
                 ],
-            "crypto/aes/aes-586.o" =>
+            "crypto/aes/aes_cbc.o" =>
                 [
-                    "crypto/aes/aes-586.s",
+                    "crypto/aes/aes_cbc.c",
                 ],
             "crypto/aes/aes_cfb.o" =>
                 [
                     "crypto/aes/aes_cfb.c",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    "crypto/aes/aes_core.c",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     "crypto/aes/aes_ecb.c",
@@ -13313,8 +13325,9 @@ our %unified_info = (
                 ],
             "libcrypto" =>
                 [
-                    "crypto/aes/aes-586.o",
+                    "crypto/aes/aes_cbc.o",
                     "crypto/aes/aes_cfb.o",
+                    "crypto/aes/aes_core.o",
                     "crypto/aes/aes_ecb.o",
                     "crypto/aes/aes_ige.o",
                     "crypto/aes/aes_misc.o",
@@ -15216,6 +15229,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15561,6 +15575,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/crypto/buildinf.h
index 6b21e65596ecd9..a78ae310fc883b 100644
--- a/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: darwin-i386-cc"
-#define DATE "built on: Wed Jun 12 20:54:11 2019 UTC"
+#define DATE "built on: Fri Sep 13 15:58:46 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
@@ -37,12 +37,11 @@ static const char compiler_flags[] = {
     '-','D','S','H','A','2','5','6','_','A','S','M',' ','-','D','S',
     'H','A','5','1','2','_','A','S','M',' ','-','D','R','C','4','_',
     'A','S','M',' ','-','D','M','D','5','_','A','S','M',' ','-','D',
-    'R','M','D','1','6','0','_','A','S','M',' ','-','D','A','E','S',
-    '_','A','S','M',' ','-','D','V','P','A','E','S','_','A','S','M',
-    ' ','-','D','W','H','I','R','L','P','O','O','L','_','A','S','M',
-    ' ','-','D','G','H','A','S','H','_','A','S','M',' ','-','D','E',
-    'C','P','_','N','I','S','T','Z','2','5','6','_','A','S','M',' ',
-    '-','D','P','O','L','Y','1','3','0','5','_','A','S','M',' ','-',
-    'D','_','R','E','E','N','T','R','A','N','T',' ','-','D','N','D',
-    'E','B','U','G','\0'
+    'R','M','D','1','6','0','_','A','S','M',' ','-','D','V','P','A',
+    'E','S','_','A','S','M',' ','-','D','W','H','I','R','L','P','O',
+    'O','L','_','A','S','M',' ','-','D','G','H','A','S','H','_','A',
+    'S','M',' ','-','D','E','C','P','_','N','I','S','T','Z','2','5',
+    '6','_','A','S','M',' ','-','D','P','O','L','Y','1','3','0','5',
+    '_','A','S','M',' ','-','D','_','R','E','E','N','T','R','A','N',
+    'T',' ','-','D','N','D','E','B','U','G','\0'
 };
diff --git a/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/openssl-cl.gypi b/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/openssl-cl.gypi
index fa431835b0427e..35d5734b533f73 100644
--- a/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/openssl-cl.gypi
+++ b/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/openssl-cl.gypi
@@ -15,7 +15,6 @@
       'RC4_ASM',
       'MD5_ASM',
       'RMD160_ASM',
-      'AES_ASM',
       'VPAES_ASM',
       'WHIRLPOOL_ASM',
       'GHASH_ASM',
diff --git a/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/openssl.gypi b/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/openssl.gypi
index 3854ce56d14efe..c1f15b01a15b5a 100644
--- a/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/openssl.gypi
+++ b/deps/openssl/config/archs/darwin-i386-cc/asm_avx2/openssl.gypi
@@ -45,7 +45,9 @@
       'openssl/ssl/t1_trce.c',
       'openssl/ssl/tls13_enc.c',
       'openssl/ssl/tls_srp.c',
+      'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
+      'openssl/crypto/aes/aes_core.c',
       'openssl/crypto/aes/aes_ecb.c',
       'openssl/crypto/aes/aes_ige.c',
       'openssl/crypto/aes/aes_misc.c',
@@ -671,7 +673,6 @@
       'openssl/engines/e_padlock.c',
     ],
     'openssl_sources_darwin-i386-cc': [
-      './config/archs/darwin-i386-cc/asm_avx2/crypto/aes/aes-586.s',
       './config/archs/darwin-i386-cc/asm_avx2/crypto/aes/aesni-x86.s',
       './config/archs/darwin-i386-cc/asm_avx2/crypto/aes/vpaes-x86.s',
       './config/archs/darwin-i386-cc/asm_avx2/crypto/bf/bf-586.s',
@@ -711,7 +712,6 @@
       'RC4_ASM',
       'MD5_ASM',
       'RMD160_ASM',
-      'AES_ASM',
       'VPAES_ASM',
       'WHIRLPOOL_ASM',
       'GHASH_ASM',
diff --git a/deps/openssl/config/archs/darwin-i386-cc/no-asm/configdata.pm b/deps/openssl/config/archs/darwin-i386-cc/no-asm/configdata.pm
index 820d3892599215..a40cf9d26d3bd6 100644
--- a/deps/openssl/config/archs/darwin-i386-cc/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/darwin-i386-cc/no-asm/configdata.pm
@@ -110,8 +110,8 @@ our %config = (
   sourcedir => ".",
   target => "darwin-i386-cc",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -3212,6 +3212,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7801,10 +7802,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -9897,6 +9894,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15070,6 +15071,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15415,6 +15417,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/darwin-i386-cc/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/darwin-i386-cc/no-asm/crypto/buildinf.h
index a38383239e7ab2..5a6d99c66de2c9 100644
--- a/deps/openssl/config/archs/darwin-i386-cc/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/darwin-i386-cc/no-asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: darwin-i386-cc"
-#define DATE "built on: Wed Jun 12 20:54:15 2019 UTC"
+#define DATE "built on: Fri Sep 13 15:58:53 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/darwin64-x86_64-cc/asm/configdata.pm b/deps/openssl/config/archs/darwin64-x86_64-cc/asm/configdata.pm
index cf2e5f4eab9651..667d891890ef1c 100644
--- a/deps/openssl/config/archs/darwin64-x86_64-cc/asm/configdata.pm
+++ b/deps/openssl/config/archs/darwin64-x86_64-cc/asm/configdata.pm
@@ -48,7 +48,7 @@ our %config = (
   export_var_as_fn => "0",
   includes => [  ],
   lflags => [  ],
-  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_MONT5", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "KECCAK1600_ASM", "RC4_ASM", "MD5_ASM", "AES_ASM", "VPAES_ASM", "BSAES_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "X25519_ASM", "POLY1305_ASM" ],
+  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_MONT5", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "KECCAK1600_ASM", "RC4_ASM", "MD5_ASM", "VPAES_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "X25519_ASM", "POLY1305_ASM" ],
   libdir => "",
   major => "1",
   makedepprog => "\$(CROSS_COMPILE)gcc",
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "darwin64-x86_64-cc",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -124,8 +124,8 @@ our %target = (
   RANLIB => "ranlib -c",
   RC => "windres",
   _conf_fname_int => [ "Configurations/00-base-templates.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/shared-info.pl" ],
-  aes_asm_src => "aes-x86_64.s vpaes-x86_64.s bsaes-x86_64.s aesni-x86_64.s aesni-sha1-x86_64.s aesni-sha256-x86_64.s aesni-mb-x86_64.s",
-  aes_obj => "aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o",
+  aes_asm_src => "aes_core.c aes_cbc.c vpaes-x86_64.s aesni-x86_64.s aesni-sha1-x86_64.s aesni-sha256-x86_64.s aesni-mb-x86_64.s",
+  aes_obj => "aes_core.o aes_cbc.o vpaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o",
   apps_aux_src => "",
   apps_init_src => "",
   apps_obj => "",
@@ -1684,8 +1684,9 @@ our %unified_info = (
                 {
                     "deps" =>
                         [
-                            "crypto/aes/aes-x86_64.o",
+                            "crypto/aes/aes_cbc.o",
                             "crypto/aes/aes_cfb.o",
+                            "crypto/aes/aes_core.o",
                             "crypto/aes/aes_ecb.o",
                             "crypto/aes/aes_ige.o",
                             "crypto/aes/aes_misc.o",
@@ -1695,7 +1696,6 @@ our %unified_info = (
                             "crypto/aes/aesni-sha1-x86_64.o",
                             "crypto/aes/aesni-sha256-x86_64.o",
                             "crypto/aes/aesni-x86_64.o",
-                            "crypto/aes/bsaes-x86_64.o",
                             "crypto/aes/vpaes-x86_64.o",
                         ],
                     "products" =>
@@ -3250,6 +3250,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -4879,7 +4880,7 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/aes/aes-x86_64.o" =>
+            "crypto/aes/aes_cbc.o" =>
                 [
                     ".",
                     "crypto/include",
@@ -4891,6 +4892,12 @@ our %unified_info = (
                     "crypto/include",
                     "include",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     ".",
@@ -4961,12 +4968,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/aes/bsaes-x86_64.o" =>
-                [
-                    ".",
-                    "crypto/include",
-                    "include",
-                ],
             "crypto/aes/vpaes-x86_64.o" =>
                 [
                     ".",
@@ -7929,10 +7930,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -10073,6 +10070,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -10706,14 +10707,18 @@ our %unified_info = (
                 [
                     "apps/x509.c",
                 ],
-            "crypto/aes/aes-x86_64.o" =>
+            "crypto/aes/aes_cbc.o" =>
                 [
-                    "crypto/aes/aes-x86_64.s",
+                    "crypto/aes/aes_cbc.c",
                 ],
             "crypto/aes/aes_cfb.o" =>
                 [
                     "crypto/aes/aes_cfb.c",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    "crypto/aes/aes_core.c",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     "crypto/aes/aes_ecb.c",
@@ -10750,10 +10755,6 @@ our %unified_info = (
                 [
                     "crypto/aes/aesni-x86_64.s",
                 ],
-            "crypto/aes/bsaes-x86_64.o" =>
-                [
-                    "crypto/aes/bsaes-x86_64.s",
-                ],
             "crypto/aes/vpaes-x86_64.o" =>
                 [
                     "crypto/aes/vpaes-x86_64.s",
@@ -13447,8 +13448,9 @@ our %unified_info = (
                 ],
             "libcrypto" =>
                 [
-                    "crypto/aes/aes-x86_64.o",
+                    "crypto/aes/aes_cbc.o",
                     "crypto/aes/aes_cfb.o",
+                    "crypto/aes/aes_core.o",
                     "crypto/aes/aes_ecb.o",
                     "crypto/aes/aes_ige.o",
                     "crypto/aes/aes_misc.o",
@@ -13458,7 +13460,6 @@ our %unified_info = (
                     "crypto/aes/aesni-sha1-x86_64.o",
                     "crypto/aes/aesni-sha256-x86_64.o",
                     "crypto/aes/aesni-x86_64.o",
-                    "crypto/aes/bsaes-x86_64.o",
                     "crypto/aes/vpaes-x86_64.o",
                     "crypto/aria/aria.o",
                     "crypto/asn1/a_bitstr.o",
@@ -15361,6 +15362,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15706,6 +15708,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/darwin64-x86_64-cc/asm/crypto/buildinf.h b/deps/openssl/config/archs/darwin64-x86_64-cc/asm/crypto/buildinf.h
index 4605365e1f3807..a6d2dadb30280a 100644
--- a/deps/openssl/config/archs/darwin64-x86_64-cc/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/darwin64-x86_64-cc/asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: darwin64-x86_64-cc"
-#define DATE "built on: Wed Jun 12 20:53:47 2019 UTC"
+#define DATE "built on: Fri Sep 13 15:58:07 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
@@ -35,12 +35,11 @@ static const char compiler_flags[] = {
     'A','2','5','6','_','A','S','M',' ','-','D','S','H','A','5','1',
     '2','_','A','S','M',' ','-','D','K','E','C','C','A','K','1','6',
     '0','0','_','A','S','M',' ','-','D','R','C','4','_','A','S','M',
-    ' ','-','D','M','D','5','_','A','S','M',' ','-','D','A','E','S',
-    '_','A','S','M',' ','-','D','V','P','A','E','S','_','A','S','M',
-    ' ','-','D','B','S','A','E','S','_','A','S','M',' ','-','D','G',
-    'H','A','S','H','_','A','S','M',' ','-','D','E','C','P','_','N',
-    'I','S','T','Z','2','5','6','_','A','S','M',' ','-','D','X','2',
-    '5','5','1','9','_','A','S','M',' ','-','D','P','O','L','Y','1',
-    '3','0','5','_','A','S','M',' ','-','D','_','R','E','E','N','T',
-    'R','A','N','T',' ','-','D','N','D','E','B','U','G','\0'
+    ' ','-','D','M','D','5','_','A','S','M',' ','-','D','V','P','A',
+    'E','S','_','A','S','M',' ','-','D','G','H','A','S','H','_','A',
+    'S','M',' ','-','D','E','C','P','_','N','I','S','T','Z','2','5',
+    '6','_','A','S','M',' ','-','D','X','2','5','5','1','9','_','A',
+    'S','M',' ','-','D','P','O','L','Y','1','3','0','5','_','A','S',
+    'M',' ','-','D','_','R','E','E','N','T','R','A','N','T',' ','-',
+    'D','N','D','E','B','U','G','\0'
 };
diff --git a/deps/openssl/config/archs/darwin64-x86_64-cc/asm/openssl-cl.gypi b/deps/openssl/config/archs/darwin64-x86_64-cc/asm/openssl-cl.gypi
index 48d7158e614dbd..95e8dc567ee299 100644
--- a/deps/openssl/config/archs/darwin64-x86_64-cc/asm/openssl-cl.gypi
+++ b/deps/openssl/config/archs/darwin64-x86_64-cc/asm/openssl-cl.gypi
@@ -15,9 +15,7 @@
       'KECCAK1600_ASM',
       'RC4_ASM',
       'MD5_ASM',
-      'AES_ASM',
       'VPAES_ASM',
-      'BSAES_ASM',
       'GHASH_ASM',
       'ECP_NISTZ256_ASM',
       'X25519_ASM',
diff --git a/deps/openssl/config/archs/darwin64-x86_64-cc/asm/openssl.gypi b/deps/openssl/config/archs/darwin64-x86_64-cc/asm/openssl.gypi
index 787652fc97e5f4..f87225df694da8 100644
--- a/deps/openssl/config/archs/darwin64-x86_64-cc/asm/openssl.gypi
+++ b/deps/openssl/config/archs/darwin64-x86_64-cc/asm/openssl.gypi
@@ -45,7 +45,9 @@
       'openssl/ssl/t1_trce.c',
       'openssl/ssl/tls13_enc.c',
       'openssl/ssl/tls_srp.c',
+      'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
+      'openssl/crypto/aes/aes_core.c',
       'openssl/crypto/aes/aes_ecb.c',
       'openssl/crypto/aes/aes_ige.c',
       'openssl/crypto/aes/aes_misc.c',
@@ -675,12 +677,10 @@
       'openssl/engines/e_padlock.c',
     ],
     'openssl_sources_darwin64-x86_64-cc': [
-      './config/archs/darwin64-x86_64-cc/asm/crypto/aes/aes-x86_64.s',
       './config/archs/darwin64-x86_64-cc/asm/crypto/aes/aesni-mb-x86_64.s',
       './config/archs/darwin64-x86_64-cc/asm/crypto/aes/aesni-sha1-x86_64.s',
       './config/archs/darwin64-x86_64-cc/asm/crypto/aes/aesni-sha256-x86_64.s',
       './config/archs/darwin64-x86_64-cc/asm/crypto/aes/aesni-x86_64.s',
-      './config/archs/darwin64-x86_64-cc/asm/crypto/aes/bsaes-x86_64.s',
       './config/archs/darwin64-x86_64-cc/asm/crypto/aes/vpaes-x86_64.s',
       './config/archs/darwin64-x86_64-cc/asm/crypto/bn/rsaz-avx2.s',
       './config/archs/darwin64-x86_64-cc/asm/crypto/bn/rsaz-x86_64.s',
@@ -722,9 +722,7 @@
       'KECCAK1600_ASM',
       'RC4_ASM',
       'MD5_ASM',
-      'AES_ASM',
       'VPAES_ASM',
-      'BSAES_ASM',
       'GHASH_ASM',
       'ECP_NISTZ256_ASM',
       'X25519_ASM',
diff --git a/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/configdata.pm b/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/configdata.pm
index 0ffd375cdcdf95..32bcc2c46627da 100644
--- a/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/configdata.pm
@@ -48,7 +48,7 @@ our %config = (
   export_var_as_fn => "0",
   includes => [  ],
   lflags => [  ],
-  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_MONT5", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "KECCAK1600_ASM", "RC4_ASM", "MD5_ASM", "AES_ASM", "VPAES_ASM", "BSAES_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "X25519_ASM", "POLY1305_ASM" ],
+  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_MONT5", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "KECCAK1600_ASM", "RC4_ASM", "MD5_ASM", "VPAES_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "X25519_ASM", "POLY1305_ASM" ],
   libdir => "",
   major => "1",
   makedepprog => "\$(CROSS_COMPILE)../config/fake_gcc.pl",
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "darwin64-x86_64-cc",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -124,8 +124,8 @@ our %target = (
   RANLIB => "ranlib -c",
   RC => "windres",
   _conf_fname_int => [ "Configurations/00-base-templates.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/shared-info.pl" ],
-  aes_asm_src => "aes-x86_64.s vpaes-x86_64.s bsaes-x86_64.s aesni-x86_64.s aesni-sha1-x86_64.s aesni-sha256-x86_64.s aesni-mb-x86_64.s",
-  aes_obj => "aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o",
+  aes_asm_src => "aes_core.c aes_cbc.c vpaes-x86_64.s aesni-x86_64.s aesni-sha1-x86_64.s aesni-sha256-x86_64.s aesni-mb-x86_64.s",
+  aes_obj => "aes_core.o aes_cbc.o vpaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o",
   apps_aux_src => "",
   apps_init_src => "",
   apps_obj => "",
@@ -1684,8 +1684,9 @@ our %unified_info = (
                 {
                     "deps" =>
                         [
-                            "crypto/aes/aes-x86_64.o",
+                            "crypto/aes/aes_cbc.o",
                             "crypto/aes/aes_cfb.o",
+                            "crypto/aes/aes_core.o",
                             "crypto/aes/aes_ecb.o",
                             "crypto/aes/aes_ige.o",
                             "crypto/aes/aes_misc.o",
@@ -1695,7 +1696,6 @@ our %unified_info = (
                             "crypto/aes/aesni-sha1-x86_64.o",
                             "crypto/aes/aesni-sha256-x86_64.o",
                             "crypto/aes/aesni-x86_64.o",
-                            "crypto/aes/bsaes-x86_64.o",
                             "crypto/aes/vpaes-x86_64.o",
                         ],
                     "products" =>
@@ -3250,6 +3250,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -4879,7 +4880,7 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/aes/aes-x86_64.o" =>
+            "crypto/aes/aes_cbc.o" =>
                 [
                     ".",
                     "crypto/include",
@@ -4891,6 +4892,12 @@ our %unified_info = (
                     "crypto/include",
                     "include",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     ".",
@@ -4961,12 +4968,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/aes/bsaes-x86_64.o" =>
-                [
-                    ".",
-                    "crypto/include",
-                    "include",
-                ],
             "crypto/aes/vpaes-x86_64.o" =>
                 [
                     ".",
@@ -7929,10 +7930,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -10073,6 +10070,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -10706,14 +10707,18 @@ our %unified_info = (
                 [
                     "apps/x509.c",
                 ],
-            "crypto/aes/aes-x86_64.o" =>
+            "crypto/aes/aes_cbc.o" =>
                 [
-                    "crypto/aes/aes-x86_64.s",
+                    "crypto/aes/aes_cbc.c",
                 ],
             "crypto/aes/aes_cfb.o" =>
                 [
                     "crypto/aes/aes_cfb.c",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    "crypto/aes/aes_core.c",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     "crypto/aes/aes_ecb.c",
@@ -10750,10 +10755,6 @@ our %unified_info = (
                 [
                     "crypto/aes/aesni-x86_64.s",
                 ],
-            "crypto/aes/bsaes-x86_64.o" =>
-                [
-                    "crypto/aes/bsaes-x86_64.s",
-                ],
             "crypto/aes/vpaes-x86_64.o" =>
                 [
                     "crypto/aes/vpaes-x86_64.s",
@@ -13447,8 +13448,9 @@ our %unified_info = (
                 ],
             "libcrypto" =>
                 [
-                    "crypto/aes/aes-x86_64.o",
+                    "crypto/aes/aes_cbc.o",
                     "crypto/aes/aes_cfb.o",
+                    "crypto/aes/aes_core.o",
                     "crypto/aes/aes_ecb.o",
                     "crypto/aes/aes_ige.o",
                     "crypto/aes/aes_misc.o",
@@ -13458,7 +13460,6 @@ our %unified_info = (
                     "crypto/aes/aesni-sha1-x86_64.o",
                     "crypto/aes/aesni-sha256-x86_64.o",
                     "crypto/aes/aesni-x86_64.o",
-                    "crypto/aes/bsaes-x86_64.o",
                     "crypto/aes/vpaes-x86_64.o",
                     "crypto/aria/aria.o",
                     "crypto/asn1/a_bitstr.o",
@@ -15361,6 +15362,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15706,6 +15708,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/crypto/buildinf.h
index 5d824a8fb06e49..da2e3d51505ac4 100644
--- a/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: darwin64-x86_64-cc"
-#define DATE "built on: Wed Jun 12 20:53:57 2019 UTC"
+#define DATE "built on: Fri Sep 13 15:58:21 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
@@ -36,12 +36,11 @@ static const char compiler_flags[] = {
     'S','H','A','2','5','6','_','A','S','M',' ','-','D','S','H','A',
     '5','1','2','_','A','S','M',' ','-','D','K','E','C','C','A','K',
     '1','6','0','0','_','A','S','M',' ','-','D','R','C','4','_','A',
-    'S','M',' ','-','D','M','D','5','_','A','S','M',' ','-','D','A',
-    'E','S','_','A','S','M',' ','-','D','V','P','A','E','S','_','A',
-    'S','M',' ','-','D','B','S','A','E','S','_','A','S','M',' ','-',
-    'D','G','H','A','S','H','_','A','S','M',' ','-','D','E','C','P',
-    '_','N','I','S','T','Z','2','5','6','_','A','S','M',' ','-','D',
-    'X','2','5','5','1','9','_','A','S','M',' ','-','D','P','O','L',
-    'Y','1','3','0','5','_','A','S','M',' ','-','D','_','R','E','E',
-    'N','T','R','A','N','T',' ','-','D','N','D','E','B','U','G','\0'
+    'S','M',' ','-','D','M','D','5','_','A','S','M',' ','-','D','V',
+    'P','A','E','S','_','A','S','M',' ','-','D','G','H','A','S','H',
+    '_','A','S','M',' ','-','D','E','C','P','_','N','I','S','T','Z',
+    '2','5','6','_','A','S','M',' ','-','D','X','2','5','5','1','9',
+    '_','A','S','M',' ','-','D','P','O','L','Y','1','3','0','5','_',
+    'A','S','M',' ','-','D','_','R','E','E','N','T','R','A','N','T',
+    ' ','-','D','N','D','E','B','U','G','\0'
 };
diff --git a/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/openssl-cl.gypi b/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/openssl-cl.gypi
index 48d7158e614dbd..95e8dc567ee299 100644
--- a/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/openssl-cl.gypi
+++ b/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/openssl-cl.gypi
@@ -15,9 +15,7 @@
       'KECCAK1600_ASM',
       'RC4_ASM',
       'MD5_ASM',
-      'AES_ASM',
       'VPAES_ASM',
-      'BSAES_ASM',
       'GHASH_ASM',
       'ECP_NISTZ256_ASM',
       'X25519_ASM',
diff --git a/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/openssl.gypi b/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/openssl.gypi
index 46a42c7ec4f2dd..be4971efb1cbbf 100644
--- a/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/openssl.gypi
+++ b/deps/openssl/config/archs/darwin64-x86_64-cc/asm_avx2/openssl.gypi
@@ -45,7 +45,9 @@
       'openssl/ssl/t1_trce.c',
       'openssl/ssl/tls13_enc.c',
       'openssl/ssl/tls_srp.c',
+      'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
+      'openssl/crypto/aes/aes_core.c',
       'openssl/crypto/aes/aes_ecb.c',
       'openssl/crypto/aes/aes_ige.c',
       'openssl/crypto/aes/aes_misc.c',
@@ -675,12 +677,10 @@
       'openssl/engines/e_padlock.c',
     ],
     'openssl_sources_darwin64-x86_64-cc': [
-      './config/archs/darwin64-x86_64-cc/asm_avx2/crypto/aes/aes-x86_64.s',
       './config/archs/darwin64-x86_64-cc/asm_avx2/crypto/aes/aesni-mb-x86_64.s',
       './config/archs/darwin64-x86_64-cc/asm_avx2/crypto/aes/aesni-sha1-x86_64.s',
       './config/archs/darwin64-x86_64-cc/asm_avx2/crypto/aes/aesni-sha256-x86_64.s',
       './config/archs/darwin64-x86_64-cc/asm_avx2/crypto/aes/aesni-x86_64.s',
-      './config/archs/darwin64-x86_64-cc/asm_avx2/crypto/aes/bsaes-x86_64.s',
       './config/archs/darwin64-x86_64-cc/asm_avx2/crypto/aes/vpaes-x86_64.s',
       './config/archs/darwin64-x86_64-cc/asm_avx2/crypto/bn/rsaz-avx2.s',
       './config/archs/darwin64-x86_64-cc/asm_avx2/crypto/bn/rsaz-x86_64.s',
@@ -722,9 +722,7 @@
       'KECCAK1600_ASM',
       'RC4_ASM',
       'MD5_ASM',
-      'AES_ASM',
       'VPAES_ASM',
-      'BSAES_ASM',
       'GHASH_ASM',
       'ECP_NISTZ256_ASM',
       'X25519_ASM',
diff --git a/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/configdata.pm b/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/configdata.pm
index 08d19cb3e97d33..02290abc08f011 100644
--- a/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/configdata.pm
@@ -110,8 +110,8 @@ our %config = (
   sourcedir => ".",
   target => "darwin64-x86_64-cc",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -3212,6 +3212,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7801,10 +7802,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -9897,6 +9894,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15070,6 +15071,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15415,6 +15417,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/crypto/buildinf.h
index cefbd6f968ca0a..a2a8835315fef3 100644
--- a/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/darwin64-x86_64-cc/no-asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: darwin64-x86_64-cc"
-#define DATE "built on: Wed Jun 12 20:54:05 2019 UTC"
+#define DATE "built on: Fri Sep 13 15:58:36 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux-aarch64/asm/configdata.pm b/deps/openssl/config/archs/linux-aarch64/asm/configdata.pm
index 1f482890d6639e..832a223ee3ea9c 100644
--- a/deps/openssl/config/archs/linux-aarch64/asm/configdata.pm
+++ b/deps/openssl/config/archs/linux-aarch64/asm/configdata.pm
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "linux-aarch64",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -3237,6 +3237,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7868,10 +7869,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -9973,6 +9970,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15201,6 +15202,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15546,6 +15548,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/linux-aarch64/asm/crypto/buildinf.h b/deps/openssl/config/archs/linux-aarch64/asm/crypto/buildinf.h
index 7f406ed8cc5e1b..6046c7d5fd9777 100644
--- a/deps/openssl/config/archs/linux-aarch64/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-aarch64/asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-aarch64"
-#define DATE "built on: Wed Jun 12 20:54:17 2019 UTC"
+#define DATE "built on: Fri Sep 13 15:58:56 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux-aarch64/asm/crypto/sha/keccak1600-armv8.S b/deps/openssl/config/archs/linux-aarch64/asm/crypto/sha/keccak1600-armv8.S
index b21c22f8742415..d8bdc71aee3737 100644
--- a/deps/openssl/config/archs/linux-aarch64/asm/crypto/sha/keccak1600-armv8.S
+++ b/deps/openssl/config/archs/linux-aarch64/asm/crypto/sha/keccak1600-armv8.S
@@ -844,7 +844,7 @@ SHA3_absorb_cext:
 	blo	.Lprocess_block_ce
 	ldr	d31,[x1],#8		// *inp++
 #ifdef	__AARCH64EB__
-	rev	v31.16b,v31.16b
+	rev64	v31.16b,v31.16b
 #endif
 	eor	v1.16b,v1.16b,v31.16b
 	beq	.Lprocess_block_ce
@@ -857,7 +857,7 @@ SHA3_absorb_cext:
 	blo	.Lprocess_block_ce
 	ldr	d31,[x1],#8		// *inp++
 #ifdef	__AARCH64EB__
-	rev	v31.16b,v31.16b
+	rev64	v31.16b,v31.16b
 #endif
 	eor	v3.16b,v3.16b,v31.16b
 	beq	.Lprocess_block_ce
@@ -870,7 +870,7 @@ SHA3_absorb_cext:
 	blo	.Lprocess_block_ce
 	ldr	d31,[x1],#8		// *inp++
 #ifdef	__AARCH64EB__
-	rev	v31.16b,v31.16b
+	rev64	v31.16b,v31.16b
 #endif
 	eor	v5.16b,v5.16b,v31.16b
 	beq	.Lprocess_block_ce
@@ -883,7 +883,7 @@ SHA3_absorb_cext:
 	blo	.Lprocess_block_ce
 	ldr	d31,[x1],#8		// *inp++
 #ifdef	__AARCH64EB__
-	rev	v31.16b,v31.16b
+	rev64	v31.16b,v31.16b
 #endif
 	eor	v7.16b,v7.16b,v31.16b
 	beq	.Lprocess_block_ce
@@ -896,7 +896,7 @@ SHA3_absorb_cext:
 	blo	.Lprocess_block_ce
 	ldr	d31,[x1],#8		// *inp++
 #ifdef	__AARCH64EB__
-	rev	v31.16b,v31.16b
+	rev64	v31.16b,v31.16b
 #endif
 	eor	v9.16b,v9.16b,v31.16b
 	beq	.Lprocess_block_ce
@@ -909,7 +909,7 @@ SHA3_absorb_cext:
 	blo	.Lprocess_block_ce
 	ldr	d31,[x1],#8		// *inp++
 #ifdef	__AARCH64EB__
-	rev	v31.16b,v31.16b
+	rev64	v31.16b,v31.16b
 #endif
 	eor	v11.16b,v11.16b,v31.16b
 	beq	.Lprocess_block_ce
@@ -922,7 +922,7 @@ SHA3_absorb_cext:
 	blo	.Lprocess_block_ce
 	ldr	d31,[x1],#8		// *inp++
 #ifdef	__AARCH64EB__
-	rev	v31.16b,v31.16b
+	rev64	v31.16b,v31.16b
 #endif
 	eor	v13.16b,v13.16b,v31.16b
 	beq	.Lprocess_block_ce
@@ -935,7 +935,7 @@ SHA3_absorb_cext:
 	blo	.Lprocess_block_ce
 	ldr	d31,[x1],#8		// *inp++
 #ifdef	__AARCH64EB__
-	rev	v31.16b,v31.16b
+	rev64	v31.16b,v31.16b
 #endif
 	eor	v15.16b,v15.16b,v31.16b
 	beq	.Lprocess_block_ce
@@ -948,7 +948,7 @@ SHA3_absorb_cext:
 	blo	.Lprocess_block_ce
 	ldr	d31,[x1],#8		// *inp++
 #ifdef	__AARCH64EB__
-	rev	v31.16b,v31.16b
+	rev64	v31.16b,v31.16b
 #endif
 	eor	v17.16b,v17.16b,v31.16b
 	beq	.Lprocess_block_ce
@@ -961,7 +961,7 @@ SHA3_absorb_cext:
 	blo	.Lprocess_block_ce
 	ldr	d31,[x1],#8		// *inp++
 #ifdef	__AARCH64EB__
-	rev	v31.16b,v31.16b
+	rev64	v31.16b,v31.16b
 #endif
 	eor	v19.16b,v19.16b,v31.16b
 	beq	.Lprocess_block_ce
@@ -974,7 +974,7 @@ SHA3_absorb_cext:
 	blo	.Lprocess_block_ce
 	ldr	d31,[x1],#8		// *inp++
 #ifdef	__AARCH64EB__
-	rev	v31.16b,v31.16b
+	rev64	v31.16b,v31.16b
 #endif
 	eor	v21.16b,v21.16b,v31.16b
 	beq	.Lprocess_block_ce
@@ -987,13 +987,13 @@ SHA3_absorb_cext:
 	blo	.Lprocess_block_ce
 	ldr	d31,[x1],#8		// *inp++
 #ifdef	__AARCH64EB__
-	rev	v31.16b,v31.16b
+	rev64	v31.16b,v31.16b
 #endif
 	eor	v23.16b,v23.16b,v31.16b
 	beq	.Lprocess_block_ce
 	ldr	d31,[x1],#8		// *inp++
 #ifdef	__AARCH64EB__
-	rev	v31.16b,v31.16b
+	rev64	v31.16b,v31.16b
 #endif
 	eor	v24.16b,v24.16b,v31.16b
 
diff --git a/deps/openssl/config/archs/linux-aarch64/asm_avx2/configdata.pm b/deps/openssl/config/archs/linux-aarch64/asm_avx2/configdata.pm
index faaace1112f121..bfc02733dc2706 100644
--- a/deps/openssl/config/archs/linux-aarch64/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/linux-aarch64/asm_avx2/configdata.pm
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "linux-aarch64",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -3237,6 +3237,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7868,10 +7869,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -9973,6 +9970,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15201,6 +15202,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15546,6 +15548,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/linux-aarch64/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/linux-aarch64/asm_avx2/crypto/buildinf.h
index af1877aa76ba4c..566cfdfd842a9a 100644
--- a/deps/openssl/config/archs/linux-aarch64/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-aarch64/asm_avx2/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-aarch64"
-#define DATE "built on: Wed Jun 12 20:54:20 2019 UTC"
+#define DATE "built on: Fri Sep 13 15:59:02 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux-aarch64/asm_avx2/crypto/sha/keccak1600-armv8.S b/deps/openssl/config/archs/linux-aarch64/asm_avx2/crypto/sha/keccak1600-armv8.S
index b21c22f8742415..d8bdc71aee3737 100644
--- a/deps/openssl/config/archs/linux-aarch64/asm_avx2/crypto/sha/keccak1600-armv8.S
+++ b/deps/openssl/config/archs/linux-aarch64/asm_avx2/crypto/sha/keccak1600-armv8.S
@@ -844,7 +844,7 @@ SHA3_absorb_cext:
 	blo	.Lprocess_block_ce
 	ldr	d31,[x1],#8		// *inp++
 #ifdef	__AARCH64EB__
-	rev	v31.16b,v31.16b
+	rev64	v31.16b,v31.16b
 #endif
 	eor	v1.16b,v1.16b,v31.16b
 	beq	.Lprocess_block_ce
@@ -857,7 +857,7 @@ SHA3_absorb_cext:
 	blo	.Lprocess_block_ce
 	ldr	d31,[x1],#8		// *inp++
 #ifdef	__AARCH64EB__
-	rev	v31.16b,v31.16b
+	rev64	v31.16b,v31.16b
 #endif
 	eor	v3.16b,v3.16b,v31.16b
 	beq	.Lprocess_block_ce
@@ -870,7 +870,7 @@ SHA3_absorb_cext:
 	blo	.Lprocess_block_ce
 	ldr	d31,[x1],#8		// *inp++
 #ifdef	__AARCH64EB__
-	rev	v31.16b,v31.16b
+	rev64	v31.16b,v31.16b
 #endif
 	eor	v5.16b,v5.16b,v31.16b
 	beq	.Lprocess_block_ce
@@ -883,7 +883,7 @@ SHA3_absorb_cext:
 	blo	.Lprocess_block_ce
 	ldr	d31,[x1],#8		// *inp++
 #ifdef	__AARCH64EB__
-	rev	v31.16b,v31.16b
+	rev64	v31.16b,v31.16b
 #endif
 	eor	v7.16b,v7.16b,v31.16b
 	beq	.Lprocess_block_ce
@@ -896,7 +896,7 @@ SHA3_absorb_cext:
 	blo	.Lprocess_block_ce
 	ldr	d31,[x1],#8		// *inp++
 #ifdef	__AARCH64EB__
-	rev	v31.16b,v31.16b
+	rev64	v31.16b,v31.16b
 #endif
 	eor	v9.16b,v9.16b,v31.16b
 	beq	.Lprocess_block_ce
@@ -909,7 +909,7 @@ SHA3_absorb_cext:
 	blo	.Lprocess_block_ce
 	ldr	d31,[x1],#8		// *inp++
 #ifdef	__AARCH64EB__
-	rev	v31.16b,v31.16b
+	rev64	v31.16b,v31.16b
 #endif
 	eor	v11.16b,v11.16b,v31.16b
 	beq	.Lprocess_block_ce
@@ -922,7 +922,7 @@ SHA3_absorb_cext:
 	blo	.Lprocess_block_ce
 	ldr	d31,[x1],#8		// *inp++
 #ifdef	__AARCH64EB__
-	rev	v31.16b,v31.16b
+	rev64	v31.16b,v31.16b
 #endif
 	eor	v13.16b,v13.16b,v31.16b
 	beq	.Lprocess_block_ce
@@ -935,7 +935,7 @@ SHA3_absorb_cext:
 	blo	.Lprocess_block_ce
 	ldr	d31,[x1],#8		// *inp++
 #ifdef	__AARCH64EB__
-	rev	v31.16b,v31.16b
+	rev64	v31.16b,v31.16b
 #endif
 	eor	v15.16b,v15.16b,v31.16b
 	beq	.Lprocess_block_ce
@@ -948,7 +948,7 @@ SHA3_absorb_cext:
 	blo	.Lprocess_block_ce
 	ldr	d31,[x1],#8		// *inp++
 #ifdef	__AARCH64EB__
-	rev	v31.16b,v31.16b
+	rev64	v31.16b,v31.16b
 #endif
 	eor	v17.16b,v17.16b,v31.16b
 	beq	.Lprocess_block_ce
@@ -961,7 +961,7 @@ SHA3_absorb_cext:
 	blo	.Lprocess_block_ce
 	ldr	d31,[x1],#8		// *inp++
 #ifdef	__AARCH64EB__
-	rev	v31.16b,v31.16b
+	rev64	v31.16b,v31.16b
 #endif
 	eor	v19.16b,v19.16b,v31.16b
 	beq	.Lprocess_block_ce
@@ -974,7 +974,7 @@ SHA3_absorb_cext:
 	blo	.Lprocess_block_ce
 	ldr	d31,[x1],#8		// *inp++
 #ifdef	__AARCH64EB__
-	rev	v31.16b,v31.16b
+	rev64	v31.16b,v31.16b
 #endif
 	eor	v21.16b,v21.16b,v31.16b
 	beq	.Lprocess_block_ce
@@ -987,13 +987,13 @@ SHA3_absorb_cext:
 	blo	.Lprocess_block_ce
 	ldr	d31,[x1],#8		// *inp++
 #ifdef	__AARCH64EB__
-	rev	v31.16b,v31.16b
+	rev64	v31.16b,v31.16b
 #endif
 	eor	v23.16b,v23.16b,v31.16b
 	beq	.Lprocess_block_ce
 	ldr	d31,[x1],#8		// *inp++
 #ifdef	__AARCH64EB__
-	rev	v31.16b,v31.16b
+	rev64	v31.16b,v31.16b
 #endif
 	eor	v24.16b,v24.16b,v31.16b
 
diff --git a/deps/openssl/config/archs/linux-aarch64/no-asm/configdata.pm b/deps/openssl/config/archs/linux-aarch64/no-asm/configdata.pm
index cb62b736d2d711..320833b90223fa 100644
--- a/deps/openssl/config/archs/linux-aarch64/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/linux-aarch64/no-asm/configdata.pm
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "linux-aarch64",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -3225,6 +3225,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7826,10 +7827,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -9922,6 +9919,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15095,6 +15096,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15440,6 +15442,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/linux-aarch64/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/linux-aarch64/no-asm/crypto/buildinf.h
index fa49510056b3ea..ed237c3102f71e 100644
--- a/deps/openssl/config/archs/linux-aarch64/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-aarch64/no-asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-aarch64"
-#define DATE "built on: Wed Jun 12 20:54:24 2019 UTC"
+#define DATE "built on: Fri Sep 13 15:59:08 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux-armv4/asm/configdata.pm b/deps/openssl/config/archs/linux-armv4/asm/configdata.pm
index 49ce44b96efa43..c62115205baa7e 100644
--- a/deps/openssl/config/archs/linux-armv4/asm/configdata.pm
+++ b/deps/openssl/config/archs/linux-armv4/asm/configdata.pm
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "linux-armv4",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -3239,6 +3239,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7867,10 +7868,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -9969,6 +9966,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15207,6 +15208,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15552,6 +15554,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/linux-armv4/asm/crypto/buildinf.h b/deps/openssl/config/archs/linux-armv4/asm/crypto/buildinf.h
index d1b7d5eec53b98..ef86bdcf892a82 100644
--- a/deps/openssl/config/archs/linux-armv4/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-armv4/asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-armv4"
-#define DATE "built on: Wed Jun 12 20:54:26 2019 UTC"
+#define DATE "built on: Fri Sep 13 15:59:11 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux-armv4/asm/crypto/sha/keccak1600-armv4.S b/deps/openssl/config/archs/linux-armv4/asm/crypto/sha/keccak1600-armv4.S
index f4e72da051bbae..07c924059052cd 100644
--- a/deps/openssl/config/archs/linux-armv4/asm/crypto/sha/keccak1600-armv4.S
+++ b/deps/openssl/config/archs/linux-armv4/asm/crypto/sha/keccak1600-armv4.S
@@ -2200,9 +2200,9 @@ KeccakF1600_neon:
 .align	4
 .Loop_neon:
 	@ Theta
-	vst1.64	{q4},  [r0:64]		@ offload A[0..1][4]
+	vst1.64	{q4},  [r0,:64]		@ offload A[0..1][4]
 	veor	q13, q0,  q5		@ A[0..1][0]^A[2..3][0]
-	vst1.64	{d18}, [r1:64]		@ offload A[2][4]
+	vst1.64	{d18}, [r1,:64]		@ offload A[2][4]
 	veor	q14, q1,  q6		@ A[0..1][1]^A[2..3][1]
 	veor	q15, q2,  q7		@ A[0..1][2]^A[2..3][2]
 	veor	d26, d26, d27		@ C[0]=A[0][0]^A[1][0]^A[2][0]^A[3][0]
@@ -2245,10 +2245,10 @@ KeccakF1600_neon:
 	veor	d16, d16, d28		@ A[2][3] ^= C[2]
 	veor	d17, d17, d28		@ A[3][3] ^= C[2]
 	veor	d23, d23, d28		@ A[4][3] ^= C[2]
-	vld1.64	{q4},  [r0:64]		@ restore A[0..1][4]
+	vld1.64	{q4},  [r0,:64]		@ restore A[0..1][4]
 	vmov	d28, d29
 
-	vld1.64	{d18}, [r1:64]		@ restore A[2][4]
+	vld1.64	{d18}, [r1,:64]		@ restore A[2][4]
 	veor	q2,  q2,  q13		@ A[0..1][2] ^= D[2]
 	veor	q7,  q7,  q13		@ A[2..3][2] ^= D[2]
 	veor	d22, d22, d27		@ A[4][2]    ^= D[2]
@@ -2323,7 +2323,7 @@ KeccakF1600_neon:
 	veor	q13, q13, q0		@ A[0..1][0] ^ (~A[0..1][1] & A[0..1][2])
 	veor	q14, q14, q1		@ A[0..1][1] ^ (~A[0..1][2] & A[0..1][3])
 	veor	q2,  q2,  q15		@ A[0..1][2] ^= (~A[0..1][3] & A[0..1][4])
-	vst1.64	{q13}, [r0:64]		@ offload A[0..1][0]
+	vst1.64	{q13}, [r0,:64]		@ offload A[0..1][0]
 	vbic	q13, q0,  q4
 	vbic	q15, q1,  q0
 	vmov	q1,  q14		@ A[0..1][1]
@@ -2344,10 +2344,10 @@ KeccakF1600_neon:
 	vmov	q14, q10		@ A[4][0..1]
 	veor	q9,  q9,  q13		@ A[2..3][4] ^= (~A[2..3][0] & A[2..3][1])
 
-	vld1.64	d25, [r2:64]!		@ Iota[i++]
+	vld1.64	d25, [r2,:64]!		@ Iota[i++]
 	vbic	d26, d22, d21
 	vbic	d27, d23, d22
-	vld1.64	{q0}, [r0:64]		@ restore A[0..1][0]
+	vld1.64	{q0}, [r0,:64]		@ restore A[0..1][0]
 	veor	d20, d20, d26		@ A[4][0] ^= (~A[4][1] & A[4][2])
 	vbic	d26, d24, d23
 	veor	d21, d21, d27		@ A[4][1] ^= (~A[4][2] & A[4][3])
@@ -2375,32 +2375,32 @@ SHA3_absorb_neon:
 	mov	r5, r2			@ len
 	mov	r6, r3			@ bsz
 
-	vld1.32	{d0}, [r0:64]!		@ A[0][0]
-	vld1.32	{d2}, [r0:64]!		@ A[0][1]
-	vld1.32	{d4}, [r0:64]!		@ A[0][2]
-	vld1.32	{d6}, [r0:64]!		@ A[0][3]
-	vld1.32	{d8}, [r0:64]!		@ A[0][4]
-
-	vld1.32	{d1}, [r0:64]!		@ A[1][0]
-	vld1.32	{d3}, [r0:64]!		@ A[1][1]
-	vld1.32	{d5}, [r0:64]!		@ A[1][2]
-	vld1.32	{d7}, [r0:64]!		@ A[1][3]
-	vld1.32	{d9}, [r0:64]!		@ A[1][4]
-
-	vld1.32	{d10}, [r0:64]!		@ A[2][0]
-	vld1.32	{d12}, [r0:64]!		@ A[2][1]
-	vld1.32	{d14}, [r0:64]!		@ A[2][2]
-	vld1.32	{d16}, [r0:64]!		@ A[2][3]
-	vld1.32	{d18}, [r0:64]!		@ A[2][4]
-
-	vld1.32	{d11}, [r0:64]!		@ A[3][0]
-	vld1.32	{d13}, [r0:64]!		@ A[3][1]
-	vld1.32	{d15}, [r0:64]!		@ A[3][2]
-	vld1.32	{d17}, [r0:64]!		@ A[3][3]
-	vld1.32	{d19}, [r0:64]!		@ A[3][4]
-
-	vld1.32	{d20,d21,d22,d23}, [r0:64]!	@ A[4][0..3]
-	vld1.32	{d24}, [r0:64]		@ A[4][4]
+	vld1.32	{d0}, [r0,:64]!		@ A[0][0]
+	vld1.32	{d2}, [r0,:64]!		@ A[0][1]
+	vld1.32	{d4}, [r0,:64]!		@ A[0][2]
+	vld1.32	{d6}, [r0,:64]!		@ A[0][3]
+	vld1.32	{d8}, [r0,:64]!		@ A[0][4]
+
+	vld1.32	{d1}, [r0,:64]!		@ A[1][0]
+	vld1.32	{d3}, [r0,:64]!		@ A[1][1]
+	vld1.32	{d5}, [r0,:64]!		@ A[1][2]
+	vld1.32	{d7}, [r0,:64]!		@ A[1][3]
+	vld1.32	{d9}, [r0,:64]!		@ A[1][4]
+
+	vld1.32	{d10}, [r0,:64]!		@ A[2][0]
+	vld1.32	{d12}, [r0,:64]!		@ A[2][1]
+	vld1.32	{d14}, [r0,:64]!		@ A[2][2]
+	vld1.32	{d16}, [r0,:64]!		@ A[2][3]
+	vld1.32	{d18}, [r0,:64]!		@ A[2][4]
+
+	vld1.32	{d11}, [r0,:64]!		@ A[3][0]
+	vld1.32	{d13}, [r0,:64]!		@ A[3][1]
+	vld1.32	{d15}, [r0,:64]!		@ A[3][2]
+	vld1.32	{d17}, [r0,:64]!		@ A[3][3]
+	vld1.32	{d19}, [r0,:64]!		@ A[3][4]
+
+	vld1.32	{d20,d21,d22,d23}, [r0,:64]!	@ A[4][0..3]
+	vld1.32	{d24}, [r0,:64]		@ A[4][4]
 	sub	r0, r0, #24*8		@ rewind
 	b	.Loop_absorb_neon
 
@@ -2507,32 +2507,32 @@ SHA3_absorb_neon:
 
 .align	4
 .Labsorbed_neon:
-	vst1.32	{d0}, [r0:64]!		@ A[0][0..4]
-	vst1.32	{d2}, [r0:64]!
-	vst1.32	{d4}, [r0:64]!
-	vst1.32	{d6}, [r0:64]!
-	vst1.32	{d8}, [r0:64]!
-
-	vst1.32	{d1}, [r0:64]!		@ A[1][0..4]
-	vst1.32	{d3}, [r0:64]!
-	vst1.32	{d5}, [r0:64]!
-	vst1.32	{d7}, [r0:64]!
-	vst1.32	{d9}, [r0:64]!
-
-	vst1.32	{d10}, [r0:64]!		@ A[2][0..4]
-	vst1.32	{d12}, [r0:64]!
-	vst1.32	{d14}, [r0:64]!
-	vst1.32	{d16}, [r0:64]!
-	vst1.32	{d18}, [r0:64]!
-
-	vst1.32	{d11}, [r0:64]!		@ A[3][0..4]
-	vst1.32	{d13}, [r0:64]!
-	vst1.32	{d15}, [r0:64]!
-	vst1.32	{d17}, [r0:64]!
-	vst1.32	{d19}, [r0:64]!
-
-	vst1.32	{d20,d21,d22,d23}, [r0:64]!	@ A[4][0..4]
-	vst1.32	{d24}, [r0:64]
+	vst1.32	{d0}, [r0,:64]!		@ A[0][0..4]
+	vst1.32	{d2}, [r0,:64]!
+	vst1.32	{d4}, [r0,:64]!
+	vst1.32	{d6}, [r0,:64]!
+	vst1.32	{d8}, [r0,:64]!
+
+	vst1.32	{d1}, [r0,:64]!		@ A[1][0..4]
+	vst1.32	{d3}, [r0,:64]!
+	vst1.32	{d5}, [r0,:64]!
+	vst1.32	{d7}, [r0,:64]!
+	vst1.32	{d9}, [r0,:64]!
+
+	vst1.32	{d10}, [r0,:64]!		@ A[2][0..4]
+	vst1.32	{d12}, [r0,:64]!
+	vst1.32	{d14}, [r0,:64]!
+	vst1.32	{d16}, [r0,:64]!
+	vst1.32	{d18}, [r0,:64]!
+
+	vst1.32	{d11}, [r0,:64]!		@ A[3][0..4]
+	vst1.32	{d13}, [r0,:64]!
+	vst1.32	{d15}, [r0,:64]!
+	vst1.32	{d17}, [r0,:64]!
+	vst1.32	{d19}, [r0,:64]!
+
+	vst1.32	{d20,d21,d22,d23}, [r0,:64]!	@ A[4][0..4]
+	vst1.32	{d24}, [r0,:64]
 
 	mov	r0, r5			@ return value
 	vldmia	sp!, {d8,d9,d10,d11,d12,d13,d14,d15}
@@ -2567,64 +2567,64 @@ SHA3_squeeze_neon:
 
 	vstmdb	sp!,  {d8,d9,d10,d11,d12,d13,d14,d15}
 
-	vld1.32	{d0}, [r0:64]!		@ A[0][0..4]
-	vld1.32	{d2}, [r0:64]!
-	vld1.32	{d4}, [r0:64]!
-	vld1.32	{d6}, [r0:64]!
-	vld1.32	{d8}, [r0:64]!
-
-	vld1.32	{d1}, [r0:64]!		@ A[1][0..4]
-	vld1.32	{d3}, [r0:64]!
-	vld1.32	{d5}, [r0:64]!
-	vld1.32	{d7}, [r0:64]!
-	vld1.32	{d9}, [r0:64]!
-
-	vld1.32	{d10}, [r0:64]!		@ A[2][0..4]
-	vld1.32	{d12}, [r0:64]!
-	vld1.32	{d14}, [r0:64]!
-	vld1.32	{d16}, [r0:64]!
-	vld1.32	{d18}, [r0:64]!
-
-	vld1.32	{d11}, [r0:64]!		@ A[3][0..4]
-	vld1.32	{d13}, [r0:64]!
-	vld1.32	{d15}, [r0:64]!
-	vld1.32	{d17}, [r0:64]!
-	vld1.32	{d19}, [r0:64]!
-
-	vld1.32	{d20,d21,d22,d23}, [r0:64]!	@ A[4][0..4]
-	vld1.32	{d24}, [r0:64]
+	vld1.32	{d0}, [r0,:64]!		@ A[0][0..4]
+	vld1.32	{d2}, [r0,:64]!
+	vld1.32	{d4}, [r0,:64]!
+	vld1.32	{d6}, [r0,:64]!
+	vld1.32	{d8}, [r0,:64]!
+
+	vld1.32	{d1}, [r0,:64]!		@ A[1][0..4]
+	vld1.32	{d3}, [r0,:64]!
+	vld1.32	{d5}, [r0,:64]!
+	vld1.32	{d7}, [r0,:64]!
+	vld1.32	{d9}, [r0,:64]!
+
+	vld1.32	{d10}, [r0,:64]!		@ A[2][0..4]
+	vld1.32	{d12}, [r0,:64]!
+	vld1.32	{d14}, [r0,:64]!
+	vld1.32	{d16}, [r0,:64]!
+	vld1.32	{d18}, [r0,:64]!
+
+	vld1.32	{d11}, [r0,:64]!		@ A[3][0..4]
+	vld1.32	{d13}, [r0,:64]!
+	vld1.32	{d15}, [r0,:64]!
+	vld1.32	{d17}, [r0,:64]!
+	vld1.32	{d19}, [r0,:64]!
+
+	vld1.32	{d20,d21,d22,d23}, [r0,:64]!	@ A[4][0..4]
+	vld1.32	{d24}, [r0,:64]
 	sub	r0, r0, #24*8		@ rewind
 
 	bl	KeccakF1600_neon
 
 	mov	r12, r0			@ A_flat
-	vst1.32	{d0}, [r0:64]!		@ A[0][0..4]
-	vst1.32	{d2}, [r0:64]!
-	vst1.32	{d4}, [r0:64]!
-	vst1.32	{d6}, [r0:64]!
-	vst1.32	{d8}, [r0:64]!
-
-	vst1.32	{d1}, [r0:64]!		@ A[1][0..4]
-	vst1.32	{d3}, [r0:64]!
-	vst1.32	{d5}, [r0:64]!
-	vst1.32	{d7}, [r0:64]!
-	vst1.32	{d9}, [r0:64]!
-
-	vst1.32	{d10}, [r0:64]!		@ A[2][0..4]
-	vst1.32	{d12}, [r0:64]!
-	vst1.32	{d14}, [r0:64]!
-	vst1.32	{d16}, [r0:64]!
-	vst1.32	{d18}, [r0:64]!
-
-	vst1.32	{d11}, [r0:64]!		@ A[3][0..4]
-	vst1.32	{d13}, [r0:64]!
-	vst1.32	{d15}, [r0:64]!
-	vst1.32	{d17}, [r0:64]!
-	vst1.32	{d19}, [r0:64]!
-
-	vst1.32	{d20,d21,d22,d23}, [r0:64]!	@ A[4][0..4]
+	vst1.32	{d0}, [r0,:64]!		@ A[0][0..4]
+	vst1.32	{d2}, [r0,:64]!
+	vst1.32	{d4}, [r0,:64]!
+	vst1.32	{d6}, [r0,:64]!
+	vst1.32	{d8}, [r0,:64]!
+
+	vst1.32	{d1}, [r0,:64]!		@ A[1][0..4]
+	vst1.32	{d3}, [r0,:64]!
+	vst1.32	{d5}, [r0,:64]!
+	vst1.32	{d7}, [r0,:64]!
+	vst1.32	{d9}, [r0,:64]!
+
+	vst1.32	{d10}, [r0,:64]!		@ A[2][0..4]
+	vst1.32	{d12}, [r0,:64]!
+	vst1.32	{d14}, [r0,:64]!
+	vst1.32	{d16}, [r0,:64]!
+	vst1.32	{d18}, [r0,:64]!
+
+	vst1.32	{d11}, [r0,:64]!		@ A[3][0..4]
+	vst1.32	{d13}, [r0,:64]!
+	vst1.32	{d15}, [r0,:64]!
+	vst1.32	{d17}, [r0,:64]!
+	vst1.32	{d19}, [r0,:64]!
+
+	vst1.32	{d20,d21,d22,d23}, [r0,:64]!	@ A[4][0..4]
 	mov	r14, r6			@ bsz
-	vst1.32	{d24}, [r0:64]
+	vst1.32	{d24}, [r0,:64]
 	mov	r0,  r12		@ rewind
 
 	vldmia	sp!, {d8,d9,d10,d11,d12,d13,d14,d15}
diff --git a/deps/openssl/config/archs/linux-armv4/asm_avx2/configdata.pm b/deps/openssl/config/archs/linux-armv4/asm_avx2/configdata.pm
index 48fcc298a9c340..41e52a0bd5590d 100644
--- a/deps/openssl/config/archs/linux-armv4/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/linux-armv4/asm_avx2/configdata.pm
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "linux-armv4",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -3239,6 +3239,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7867,10 +7868,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -9969,6 +9966,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15207,6 +15208,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15552,6 +15554,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/linux-armv4/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/linux-armv4/asm_avx2/crypto/buildinf.h
index 594ca60bb3fd75..3b9d482a1ab1ba 100644
--- a/deps/openssl/config/archs/linux-armv4/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-armv4/asm_avx2/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-armv4"
-#define DATE "built on: Wed Jun 12 20:54:29 2019 UTC"
+#define DATE "built on: Fri Sep 13 15:59:17 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux-armv4/asm_avx2/crypto/sha/keccak1600-armv4.S b/deps/openssl/config/archs/linux-armv4/asm_avx2/crypto/sha/keccak1600-armv4.S
index f4e72da051bbae..07c924059052cd 100644
--- a/deps/openssl/config/archs/linux-armv4/asm_avx2/crypto/sha/keccak1600-armv4.S
+++ b/deps/openssl/config/archs/linux-armv4/asm_avx2/crypto/sha/keccak1600-armv4.S
@@ -2200,9 +2200,9 @@ KeccakF1600_neon:
 .align	4
 .Loop_neon:
 	@ Theta
-	vst1.64	{q4},  [r0:64]		@ offload A[0..1][4]
+	vst1.64	{q4},  [r0,:64]		@ offload A[0..1][4]
 	veor	q13, q0,  q5		@ A[0..1][0]^A[2..3][0]
-	vst1.64	{d18}, [r1:64]		@ offload A[2][4]
+	vst1.64	{d18}, [r1,:64]		@ offload A[2][4]
 	veor	q14, q1,  q6		@ A[0..1][1]^A[2..3][1]
 	veor	q15, q2,  q7		@ A[0..1][2]^A[2..3][2]
 	veor	d26, d26, d27		@ C[0]=A[0][0]^A[1][0]^A[2][0]^A[3][0]
@@ -2245,10 +2245,10 @@ KeccakF1600_neon:
 	veor	d16, d16, d28		@ A[2][3] ^= C[2]
 	veor	d17, d17, d28		@ A[3][3] ^= C[2]
 	veor	d23, d23, d28		@ A[4][3] ^= C[2]
-	vld1.64	{q4},  [r0:64]		@ restore A[0..1][4]
+	vld1.64	{q4},  [r0,:64]		@ restore A[0..1][4]
 	vmov	d28, d29
 
-	vld1.64	{d18}, [r1:64]		@ restore A[2][4]
+	vld1.64	{d18}, [r1,:64]		@ restore A[2][4]
 	veor	q2,  q2,  q13		@ A[0..1][2] ^= D[2]
 	veor	q7,  q7,  q13		@ A[2..3][2] ^= D[2]
 	veor	d22, d22, d27		@ A[4][2]    ^= D[2]
@@ -2323,7 +2323,7 @@ KeccakF1600_neon:
 	veor	q13, q13, q0		@ A[0..1][0] ^ (~A[0..1][1] & A[0..1][2])
 	veor	q14, q14, q1		@ A[0..1][1] ^ (~A[0..1][2] & A[0..1][3])
 	veor	q2,  q2,  q15		@ A[0..1][2] ^= (~A[0..1][3] & A[0..1][4])
-	vst1.64	{q13}, [r0:64]		@ offload A[0..1][0]
+	vst1.64	{q13}, [r0,:64]		@ offload A[0..1][0]
 	vbic	q13, q0,  q4
 	vbic	q15, q1,  q0
 	vmov	q1,  q14		@ A[0..1][1]
@@ -2344,10 +2344,10 @@ KeccakF1600_neon:
 	vmov	q14, q10		@ A[4][0..1]
 	veor	q9,  q9,  q13		@ A[2..3][4] ^= (~A[2..3][0] & A[2..3][1])
 
-	vld1.64	d25, [r2:64]!		@ Iota[i++]
+	vld1.64	d25, [r2,:64]!		@ Iota[i++]
 	vbic	d26, d22, d21
 	vbic	d27, d23, d22
-	vld1.64	{q0}, [r0:64]		@ restore A[0..1][0]
+	vld1.64	{q0}, [r0,:64]		@ restore A[0..1][0]
 	veor	d20, d20, d26		@ A[4][0] ^= (~A[4][1] & A[4][2])
 	vbic	d26, d24, d23
 	veor	d21, d21, d27		@ A[4][1] ^= (~A[4][2] & A[4][3])
@@ -2375,32 +2375,32 @@ SHA3_absorb_neon:
 	mov	r5, r2			@ len
 	mov	r6, r3			@ bsz
 
-	vld1.32	{d0}, [r0:64]!		@ A[0][0]
-	vld1.32	{d2}, [r0:64]!		@ A[0][1]
-	vld1.32	{d4}, [r0:64]!		@ A[0][2]
-	vld1.32	{d6}, [r0:64]!		@ A[0][3]
-	vld1.32	{d8}, [r0:64]!		@ A[0][4]
-
-	vld1.32	{d1}, [r0:64]!		@ A[1][0]
-	vld1.32	{d3}, [r0:64]!		@ A[1][1]
-	vld1.32	{d5}, [r0:64]!		@ A[1][2]
-	vld1.32	{d7}, [r0:64]!		@ A[1][3]
-	vld1.32	{d9}, [r0:64]!		@ A[1][4]
-
-	vld1.32	{d10}, [r0:64]!		@ A[2][0]
-	vld1.32	{d12}, [r0:64]!		@ A[2][1]
-	vld1.32	{d14}, [r0:64]!		@ A[2][2]
-	vld1.32	{d16}, [r0:64]!		@ A[2][3]
-	vld1.32	{d18}, [r0:64]!		@ A[2][4]
-
-	vld1.32	{d11}, [r0:64]!		@ A[3][0]
-	vld1.32	{d13}, [r0:64]!		@ A[3][1]
-	vld1.32	{d15}, [r0:64]!		@ A[3][2]
-	vld1.32	{d17}, [r0:64]!		@ A[3][3]
-	vld1.32	{d19}, [r0:64]!		@ A[3][4]
-
-	vld1.32	{d20,d21,d22,d23}, [r0:64]!	@ A[4][0..3]
-	vld1.32	{d24}, [r0:64]		@ A[4][4]
+	vld1.32	{d0}, [r0,:64]!		@ A[0][0]
+	vld1.32	{d2}, [r0,:64]!		@ A[0][1]
+	vld1.32	{d4}, [r0,:64]!		@ A[0][2]
+	vld1.32	{d6}, [r0,:64]!		@ A[0][3]
+	vld1.32	{d8}, [r0,:64]!		@ A[0][4]
+
+	vld1.32	{d1}, [r0,:64]!		@ A[1][0]
+	vld1.32	{d3}, [r0,:64]!		@ A[1][1]
+	vld1.32	{d5}, [r0,:64]!		@ A[1][2]
+	vld1.32	{d7}, [r0,:64]!		@ A[1][3]
+	vld1.32	{d9}, [r0,:64]!		@ A[1][4]
+
+	vld1.32	{d10}, [r0,:64]!		@ A[2][0]
+	vld1.32	{d12}, [r0,:64]!		@ A[2][1]
+	vld1.32	{d14}, [r0,:64]!		@ A[2][2]
+	vld1.32	{d16}, [r0,:64]!		@ A[2][3]
+	vld1.32	{d18}, [r0,:64]!		@ A[2][4]
+
+	vld1.32	{d11}, [r0,:64]!		@ A[3][0]
+	vld1.32	{d13}, [r0,:64]!		@ A[3][1]
+	vld1.32	{d15}, [r0,:64]!		@ A[3][2]
+	vld1.32	{d17}, [r0,:64]!		@ A[3][3]
+	vld1.32	{d19}, [r0,:64]!		@ A[3][4]
+
+	vld1.32	{d20,d21,d22,d23}, [r0,:64]!	@ A[4][0..3]
+	vld1.32	{d24}, [r0,:64]		@ A[4][4]
 	sub	r0, r0, #24*8		@ rewind
 	b	.Loop_absorb_neon
 
@@ -2507,32 +2507,32 @@ SHA3_absorb_neon:
 
 .align	4
 .Labsorbed_neon:
-	vst1.32	{d0}, [r0:64]!		@ A[0][0..4]
-	vst1.32	{d2}, [r0:64]!
-	vst1.32	{d4}, [r0:64]!
-	vst1.32	{d6}, [r0:64]!
-	vst1.32	{d8}, [r0:64]!
-
-	vst1.32	{d1}, [r0:64]!		@ A[1][0..4]
-	vst1.32	{d3}, [r0:64]!
-	vst1.32	{d5}, [r0:64]!
-	vst1.32	{d7}, [r0:64]!
-	vst1.32	{d9}, [r0:64]!
-
-	vst1.32	{d10}, [r0:64]!		@ A[2][0..4]
-	vst1.32	{d12}, [r0:64]!
-	vst1.32	{d14}, [r0:64]!
-	vst1.32	{d16}, [r0:64]!
-	vst1.32	{d18}, [r0:64]!
-
-	vst1.32	{d11}, [r0:64]!		@ A[3][0..4]
-	vst1.32	{d13}, [r0:64]!
-	vst1.32	{d15}, [r0:64]!
-	vst1.32	{d17}, [r0:64]!
-	vst1.32	{d19}, [r0:64]!
-
-	vst1.32	{d20,d21,d22,d23}, [r0:64]!	@ A[4][0..4]
-	vst1.32	{d24}, [r0:64]
+	vst1.32	{d0}, [r0,:64]!		@ A[0][0..4]
+	vst1.32	{d2}, [r0,:64]!
+	vst1.32	{d4}, [r0,:64]!
+	vst1.32	{d6}, [r0,:64]!
+	vst1.32	{d8}, [r0,:64]!
+
+	vst1.32	{d1}, [r0,:64]!		@ A[1][0..4]
+	vst1.32	{d3}, [r0,:64]!
+	vst1.32	{d5}, [r0,:64]!
+	vst1.32	{d7}, [r0,:64]!
+	vst1.32	{d9}, [r0,:64]!
+
+	vst1.32	{d10}, [r0,:64]!		@ A[2][0..4]
+	vst1.32	{d12}, [r0,:64]!
+	vst1.32	{d14}, [r0,:64]!
+	vst1.32	{d16}, [r0,:64]!
+	vst1.32	{d18}, [r0,:64]!
+
+	vst1.32	{d11}, [r0,:64]!		@ A[3][0..4]
+	vst1.32	{d13}, [r0,:64]!
+	vst1.32	{d15}, [r0,:64]!
+	vst1.32	{d17}, [r0,:64]!
+	vst1.32	{d19}, [r0,:64]!
+
+	vst1.32	{d20,d21,d22,d23}, [r0,:64]!	@ A[4][0..4]
+	vst1.32	{d24}, [r0,:64]
 
 	mov	r0, r5			@ return value
 	vldmia	sp!, {d8,d9,d10,d11,d12,d13,d14,d15}
@@ -2567,64 +2567,64 @@ SHA3_squeeze_neon:
 
 	vstmdb	sp!,  {d8,d9,d10,d11,d12,d13,d14,d15}
 
-	vld1.32	{d0}, [r0:64]!		@ A[0][0..4]
-	vld1.32	{d2}, [r0:64]!
-	vld1.32	{d4}, [r0:64]!
-	vld1.32	{d6}, [r0:64]!
-	vld1.32	{d8}, [r0:64]!
-
-	vld1.32	{d1}, [r0:64]!		@ A[1][0..4]
-	vld1.32	{d3}, [r0:64]!
-	vld1.32	{d5}, [r0:64]!
-	vld1.32	{d7}, [r0:64]!
-	vld1.32	{d9}, [r0:64]!
-
-	vld1.32	{d10}, [r0:64]!		@ A[2][0..4]
-	vld1.32	{d12}, [r0:64]!
-	vld1.32	{d14}, [r0:64]!
-	vld1.32	{d16}, [r0:64]!
-	vld1.32	{d18}, [r0:64]!
-
-	vld1.32	{d11}, [r0:64]!		@ A[3][0..4]
-	vld1.32	{d13}, [r0:64]!
-	vld1.32	{d15}, [r0:64]!
-	vld1.32	{d17}, [r0:64]!
-	vld1.32	{d19}, [r0:64]!
-
-	vld1.32	{d20,d21,d22,d23}, [r0:64]!	@ A[4][0..4]
-	vld1.32	{d24}, [r0:64]
+	vld1.32	{d0}, [r0,:64]!		@ A[0][0..4]
+	vld1.32	{d2}, [r0,:64]!
+	vld1.32	{d4}, [r0,:64]!
+	vld1.32	{d6}, [r0,:64]!
+	vld1.32	{d8}, [r0,:64]!
+
+	vld1.32	{d1}, [r0,:64]!		@ A[1][0..4]
+	vld1.32	{d3}, [r0,:64]!
+	vld1.32	{d5}, [r0,:64]!
+	vld1.32	{d7}, [r0,:64]!
+	vld1.32	{d9}, [r0,:64]!
+
+	vld1.32	{d10}, [r0,:64]!		@ A[2][0..4]
+	vld1.32	{d12}, [r0,:64]!
+	vld1.32	{d14}, [r0,:64]!
+	vld1.32	{d16}, [r0,:64]!
+	vld1.32	{d18}, [r0,:64]!
+
+	vld1.32	{d11}, [r0,:64]!		@ A[3][0..4]
+	vld1.32	{d13}, [r0,:64]!
+	vld1.32	{d15}, [r0,:64]!
+	vld1.32	{d17}, [r0,:64]!
+	vld1.32	{d19}, [r0,:64]!
+
+	vld1.32	{d20,d21,d22,d23}, [r0,:64]!	@ A[4][0..4]
+	vld1.32	{d24}, [r0,:64]
 	sub	r0, r0, #24*8		@ rewind
 
 	bl	KeccakF1600_neon
 
 	mov	r12, r0			@ A_flat
-	vst1.32	{d0}, [r0:64]!		@ A[0][0..4]
-	vst1.32	{d2}, [r0:64]!
-	vst1.32	{d4}, [r0:64]!
-	vst1.32	{d6}, [r0:64]!
-	vst1.32	{d8}, [r0:64]!
-
-	vst1.32	{d1}, [r0:64]!		@ A[1][0..4]
-	vst1.32	{d3}, [r0:64]!
-	vst1.32	{d5}, [r0:64]!
-	vst1.32	{d7}, [r0:64]!
-	vst1.32	{d9}, [r0:64]!
-
-	vst1.32	{d10}, [r0:64]!		@ A[2][0..4]
-	vst1.32	{d12}, [r0:64]!
-	vst1.32	{d14}, [r0:64]!
-	vst1.32	{d16}, [r0:64]!
-	vst1.32	{d18}, [r0:64]!
-
-	vst1.32	{d11}, [r0:64]!		@ A[3][0..4]
-	vst1.32	{d13}, [r0:64]!
-	vst1.32	{d15}, [r0:64]!
-	vst1.32	{d17}, [r0:64]!
-	vst1.32	{d19}, [r0:64]!
-
-	vst1.32	{d20,d21,d22,d23}, [r0:64]!	@ A[4][0..4]
+	vst1.32	{d0}, [r0,:64]!		@ A[0][0..4]
+	vst1.32	{d2}, [r0,:64]!
+	vst1.32	{d4}, [r0,:64]!
+	vst1.32	{d6}, [r0,:64]!
+	vst1.32	{d8}, [r0,:64]!
+
+	vst1.32	{d1}, [r0,:64]!		@ A[1][0..4]
+	vst1.32	{d3}, [r0,:64]!
+	vst1.32	{d5}, [r0,:64]!
+	vst1.32	{d7}, [r0,:64]!
+	vst1.32	{d9}, [r0,:64]!
+
+	vst1.32	{d10}, [r0,:64]!		@ A[2][0..4]
+	vst1.32	{d12}, [r0,:64]!
+	vst1.32	{d14}, [r0,:64]!
+	vst1.32	{d16}, [r0,:64]!
+	vst1.32	{d18}, [r0,:64]!
+
+	vst1.32	{d11}, [r0,:64]!		@ A[3][0..4]
+	vst1.32	{d13}, [r0,:64]!
+	vst1.32	{d15}, [r0,:64]!
+	vst1.32	{d17}, [r0,:64]!
+	vst1.32	{d19}, [r0,:64]!
+
+	vst1.32	{d20,d21,d22,d23}, [r0,:64]!	@ A[4][0..4]
 	mov	r14, r6			@ bsz
-	vst1.32	{d24}, [r0:64]
+	vst1.32	{d24}, [r0,:64]
 	mov	r0,  r12		@ rewind
 
 	vldmia	sp!, {d8,d9,d10,d11,d12,d13,d14,d15}
diff --git a/deps/openssl/config/archs/linux-armv4/no-asm/configdata.pm b/deps/openssl/config/archs/linux-armv4/no-asm/configdata.pm
index 22041f4c705d9d..9603f342e70290 100644
--- a/deps/openssl/config/archs/linux-armv4/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/linux-armv4/no-asm/configdata.pm
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "linux-armv4",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -3225,6 +3225,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7826,10 +7827,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -9922,6 +9919,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15095,6 +15096,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15440,6 +15442,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/linux-armv4/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/linux-armv4/no-asm/crypto/buildinf.h
index e3af840967728d..7cf872d12e9d2a 100644
--- a/deps/openssl/config/archs/linux-armv4/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-armv4/no-asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-armv4"
-#define DATE "built on: Wed Jun 12 20:54:33 2019 UTC"
+#define DATE "built on: Fri Sep 13 15:59:23 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux-elf/asm/configdata.pm b/deps/openssl/config/archs/linux-elf/asm/configdata.pm
index 7b6d063b8f7e4a..2e07e0f655cb5d 100644
--- a/deps/openssl/config/archs/linux-elf/asm/configdata.pm
+++ b/deps/openssl/config/archs/linux-elf/asm/configdata.pm
@@ -49,7 +49,7 @@ our %config = (
   export_var_as_fn => "0",
   includes => [  ],
   lflags => [  ],
-  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_BN_ASM_PART_WORDS", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "RC4_ASM", "MD5_ASM", "RMD160_ASM", "AES_ASM", "VPAES_ASM", "WHIRLPOOL_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "POLY1305_ASM" ],
+  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_BN_ASM_PART_WORDS", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "RC4_ASM", "MD5_ASM", "RMD160_ASM", "VPAES_ASM", "WHIRLPOOL_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "POLY1305_ASM" ],
   libdir => "",
   major => "1",
   makedepprog => "\$(CROSS_COMPILE)gcc",
@@ -112,8 +112,8 @@ our %config = (
   sourcedir => ".",
   target => "linux-elf",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -127,8 +127,8 @@ our %target = (
   RANLIB => "ranlib",
   RC => "windres",
   _conf_fname_int => [ "Configurations/00-base-templates.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/00-base-templates.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/shared-info.pl" ],
-  aes_asm_src => "aes-586.s vpaes-x86.s aesni-x86.s",
-  aes_obj => "aes-586.o vpaes-x86.o aesni-x86.o",
+  aes_asm_src => "aes_core.c aes_cbc.c vpaes-x86.s aesni-x86.s",
+  aes_obj => "aes_core.o aes_cbc.o vpaes-x86.o aesni-x86.o",
   apps_aux_src => "",
   apps_init_src => "",
   apps_obj => "",
@@ -1697,8 +1697,9 @@ our %unified_info = (
                 {
                     "deps" =>
                         [
-                            "crypto/aes/aes-586.o",
+                            "crypto/aes/aes_cbc.o",
                             "crypto/aes/aes_cfb.o",
+                            "crypto/aes/aes_core.o",
                             "crypto/aes/aes_ecb.o",
                             "crypto/aes/aes_ige.o",
                             "crypto/aes/aes_misc.o",
@@ -3239,6 +3240,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -4864,12 +4866,6 @@ our %unified_info = (
                     "include",
                     "apps",
                 ],
-            "crypto/aes/aes-586.o" =>
-                [
-                    ".",
-                    "crypto/include",
-                    "include",
-                ],
             "crypto/aes/aes-armv4.o" =>
                 [
                     "crypto",
@@ -4886,12 +4882,24 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
+            "crypto/aes/aes_cbc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
             "crypto/aes/aes_cfb.o" =>
                 [
                     ".",
                     "crypto/include",
                     "include",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     ".",
@@ -7870,10 +7878,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -10008,6 +10012,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -10641,14 +10649,18 @@ our %unified_info = (
                 [
                     "apps/x509.c",
                 ],
-            "crypto/aes/aes-586.o" =>
+            "crypto/aes/aes_cbc.o" =>
                 [
-                    "crypto/aes/aes-586.s",
+                    "crypto/aes/aes_cbc.c",
                 ],
             "crypto/aes/aes_cfb.o" =>
                 [
                     "crypto/aes/aes_cfb.c",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    "crypto/aes/aes_core.c",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     "crypto/aes/aes_ecb.c",
@@ -13338,8 +13350,9 @@ our %unified_info = (
                 ],
             "libcrypto" =>
                 [
-                    "crypto/aes/aes-586.o",
+                    "crypto/aes/aes_cbc.o",
                     "crypto/aes/aes_cfb.o",
+                    "crypto/aes/aes_core.o",
                     "crypto/aes/aes_ecb.o",
                     "crypto/aes/aes_ige.o",
                     "crypto/aes/aes_misc.o",
@@ -15241,6 +15254,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15586,6 +15600,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/linux-elf/asm/crypto/buildinf.h b/deps/openssl/config/archs/linux-elf/asm/crypto/buildinf.h
index 29bb1a47b44b82..d35d80a968c59e 100644
--- a/deps/openssl/config/archs/linux-elf/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-elf/asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-elf"
-#define DATE "built on: Wed Jun 12 20:54:35 2019 UTC"
+#define DATE "built on: Fri Sep 13 15:59:27 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
@@ -38,10 +38,10 @@ static const char compiler_flags[] = {
     '6','_','A','S','M',' ','-','D','S','H','A','5','1','2','_','A',
     'S','M',' ','-','D','R','C','4','_','A','S','M',' ','-','D','M',
     'D','5','_','A','S','M',' ','-','D','R','M','D','1','6','0','_',
-    'A','S','M',' ','-','D','A','E','S','_','A','S','M',' ','-','D',
-    'V','P','A','E','S','_','A','S','M',' ','-','D','W','H','I','R',
-    'L','P','O','O','L','_','A','S','M',' ','-','D','G','H','A','S',
-    'H','_','A','S','M',' ','-','D','E','C','P','_','N','I','S','T',
-    'Z','2','5','6','_','A','S','M',' ','-','D','P','O','L','Y','1',
-    '3','0','5','_','A','S','M',' ','-','D','N','D','E','B','U','G','\0'
+    'A','S','M',' ','-','D','V','P','A','E','S','_','A','S','M',' ',
+    '-','D','W','H','I','R','L','P','O','O','L','_','A','S','M',' ',
+    '-','D','G','H','A','S','H','_','A','S','M',' ','-','D','E','C',
+    'P','_','N','I','S','T','Z','2','5','6','_','A','S','M',' ','-',
+    'D','P','O','L','Y','1','3','0','5','_','A','S','M',' ','-','D',
+    'N','D','E','B','U','G','\0'
 };
diff --git a/deps/openssl/config/archs/linux-elf/asm/openssl-cl.gypi b/deps/openssl/config/archs/linux-elf/asm/openssl-cl.gypi
index 841130aed241cb..e2fe28d73a968d 100644
--- a/deps/openssl/config/archs/linux-elf/asm/openssl-cl.gypi
+++ b/deps/openssl/config/archs/linux-elf/asm/openssl-cl.gypi
@@ -16,7 +16,6 @@
       'RC4_ASM',
       'MD5_ASM',
       'RMD160_ASM',
-      'AES_ASM',
       'VPAES_ASM',
       'WHIRLPOOL_ASM',
       'GHASH_ASM',
diff --git a/deps/openssl/config/archs/linux-elf/asm/openssl.gypi b/deps/openssl/config/archs/linux-elf/asm/openssl.gypi
index ca1aa0111be438..19fe9eac77262f 100644
--- a/deps/openssl/config/archs/linux-elf/asm/openssl.gypi
+++ b/deps/openssl/config/archs/linux-elf/asm/openssl.gypi
@@ -45,7 +45,9 @@
       'openssl/ssl/t1_trce.c',
       'openssl/ssl/tls13_enc.c',
       'openssl/ssl/tls_srp.c',
+      'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
+      'openssl/crypto/aes/aes_core.c',
       'openssl/crypto/aes/aes_ecb.c',
       'openssl/crypto/aes/aes_ige.c',
       'openssl/crypto/aes/aes_misc.c',
@@ -671,7 +673,6 @@
       'openssl/engines/e_padlock.c',
     ],
     'openssl_sources_linux-elf': [
-      './config/archs/linux-elf/asm/crypto/aes/aes-586.s',
       './config/archs/linux-elf/asm/crypto/aes/aesni-x86.s',
       './config/archs/linux-elf/asm/crypto/aes/vpaes-x86.s',
       './config/archs/linux-elf/asm/crypto/bf/bf-586.s',
@@ -712,7 +713,6 @@
       'RC4_ASM',
       'MD5_ASM',
       'RMD160_ASM',
-      'AES_ASM',
       'VPAES_ASM',
       'WHIRLPOOL_ASM',
       'GHASH_ASM',
diff --git a/deps/openssl/config/archs/linux-elf/asm_avx2/configdata.pm b/deps/openssl/config/archs/linux-elf/asm_avx2/configdata.pm
index e94ac927211abf..9ddf36af0f5672 100644
--- a/deps/openssl/config/archs/linux-elf/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/linux-elf/asm_avx2/configdata.pm
@@ -49,7 +49,7 @@ our %config = (
   export_var_as_fn => "0",
   includes => [  ],
   lflags => [  ],
-  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_BN_ASM_PART_WORDS", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "RC4_ASM", "MD5_ASM", "RMD160_ASM", "AES_ASM", "VPAES_ASM", "WHIRLPOOL_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "POLY1305_ASM" ],
+  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_BN_ASM_PART_WORDS", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "RC4_ASM", "MD5_ASM", "RMD160_ASM", "VPAES_ASM", "WHIRLPOOL_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "POLY1305_ASM" ],
   libdir => "",
   major => "1",
   makedepprog => "\$(CROSS_COMPILE)../config/fake_gcc.pl",
@@ -112,8 +112,8 @@ our %config = (
   sourcedir => ".",
   target => "linux-elf",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -127,8 +127,8 @@ our %target = (
   RANLIB => "ranlib",
   RC => "windres",
   _conf_fname_int => [ "Configurations/00-base-templates.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/00-base-templates.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/shared-info.pl" ],
-  aes_asm_src => "aes-586.s vpaes-x86.s aesni-x86.s",
-  aes_obj => "aes-586.o vpaes-x86.o aesni-x86.o",
+  aes_asm_src => "aes_core.c aes_cbc.c vpaes-x86.s aesni-x86.s",
+  aes_obj => "aes_core.o aes_cbc.o vpaes-x86.o aesni-x86.o",
   apps_aux_src => "",
   apps_init_src => "",
   apps_obj => "",
@@ -1697,8 +1697,9 @@ our %unified_info = (
                 {
                     "deps" =>
                         [
-                            "crypto/aes/aes-586.o",
+                            "crypto/aes/aes_cbc.o",
                             "crypto/aes/aes_cfb.o",
+                            "crypto/aes/aes_core.o",
                             "crypto/aes/aes_ecb.o",
                             "crypto/aes/aes_ige.o",
                             "crypto/aes/aes_misc.o",
@@ -3239,6 +3240,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -4864,12 +4866,6 @@ our %unified_info = (
                     "include",
                     "apps",
                 ],
-            "crypto/aes/aes-586.o" =>
-                [
-                    ".",
-                    "crypto/include",
-                    "include",
-                ],
             "crypto/aes/aes-armv4.o" =>
                 [
                     "crypto",
@@ -4886,12 +4882,24 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
+            "crypto/aes/aes_cbc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
             "crypto/aes/aes_cfb.o" =>
                 [
                     ".",
                     "crypto/include",
                     "include",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     ".",
@@ -7870,10 +7878,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -10008,6 +10012,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -10641,14 +10649,18 @@ our %unified_info = (
                 [
                     "apps/x509.c",
                 ],
-            "crypto/aes/aes-586.o" =>
+            "crypto/aes/aes_cbc.o" =>
                 [
-                    "crypto/aes/aes-586.s",
+                    "crypto/aes/aes_cbc.c",
                 ],
             "crypto/aes/aes_cfb.o" =>
                 [
                     "crypto/aes/aes_cfb.c",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    "crypto/aes/aes_core.c",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     "crypto/aes/aes_ecb.c",
@@ -13338,8 +13350,9 @@ our %unified_info = (
                 ],
             "libcrypto" =>
                 [
-                    "crypto/aes/aes-586.o",
+                    "crypto/aes/aes_cbc.o",
                     "crypto/aes/aes_cfb.o",
+                    "crypto/aes/aes_core.o",
                     "crypto/aes/aes_ecb.o",
                     "crypto/aes/aes_ige.o",
                     "crypto/aes/aes_misc.o",
@@ -15241,6 +15254,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15586,6 +15600,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/linux-elf/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/linux-elf/asm_avx2/crypto/buildinf.h
index b1e8d591a587dc..153225532e4c1c 100644
--- a/deps/openssl/config/archs/linux-elf/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-elf/asm_avx2/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-elf"
-#define DATE "built on: Wed Jun 12 20:54:39 2019 UTC"
+#define DATE "built on: Fri Sep 13 15:59:33 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
@@ -39,11 +39,10 @@ static const char compiler_flags[] = {
     '2','5','6','_','A','S','M',' ','-','D','S','H','A','5','1','2',
     '_','A','S','M',' ','-','D','R','C','4','_','A','S','M',' ','-',
     'D','M','D','5','_','A','S','M',' ','-','D','R','M','D','1','6',
-    '0','_','A','S','M',' ','-','D','A','E','S','_','A','S','M',' ',
-    '-','D','V','P','A','E','S','_','A','S','M',' ','-','D','W','H',
-    'I','R','L','P','O','O','L','_','A','S','M',' ','-','D','G','H',
-    'A','S','H','_','A','S','M',' ','-','D','E','C','P','_','N','I',
-    'S','T','Z','2','5','6','_','A','S','M',' ','-','D','P','O','L',
-    'Y','1','3','0','5','_','A','S','M',' ','-','D','N','D','E','B',
-    'U','G','\0'
+    '0','_','A','S','M',' ','-','D','V','P','A','E','S','_','A','S',
+    'M',' ','-','D','W','H','I','R','L','P','O','O','L','_','A','S',
+    'M',' ','-','D','G','H','A','S','H','_','A','S','M',' ','-','D',
+    'E','C','P','_','N','I','S','T','Z','2','5','6','_','A','S','M',
+    ' ','-','D','P','O','L','Y','1','3','0','5','_','A','S','M',' ',
+    '-','D','N','D','E','B','U','G','\0'
 };
diff --git a/deps/openssl/config/archs/linux-elf/asm_avx2/openssl-cl.gypi b/deps/openssl/config/archs/linux-elf/asm_avx2/openssl-cl.gypi
index 841130aed241cb..e2fe28d73a968d 100644
--- a/deps/openssl/config/archs/linux-elf/asm_avx2/openssl-cl.gypi
+++ b/deps/openssl/config/archs/linux-elf/asm_avx2/openssl-cl.gypi
@@ -16,7 +16,6 @@
       'RC4_ASM',
       'MD5_ASM',
       'RMD160_ASM',
-      'AES_ASM',
       'VPAES_ASM',
       'WHIRLPOOL_ASM',
       'GHASH_ASM',
diff --git a/deps/openssl/config/archs/linux-elf/asm_avx2/openssl.gypi b/deps/openssl/config/archs/linux-elf/asm_avx2/openssl.gypi
index 383f3ca0d4b264..5cfdf4bbe688ae 100644
--- a/deps/openssl/config/archs/linux-elf/asm_avx2/openssl.gypi
+++ b/deps/openssl/config/archs/linux-elf/asm_avx2/openssl.gypi
@@ -45,7 +45,9 @@
       'openssl/ssl/t1_trce.c',
       'openssl/ssl/tls13_enc.c',
       'openssl/ssl/tls_srp.c',
+      'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
+      'openssl/crypto/aes/aes_core.c',
       'openssl/crypto/aes/aes_ecb.c',
       'openssl/crypto/aes/aes_ige.c',
       'openssl/crypto/aes/aes_misc.c',
@@ -671,7 +673,6 @@
       'openssl/engines/e_padlock.c',
     ],
     'openssl_sources_linux-elf': [
-      './config/archs/linux-elf/asm_avx2/crypto/aes/aes-586.s',
       './config/archs/linux-elf/asm_avx2/crypto/aes/aesni-x86.s',
       './config/archs/linux-elf/asm_avx2/crypto/aes/vpaes-x86.s',
       './config/archs/linux-elf/asm_avx2/crypto/bf/bf-586.s',
@@ -712,7 +713,6 @@
       'RC4_ASM',
       'MD5_ASM',
       'RMD160_ASM',
-      'AES_ASM',
       'VPAES_ASM',
       'WHIRLPOOL_ASM',
       'GHASH_ASM',
diff --git a/deps/openssl/config/archs/linux-elf/no-asm/configdata.pm b/deps/openssl/config/archs/linux-elf/no-asm/configdata.pm
index 252c46953d4c3e..0c657bee8b914c 100644
--- a/deps/openssl/config/archs/linux-elf/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/linux-elf/no-asm/configdata.pm
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "linux-elf",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -3224,6 +3224,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7825,10 +7826,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -9921,6 +9918,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15094,6 +15095,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15439,6 +15441,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/linux-elf/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/linux-elf/no-asm/crypto/buildinf.h
index 1dd3c287502116..39469e8298ae17 100644
--- a/deps/openssl/config/archs/linux-elf/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-elf/no-asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-elf"
-#define DATE "built on: Wed Jun 12 20:54:42 2019 UTC"
+#define DATE "built on: Fri Sep 13 15:59:39 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux-ppc/asm/configdata.pm b/deps/openssl/config/archs/linux-ppc/asm/configdata.pm
index 9bd62dc005de5d..47234ab9177f5b 100644
--- a/deps/openssl/config/archs/linux-ppc/asm/configdata.pm
+++ b/deps/openssl/config/archs/linux-ppc/asm/configdata.pm
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "linux-ppc",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -3239,6 +3239,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7876,10 +7877,6 @@ our %unified_info = (
                     "crypto/include",
                     "include",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -10014,6 +10011,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15252,6 +15253,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15597,6 +15599,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/linux-ppc/asm/crypto/buildinf.h b/deps/openssl/config/archs/linux-ppc/asm/crypto/buildinf.h
index 488a189a61b90c..af759c6bdab883 100644
--- a/deps/openssl/config/archs/linux-ppc/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-ppc/asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-ppc"
-#define DATE "built on: Wed Jun 12 20:55:26 2019 UTC"
+#define DATE "built on: Fri Sep 13 16:00:48 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux-ppc/asm_avx2/configdata.pm b/deps/openssl/config/archs/linux-ppc/asm_avx2/configdata.pm
index a79ff6a2ff6e0a..65b50577c3673c 100644
--- a/deps/openssl/config/archs/linux-ppc/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/linux-ppc/asm_avx2/configdata.pm
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "linux-ppc",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -3239,6 +3239,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7876,10 +7877,6 @@ our %unified_info = (
                     "crypto/include",
                     "include",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -10014,6 +10011,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15252,6 +15253,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15597,6 +15599,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/linux-ppc/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/linux-ppc/asm_avx2/crypto/buildinf.h
index 31e71e82e6d9c4..d91d124d0d95f7 100644
--- a/deps/openssl/config/archs/linux-ppc/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-ppc/asm_avx2/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-ppc"
-#define DATE "built on: Wed Jun 12 20:55:29 2019 UTC"
+#define DATE "built on: Fri Sep 13 16:00:53 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux-ppc/no-asm/configdata.pm b/deps/openssl/config/archs/linux-ppc/no-asm/configdata.pm
index a5734852699f73..41afbcc4445a44 100644
--- a/deps/openssl/config/archs/linux-ppc/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/linux-ppc/no-asm/configdata.pm
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "linux-ppc",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -3225,6 +3225,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7826,10 +7827,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -9922,6 +9919,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15095,6 +15096,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15440,6 +15442,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/linux-ppc/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/linux-ppc/no-asm/crypto/buildinf.h
index 15f8319f781601..feccd6e409e5d0 100644
--- a/deps/openssl/config/archs/linux-ppc/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-ppc/no-asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-ppc"
-#define DATE "built on: Wed Jun 12 20:55:33 2019 UTC"
+#define DATE "built on: Fri Sep 13 16:00:59 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux-ppc64/asm/configdata.pm b/deps/openssl/config/archs/linux-ppc64/asm/configdata.pm
index e4af0246f53958..a8105b72abd10d 100644
--- a/deps/openssl/config/archs/linux-ppc64/asm/configdata.pm
+++ b/deps/openssl/config/archs/linux-ppc64/asm/configdata.pm
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "linux-ppc64",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -3243,6 +3243,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7898,10 +7899,6 @@ our %unified_info = (
                     "crypto/include",
                     "include",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -10036,6 +10033,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15289,6 +15290,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15634,6 +15636,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/linux-ppc64/asm/crypto/buildinf.h b/deps/openssl/config/archs/linux-ppc64/asm/crypto/buildinf.h
index 75473d6529d095..2c9f24fdee2e25 100644
--- a/deps/openssl/config/archs/linux-ppc64/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-ppc64/asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-ppc64"
-#define DATE "built on: Wed Jun 12 20:55:35 2019 UTC"
+#define DATE "built on: Fri Sep 13 16:01:02 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux-ppc64/asm_avx2/configdata.pm b/deps/openssl/config/archs/linux-ppc64/asm_avx2/configdata.pm
index c38e26de921882..fa53549253d37e 100644
--- a/deps/openssl/config/archs/linux-ppc64/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/linux-ppc64/asm_avx2/configdata.pm
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "linux-ppc64",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -3243,6 +3243,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7898,10 +7899,6 @@ our %unified_info = (
                     "crypto/include",
                     "include",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -10036,6 +10033,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15289,6 +15290,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15634,6 +15636,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/linux-ppc64/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/linux-ppc64/asm_avx2/crypto/buildinf.h
index 4183f815d14fd9..0e70ae12285ec6 100644
--- a/deps/openssl/config/archs/linux-ppc64/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-ppc64/asm_avx2/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-ppc64"
-#define DATE "built on: Wed Jun 12 20:55:38 2019 UTC"
+#define DATE "built on: Fri Sep 13 16:01:08 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux-ppc64/no-asm/configdata.pm b/deps/openssl/config/archs/linux-ppc64/no-asm/configdata.pm
index 5aa7eb6816c877..42b7f02251e94b 100644
--- a/deps/openssl/config/archs/linux-ppc64/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/linux-ppc64/no-asm/configdata.pm
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "linux-ppc64",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -3226,6 +3226,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7827,10 +7828,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -9923,6 +9920,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15096,6 +15097,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15441,6 +15443,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/linux-ppc64/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/linux-ppc64/no-asm/crypto/buildinf.h
index 94b40f31728924..50c645ff13a868 100644
--- a/deps/openssl/config/archs/linux-ppc64/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-ppc64/no-asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-ppc64"
-#define DATE "built on: Wed Jun 12 20:55:42 2019 UTC"
+#define DATE "built on: Fri Sep 13 16:01:14 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux-ppc64le/asm/configdata.pm b/deps/openssl/config/archs/linux-ppc64le/asm/configdata.pm
index 632f7f03512207..aff8df2a584ca8 100644
--- a/deps/openssl/config/archs/linux-ppc64le/asm/configdata.pm
+++ b/deps/openssl/config/archs/linux-ppc64le/asm/configdata.pm
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "linux-ppc64le",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -3242,6 +3242,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7897,10 +7898,6 @@ our %unified_info = (
                     "crypto/include",
                     "include",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -10035,6 +10032,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15288,6 +15289,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15633,6 +15635,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/linux-ppc64le/asm/crypto/buildinf.h b/deps/openssl/config/archs/linux-ppc64le/asm/crypto/buildinf.h
index ad0bfb25edd38a..e7003954bb1a42 100644
--- a/deps/openssl/config/archs/linux-ppc64le/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-ppc64le/asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-ppc64le"
-#define DATE "built on: Wed Jun 12 20:55:44 2019 UTC"
+#define DATE "built on: Fri Sep 13 16:01:17 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux-ppc64le/asm_avx2/configdata.pm b/deps/openssl/config/archs/linux-ppc64le/asm_avx2/configdata.pm
index 0b2ffc07ca6da2..a92bb250672e06 100644
--- a/deps/openssl/config/archs/linux-ppc64le/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/linux-ppc64le/asm_avx2/configdata.pm
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "linux-ppc64le",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -3242,6 +3242,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7897,10 +7898,6 @@ our %unified_info = (
                     "crypto/include",
                     "include",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -10035,6 +10032,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15288,6 +15289,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15633,6 +15635,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/linux-ppc64le/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/linux-ppc64le/asm_avx2/crypto/buildinf.h
index 4ce6a71896a85e..e8e073c0d22a9f 100644
--- a/deps/openssl/config/archs/linux-ppc64le/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-ppc64le/asm_avx2/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-ppc64le"
-#define DATE "built on: Wed Jun 12 20:55:48 2019 UTC"
+#define DATE "built on: Fri Sep 13 16:01:23 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux-ppc64le/no-asm/configdata.pm b/deps/openssl/config/archs/linux-ppc64le/no-asm/configdata.pm
index d482d6a14cf9fa..9d91dea1de5354 100644
--- a/deps/openssl/config/archs/linux-ppc64le/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/linux-ppc64le/no-asm/configdata.pm
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "linux-ppc64le",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -3225,6 +3225,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7826,10 +7827,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -9922,6 +9919,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15095,6 +15096,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15440,6 +15442,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/linux-ppc64le/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/linux-ppc64le/no-asm/crypto/buildinf.h
index 56e2d2c8ff7e94..aebc739df4d2c0 100644
--- a/deps/openssl/config/archs/linux-ppc64le/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-ppc64le/no-asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-ppc64le"
-#define DATE "built on: Wed Jun 12 20:55:52 2019 UTC"
+#define DATE "built on: Fri Sep 13 16:01:29 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux-x32/asm/configdata.pm b/deps/openssl/config/archs/linux-x32/asm/configdata.pm
index 526fc03a399978..58a473be95a3e6 100644
--- a/deps/openssl/config/archs/linux-x32/asm/configdata.pm
+++ b/deps/openssl/config/archs/linux-x32/asm/configdata.pm
@@ -49,7 +49,7 @@ our %config = (
   export_var_as_fn => "0",
   includes => [  ],
   lflags => [  ],
-  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_MONT5", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "KECCAK1600_ASM", "RC4_ASM", "MD5_ASM", "AES_ASM", "VPAES_ASM", "BSAES_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "X25519_ASM", "POLY1305_ASM" ],
+  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_MONT5", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "KECCAK1600_ASM", "RC4_ASM", "MD5_ASM", "VPAES_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "X25519_ASM", "POLY1305_ASM" ],
   libdir => "",
   major => "1",
   makedepprog => "\$(CROSS_COMPILE)gcc",
@@ -112,8 +112,8 @@ our %config = (
   sourcedir => ".",
   target => "linux-x32",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -127,8 +127,8 @@ our %target = (
   RANLIB => "ranlib",
   RC => "windres",
   _conf_fname_int => [ "Configurations/00-base-templates.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/shared-info.pl" ],
-  aes_asm_src => "aes-x86_64.s vpaes-x86_64.s bsaes-x86_64.s aesni-x86_64.s aesni-sha1-x86_64.s aesni-sha256-x86_64.s aesni-mb-x86_64.s",
-  aes_obj => "aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o",
+  aes_asm_src => "aes_core.c aes_cbc.c vpaes-x86_64.s aesni-x86_64.s aesni-sha1-x86_64.s aesni-sha256-x86_64.s aesni-mb-x86_64.s",
+  aes_obj => "aes_core.o aes_cbc.o vpaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o",
   apps_aux_src => "",
   apps_init_src => "",
   apps_obj => "",
@@ -1698,8 +1698,9 @@ our %unified_info = (
                 {
                     "deps" =>
                         [
-                            "crypto/aes/aes-x86_64.o",
+                            "crypto/aes/aes_cbc.o",
                             "crypto/aes/aes_cfb.o",
+                            "crypto/aes/aes_core.o",
                             "crypto/aes/aes_ecb.o",
                             "crypto/aes/aes_ige.o",
                             "crypto/aes/aes_misc.o",
@@ -1709,7 +1710,6 @@ our %unified_info = (
                             "crypto/aes/aesni-sha1-x86_64.o",
                             "crypto/aes/aesni-sha256-x86_64.o",
                             "crypto/aes/aesni-x86_64.o",
-                            "crypto/aes/bsaes-x86_64.o",
                             "crypto/aes/vpaes-x86_64.o",
                         ],
                     "products" =>
@@ -3264,6 +3264,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -4905,7 +4906,7 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/aes/aes-x86_64.o" =>
+            "crypto/aes/aes_cbc.o" =>
                 [
                     ".",
                     "crypto/include",
@@ -4917,6 +4918,12 @@ our %unified_info = (
                     "crypto/include",
                     "include",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     ".",
@@ -4987,12 +4994,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/aes/bsaes-x86_64.o" =>
-                [
-                    ".",
-                    "crypto/include",
-                    "include",
-                ],
             "crypto/aes/vpaes-x86_64.o" =>
                 [
                     ".",
@@ -7955,10 +7956,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -10099,6 +10096,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -10732,14 +10733,18 @@ our %unified_info = (
                 [
                     "apps/x509.c",
                 ],
-            "crypto/aes/aes-x86_64.o" =>
+            "crypto/aes/aes_cbc.o" =>
                 [
-                    "crypto/aes/aes-x86_64.s",
+                    "crypto/aes/aes_cbc.c",
                 ],
             "crypto/aes/aes_cfb.o" =>
                 [
                     "crypto/aes/aes_cfb.c",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    "crypto/aes/aes_core.c",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     "crypto/aes/aes_ecb.c",
@@ -10776,10 +10781,6 @@ our %unified_info = (
                 [
                     "crypto/aes/aesni-x86_64.s",
                 ],
-            "crypto/aes/bsaes-x86_64.o" =>
-                [
-                    "crypto/aes/bsaes-x86_64.s",
-                ],
             "crypto/aes/vpaes-x86_64.o" =>
                 [
                     "crypto/aes/vpaes-x86_64.s",
@@ -13473,8 +13474,9 @@ our %unified_info = (
                 ],
             "libcrypto" =>
                 [
-                    "crypto/aes/aes-x86_64.o",
+                    "crypto/aes/aes_cbc.o",
                     "crypto/aes/aes_cfb.o",
+                    "crypto/aes/aes_core.o",
                     "crypto/aes/aes_ecb.o",
                     "crypto/aes/aes_ige.o",
                     "crypto/aes/aes_misc.o",
@@ -13484,7 +13486,6 @@ our %unified_info = (
                     "crypto/aes/aesni-sha1-x86_64.o",
                     "crypto/aes/aesni-sha256-x86_64.o",
                     "crypto/aes/aesni-x86_64.o",
-                    "crypto/aes/bsaes-x86_64.o",
                     "crypto/aes/vpaes-x86_64.o",
                     "crypto/aria/aria.o",
                     "crypto/asn1/a_bitstr.o",
@@ -15387,6 +15388,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15732,6 +15734,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/linux-x32/asm/crypto/buildinf.h b/deps/openssl/config/archs/linux-x32/asm/crypto/buildinf.h
index a02715c9da37d2..c9b1f198949916 100644
--- a/deps/openssl/config/archs/linux-x32/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-x32/asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-x32"
-#define DATE "built on: Wed Jun 12 20:54:45 2019 UTC"
+#define DATE "built on: Fri Sep 13 15:59:43 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
@@ -37,11 +37,10 @@ static const char compiler_flags[] = {
     'M',' ','-','D','S','H','A','5','1','2','_','A','S','M',' ','-',
     'D','K','E','C','C','A','K','1','6','0','0','_','A','S','M',' ',
     '-','D','R','C','4','_','A','S','M',' ','-','D','M','D','5','_',
-    'A','S','M',' ','-','D','A','E','S','_','A','S','M',' ','-','D',
-    'V','P','A','E','S','_','A','S','M',' ','-','D','B','S','A','E',
-    'S','_','A','S','M',' ','-','D','G','H','A','S','H','_','A','S',
-    'M',' ','-','D','E','C','P','_','N','I','S','T','Z','2','5','6',
-    '_','A','S','M',' ','-','D','X','2','5','5','1','9','_','A','S',
-    'M',' ','-','D','P','O','L','Y','1','3','0','5','_','A','S','M',
-    ' ','-','D','N','D','E','B','U','G','\0'
+    'A','S','M',' ','-','D','V','P','A','E','S','_','A','S','M',' ',
+    '-','D','G','H','A','S','H','_','A','S','M',' ','-','D','E','C',
+    'P','_','N','I','S','T','Z','2','5','6','_','A','S','M',' ','-',
+    'D','X','2','5','5','1','9','_','A','S','M',' ','-','D','P','O',
+    'L','Y','1','3','0','5','_','A','S','M',' ','-','D','N','D','E',
+    'B','U','G','\0'
 };
diff --git a/deps/openssl/config/archs/linux-x32/asm/openssl-cl.gypi b/deps/openssl/config/archs/linux-x32/asm/openssl-cl.gypi
index fa200427590930..859eb1a3691ebf 100644
--- a/deps/openssl/config/archs/linux-x32/asm/openssl-cl.gypi
+++ b/deps/openssl/config/archs/linux-x32/asm/openssl-cl.gypi
@@ -16,9 +16,7 @@
       'KECCAK1600_ASM',
       'RC4_ASM',
       'MD5_ASM',
-      'AES_ASM',
       'VPAES_ASM',
-      'BSAES_ASM',
       'GHASH_ASM',
       'ECP_NISTZ256_ASM',
       'X25519_ASM',
diff --git a/deps/openssl/config/archs/linux-x32/asm/openssl.gypi b/deps/openssl/config/archs/linux-x32/asm/openssl.gypi
index 1705d7ef3c3490..5faef9c0e48f51 100644
--- a/deps/openssl/config/archs/linux-x32/asm/openssl.gypi
+++ b/deps/openssl/config/archs/linux-x32/asm/openssl.gypi
@@ -45,7 +45,9 @@
       'openssl/ssl/t1_trce.c',
       'openssl/ssl/tls13_enc.c',
       'openssl/ssl/tls_srp.c',
+      'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
+      'openssl/crypto/aes/aes_core.c',
       'openssl/crypto/aes/aes_ecb.c',
       'openssl/crypto/aes/aes_ige.c',
       'openssl/crypto/aes/aes_misc.c',
@@ -675,12 +677,10 @@
       'openssl/engines/e_padlock.c',
     ],
     'openssl_sources_linux-x32': [
-      './config/archs/linux-x32/asm/crypto/aes/aes-x86_64.s',
       './config/archs/linux-x32/asm/crypto/aes/aesni-mb-x86_64.s',
       './config/archs/linux-x32/asm/crypto/aes/aesni-sha1-x86_64.s',
       './config/archs/linux-x32/asm/crypto/aes/aesni-sha256-x86_64.s',
       './config/archs/linux-x32/asm/crypto/aes/aesni-x86_64.s',
-      './config/archs/linux-x32/asm/crypto/aes/bsaes-x86_64.s',
       './config/archs/linux-x32/asm/crypto/aes/vpaes-x86_64.s',
       './config/archs/linux-x32/asm/crypto/bn/rsaz-avx2.s',
       './config/archs/linux-x32/asm/crypto/bn/rsaz-x86_64.s',
@@ -723,9 +723,7 @@
       'KECCAK1600_ASM',
       'RC4_ASM',
       'MD5_ASM',
-      'AES_ASM',
       'VPAES_ASM',
-      'BSAES_ASM',
       'GHASH_ASM',
       'ECP_NISTZ256_ASM',
       'X25519_ASM',
diff --git a/deps/openssl/config/archs/linux-x32/asm_avx2/configdata.pm b/deps/openssl/config/archs/linux-x32/asm_avx2/configdata.pm
index 001552a7718ab6..c85073cdc5ea14 100644
--- a/deps/openssl/config/archs/linux-x32/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/linux-x32/asm_avx2/configdata.pm
@@ -49,7 +49,7 @@ our %config = (
   export_var_as_fn => "0",
   includes => [  ],
   lflags => [  ],
-  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_MONT5", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "KECCAK1600_ASM", "RC4_ASM", "MD5_ASM", "AES_ASM", "VPAES_ASM", "BSAES_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "X25519_ASM", "POLY1305_ASM" ],
+  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_MONT5", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "KECCAK1600_ASM", "RC4_ASM", "MD5_ASM", "VPAES_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "X25519_ASM", "POLY1305_ASM" ],
   libdir => "",
   major => "1",
   makedepprog => "\$(CROSS_COMPILE)../config/fake_gcc.pl",
@@ -112,8 +112,8 @@ our %config = (
   sourcedir => ".",
   target => "linux-x32",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -127,8 +127,8 @@ our %target = (
   RANLIB => "ranlib",
   RC => "windres",
   _conf_fname_int => [ "Configurations/00-base-templates.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/shared-info.pl" ],
-  aes_asm_src => "aes-x86_64.s vpaes-x86_64.s bsaes-x86_64.s aesni-x86_64.s aesni-sha1-x86_64.s aesni-sha256-x86_64.s aesni-mb-x86_64.s",
-  aes_obj => "aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o",
+  aes_asm_src => "aes_core.c aes_cbc.c vpaes-x86_64.s aesni-x86_64.s aesni-sha1-x86_64.s aesni-sha256-x86_64.s aesni-mb-x86_64.s",
+  aes_obj => "aes_core.o aes_cbc.o vpaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o",
   apps_aux_src => "",
   apps_init_src => "",
   apps_obj => "",
@@ -1698,8 +1698,9 @@ our %unified_info = (
                 {
                     "deps" =>
                         [
-                            "crypto/aes/aes-x86_64.o",
+                            "crypto/aes/aes_cbc.o",
                             "crypto/aes/aes_cfb.o",
+                            "crypto/aes/aes_core.o",
                             "crypto/aes/aes_ecb.o",
                             "crypto/aes/aes_ige.o",
                             "crypto/aes/aes_misc.o",
@@ -1709,7 +1710,6 @@ our %unified_info = (
                             "crypto/aes/aesni-sha1-x86_64.o",
                             "crypto/aes/aesni-sha256-x86_64.o",
                             "crypto/aes/aesni-x86_64.o",
-                            "crypto/aes/bsaes-x86_64.o",
                             "crypto/aes/vpaes-x86_64.o",
                         ],
                     "products" =>
@@ -3264,6 +3264,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -4905,7 +4906,7 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/aes/aes-x86_64.o" =>
+            "crypto/aes/aes_cbc.o" =>
                 [
                     ".",
                     "crypto/include",
@@ -4917,6 +4918,12 @@ our %unified_info = (
                     "crypto/include",
                     "include",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     ".",
@@ -4987,12 +4994,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/aes/bsaes-x86_64.o" =>
-                [
-                    ".",
-                    "crypto/include",
-                    "include",
-                ],
             "crypto/aes/vpaes-x86_64.o" =>
                 [
                     ".",
@@ -7955,10 +7956,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -10099,6 +10096,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -10732,14 +10733,18 @@ our %unified_info = (
                 [
                     "apps/x509.c",
                 ],
-            "crypto/aes/aes-x86_64.o" =>
+            "crypto/aes/aes_cbc.o" =>
                 [
-                    "crypto/aes/aes-x86_64.s",
+                    "crypto/aes/aes_cbc.c",
                 ],
             "crypto/aes/aes_cfb.o" =>
                 [
                     "crypto/aes/aes_cfb.c",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    "crypto/aes/aes_core.c",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     "crypto/aes/aes_ecb.c",
@@ -10776,10 +10781,6 @@ our %unified_info = (
                 [
                     "crypto/aes/aesni-x86_64.s",
                 ],
-            "crypto/aes/bsaes-x86_64.o" =>
-                [
-                    "crypto/aes/bsaes-x86_64.s",
-                ],
             "crypto/aes/vpaes-x86_64.o" =>
                 [
                     "crypto/aes/vpaes-x86_64.s",
@@ -13473,8 +13474,9 @@ our %unified_info = (
                 ],
             "libcrypto" =>
                 [
-                    "crypto/aes/aes-x86_64.o",
+                    "crypto/aes/aes_cbc.o",
                     "crypto/aes/aes_cfb.o",
+                    "crypto/aes/aes_core.o",
                     "crypto/aes/aes_ecb.o",
                     "crypto/aes/aes_ige.o",
                     "crypto/aes/aes_misc.o",
@@ -13484,7 +13486,6 @@ our %unified_info = (
                     "crypto/aes/aesni-sha1-x86_64.o",
                     "crypto/aes/aesni-sha256-x86_64.o",
                     "crypto/aes/aesni-x86_64.o",
-                    "crypto/aes/bsaes-x86_64.o",
                     "crypto/aes/vpaes-x86_64.o",
                     "crypto/aria/aria.o",
                     "crypto/asn1/a_bitstr.o",
@@ -15387,6 +15388,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15732,6 +15734,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/linux-x32/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/linux-x32/asm_avx2/crypto/buildinf.h
index 8b65a79f17aa48..f567041169936f 100644
--- a/deps/openssl/config/archs/linux-x32/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-x32/asm_avx2/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-x32"
-#define DATE "built on: Wed Jun 12 20:54:54 2019 UTC"
+#define DATE "built on: Fri Sep 13 15:59:58 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
@@ -38,11 +38,10 @@ static const char compiler_flags[] = {
     'A','S','M',' ','-','D','S','H','A','5','1','2','_','A','S','M',
     ' ','-','D','K','E','C','C','A','K','1','6','0','0','_','A','S',
     'M',' ','-','D','R','C','4','_','A','S','M',' ','-','D','M','D',
-    '5','_','A','S','M',' ','-','D','A','E','S','_','A','S','M',' ',
-    '-','D','V','P','A','E','S','_','A','S','M',' ','-','D','B','S',
-    'A','E','S','_','A','S','M',' ','-','D','G','H','A','S','H','_',
-    'A','S','M',' ','-','D','E','C','P','_','N','I','S','T','Z','2',
-    '5','6','_','A','S','M',' ','-','D','X','2','5','5','1','9','_',
-    'A','S','M',' ','-','D','P','O','L','Y','1','3','0','5','_','A',
-    'S','M',' ','-','D','N','D','E','B','U','G','\0'
+    '5','_','A','S','M',' ','-','D','V','P','A','E','S','_','A','S',
+    'M',' ','-','D','G','H','A','S','H','_','A','S','M',' ','-','D',
+    'E','C','P','_','N','I','S','T','Z','2','5','6','_','A','S','M',
+    ' ','-','D','X','2','5','5','1','9','_','A','S','M',' ','-','D',
+    'P','O','L','Y','1','3','0','5','_','A','S','M',' ','-','D','N',
+    'D','E','B','U','G','\0'
 };
diff --git a/deps/openssl/config/archs/linux-x32/asm_avx2/openssl-cl.gypi b/deps/openssl/config/archs/linux-x32/asm_avx2/openssl-cl.gypi
index fa200427590930..859eb1a3691ebf 100644
--- a/deps/openssl/config/archs/linux-x32/asm_avx2/openssl-cl.gypi
+++ b/deps/openssl/config/archs/linux-x32/asm_avx2/openssl-cl.gypi
@@ -16,9 +16,7 @@
       'KECCAK1600_ASM',
       'RC4_ASM',
       'MD5_ASM',
-      'AES_ASM',
       'VPAES_ASM',
-      'BSAES_ASM',
       'GHASH_ASM',
       'ECP_NISTZ256_ASM',
       'X25519_ASM',
diff --git a/deps/openssl/config/archs/linux-x32/asm_avx2/openssl.gypi b/deps/openssl/config/archs/linux-x32/asm_avx2/openssl.gypi
index fe3c93c3f7778f..7dd6ee5dda657f 100644
--- a/deps/openssl/config/archs/linux-x32/asm_avx2/openssl.gypi
+++ b/deps/openssl/config/archs/linux-x32/asm_avx2/openssl.gypi
@@ -45,7 +45,9 @@
       'openssl/ssl/t1_trce.c',
       'openssl/ssl/tls13_enc.c',
       'openssl/ssl/tls_srp.c',
+      'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
+      'openssl/crypto/aes/aes_core.c',
       'openssl/crypto/aes/aes_ecb.c',
       'openssl/crypto/aes/aes_ige.c',
       'openssl/crypto/aes/aes_misc.c',
@@ -675,12 +677,10 @@
       'openssl/engines/e_padlock.c',
     ],
     'openssl_sources_linux-x32': [
-      './config/archs/linux-x32/asm_avx2/crypto/aes/aes-x86_64.s',
       './config/archs/linux-x32/asm_avx2/crypto/aes/aesni-mb-x86_64.s',
       './config/archs/linux-x32/asm_avx2/crypto/aes/aesni-sha1-x86_64.s',
       './config/archs/linux-x32/asm_avx2/crypto/aes/aesni-sha256-x86_64.s',
       './config/archs/linux-x32/asm_avx2/crypto/aes/aesni-x86_64.s',
-      './config/archs/linux-x32/asm_avx2/crypto/aes/bsaes-x86_64.s',
       './config/archs/linux-x32/asm_avx2/crypto/aes/vpaes-x86_64.s',
       './config/archs/linux-x32/asm_avx2/crypto/bn/rsaz-avx2.s',
       './config/archs/linux-x32/asm_avx2/crypto/bn/rsaz-x86_64.s',
@@ -723,9 +723,7 @@
       'KECCAK1600_ASM',
       'RC4_ASM',
       'MD5_ASM',
-      'AES_ASM',
       'VPAES_ASM',
-      'BSAES_ASM',
       'GHASH_ASM',
       'ECP_NISTZ256_ASM',
       'X25519_ASM',
diff --git a/deps/openssl/config/archs/linux-x32/no-asm/configdata.pm b/deps/openssl/config/archs/linux-x32/no-asm/configdata.pm
index 942ec62dc1b085..b9a8bebaa20a64 100644
--- a/deps/openssl/config/archs/linux-x32/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/linux-x32/no-asm/configdata.pm
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "linux-x32",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -3226,6 +3226,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7827,10 +7828,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -9923,6 +9920,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15096,6 +15097,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15441,6 +15443,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/linux-x32/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/linux-x32/no-asm/crypto/buildinf.h
index 680bd0437dbf2c..369ee613964bf0 100644
--- a/deps/openssl/config/archs/linux-x32/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-x32/no-asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-x32"
-#define DATE "built on: Wed Jun 12 20:55:03 2019 UTC"
+#define DATE "built on: Fri Sep 13 16:00:12 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux-x86_64/asm/configdata.pm b/deps/openssl/config/archs/linux-x86_64/asm/configdata.pm
index 0f56cf3c035ed3..6eac1af414f413 100644
--- a/deps/openssl/config/archs/linux-x86_64/asm/configdata.pm
+++ b/deps/openssl/config/archs/linux-x86_64/asm/configdata.pm
@@ -49,7 +49,7 @@ our %config = (
   export_var_as_fn => "0",
   includes => [  ],
   lflags => [  ],
-  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_MONT5", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "KECCAK1600_ASM", "RC4_ASM", "MD5_ASM", "AES_ASM", "VPAES_ASM", "BSAES_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "X25519_ASM", "POLY1305_ASM" ],
+  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_MONT5", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "KECCAK1600_ASM", "RC4_ASM", "MD5_ASM", "VPAES_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "X25519_ASM", "POLY1305_ASM" ],
   libdir => "",
   major => "1",
   makedepprog => "\$(CROSS_COMPILE)gcc",
@@ -112,8 +112,8 @@ our %config = (
   sourcedir => ".",
   target => "linux-x86_64",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -127,8 +127,8 @@ our %target = (
   RANLIB => "ranlib",
   RC => "windres",
   _conf_fname_int => [ "Configurations/00-base-templates.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/10-main.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/shared-info.pl" ],
-  aes_asm_src => "aes-x86_64.s vpaes-x86_64.s bsaes-x86_64.s aesni-x86_64.s aesni-sha1-x86_64.s aesni-sha256-x86_64.s aesni-mb-x86_64.s",
-  aes_obj => "aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o",
+  aes_asm_src => "aes_core.c aes_cbc.c vpaes-x86_64.s aesni-x86_64.s aesni-sha1-x86_64.s aesni-sha256-x86_64.s aesni-mb-x86_64.s",
+  aes_obj => "aes_core.o aes_cbc.o vpaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o",
   apps_aux_src => "",
   apps_init_src => "",
   apps_obj => "",
@@ -1698,8 +1698,9 @@ our %unified_info = (
                 {
                     "deps" =>
                         [
-                            "crypto/aes/aes-x86_64.o",
+                            "crypto/aes/aes_cbc.o",
                             "crypto/aes/aes_cfb.o",
+                            "crypto/aes/aes_core.o",
                             "crypto/aes/aes_ecb.o",
                             "crypto/aes/aes_ige.o",
                             "crypto/aes/aes_misc.o",
@@ -1709,7 +1710,6 @@ our %unified_info = (
                             "crypto/aes/aesni-sha1-x86_64.o",
                             "crypto/aes/aesni-sha256-x86_64.o",
                             "crypto/aes/aesni-x86_64.o",
-                            "crypto/aes/bsaes-x86_64.o",
                             "crypto/aes/vpaes-x86_64.o",
                         ],
                     "products" =>
@@ -3264,6 +3264,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -4905,7 +4906,7 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/aes/aes-x86_64.o" =>
+            "crypto/aes/aes_cbc.o" =>
                 [
                     ".",
                     "crypto/include",
@@ -4917,6 +4918,12 @@ our %unified_info = (
                     "crypto/include",
                     "include",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     ".",
@@ -4987,12 +4994,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/aes/bsaes-x86_64.o" =>
-                [
-                    ".",
-                    "crypto/include",
-                    "include",
-                ],
             "crypto/aes/vpaes-x86_64.o" =>
                 [
                     ".",
@@ -7955,10 +7956,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -10099,6 +10096,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -10732,14 +10733,18 @@ our %unified_info = (
                 [
                     "apps/x509.c",
                 ],
-            "crypto/aes/aes-x86_64.o" =>
+            "crypto/aes/aes_cbc.o" =>
                 [
-                    "crypto/aes/aes-x86_64.s",
+                    "crypto/aes/aes_cbc.c",
                 ],
             "crypto/aes/aes_cfb.o" =>
                 [
                     "crypto/aes/aes_cfb.c",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    "crypto/aes/aes_core.c",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     "crypto/aes/aes_ecb.c",
@@ -10776,10 +10781,6 @@ our %unified_info = (
                 [
                     "crypto/aes/aesni-x86_64.s",
                 ],
-            "crypto/aes/bsaes-x86_64.o" =>
-                [
-                    "crypto/aes/bsaes-x86_64.s",
-                ],
             "crypto/aes/vpaes-x86_64.o" =>
                 [
                     "crypto/aes/vpaes-x86_64.s",
@@ -13473,8 +13474,9 @@ our %unified_info = (
                 ],
             "libcrypto" =>
                 [
-                    "crypto/aes/aes-x86_64.o",
+                    "crypto/aes/aes_cbc.o",
                     "crypto/aes/aes_cfb.o",
+                    "crypto/aes/aes_core.o",
                     "crypto/aes/aes_ecb.o",
                     "crypto/aes/aes_ige.o",
                     "crypto/aes/aes_misc.o",
@@ -13484,7 +13486,6 @@ our %unified_info = (
                     "crypto/aes/aesni-sha1-x86_64.o",
                     "crypto/aes/aesni-sha256-x86_64.o",
                     "crypto/aes/aesni-x86_64.o",
-                    "crypto/aes/bsaes-x86_64.o",
                     "crypto/aes/vpaes-x86_64.o",
                     "crypto/aria/aria.o",
                     "crypto/asn1/a_bitstr.o",
@@ -15387,6 +15388,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15732,6 +15734,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/linux-x86_64/asm/crypto/buildinf.h b/deps/openssl/config/archs/linux-x86_64/asm/crypto/buildinf.h
index feca9239fdd5d7..17e89914852fb5 100644
--- a/deps/openssl/config/archs/linux-x86_64/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-x86_64/asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-x86_64"
-#define DATE "built on: Wed Jun 12 20:55:05 2019 UTC"
+#define DATE "built on: Fri Sep 13 16:00:16 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
@@ -37,11 +37,10 @@ static const char compiler_flags[] = {
     ' ','-','D','S','H','A','5','1','2','_','A','S','M',' ','-','D',
     'K','E','C','C','A','K','1','6','0','0','_','A','S','M',' ','-',
     'D','R','C','4','_','A','S','M',' ','-','D','M','D','5','_','A',
-    'S','M',' ','-','D','A','E','S','_','A','S','M',' ','-','D','V',
-    'P','A','E','S','_','A','S','M',' ','-','D','B','S','A','E','S',
-    '_','A','S','M',' ','-','D','G','H','A','S','H','_','A','S','M',
-    ' ','-','D','E','C','P','_','N','I','S','T','Z','2','5','6','_',
-    'A','S','M',' ','-','D','X','2','5','5','1','9','_','A','S','M',
-    ' ','-','D','P','O','L','Y','1','3','0','5','_','A','S','M',' ',
-    '-','D','N','D','E','B','U','G','\0'
+    'S','M',' ','-','D','V','P','A','E','S','_','A','S','M',' ','-',
+    'D','G','H','A','S','H','_','A','S','M',' ','-','D','E','C','P',
+    '_','N','I','S','T','Z','2','5','6','_','A','S','M',' ','-','D',
+    'X','2','5','5','1','9','_','A','S','M',' ','-','D','P','O','L',
+    'Y','1','3','0','5','_','A','S','M',' ','-','D','N','D','E','B',
+    'U','G','\0'
 };
diff --git a/deps/openssl/config/archs/linux-x86_64/asm/openssl-cl.gypi b/deps/openssl/config/archs/linux-x86_64/asm/openssl-cl.gypi
index b6da61db090acf..b134d72e7dc477 100644
--- a/deps/openssl/config/archs/linux-x86_64/asm/openssl-cl.gypi
+++ b/deps/openssl/config/archs/linux-x86_64/asm/openssl-cl.gypi
@@ -16,9 +16,7 @@
       'KECCAK1600_ASM',
       'RC4_ASM',
       'MD5_ASM',
-      'AES_ASM',
       'VPAES_ASM',
-      'BSAES_ASM',
       'GHASH_ASM',
       'ECP_NISTZ256_ASM',
       'X25519_ASM',
diff --git a/deps/openssl/config/archs/linux-x86_64/asm/openssl.gypi b/deps/openssl/config/archs/linux-x86_64/asm/openssl.gypi
index a76b3ddc19c3ae..92491dbd9f1334 100644
--- a/deps/openssl/config/archs/linux-x86_64/asm/openssl.gypi
+++ b/deps/openssl/config/archs/linux-x86_64/asm/openssl.gypi
@@ -45,7 +45,9 @@
       'openssl/ssl/t1_trce.c',
       'openssl/ssl/tls13_enc.c',
       'openssl/ssl/tls_srp.c',
+      'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
+      'openssl/crypto/aes/aes_core.c',
       'openssl/crypto/aes/aes_ecb.c',
       'openssl/crypto/aes/aes_ige.c',
       'openssl/crypto/aes/aes_misc.c',
@@ -675,12 +677,10 @@
       'openssl/engines/e_padlock.c',
     ],
     'openssl_sources_linux-x86_64': [
-      './config/archs/linux-x86_64/asm/crypto/aes/aes-x86_64.s',
       './config/archs/linux-x86_64/asm/crypto/aes/aesni-mb-x86_64.s',
       './config/archs/linux-x86_64/asm/crypto/aes/aesni-sha1-x86_64.s',
       './config/archs/linux-x86_64/asm/crypto/aes/aesni-sha256-x86_64.s',
       './config/archs/linux-x86_64/asm/crypto/aes/aesni-x86_64.s',
-      './config/archs/linux-x86_64/asm/crypto/aes/bsaes-x86_64.s',
       './config/archs/linux-x86_64/asm/crypto/aes/vpaes-x86_64.s',
       './config/archs/linux-x86_64/asm/crypto/bn/rsaz-avx2.s',
       './config/archs/linux-x86_64/asm/crypto/bn/rsaz-x86_64.s',
@@ -723,9 +723,7 @@
       'KECCAK1600_ASM',
       'RC4_ASM',
       'MD5_ASM',
-      'AES_ASM',
       'VPAES_ASM',
-      'BSAES_ASM',
       'GHASH_ASM',
       'ECP_NISTZ256_ASM',
       'X25519_ASM',
diff --git a/deps/openssl/config/archs/linux-x86_64/asm_avx2/configdata.pm b/deps/openssl/config/archs/linux-x86_64/asm_avx2/configdata.pm
index 3bd11714e44131..b2a66729ebcce6 100644
--- a/deps/openssl/config/archs/linux-x86_64/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/linux-x86_64/asm_avx2/configdata.pm
@@ -49,7 +49,7 @@ our %config = (
   export_var_as_fn => "0",
   includes => [  ],
   lflags => [  ],
-  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_MONT5", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "KECCAK1600_ASM", "RC4_ASM", "MD5_ASM", "AES_ASM", "VPAES_ASM", "BSAES_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "X25519_ASM", "POLY1305_ASM" ],
+  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_MONT5", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "KECCAK1600_ASM", "RC4_ASM", "MD5_ASM", "VPAES_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "X25519_ASM", "POLY1305_ASM" ],
   libdir => "",
   major => "1",
   makedepprog => "\$(CROSS_COMPILE)../config/fake_gcc.pl",
@@ -112,8 +112,8 @@ our %config = (
   sourcedir => ".",
   target => "linux-x86_64",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -127,8 +127,8 @@ our %target = (
   RANLIB => "ranlib",
   RC => "windres",
   _conf_fname_int => [ "Configurations/00-base-templates.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/10-main.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/shared-info.pl" ],
-  aes_asm_src => "aes-x86_64.s vpaes-x86_64.s bsaes-x86_64.s aesni-x86_64.s aesni-sha1-x86_64.s aesni-sha256-x86_64.s aesni-mb-x86_64.s",
-  aes_obj => "aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o",
+  aes_asm_src => "aes_core.c aes_cbc.c vpaes-x86_64.s aesni-x86_64.s aesni-sha1-x86_64.s aesni-sha256-x86_64.s aesni-mb-x86_64.s",
+  aes_obj => "aes_core.o aes_cbc.o vpaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o",
   apps_aux_src => "",
   apps_init_src => "",
   apps_obj => "",
@@ -1698,8 +1698,9 @@ our %unified_info = (
                 {
                     "deps" =>
                         [
-                            "crypto/aes/aes-x86_64.o",
+                            "crypto/aes/aes_cbc.o",
                             "crypto/aes/aes_cfb.o",
+                            "crypto/aes/aes_core.o",
                             "crypto/aes/aes_ecb.o",
                             "crypto/aes/aes_ige.o",
                             "crypto/aes/aes_misc.o",
@@ -1709,7 +1710,6 @@ our %unified_info = (
                             "crypto/aes/aesni-sha1-x86_64.o",
                             "crypto/aes/aesni-sha256-x86_64.o",
                             "crypto/aes/aesni-x86_64.o",
-                            "crypto/aes/bsaes-x86_64.o",
                             "crypto/aes/vpaes-x86_64.o",
                         ],
                     "products" =>
@@ -3264,6 +3264,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -4905,7 +4906,7 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/aes/aes-x86_64.o" =>
+            "crypto/aes/aes_cbc.o" =>
                 [
                     ".",
                     "crypto/include",
@@ -4917,6 +4918,12 @@ our %unified_info = (
                     "crypto/include",
                     "include",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     ".",
@@ -4987,12 +4994,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/aes/bsaes-x86_64.o" =>
-                [
-                    ".",
-                    "crypto/include",
-                    "include",
-                ],
             "crypto/aes/vpaes-x86_64.o" =>
                 [
                     ".",
@@ -7955,10 +7956,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -10099,6 +10096,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -10732,14 +10733,18 @@ our %unified_info = (
                 [
                     "apps/x509.c",
                 ],
-            "crypto/aes/aes-x86_64.o" =>
+            "crypto/aes/aes_cbc.o" =>
                 [
-                    "crypto/aes/aes-x86_64.s",
+                    "crypto/aes/aes_cbc.c",
                 ],
             "crypto/aes/aes_cfb.o" =>
                 [
                     "crypto/aes/aes_cfb.c",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    "crypto/aes/aes_core.c",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     "crypto/aes/aes_ecb.c",
@@ -10776,10 +10781,6 @@ our %unified_info = (
                 [
                     "crypto/aes/aesni-x86_64.s",
                 ],
-            "crypto/aes/bsaes-x86_64.o" =>
-                [
-                    "crypto/aes/bsaes-x86_64.s",
-                ],
             "crypto/aes/vpaes-x86_64.o" =>
                 [
                     "crypto/aes/vpaes-x86_64.s",
@@ -13473,8 +13474,9 @@ our %unified_info = (
                 ],
             "libcrypto" =>
                 [
-                    "crypto/aes/aes-x86_64.o",
+                    "crypto/aes/aes_cbc.o",
                     "crypto/aes/aes_cfb.o",
+                    "crypto/aes/aes_core.o",
                     "crypto/aes/aes_ecb.o",
                     "crypto/aes/aes_ige.o",
                     "crypto/aes/aes_misc.o",
@@ -13484,7 +13486,6 @@ our %unified_info = (
                     "crypto/aes/aesni-sha1-x86_64.o",
                     "crypto/aes/aesni-sha256-x86_64.o",
                     "crypto/aes/aesni-x86_64.o",
-                    "crypto/aes/bsaes-x86_64.o",
                     "crypto/aes/vpaes-x86_64.o",
                     "crypto/aria/aria.o",
                     "crypto/asn1/a_bitstr.o",
@@ -15387,6 +15388,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15732,6 +15734,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/linux-x86_64/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/linux-x86_64/asm_avx2/crypto/buildinf.h
index c6d20c88a865d4..51e776d7cb1ade 100644
--- a/deps/openssl/config/archs/linux-x86_64/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-x86_64/asm_avx2/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-x86_64"
-#define DATE "built on: Wed Jun 12 20:55:14 2019 UTC"
+#define DATE "built on: Fri Sep 13 16:00:30 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
@@ -38,11 +38,10 @@ static const char compiler_flags[] = {
     'S','M',' ','-','D','S','H','A','5','1','2','_','A','S','M',' ',
     '-','D','K','E','C','C','A','K','1','6','0','0','_','A','S','M',
     ' ','-','D','R','C','4','_','A','S','M',' ','-','D','M','D','5',
-    '_','A','S','M',' ','-','D','A','E','S','_','A','S','M',' ','-',
-    'D','V','P','A','E','S','_','A','S','M',' ','-','D','B','S','A',
-    'E','S','_','A','S','M',' ','-','D','G','H','A','S','H','_','A',
-    'S','M',' ','-','D','E','C','P','_','N','I','S','T','Z','2','5',
-    '6','_','A','S','M',' ','-','D','X','2','5','5','1','9','_','A',
-    'S','M',' ','-','D','P','O','L','Y','1','3','0','5','_','A','S',
-    'M',' ','-','D','N','D','E','B','U','G','\0'
+    '_','A','S','M',' ','-','D','V','P','A','E','S','_','A','S','M',
+    ' ','-','D','G','H','A','S','H','_','A','S','M',' ','-','D','E',
+    'C','P','_','N','I','S','T','Z','2','5','6','_','A','S','M',' ',
+    '-','D','X','2','5','5','1','9','_','A','S','M',' ','-','D','P',
+    'O','L','Y','1','3','0','5','_','A','S','M',' ','-','D','N','D',
+    'E','B','U','G','\0'
 };
diff --git a/deps/openssl/config/archs/linux-x86_64/asm_avx2/openssl-cl.gypi b/deps/openssl/config/archs/linux-x86_64/asm_avx2/openssl-cl.gypi
index b6da61db090acf..b134d72e7dc477 100644
--- a/deps/openssl/config/archs/linux-x86_64/asm_avx2/openssl-cl.gypi
+++ b/deps/openssl/config/archs/linux-x86_64/asm_avx2/openssl-cl.gypi
@@ -16,9 +16,7 @@
       'KECCAK1600_ASM',
       'RC4_ASM',
       'MD5_ASM',
-      'AES_ASM',
       'VPAES_ASM',
-      'BSAES_ASM',
       'GHASH_ASM',
       'ECP_NISTZ256_ASM',
       'X25519_ASM',
diff --git a/deps/openssl/config/archs/linux-x86_64/asm_avx2/openssl.gypi b/deps/openssl/config/archs/linux-x86_64/asm_avx2/openssl.gypi
index c141efdc861eb4..05ee0df141731d 100644
--- a/deps/openssl/config/archs/linux-x86_64/asm_avx2/openssl.gypi
+++ b/deps/openssl/config/archs/linux-x86_64/asm_avx2/openssl.gypi
@@ -45,7 +45,9 @@
       'openssl/ssl/t1_trce.c',
       'openssl/ssl/tls13_enc.c',
       'openssl/ssl/tls_srp.c',
+      'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
+      'openssl/crypto/aes/aes_core.c',
       'openssl/crypto/aes/aes_ecb.c',
       'openssl/crypto/aes/aes_ige.c',
       'openssl/crypto/aes/aes_misc.c',
@@ -675,12 +677,10 @@
       'openssl/engines/e_padlock.c',
     ],
     'openssl_sources_linux-x86_64': [
-      './config/archs/linux-x86_64/asm_avx2/crypto/aes/aes-x86_64.s',
       './config/archs/linux-x86_64/asm_avx2/crypto/aes/aesni-mb-x86_64.s',
       './config/archs/linux-x86_64/asm_avx2/crypto/aes/aesni-sha1-x86_64.s',
       './config/archs/linux-x86_64/asm_avx2/crypto/aes/aesni-sha256-x86_64.s',
       './config/archs/linux-x86_64/asm_avx2/crypto/aes/aesni-x86_64.s',
-      './config/archs/linux-x86_64/asm_avx2/crypto/aes/bsaes-x86_64.s',
       './config/archs/linux-x86_64/asm_avx2/crypto/aes/vpaes-x86_64.s',
       './config/archs/linux-x86_64/asm_avx2/crypto/bn/rsaz-avx2.s',
       './config/archs/linux-x86_64/asm_avx2/crypto/bn/rsaz-x86_64.s',
@@ -723,9 +723,7 @@
       'KECCAK1600_ASM',
       'RC4_ASM',
       'MD5_ASM',
-      'AES_ASM',
       'VPAES_ASM',
-      'BSAES_ASM',
       'GHASH_ASM',
       'ECP_NISTZ256_ASM',
       'X25519_ASM',
diff --git a/deps/openssl/config/archs/linux-x86_64/no-asm/configdata.pm b/deps/openssl/config/archs/linux-x86_64/no-asm/configdata.pm
index c1bf09deb1375c..93da6e96905edd 100644
--- a/deps/openssl/config/archs/linux-x86_64/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/linux-x86_64/no-asm/configdata.pm
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "linux-x86_64",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -3226,6 +3226,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7827,10 +7828,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -9923,6 +9920,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15096,6 +15097,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15441,6 +15443,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/linux-x86_64/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/linux-x86_64/no-asm/crypto/buildinf.h
index a2efd7befa0316..df3083b539c028 100644
--- a/deps/openssl/config/archs/linux-x86_64/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux-x86_64/no-asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux-x86_64"
-#define DATE "built on: Wed Jun 12 20:55:24 2019 UTC"
+#define DATE "built on: Fri Sep 13 16:00:45 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux32-s390x/asm/configdata.pm b/deps/openssl/config/archs/linux32-s390x/asm/configdata.pm
index b18496dc588152..02768931a01019 100644
--- a/deps/openssl/config/archs/linux32-s390x/asm/configdata.pm
+++ b/deps/openssl/config/archs/linux32-s390x/asm/configdata.pm
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "linux32-s390x",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -3233,6 +3233,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7836,7 +7837,6 @@ our %unified_info = (
                     ".",
                     "crypto/include",
                     "include",
-                    "crypto",
                 ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
@@ -9942,6 +9942,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15145,6 +15149,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15490,6 +15495,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/linux32-s390x/asm/crypto/buildinf.h b/deps/openssl/config/archs/linux32-s390x/asm/crypto/buildinf.h
index 85f76e96e4149d..e5da8365c7a61d 100644
--- a/deps/openssl/config/archs/linux32-s390x/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux32-s390x/asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux32-s390x"
-#define DATE "built on: Wed Jun 12 20:55:54 2019 UTC"
+#define DATE "built on: Fri Sep 13 16:01:33 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux32-s390x/asm_avx2/configdata.pm b/deps/openssl/config/archs/linux32-s390x/asm_avx2/configdata.pm
index 7848fb6a662173..96ab247e83743d 100644
--- a/deps/openssl/config/archs/linux32-s390x/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/linux32-s390x/asm_avx2/configdata.pm
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "linux32-s390x",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -3233,6 +3233,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7836,7 +7837,6 @@ our %unified_info = (
                     ".",
                     "crypto/include",
                     "include",
-                    "crypto",
                 ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
@@ -9942,6 +9942,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15145,6 +15149,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15490,6 +15495,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/linux32-s390x/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/linux32-s390x/asm_avx2/crypto/buildinf.h
index 2cb993418c7787..71628ed04c6c4f 100644
--- a/deps/openssl/config/archs/linux32-s390x/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux32-s390x/asm_avx2/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux32-s390x"
-#define DATE "built on: Wed Jun 12 20:55:56 2019 UTC"
+#define DATE "built on: Fri Sep 13 16:01:37 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux32-s390x/no-asm/configdata.pm b/deps/openssl/config/archs/linux32-s390x/no-asm/configdata.pm
index fbb44057acf50f..1fcc3a092d63ba 100644
--- a/deps/openssl/config/archs/linux32-s390x/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/linux32-s390x/no-asm/configdata.pm
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "linux32-s390x",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -3225,6 +3225,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7820,10 +7821,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -9916,6 +9913,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15084,6 +15085,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15429,6 +15431,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/linux32-s390x/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/linux32-s390x/no-asm/crypto/buildinf.h
index 3777a91391843a..e7256e3f12adc9 100644
--- a/deps/openssl/config/archs/linux32-s390x/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux32-s390x/no-asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux32-s390x"
-#define DATE "built on: Wed Jun 12 20:55:59 2019 UTC"
+#define DATE "built on: Fri Sep 13 16:01:41 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux64-mips64/asm/configdata.pm b/deps/openssl/config/archs/linux64-mips64/asm/configdata.pm
index 3ea6d4bcc9b79d..6d77d25fe39da0 100644
--- a/deps/openssl/config/archs/linux64-mips64/asm/configdata.pm
+++ b/deps/openssl/config/archs/linux64-mips64/asm/configdata.pm
@@ -26,6 +26,7 @@ our %config = (
   PERL => "/usr/bin/perl",
   RANLIB => "ranlib",
   RC => "windres",
+  RCFLAGS => [  ],
   b32 => "0",
   b64 => "0",
   b64l => "1",
@@ -35,10 +36,10 @@ our %config = (
   build_infos => [ "./build.info", "crypto/build.info", "ssl/build.info", "engines/build.info", "apps/build.info", "test/build.info", "util/build.info", "tools/build.info", "fuzz/build.info", "crypto/objects/build.info", "crypto/md4/build.info", "crypto/md5/build.info", "crypto/sha/build.info", "crypto/mdc2/build.info", "crypto/hmac/build.info", "crypto/ripemd/build.info", "crypto/whrlpool/build.info", "crypto/poly1305/build.info", "crypto/blake2/build.info", "crypto/siphash/build.info", "crypto/sm3/build.info", "crypto/des/build.info", "crypto/aes/build.info", "crypto/rc2/build.info", "crypto/rc4/build.info", "crypto/idea/build.info", "crypto/aria/build.info", "crypto/bf/build.info", "crypto/cast/build.info", "crypto/camellia/build.info", "crypto/seed/build.info", "crypto/sm4/build.info", "crypto/chacha/build.info", "crypto/modes/build.info", "crypto/bn/build.info", "crypto/ec/build.info", "crypto/rsa/build.info", "crypto/dsa/build.info", "crypto/dh/build.info", "crypto/sm2/build.info", "crypto/dso/build.info", "crypto/engine/build.info", "crypto/buffer/build.info", "crypto/bio/build.info", "crypto/stack/build.info", "crypto/lhash/build.info", "crypto/rand/build.info", "crypto/err/build.info", "crypto/evp/build.info", "crypto/asn1/build.info", "crypto/pem/build.info", "crypto/x509/build.info", "crypto/x509v3/build.info", "crypto/conf/build.info", "crypto/txt_db/build.info", "crypto/pkcs7/build.info", "crypto/pkcs12/build.info", "crypto/ocsp/build.info", "crypto/ui/build.info", "crypto/cms/build.info", "crypto/ts/build.info", "crypto/srp/build.info", "crypto/cmac/build.info", "crypto/ct/build.info", "crypto/async/build.info", "crypto/kdf/build.info", "crypto/store/build.info", "test/ossl_shim/build.info" ],
   build_type => "release",
   builddir => ".",
-  cflags => [ "-mips3", "-Wa,--noexecstack" ],
-  conf_files => [ "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/shared-info.pl" ],
+  cflags => [ "-Wa,--noexecstack" ],
+  conf_files => [ "Configurations/00-base-templates.conf", "Configurations/10-main.conf" ],
   cppflags => [  ],
-  cxxflags => [ "-mips3" ],
+  cxxflags => [  ],
   defines => [ "NDEBUG" ],
   dirs => [ "crypto", "ssl", "engines", "apps", "test", "util", "tools", "fuzz" ],
   dynamic_engines => "0",
@@ -58,10 +59,10 @@ our %config = (
   openssl_sys_defines => [  ],
   openssl_thread_defines => [ "OPENSSL_THREADS" ],
   openssldir => "",
-  options => "enable-ssl-trace no-afalgeng no-asan no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-heartbeats no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-ubsan no-unit-test no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-  perl_archname => "mips64el-linux-thread-multi",
+  options => "enable-ssl-trace no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-heartbeats no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-ubsan no-unit-test no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
+  perl_archname => "x86_64-linux-gnu-thread-multi",
   perl_cmd => "/usr/bin/perl",
-  perl_version => "5.18.4",
+  perl_version => "5.28.1",
   perlargv => [ "no-comp", "no-shared", "no-afalgeng", "enable-ssl-trace", "linux64-mips64" ],
   perlenv => {
       "AR" => undef,
@@ -110,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "linux64-mips64",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1b",
-  version_num => "0x1010102fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -222,6 +223,7 @@ our @disablables = (
   "autoload-config",
   "bf",
   "blake2",
+  "buildtest-c\\+\\+",
   "camellia",
   "capieng",
   "cast",
@@ -238,7 +240,6 @@ our @disablables = (
   "dgram",
   "dh",
   "dsa",
-  "dso",
   "dtls",
   "dynamic-engine",
   "ec",
@@ -322,11 +323,12 @@ our @disablables = (
 our %disabled = (
   "afalgeng" => "option",
   "asan" => "default",
+  "buildtest-c++" => "default",
   "comp" => "option",
   "crypto-mdebug" => "default",
   "crypto-mdebug-backtrace" => "default",
   "devcryptoeng" => "default",
-  "dynamic-engine" => "forced",
+  "dynamic-engine" => "cascade",
   "ec_nistp_64_gcc_128" => "default",
   "egd" => "default",
   "external-tests" => "default",
@@ -803,342 +805,342 @@ our %unified_info = (
                     "libcrypto",
                     "test/libtestutil.a",
                 ],
-            "test/buildtest_aes" =>
+            "test/buildtest_c_aes" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_asn1" =>
+            "test/buildtest_c_asn1" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_asn1t" =>
+            "test/buildtest_c_asn1t" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_async" =>
+            "test/buildtest_c_async" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_bio" =>
+            "test/buildtest_c_bio" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_blowfish" =>
+            "test/buildtest_c_blowfish" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_bn" =>
+            "test/buildtest_c_bn" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_buffer" =>
+            "test/buildtest_c_buffer" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_camellia" =>
+            "test/buildtest_c_camellia" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_cast" =>
+            "test/buildtest_c_cast" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_cmac" =>
+            "test/buildtest_c_cmac" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_cms" =>
+            "test/buildtest_c_cms" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_conf" =>
+            "test/buildtest_c_conf" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_conf_api" =>
+            "test/buildtest_c_conf_api" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_crypto" =>
+            "test/buildtest_c_crypto" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_ct" =>
+            "test/buildtest_c_ct" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_des" =>
+            "test/buildtest_c_des" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_dh" =>
+            "test/buildtest_c_dh" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_dsa" =>
+            "test/buildtest_c_dsa" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_dtls1" =>
+            "test/buildtest_c_dtls1" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_e_os2" =>
+            "test/buildtest_c_e_os2" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_ebcdic" =>
+            "test/buildtest_c_ebcdic" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_ec" =>
+            "test/buildtest_c_ec" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_ecdh" =>
+            "test/buildtest_c_ecdh" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_ecdsa" =>
+            "test/buildtest_c_ecdsa" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_engine" =>
+            "test/buildtest_c_engine" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_evp" =>
+            "test/buildtest_c_evp" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_hmac" =>
+            "test/buildtest_c_hmac" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_idea" =>
+            "test/buildtest_c_idea" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_kdf" =>
+            "test/buildtest_c_kdf" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_lhash" =>
+            "test/buildtest_c_lhash" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_md4" =>
+            "test/buildtest_c_md4" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_md5" =>
+            "test/buildtest_c_md5" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_mdc2" =>
+            "test/buildtest_c_mdc2" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_modes" =>
+            "test/buildtest_c_modes" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_obj_mac" =>
+            "test/buildtest_c_obj_mac" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_objects" =>
+            "test/buildtest_c_objects" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_ocsp" =>
+            "test/buildtest_c_ocsp" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_opensslv" =>
+            "test/buildtest_c_opensslv" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_ossl_typ" =>
+            "test/buildtest_c_ossl_typ" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_pem" =>
+            "test/buildtest_c_pem" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_pem2" =>
+            "test/buildtest_c_pem2" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_pkcs12" =>
+            "test/buildtest_c_pkcs12" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_pkcs7" =>
+            "test/buildtest_c_pkcs7" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_rand" =>
+            "test/buildtest_c_rand" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_rand_drbg" =>
+            "test/buildtest_c_rand_drbg" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_rc2" =>
+            "test/buildtest_c_rc2" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_rc4" =>
+            "test/buildtest_c_rc4" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_ripemd" =>
+            "test/buildtest_c_ripemd" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_rsa" =>
+            "test/buildtest_c_rsa" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_safestack" =>
+            "test/buildtest_c_safestack" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_seed" =>
+            "test/buildtest_c_seed" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_sha" =>
+            "test/buildtest_c_sha" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_srp" =>
+            "test/buildtest_c_srp" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_srtp" =>
+            "test/buildtest_c_srtp" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_ssl" =>
+            "test/buildtest_c_ssl" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_ssl2" =>
+            "test/buildtest_c_ssl2" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_stack" =>
+            "test/buildtest_c_stack" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_store" =>
+            "test/buildtest_c_store" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_symhacks" =>
+            "test/buildtest_c_symhacks" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_tls1" =>
+            "test/buildtest_c_tls1" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_ts" =>
+            "test/buildtest_c_ts" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_txt_db" =>
+            "test/buildtest_c_txt_db" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_ui" =>
+            "test/buildtest_c_ui" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_whrlpool" =>
+            "test/buildtest_c_whrlpool" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_x509" =>
+            "test/buildtest_c_x509" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_x509_vfy" =>
+            "test/buildtest_c_x509_vfy" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_x509v3" =>
+            "test/buildtest_c_x509v3" =>
                 [
                     "libcrypto",
                     "libssl",
@@ -3230,6 +3232,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7831,10 +7834,6 @@ our %unified_info = (
                     "include",
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -9936,6 +9935,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -10078,74 +10081,74 @@ our %unified_info = (
             "test/bio_memleak_test",
             "test/bioprinttest",
             "test/bntest",
-            "test/buildtest_aes",
-            "test/buildtest_asn1",
-            "test/buildtest_asn1t",
-            "test/buildtest_async",
-            "test/buildtest_bio",
-            "test/buildtest_blowfish",
-            "test/buildtest_bn",
-            "test/buildtest_buffer",
-            "test/buildtest_camellia",
-            "test/buildtest_cast",
-            "test/buildtest_cmac",
-            "test/buildtest_cms",
-            "test/buildtest_conf",
-            "test/buildtest_conf_api",
-            "test/buildtest_crypto",
-            "test/buildtest_ct",
-            "test/buildtest_des",
-            "test/buildtest_dh",
-            "test/buildtest_dsa",
-            "test/buildtest_dtls1",
-            "test/buildtest_e_os2",
-            "test/buildtest_ebcdic",
-            "test/buildtest_ec",
-            "test/buildtest_ecdh",
-            "test/buildtest_ecdsa",
-            "test/buildtest_engine",
-            "test/buildtest_evp",
-            "test/buildtest_hmac",
-            "test/buildtest_idea",
-            "test/buildtest_kdf",
-            "test/buildtest_lhash",
-            "test/buildtest_md4",
-            "test/buildtest_md5",
-            "test/buildtest_mdc2",
-            "test/buildtest_modes",
-            "test/buildtest_obj_mac",
-            "test/buildtest_objects",
-            "test/buildtest_ocsp",
-            "test/buildtest_opensslv",
-            "test/buildtest_ossl_typ",
-            "test/buildtest_pem",
-            "test/buildtest_pem2",
-            "test/buildtest_pkcs12",
-            "test/buildtest_pkcs7",
-            "test/buildtest_rand",
-            "test/buildtest_rand_drbg",
-            "test/buildtest_rc2",
-            "test/buildtest_rc4",
-            "test/buildtest_ripemd",
-            "test/buildtest_rsa",
-            "test/buildtest_safestack",
-            "test/buildtest_seed",
-            "test/buildtest_sha",
-            "test/buildtest_srp",
-            "test/buildtest_srtp",
-            "test/buildtest_ssl",
-            "test/buildtest_ssl2",
-            "test/buildtest_stack",
-            "test/buildtest_store",
-            "test/buildtest_symhacks",
-            "test/buildtest_tls1",
-            "test/buildtest_ts",
-            "test/buildtest_txt_db",
-            "test/buildtest_ui",
-            "test/buildtest_whrlpool",
-            "test/buildtest_x509",
-            "test/buildtest_x509_vfy",
-            "test/buildtest_x509v3",
+            "test/buildtest_c_aes",
+            "test/buildtest_c_asn1",
+            "test/buildtest_c_asn1t",
+            "test/buildtest_c_async",
+            "test/buildtest_c_bio",
+            "test/buildtest_c_blowfish",
+            "test/buildtest_c_bn",
+            "test/buildtest_c_buffer",
+            "test/buildtest_c_camellia",
+            "test/buildtest_c_cast",
+            "test/buildtest_c_cmac",
+            "test/buildtest_c_cms",
+            "test/buildtest_c_conf",
+            "test/buildtest_c_conf_api",
+            "test/buildtest_c_crypto",
+            "test/buildtest_c_ct",
+            "test/buildtest_c_des",
+            "test/buildtest_c_dh",
+            "test/buildtest_c_dsa",
+            "test/buildtest_c_dtls1",
+            "test/buildtest_c_e_os2",
+            "test/buildtest_c_ebcdic",
+            "test/buildtest_c_ec",
+            "test/buildtest_c_ecdh",
+            "test/buildtest_c_ecdsa",
+            "test/buildtest_c_engine",
+            "test/buildtest_c_evp",
+            "test/buildtest_c_hmac",
+            "test/buildtest_c_idea",
+            "test/buildtest_c_kdf",
+            "test/buildtest_c_lhash",
+            "test/buildtest_c_md4",
+            "test/buildtest_c_md5",
+            "test/buildtest_c_mdc2",
+            "test/buildtest_c_modes",
+            "test/buildtest_c_obj_mac",
+            "test/buildtest_c_objects",
+            "test/buildtest_c_ocsp",
+            "test/buildtest_c_opensslv",
+            "test/buildtest_c_ossl_typ",
+            "test/buildtest_c_pem",
+            "test/buildtest_c_pem2",
+            "test/buildtest_c_pkcs12",
+            "test/buildtest_c_pkcs7",
+            "test/buildtest_c_rand",
+            "test/buildtest_c_rand_drbg",
+            "test/buildtest_c_rc2",
+            "test/buildtest_c_rc4",
+            "test/buildtest_c_ripemd",
+            "test/buildtest_c_rsa",
+            "test/buildtest_c_safestack",
+            "test/buildtest_c_seed",
+            "test/buildtest_c_sha",
+            "test/buildtest_c_srp",
+            "test/buildtest_c_srtp",
+            "test/buildtest_c_ssl",
+            "test/buildtest_c_ssl2",
+            "test/buildtest_c_stack",
+            "test/buildtest_c_store",
+            "test/buildtest_c_symhacks",
+            "test/buildtest_c_tls1",
+            "test/buildtest_c_ts",
+            "test/buildtest_c_txt_db",
+            "test/buildtest_c_ui",
+            "test/buildtest_c_whrlpool",
+            "test/buildtest_c_x509",
+            "test/buildtest_c_x509_vfy",
+            "test/buildtest_c_x509v3",
             "test/casttest",
             "test/chacha_internal_test",
             "test/cipher_overhead_test",
@@ -14232,545 +14235,545 @@ our %unified_info = (
                 [
                     "test/bntest.c",
                 ],
-            "test/buildtest_aes" =>
-                [
-                    "test/buildtest_aes.o",
-                ],
             "test/buildtest_aes.o" =>
                 [
                     "test/buildtest_aes.c",
                 ],
-            "test/buildtest_asn1" =>
-                [
-                    "test/buildtest_asn1.o",
-                ],
             "test/buildtest_asn1.o" =>
                 [
                     "test/buildtest_asn1.c",
                 ],
-            "test/buildtest_asn1t" =>
-                [
-                    "test/buildtest_asn1t.o",
-                ],
             "test/buildtest_asn1t.o" =>
                 [
                     "test/buildtest_asn1t.c",
                 ],
-            "test/buildtest_async" =>
-                [
-                    "test/buildtest_async.o",
-                ],
             "test/buildtest_async.o" =>
                 [
                     "test/buildtest_async.c",
                 ],
-            "test/buildtest_bio" =>
-                [
-                    "test/buildtest_bio.o",
-                ],
             "test/buildtest_bio.o" =>
                 [
                     "test/buildtest_bio.c",
                 ],
-            "test/buildtest_blowfish" =>
-                [
-                    "test/buildtest_blowfish.o",
-                ],
             "test/buildtest_blowfish.o" =>
                 [
                     "test/buildtest_blowfish.c",
                 ],
-            "test/buildtest_bn" =>
-                [
-                    "test/buildtest_bn.o",
-                ],
             "test/buildtest_bn.o" =>
                 [
                     "test/buildtest_bn.c",
                 ],
-            "test/buildtest_buffer" =>
-                [
-                    "test/buildtest_buffer.o",
-                ],
             "test/buildtest_buffer.o" =>
                 [
                     "test/buildtest_buffer.c",
                 ],
-            "test/buildtest_camellia" =>
+            "test/buildtest_c_aes" =>
                 [
-                    "test/buildtest_camellia.o",
+                    "test/buildtest_aes.o",
                 ],
-            "test/buildtest_camellia.o" =>
+            "test/buildtest_c_asn1" =>
                 [
-                    "test/buildtest_camellia.c",
+                    "test/buildtest_asn1.o",
                 ],
-            "test/buildtest_cast" =>
+            "test/buildtest_c_asn1t" =>
                 [
-                    "test/buildtest_cast.o",
+                    "test/buildtest_asn1t.o",
                 ],
-            "test/buildtest_cast.o" =>
+            "test/buildtest_c_async" =>
                 [
-                    "test/buildtest_cast.c",
+                    "test/buildtest_async.o",
                 ],
-            "test/buildtest_cmac" =>
+            "test/buildtest_c_bio" =>
                 [
-                    "test/buildtest_cmac.o",
+                    "test/buildtest_bio.o",
                 ],
-            "test/buildtest_cmac.o" =>
+            "test/buildtest_c_blowfish" =>
                 [
-                    "test/buildtest_cmac.c",
+                    "test/buildtest_blowfish.o",
                 ],
-            "test/buildtest_cms" =>
+            "test/buildtest_c_bn" =>
                 [
-                    "test/buildtest_cms.o",
+                    "test/buildtest_bn.o",
                 ],
-            "test/buildtest_cms.o" =>
+            "test/buildtest_c_buffer" =>
                 [
-                    "test/buildtest_cms.c",
+                    "test/buildtest_buffer.o",
                 ],
-            "test/buildtest_conf" =>
+            "test/buildtest_c_camellia" =>
                 [
-                    "test/buildtest_conf.o",
+                    "test/buildtest_camellia.o",
                 ],
-            "test/buildtest_conf.o" =>
+            "test/buildtest_c_cast" =>
                 [
-                    "test/buildtest_conf.c",
+                    "test/buildtest_cast.o",
                 ],
-            "test/buildtest_conf_api" =>
+            "test/buildtest_c_cmac" =>
                 [
-                    "test/buildtest_conf_api.o",
+                    "test/buildtest_cmac.o",
                 ],
-            "test/buildtest_conf_api.o" =>
+            "test/buildtest_c_cms" =>
                 [
-                    "test/buildtest_conf_api.c",
+                    "test/buildtest_cms.o",
                 ],
-            "test/buildtest_crypto" =>
+            "test/buildtest_c_conf" =>
                 [
-                    "test/buildtest_crypto.o",
+                    "test/buildtest_conf.o",
                 ],
-            "test/buildtest_crypto.o" =>
+            "test/buildtest_c_conf_api" =>
                 [
-                    "test/buildtest_crypto.c",
+                    "test/buildtest_conf_api.o",
                 ],
-            "test/buildtest_ct" =>
+            "test/buildtest_c_crypto" =>
                 [
-                    "test/buildtest_ct.o",
+                    "test/buildtest_crypto.o",
                 ],
-            "test/buildtest_ct.o" =>
+            "test/buildtest_c_ct" =>
                 [
-                    "test/buildtest_ct.c",
+                    "test/buildtest_ct.o",
                 ],
-            "test/buildtest_des" =>
+            "test/buildtest_c_des" =>
                 [
                     "test/buildtest_des.o",
                 ],
-            "test/buildtest_des.o" =>
+            "test/buildtest_c_dh" =>
                 [
-                    "test/buildtest_des.c",
+                    "test/buildtest_dh.o",
                 ],
-            "test/buildtest_dh" =>
+            "test/buildtest_c_dsa" =>
                 [
-                    "test/buildtest_dh.o",
+                    "test/buildtest_dsa.o",
                 ],
-            "test/buildtest_dh.o" =>
+            "test/buildtest_c_dtls1" =>
                 [
-                    "test/buildtest_dh.c",
+                    "test/buildtest_dtls1.o",
                 ],
-            "test/buildtest_dsa" =>
+            "test/buildtest_c_e_os2" =>
                 [
-                    "test/buildtest_dsa.o",
+                    "test/buildtest_e_os2.o",
                 ],
-            "test/buildtest_dsa.o" =>
+            "test/buildtest_c_ebcdic" =>
                 [
-                    "test/buildtest_dsa.c",
+                    "test/buildtest_ebcdic.o",
                 ],
-            "test/buildtest_dtls1" =>
+            "test/buildtest_c_ec" =>
                 [
-                    "test/buildtest_dtls1.o",
+                    "test/buildtest_ec.o",
                 ],
-            "test/buildtest_dtls1.o" =>
+            "test/buildtest_c_ecdh" =>
                 [
-                    "test/buildtest_dtls1.c",
+                    "test/buildtest_ecdh.o",
                 ],
-            "test/buildtest_e_os2" =>
+            "test/buildtest_c_ecdsa" =>
                 [
-                    "test/buildtest_e_os2.o",
+                    "test/buildtest_ecdsa.o",
                 ],
-            "test/buildtest_e_os2.o" =>
+            "test/buildtest_c_engine" =>
                 [
-                    "test/buildtest_e_os2.c",
+                    "test/buildtest_engine.o",
                 ],
-            "test/buildtest_ebcdic" =>
+            "test/buildtest_c_evp" =>
                 [
-                    "test/buildtest_ebcdic.o",
+                    "test/buildtest_evp.o",
                 ],
-            "test/buildtest_ebcdic.o" =>
+            "test/buildtest_c_hmac" =>
                 [
-                    "test/buildtest_ebcdic.c",
+                    "test/buildtest_hmac.o",
                 ],
-            "test/buildtest_ec" =>
+            "test/buildtest_c_idea" =>
                 [
-                    "test/buildtest_ec.o",
+                    "test/buildtest_idea.o",
                 ],
-            "test/buildtest_ec.o" =>
+            "test/buildtest_c_kdf" =>
                 [
-                    "test/buildtest_ec.c",
+                    "test/buildtest_kdf.o",
                 ],
-            "test/buildtest_ecdh" =>
+            "test/buildtest_c_lhash" =>
                 [
-                    "test/buildtest_ecdh.o",
+                    "test/buildtest_lhash.o",
                 ],
-            "test/buildtest_ecdh.o" =>
+            "test/buildtest_c_md4" =>
                 [
-                    "test/buildtest_ecdh.c",
+                    "test/buildtest_md4.o",
                 ],
-            "test/buildtest_ecdsa" =>
+            "test/buildtest_c_md5" =>
                 [
-                    "test/buildtest_ecdsa.o",
+                    "test/buildtest_md5.o",
                 ],
-            "test/buildtest_ecdsa.o" =>
+            "test/buildtest_c_mdc2" =>
                 [
-                    "test/buildtest_ecdsa.c",
+                    "test/buildtest_mdc2.o",
                 ],
-            "test/buildtest_engine" =>
+            "test/buildtest_c_modes" =>
                 [
-                    "test/buildtest_engine.o",
+                    "test/buildtest_modes.o",
                 ],
-            "test/buildtest_engine.o" =>
+            "test/buildtest_c_obj_mac" =>
                 [
-                    "test/buildtest_engine.c",
+                    "test/buildtest_obj_mac.o",
                 ],
-            "test/buildtest_evp" =>
+            "test/buildtest_c_objects" =>
                 [
-                    "test/buildtest_evp.o",
+                    "test/buildtest_objects.o",
                 ],
-            "test/buildtest_evp.o" =>
+            "test/buildtest_c_ocsp" =>
                 [
-                    "test/buildtest_evp.c",
+                    "test/buildtest_ocsp.o",
                 ],
-            "test/buildtest_hmac" =>
+            "test/buildtest_c_opensslv" =>
                 [
-                    "test/buildtest_hmac.o",
+                    "test/buildtest_opensslv.o",
                 ],
-            "test/buildtest_hmac.o" =>
+            "test/buildtest_c_ossl_typ" =>
                 [
-                    "test/buildtest_hmac.c",
+                    "test/buildtest_ossl_typ.o",
                 ],
-            "test/buildtest_idea" =>
+            "test/buildtest_c_pem" =>
                 [
-                    "test/buildtest_idea.o",
+                    "test/buildtest_pem.o",
                 ],
-            "test/buildtest_idea.o" =>
+            "test/buildtest_c_pem2" =>
                 [
-                    "test/buildtest_idea.c",
+                    "test/buildtest_pem2.o",
                 ],
-            "test/buildtest_kdf" =>
+            "test/buildtest_c_pkcs12" =>
                 [
-                    "test/buildtest_kdf.o",
+                    "test/buildtest_pkcs12.o",
                 ],
-            "test/buildtest_kdf.o" =>
+            "test/buildtest_c_pkcs7" =>
                 [
-                    "test/buildtest_kdf.c",
+                    "test/buildtest_pkcs7.o",
                 ],
-            "test/buildtest_lhash" =>
+            "test/buildtest_c_rand" =>
                 [
-                    "test/buildtest_lhash.o",
+                    "test/buildtest_rand.o",
                 ],
-            "test/buildtest_lhash.o" =>
+            "test/buildtest_c_rand_drbg" =>
                 [
-                    "test/buildtest_lhash.c",
+                    "test/buildtest_rand_drbg.o",
                 ],
-            "test/buildtest_md4" =>
+            "test/buildtest_c_rc2" =>
                 [
-                    "test/buildtest_md4.o",
+                    "test/buildtest_rc2.o",
                 ],
-            "test/buildtest_md4.o" =>
+            "test/buildtest_c_rc4" =>
                 [
-                    "test/buildtest_md4.c",
+                    "test/buildtest_rc4.o",
                 ],
-            "test/buildtest_md5" =>
+            "test/buildtest_c_ripemd" =>
                 [
-                    "test/buildtest_md5.o",
+                    "test/buildtest_ripemd.o",
                 ],
-            "test/buildtest_md5.o" =>
+            "test/buildtest_c_rsa" =>
                 [
-                    "test/buildtest_md5.c",
+                    "test/buildtest_rsa.o",
                 ],
-            "test/buildtest_mdc2" =>
+            "test/buildtest_c_safestack" =>
                 [
-                    "test/buildtest_mdc2.o",
+                    "test/buildtest_safestack.o",
                 ],
-            "test/buildtest_mdc2.o" =>
+            "test/buildtest_c_seed" =>
                 [
-                    "test/buildtest_mdc2.c",
+                    "test/buildtest_seed.o",
                 ],
-            "test/buildtest_modes" =>
+            "test/buildtest_c_sha" =>
                 [
-                    "test/buildtest_modes.o",
+                    "test/buildtest_sha.o",
                 ],
-            "test/buildtest_modes.o" =>
+            "test/buildtest_c_srp" =>
                 [
-                    "test/buildtest_modes.c",
+                    "test/buildtest_srp.o",
                 ],
-            "test/buildtest_obj_mac" =>
+            "test/buildtest_c_srtp" =>
                 [
-                    "test/buildtest_obj_mac.o",
+                    "test/buildtest_srtp.o",
                 ],
-            "test/buildtest_obj_mac.o" =>
+            "test/buildtest_c_ssl" =>
                 [
-                    "test/buildtest_obj_mac.c",
+                    "test/buildtest_ssl.o",
                 ],
-            "test/buildtest_objects" =>
+            "test/buildtest_c_ssl2" =>
                 [
-                    "test/buildtest_objects.o",
+                    "test/buildtest_ssl2.o",
                 ],
-            "test/buildtest_objects.o" =>
+            "test/buildtest_c_stack" =>
                 [
-                    "test/buildtest_objects.c",
+                    "test/buildtest_stack.o",
                 ],
-            "test/buildtest_ocsp" =>
+            "test/buildtest_c_store" =>
                 [
-                    "test/buildtest_ocsp.o",
+                    "test/buildtest_store.o",
                 ],
-            "test/buildtest_ocsp.o" =>
+            "test/buildtest_c_symhacks" =>
                 [
-                    "test/buildtest_ocsp.c",
+                    "test/buildtest_symhacks.o",
                 ],
-            "test/buildtest_opensslv" =>
+            "test/buildtest_c_tls1" =>
                 [
-                    "test/buildtest_opensslv.o",
+                    "test/buildtest_tls1.o",
                 ],
-            "test/buildtest_opensslv.o" =>
+            "test/buildtest_c_ts" =>
                 [
-                    "test/buildtest_opensslv.c",
+                    "test/buildtest_ts.o",
                 ],
-            "test/buildtest_ossl_typ" =>
+            "test/buildtest_c_txt_db" =>
                 [
-                    "test/buildtest_ossl_typ.o",
+                    "test/buildtest_txt_db.o",
                 ],
-            "test/buildtest_ossl_typ.o" =>
+            "test/buildtest_c_ui" =>
                 [
-                    "test/buildtest_ossl_typ.c",
+                    "test/buildtest_ui.o",
                 ],
-            "test/buildtest_pem" =>
+            "test/buildtest_c_whrlpool" =>
                 [
-                    "test/buildtest_pem.o",
+                    "test/buildtest_whrlpool.o",
                 ],
-            "test/buildtest_pem.o" =>
+            "test/buildtest_c_x509" =>
                 [
-                    "test/buildtest_pem.c",
+                    "test/buildtest_x509.o",
                 ],
-            "test/buildtest_pem2" =>
+            "test/buildtest_c_x509_vfy" =>
                 [
-                    "test/buildtest_pem2.o",
+                    "test/buildtest_x509_vfy.o",
                 ],
-            "test/buildtest_pem2.o" =>
+            "test/buildtest_c_x509v3" =>
                 [
-                    "test/buildtest_pem2.c",
+                    "test/buildtest_x509v3.o",
                 ],
-            "test/buildtest_pkcs12" =>
+            "test/buildtest_camellia.o" =>
                 [
-                    "test/buildtest_pkcs12.o",
+                    "test/buildtest_camellia.c",
                 ],
-            "test/buildtest_pkcs12.o" =>
+            "test/buildtest_cast.o" =>
                 [
-                    "test/buildtest_pkcs12.c",
+                    "test/buildtest_cast.c",
                 ],
-            "test/buildtest_pkcs7" =>
+            "test/buildtest_cmac.o" =>
                 [
-                    "test/buildtest_pkcs7.o",
+                    "test/buildtest_cmac.c",
                 ],
-            "test/buildtest_pkcs7.o" =>
+            "test/buildtest_cms.o" =>
                 [
-                    "test/buildtest_pkcs7.c",
+                    "test/buildtest_cms.c",
                 ],
-            "test/buildtest_rand" =>
+            "test/buildtest_conf.o" =>
                 [
-                    "test/buildtest_rand.o",
+                    "test/buildtest_conf.c",
                 ],
-            "test/buildtest_rand.o" =>
+            "test/buildtest_conf_api.o" =>
                 [
-                    "test/buildtest_rand.c",
+                    "test/buildtest_conf_api.c",
                 ],
-            "test/buildtest_rand_drbg" =>
+            "test/buildtest_crypto.o" =>
                 [
-                    "test/buildtest_rand_drbg.o",
+                    "test/buildtest_crypto.c",
                 ],
-            "test/buildtest_rand_drbg.o" =>
+            "test/buildtest_ct.o" =>
                 [
-                    "test/buildtest_rand_drbg.c",
+                    "test/buildtest_ct.c",
                 ],
-            "test/buildtest_rc2" =>
+            "test/buildtest_des.o" =>
                 [
-                    "test/buildtest_rc2.o",
+                    "test/buildtest_des.c",
                 ],
-            "test/buildtest_rc2.o" =>
+            "test/buildtest_dh.o" =>
                 [
-                    "test/buildtest_rc2.c",
+                    "test/buildtest_dh.c",
                 ],
-            "test/buildtest_rc4" =>
+            "test/buildtest_dsa.o" =>
                 [
-                    "test/buildtest_rc4.o",
+                    "test/buildtest_dsa.c",
                 ],
-            "test/buildtest_rc4.o" =>
+            "test/buildtest_dtls1.o" =>
                 [
-                    "test/buildtest_rc4.c",
+                    "test/buildtest_dtls1.c",
                 ],
-            "test/buildtest_ripemd" =>
+            "test/buildtest_e_os2.o" =>
                 [
-                    "test/buildtest_ripemd.o",
+                    "test/buildtest_e_os2.c",
                 ],
-            "test/buildtest_ripemd.o" =>
+            "test/buildtest_ebcdic.o" =>
                 [
-                    "test/buildtest_ripemd.c",
+                    "test/buildtest_ebcdic.c",
                 ],
-            "test/buildtest_rsa" =>
+            "test/buildtest_ec.o" =>
                 [
-                    "test/buildtest_rsa.o",
+                    "test/buildtest_ec.c",
                 ],
-            "test/buildtest_rsa.o" =>
+            "test/buildtest_ecdh.o" =>
                 [
-                    "test/buildtest_rsa.c",
+                    "test/buildtest_ecdh.c",
                 ],
-            "test/buildtest_safestack" =>
+            "test/buildtest_ecdsa.o" =>
                 [
-                    "test/buildtest_safestack.o",
+                    "test/buildtest_ecdsa.c",
                 ],
-            "test/buildtest_safestack.o" =>
+            "test/buildtest_engine.o" =>
                 [
-                    "test/buildtest_safestack.c",
+                    "test/buildtest_engine.c",
                 ],
-            "test/buildtest_seed" =>
+            "test/buildtest_evp.o" =>
                 [
-                    "test/buildtest_seed.o",
+                    "test/buildtest_evp.c",
                 ],
-            "test/buildtest_seed.o" =>
+            "test/buildtest_hmac.o" =>
                 [
-                    "test/buildtest_seed.c",
+                    "test/buildtest_hmac.c",
                 ],
-            "test/buildtest_sha" =>
+            "test/buildtest_idea.o" =>
                 [
-                    "test/buildtest_sha.o",
+                    "test/buildtest_idea.c",
                 ],
-            "test/buildtest_sha.o" =>
+            "test/buildtest_kdf.o" =>
                 [
-                    "test/buildtest_sha.c",
+                    "test/buildtest_kdf.c",
                 ],
-            "test/buildtest_srp" =>
+            "test/buildtest_lhash.o" =>
                 [
-                    "test/buildtest_srp.o",
+                    "test/buildtest_lhash.c",
                 ],
-            "test/buildtest_srp.o" =>
+            "test/buildtest_md4.o" =>
                 [
-                    "test/buildtest_srp.c",
+                    "test/buildtest_md4.c",
                 ],
-            "test/buildtest_srtp" =>
+            "test/buildtest_md5.o" =>
                 [
-                    "test/buildtest_srtp.o",
+                    "test/buildtest_md5.c",
                 ],
-            "test/buildtest_srtp.o" =>
+            "test/buildtest_mdc2.o" =>
                 [
-                    "test/buildtest_srtp.c",
+                    "test/buildtest_mdc2.c",
                 ],
-            "test/buildtest_ssl" =>
+            "test/buildtest_modes.o" =>
                 [
-                    "test/buildtest_ssl.o",
+                    "test/buildtest_modes.c",
                 ],
-            "test/buildtest_ssl.o" =>
+            "test/buildtest_obj_mac.o" =>
                 [
-                    "test/buildtest_ssl.c",
+                    "test/buildtest_obj_mac.c",
                 ],
-            "test/buildtest_ssl2" =>
+            "test/buildtest_objects.o" =>
                 [
-                    "test/buildtest_ssl2.o",
+                    "test/buildtest_objects.c",
                 ],
-            "test/buildtest_ssl2.o" =>
+            "test/buildtest_ocsp.o" =>
                 [
-                    "test/buildtest_ssl2.c",
+                    "test/buildtest_ocsp.c",
                 ],
-            "test/buildtest_stack" =>
+            "test/buildtest_opensslv.o" =>
                 [
-                    "test/buildtest_stack.o",
+                    "test/buildtest_opensslv.c",
                 ],
-            "test/buildtest_stack.o" =>
+            "test/buildtest_ossl_typ.o" =>
                 [
-                    "test/buildtest_stack.c",
+                    "test/buildtest_ossl_typ.c",
                 ],
-            "test/buildtest_store" =>
+            "test/buildtest_pem.o" =>
                 [
-                    "test/buildtest_store.o",
+                    "test/buildtest_pem.c",
                 ],
-            "test/buildtest_store.o" =>
+            "test/buildtest_pem2.o" =>
                 [
-                    "test/buildtest_store.c",
+                    "test/buildtest_pem2.c",
                 ],
-            "test/buildtest_symhacks" =>
+            "test/buildtest_pkcs12.o" =>
                 [
-                    "test/buildtest_symhacks.o",
+                    "test/buildtest_pkcs12.c",
                 ],
-            "test/buildtest_symhacks.o" =>
+            "test/buildtest_pkcs7.o" =>
                 [
-                    "test/buildtest_symhacks.c",
+                    "test/buildtest_pkcs7.c",
                 ],
-            "test/buildtest_tls1" =>
+            "test/buildtest_rand.o" =>
                 [
-                    "test/buildtest_tls1.o",
+                    "test/buildtest_rand.c",
                 ],
-            "test/buildtest_tls1.o" =>
+            "test/buildtest_rand_drbg.o" =>
                 [
-                    "test/buildtest_tls1.c",
+                    "test/buildtest_rand_drbg.c",
                 ],
-            "test/buildtest_ts" =>
+            "test/buildtest_rc2.o" =>
                 [
-                    "test/buildtest_ts.o",
+                    "test/buildtest_rc2.c",
                 ],
-            "test/buildtest_ts.o" =>
+            "test/buildtest_rc4.o" =>
                 [
-                    "test/buildtest_ts.c",
+                    "test/buildtest_rc4.c",
                 ],
-            "test/buildtest_txt_db" =>
+            "test/buildtest_ripemd.o" =>
                 [
-                    "test/buildtest_txt_db.o",
+                    "test/buildtest_ripemd.c",
                 ],
-            "test/buildtest_txt_db.o" =>
+            "test/buildtest_rsa.o" =>
                 [
-                    "test/buildtest_txt_db.c",
+                    "test/buildtest_rsa.c",
                 ],
-            "test/buildtest_ui" =>
+            "test/buildtest_safestack.o" =>
                 [
-                    "test/buildtest_ui.o",
+                    "test/buildtest_safestack.c",
                 ],
-            "test/buildtest_ui.o" =>
+            "test/buildtest_seed.o" =>
                 [
-                    "test/buildtest_ui.c",
+                    "test/buildtest_seed.c",
                 ],
-            "test/buildtest_whrlpool" =>
+            "test/buildtest_sha.o" =>
                 [
-                    "test/buildtest_whrlpool.o",
+                    "test/buildtest_sha.c",
                 ],
-            "test/buildtest_whrlpool.o" =>
+            "test/buildtest_srp.o" =>
                 [
-                    "test/buildtest_whrlpool.c",
+                    "test/buildtest_srp.c",
+                ],
+            "test/buildtest_srtp.o" =>
+                [
+                    "test/buildtest_srtp.c",
                 ],
-            "test/buildtest_x509" =>
+            "test/buildtest_ssl.o" =>
                 [
-                    "test/buildtest_x509.o",
+                    "test/buildtest_ssl.c",
                 ],
-            "test/buildtest_x509.o" =>
+            "test/buildtest_ssl2.o" =>
                 [
-                    "test/buildtest_x509.c",
+                    "test/buildtest_ssl2.c",
                 ],
-            "test/buildtest_x509_vfy" =>
+            "test/buildtest_stack.o" =>
                 [
-                    "test/buildtest_x509_vfy.o",
+                    "test/buildtest_stack.c",
                 ],
-            "test/buildtest_x509_vfy.o" =>
+            "test/buildtest_store.o" =>
                 [
-                    "test/buildtest_x509_vfy.c",
+                    "test/buildtest_store.c",
                 ],
-            "test/buildtest_x509v3" =>
+            "test/buildtest_symhacks.o" =>
                 [
-                    "test/buildtest_x509v3.o",
+                    "test/buildtest_symhacks.c",
+                ],
+            "test/buildtest_tls1.o" =>
+                [
+                    "test/buildtest_tls1.c",
+                ],
+            "test/buildtest_ts.o" =>
+                [
+                    "test/buildtest_ts.c",
+                ],
+            "test/buildtest_txt_db.o" =>
+                [
+                    "test/buildtest_txt_db.c",
+                ],
+            "test/buildtest_ui.o" =>
+                [
+                    "test/buildtest_ui.c",
+                ],
+            "test/buildtest_whrlpool.o" =>
+                [
+                    "test/buildtest_whrlpool.c",
+                ],
+            "test/buildtest_x509.o" =>
+                [
+                    "test/buildtest_x509.c",
+                ],
+            "test/buildtest_x509_vfy.o" =>
+                [
+                    "test/buildtest_x509_vfy.c",
                 ],
             "test/buildtest_x509v3.o" =>
                 [
@@ -15134,6 +15137,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15479,6 +15483,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
@@ -15876,9 +15884,9 @@ _____
     if ($reconf) {
         if ($verbose) {
             print 'Reconfiguring with: ', join(' ',@{$config{perlargv}}), "\n";
-	    foreach (sort keys %{$config{perlenv}}) {
-	        print '    ',$_,' = ',($config{perlenv}->{$_} || ""),"\n";
-	    }
+            foreach (sort keys %{$config{perlenv}}) {
+                print '    ',$_,' = ',($config{perlenv}->{$_} || ""),"\n";
+            }
         }
 
         chdir $here;
diff --git a/deps/openssl/config/archs/linux64-mips64/asm/crypto/bn/bn-mips.S b/deps/openssl/config/archs/linux64-mips64/asm/crypto/bn/bn-mips.S
index a99091fe44751e..bd5cf8340f1bf1 100644
--- a/deps/openssl/config/archs/linux64-mips64/asm/crypto/bn/bn-mips.S
+++ b/deps/openssl/config/archs/linux64-mips64/asm/crypto/bn/bn-mips.S
@@ -570,7 +570,7 @@ bn_sub_words_internal:
 #if 0
 /*
  * The bn_div_3_words entry point is re-used for constant-time interface.
- * Implementation is retained as hystorical reference.
+ * Implementation is retained as historical reference.
  */
 .align 5
 .globl	bn_div_3_words
diff --git a/deps/openssl/config/archs/linux64-mips64/asm/crypto/buildinf.h b/deps/openssl/config/archs/linux64-mips64/asm/crypto/buildinf.h
index a959e9512c490e..865115208dc742 100644
--- a/deps/openssl/config/archs/linux64-mips64/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux64-mips64/asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux64-mips64"
-#define DATE "built on: Thu May 30 02:16:08 2019 UTC"
+#define DATE "built on: Fri Sep 13 16:01:56 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
@@ -21,15 +21,15 @@
 static const char compiler_flags[] = {
     'c','o','m','p','i','l','e','r',':',' ','g','c','c',' ','-','f',
     'P','I','C',' ','-','p','t','h','r','e','a','d',' ','-','m','a',
-    'b','i','=','6','4',' ','-','m','i','p','s','3',' ','-','W','a',
-    ',','-','-','n','o','e','x','e','c','s','t','a','c','k',' ','-',
-    'W','a','l','l',' ','-','O','3',' ','-','D','O','P','E','N','S',
-    'S','L','_','U','S','E','_','N','O','D','E','L','E','T','E',' ',
-    '-','D','O','P','E','N','S','S','L','_','P','I','C',' ','-','D',
-    'O','P','E','N','S','S','L','_','B','N','_','A','S','M','_','M',
-    'O','N','T',' ','-','D','S','H','A','1','_','A','S','M',' ','-',
-    'D','S','H','A','2','5','6','_','A','S','M',' ','-','D','S','H',
-    'A','5','1','2','_','A','S','M',' ','-','D','A','E','S','_','A',
-    'S','M',' ','-','D','P','O','L','Y','1','3','0','5','_','A','S',
-    'M',' ','-','D','N','D','E','B','U','G','\0'
+    'b','i','=','6','4',' ','-','W','a',',','-','-','n','o','e','x',
+    'e','c','s','t','a','c','k',' ','-','W','a','l','l',' ','-','O',
+    '3',' ','-','D','O','P','E','N','S','S','L','_','U','S','E','_',
+    'N','O','D','E','L','E','T','E',' ','-','D','O','P','E','N','S',
+    'S','L','_','P','I','C',' ','-','D','O','P','E','N','S','S','L',
+    '_','B','N','_','A','S','M','_','M','O','N','T',' ','-','D','S',
+    'H','A','1','_','A','S','M',' ','-','D','S','H','A','2','5','6',
+    '_','A','S','M',' ','-','D','S','H','A','5','1','2','_','A','S',
+    'M',' ','-','D','A','E','S','_','A','S','M',' ','-','D','P','O',
+    'L','Y','1','3','0','5','_','A','S','M',' ','-','D','N','D','E',
+    'B','U','G','\0'
 };
diff --git a/deps/openssl/config/archs/linux64-mips64/asm/crypto/include/internal/dso_conf.h b/deps/openssl/config/archs/linux64-mips64/asm/crypto/include/internal/dso_conf.h
index 18f6ac3bffad0f..252266ec2acad6 100644
--- a/deps/openssl/config/archs/linux64-mips64/asm/crypto/include/internal/dso_conf.h
+++ b/deps/openssl/config/archs/linux64-mips64/asm/crypto/include/internal/dso_conf.h
@@ -1,7 +1,7 @@
 /* WARNING: do not edit! */
 /* Generated by Makefile from crypto/include/internal/dso_conf.h.in */
 /*
- * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,9 +11,7 @@
 
 #ifndef HEADER_DSO_CONF_H
 # define HEADER_DSO_CONF_H
-
 # define DSO_DLFCN
 # define HAVE_DLFCN_H
 # define DSO_EXTENSION ".so"
-
 #endif
diff --git a/deps/openssl/config/archs/linux64-mips64/asm/openssl-cl.gypi b/deps/openssl/config/archs/linux64-mips64/asm/openssl-cl.gypi
index 799e6ecde763e0..5c8521f57870bb 100644
--- a/deps/openssl/config/archs/linux64-mips64/asm/openssl-cl.gypi
+++ b/deps/openssl/config/archs/linux64-mips64/asm/openssl-cl.gypi
@@ -12,7 +12,6 @@
       'POLY1305_ASM',
     ],
     'openssl_cflags_linux64-mips64': [
-      '-mips3',
       '-Wa,--noexecstack',
       '-Wall -O3',
       '-pthread -mabi=64',
diff --git a/deps/openssl/config/archs/linux64-mips64/asm/openssl.gypi b/deps/openssl/config/archs/linux64-mips64/asm/openssl.gypi
index 9e9580bc53bd43..bc83b68da5f125 100644
--- a/deps/openssl/config/archs/linux64-mips64/asm/openssl.gypi
+++ b/deps/openssl/config/archs/linux64-mips64/asm/openssl.gypi
@@ -701,7 +701,6 @@
       'POLY1305_ASM',
     ],
     'openssl_cflags_linux64-mips64': [
-      '-mips3',
       '-Wa,--noexecstack',
       '-Wall -O3',
       '-pthread -mabi=64',
diff --git a/deps/openssl/config/archs/linux64-mips64/asm_avx2/configdata.pm b/deps/openssl/config/archs/linux64-mips64/asm_avx2/configdata.pm
new file mode 100644
index 00000000000000..8324964ca7936e
--- /dev/null
+++ b/deps/openssl/config/archs/linux64-mips64/asm_avx2/configdata.pm
@@ -0,0 +1,15988 @@
+#! /usr/bin/env perl
+
+package configdata;
+
+use strict;
+use warnings;
+
+use Exporter;
+#use vars qw(@ISA @EXPORT);
+our @ISA = qw(Exporter);
+our @EXPORT = qw(%config %target %disabled %withargs %unified_info @disablables);
+
+our %config = (
+  AR => "ar",
+  ARFLAGS => [ "r" ],
+  CC => "../config/fake_gcc.pl",
+  CFLAGS => [ "-Wall -O3" ],
+  CPPDEFINES => [  ],
+  CPPFLAGS => [  ],
+  CPPINCLUDES => [  ],
+  CXX => "g++",
+  CXXFLAGS => [ "-Wall -O3" ],
+  HASHBANGPERL => "/usr/bin/env perl",
+  LDFLAGS => [  ],
+  LDLIBS => [  ],
+  PERL => "/usr/bin/perl",
+  RANLIB => "ranlib",
+  RC => "windres",
+  RCFLAGS => [  ],
+  b32 => "0",
+  b64 => "0",
+  b64l => "1",
+  bn_ll => "0",
+  build_file => "Makefile",
+  build_file_templates => [ "Configurations/common0.tmpl", "Configurations/unix-Makefile.tmpl", "Configurations/common.tmpl" ],
+  build_infos => [ "./build.info", "crypto/build.info", "ssl/build.info", "engines/build.info", "apps/build.info", "test/build.info", "util/build.info", "tools/build.info", "fuzz/build.info", "crypto/objects/build.info", "crypto/md4/build.info", "crypto/md5/build.info", "crypto/sha/build.info", "crypto/mdc2/build.info", "crypto/hmac/build.info", "crypto/ripemd/build.info", "crypto/whrlpool/build.info", "crypto/poly1305/build.info", "crypto/blake2/build.info", "crypto/siphash/build.info", "crypto/sm3/build.info", "crypto/des/build.info", "crypto/aes/build.info", "crypto/rc2/build.info", "crypto/rc4/build.info", "crypto/idea/build.info", "crypto/aria/build.info", "crypto/bf/build.info", "crypto/cast/build.info", "crypto/camellia/build.info", "crypto/seed/build.info", "crypto/sm4/build.info", "crypto/chacha/build.info", "crypto/modes/build.info", "crypto/bn/build.info", "crypto/ec/build.info", "crypto/rsa/build.info", "crypto/dsa/build.info", "crypto/dh/build.info", "crypto/sm2/build.info", "crypto/dso/build.info", "crypto/engine/build.info", "crypto/buffer/build.info", "crypto/bio/build.info", "crypto/stack/build.info", "crypto/lhash/build.info", "crypto/rand/build.info", "crypto/err/build.info", "crypto/evp/build.info", "crypto/asn1/build.info", "crypto/pem/build.info", "crypto/x509/build.info", "crypto/x509v3/build.info", "crypto/conf/build.info", "crypto/txt_db/build.info", "crypto/pkcs7/build.info", "crypto/pkcs12/build.info", "crypto/ocsp/build.info", "crypto/ui/build.info", "crypto/cms/build.info", "crypto/ts/build.info", "crypto/srp/build.info", "crypto/cmac/build.info", "crypto/ct/build.info", "crypto/async/build.info", "crypto/kdf/build.info", "crypto/store/build.info", "test/ossl_shim/build.info" ],
+  build_type => "release",
+  builddir => ".",
+  cflags => [ "-Wa,--noexecstack" ],
+  conf_files => [ "Configurations/00-base-templates.conf", "Configurations/10-main.conf" ],
+  cppflags => [  ],
+  cxxflags => [  ],
+  defines => [ "NDEBUG" ],
+  dirs => [ "crypto", "ssl", "engines", "apps", "test", "util", "tools", "fuzz" ],
+  dynamic_engines => "0",
+  engdirs => [  ],
+  ex_libs => [  ],
+  export_var_as_fn => "0",
+  includes => [  ],
+  lflags => [  ],
+  lib_defines => [ "OPENSSL_PIC", "OPENSSL_BN_ASM_MONT", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "AES_ASM", "POLY1305_ASM" ],
+  libdir => "",
+  major => "1",
+  makedepprog => "\$(CROSS_COMPILE)../config/fake_gcc.pl",
+  minor => "1.1",
+  openssl_algorithm_defines => [ "OPENSSL_NO_COMP", "OPENSSL_NO_MD2", "OPENSSL_NO_RC5" ],
+  openssl_api_defines => [  ],
+  openssl_other_defines => [ "OPENSSL_RAND_SEED_OS", "OPENSSL_NO_AFALGENG", "OPENSSL_NO_ASAN", "OPENSSL_NO_CRYPTO_MDEBUG", "OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE", "OPENSSL_NO_DEVCRYPTOENG", "OPENSSL_NO_EC_NISTP_64_GCC_128", "OPENSSL_NO_EGD", "OPENSSL_NO_EXTERNAL_TESTS", "OPENSSL_NO_FUZZ_AFL", "OPENSSL_NO_FUZZ_LIBFUZZER", "OPENSSL_NO_HEARTBEATS", "OPENSSL_NO_MSAN", "OPENSSL_NO_SCTP", "OPENSSL_NO_SSL3", "OPENSSL_NO_SSL3_METHOD", "OPENSSL_NO_UBSAN", "OPENSSL_NO_UNIT_TEST", "OPENSSL_NO_WEAK_SSL_CIPHERS", "OPENSSL_NO_DYNAMIC_ENGINE", "OPENSSL_NO_AFALGENG" ],
+  openssl_sys_defines => [  ],
+  openssl_thread_defines => [ "OPENSSL_THREADS" ],
+  openssldir => "",
+  options => "enable-ssl-trace no-afalgeng no-asan no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-heartbeats no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-ubsan no-unit-test no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
+  perl_archname => "x86_64-linux-gnu-thread-multi",
+  perl_cmd => "/usr/bin/perl",
+  perl_version => "5.28.1",
+  perlargv => [ "no-comp", "no-shared", "no-afalgeng", "enable-ssl-trace", "linux64-mips64" ],
+  perlenv => {
+      "AR" => undef,
+      "ARFLAGS" => undef,
+      "AS" => undef,
+      "ASFLAGS" => undef,
+      "BUILDFILE" => undef,
+      "CC" => "../config/fake_gcc.pl",
+      "CFLAGS" => undef,
+      "CPP" => undef,
+      "CPPDEFINES" => undef,
+      "CPPFLAGS" => undef,
+      "CPPINCLUDES" => undef,
+      "CROSS_COMPILE" => undef,
+      "CXX" => undef,
+      "CXXFLAGS" => undef,
+      "HASHBANGPERL" => undef,
+      "LD" => undef,
+      "LDFLAGS" => undef,
+      "LDLIBS" => undef,
+      "MT" => undef,
+      "MTFLAGS" => undef,
+      "OPENSSL_LOCAL_CONFIG_DIR" => undef,
+      "PERL" => undef,
+      "RANLIB" => undef,
+      "RC" => undef,
+      "RCFLAGS" => undef,
+      "RM" => undef,
+      "WINDRES" => undef,
+      "__CNF_CFLAGS" => undef,
+      "__CNF_CPPDEFINES" => undef,
+      "__CNF_CPPFLAGS" => undef,
+      "__CNF_CPPINCLUDES" => undef,
+      "__CNF_CXXFLAGS" => undef,
+      "__CNF_LDFLAGS" => undef,
+      "__CNF_LDLIBS" => undef,
+  },
+  prefix => "",
+  processor => "",
+  rc4_int => "unsigned char",
+  sdirs => [ "objects", "md4", "md5", "sha", "mdc2", "hmac", "ripemd", "whrlpool", "poly1305", "blake2", "siphash", "sm3", "des", "aes", "rc2", "rc4", "idea", "aria", "bf", "cast", "camellia", "seed", "sm4", "chacha", "modes", "bn", "ec", "rsa", "dsa", "dh", "sm2", "dso", "engine", "buffer", "bio", "stack", "lhash", "rand", "err", "evp", "asn1", "pem", "x509", "x509v3", "conf", "txt_db", "pkcs7", "pkcs12", "ocsp", "ui", "cms", "ts", "srp", "cmac", "ct", "async", "kdf", "store" ],
+  shlib_major => "1",
+  shlib_minor => "1",
+  shlib_version_history => "",
+  shlib_version_number => "1.1",
+  sourcedir => ".",
+  target => "linux64-mips64",
+  tdirs => [ "ossl_shim" ],
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
+);
+
+our %target = (
+  AR => "ar",
+  ARFLAGS => "r",
+  CC => "gcc",
+  CFLAGS => "-Wall -O3",
+  CXX => "g++",
+  CXXFLAGS => "-Wall -O3",
+  HASHBANGPERL => "/usr/bin/env perl",
+  RANLIB => "ranlib",
+  RC => "windres",
+  _conf_fname_int => [ "Configurations/00-base-templates.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/10-main.conf", "Configurations/00-base-templates.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/shared-info.pl" ],
+  aes_asm_src => "aes_cbc.c aes-mips.S",
+  aes_obj => "aes_cbc.o aes-mips.o",
+  apps_aux_src => "",
+  apps_init_src => "",
+  apps_obj => "",
+  bf_asm_src => "bf_enc.c",
+  bf_obj => "bf_enc.o",
+  bn_asm_src => "bn-mips.S mips-mont.S",
+  bn_obj => "bn-mips.o mips-mont.o",
+  bn_ops => "SIXTY_FOUR_BIT_LONG RC4_CHAR",
+  build_file => "Makefile",
+  build_scheme => [ "unified", "unix" ],
+  cast_asm_src => "c_enc.c",
+  cast_obj => "c_enc.o",
+  cflags => "-pthread -mabi=64",
+  chacha_asm_src => "chacha_enc.c",
+  chacha_obj => "chacha_enc.o",
+  cmll_asm_src => "camellia.c cmll_misc.c cmll_cbc.c",
+  cmll_obj => "camellia.o cmll_misc.o cmll_cbc.o",
+  cppflags => "",
+  cpuid_asm_src => "mem_clr.c",
+  cpuid_obj => "mem_clr.o",
+  cxxflags => "-std=c++11 -pthread -mabi=64",
+  defines => [  ],
+  des_asm_src => "des_enc.c fcrypt_b.c",
+  des_obj => "des_enc.o fcrypt_b.o",
+  disable => [  ],
+  dso_extension => ".so",
+  dso_scheme => "dlfcn",
+  ec_asm_src => "",
+  ec_obj => "",
+  enable => [ "afalgeng" ],
+  ex_libs => "-ldl -pthread",
+  exe_extension => "",
+  includes => [  ],
+  keccak1600_asm_src => "keccak1600.c",
+  keccak1600_obj => "keccak1600.o",
+  lflags => "",
+  lib_cflags => "",
+  lib_cppflags => "-DOPENSSL_USE_NODELETE",
+  lib_defines => [  ],
+  md5_asm_src => "",
+  md5_obj => "",
+  modes_asm_src => "",
+  modes_obj => "",
+  module_cflags => "-fPIC",
+  module_cxxflags => "",
+  module_ldflags => "-Wl,-znodelete -shared -Wl,-Bsymbolic",
+  multilib => "64",
+  padlock_asm_src => "",
+  padlock_obj => "",
+  perlasm_scheme => "64",
+  poly1305_asm_src => "poly1305-mips.S",
+  poly1305_obj => "poly1305-mips.o",
+  rc4_asm_src => "rc4_enc.c rc4_skey.c",
+  rc4_obj => "rc4_enc.o rc4_skey.o",
+  rc5_asm_src => "rc5_enc.c",
+  rc5_obj => "rc5_enc.o",
+  rmd160_asm_src => "",
+  rmd160_obj => "",
+  sha1_asm_src => "sha1-mips.S sha256-mips.S sha512-mips.S",
+  sha1_obj => "sha1-mips.o sha256-mips.o sha512-mips.o",
+  shared_cflag => "-fPIC",
+  shared_defflag => "-Wl,--version-script=",
+  shared_defines => [  ],
+  shared_extension => ".so.\$(SHLIB_VERSION_NUMBER)",
+  shared_extension_simple => ".so",
+  shared_ldflag => "-Wl,-znodelete -shared -Wl,-Bsymbolic",
+  shared_rcflag => "",
+  shared_sonameflag => "-Wl,-soname=",
+  shared_target => "linux-shared",
+  template => "1",
+  thread_defines => [  ],
+  thread_scheme => "pthreads",
+  unistd => "<unistd.h>",
+  uplink_aux_src => "",
+  uplink_obj => "",
+  wp_asm_src => "wp_block.c",
+  wp_obj => "wp_block.o",
+);
+
+our %available_protocols = (
+  tls => [ "ssl3", "tls1", "tls1_1", "tls1_2", "tls1_3" ],
+  dtls => [ "dtls1", "dtls1_2" ],
+);
+
+our @disablables = (
+  "afalgeng",
+  "aria",
+  "asan",
+  "asm",
+  "async",
+  "autoalginit",
+  "autoerrinit",
+  "autoload-config",
+  "bf",
+  "blake2",
+  "buildtest-c\\+\\+",
+  "camellia",
+  "capieng",
+  "cast",
+  "chacha",
+  "cmac",
+  "cms",
+  "comp",
+  "crypto-mdebug",
+  "crypto-mdebug-backtrace",
+  "ct",
+  "deprecated",
+  "des",
+  "devcryptoeng",
+  "dgram",
+  "dh",
+  "dsa",
+  "dtls",
+  "dynamic-engine",
+  "ec",
+  "ec2m",
+  "ecdh",
+  "ecdsa",
+  "ec_nistp_64_gcc_128",
+  "egd",
+  "engine",
+  "err",
+  "external-tests",
+  "filenames",
+  "fuzz-libfuzzer",
+  "fuzz-afl",
+  "gost",
+  "heartbeats",
+  "hw(-.+)?",
+  "idea",
+  "makedepend",
+  "md2",
+  "md4",
+  "mdc2",
+  "msan",
+  "multiblock",
+  "nextprotoneg",
+  "pinshared",
+  "ocb",
+  "ocsp",
+  "pic",
+  "poly1305",
+  "posix-io",
+  "psk",
+  "rc2",
+  "rc4",
+  "rc5",
+  "rdrand",
+  "rfc3779",
+  "rmd160",
+  "scrypt",
+  "sctp",
+  "seed",
+  "shared",
+  "siphash",
+  "sm2",
+  "sm3",
+  "sm4",
+  "sock",
+  "srp",
+  "srtp",
+  "sse2",
+  "ssl",
+  "ssl-trace",
+  "static-engine",
+  "stdio",
+  "tests",
+  "threads",
+  "tls",
+  "ts",
+  "ubsan",
+  "ui-console",
+  "unit-test",
+  "whirlpool",
+  "weak-ssl-ciphers",
+  "zlib",
+  "zlib-dynamic",
+  "ssl3",
+  "ssl3-method",
+  "tls1",
+  "tls1-method",
+  "tls1_1",
+  "tls1_1-method",
+  "tls1_2",
+  "tls1_2-method",
+  "tls1_3",
+  "dtls1",
+  "dtls1-method",
+  "dtls1_2",
+  "dtls1_2-method",
+);
+
+our %disabled = (
+  "afalgeng" => "option",
+  "asan" => "default",
+  "buildtest-c++" => "default",
+  "comp" => "option",
+  "crypto-mdebug" => "default",
+  "crypto-mdebug-backtrace" => "default",
+  "devcryptoeng" => "default",
+  "dynamic-engine" => "cascade",
+  "ec_nistp_64_gcc_128" => "default",
+  "egd" => "default",
+  "external-tests" => "default",
+  "fuzz-afl" => "default",
+  "fuzz-libfuzzer" => "default",
+  "heartbeats" => "default",
+  "md2" => "default",
+  "msan" => "default",
+  "rc5" => "default",
+  "sctp" => "default",
+  "shared" => "option",
+  "ssl3" => "default",
+  "ssl3-method" => "default",
+  "ubsan" => "default",
+  "unit-test" => "default",
+  "weak-ssl-ciphers" => "default",
+  "zlib" => "default",
+  "zlib-dynamic" => "default",
+);
+
+our %withargs = (
+);
+
+our %unified_info = (
+    "depends" =>
+        {
+            "" =>
+                [
+                    "crypto/include/internal/bn_conf.h",
+                    "crypto/include/internal/dso_conf.h",
+                    "include/openssl/opensslconf.h",
+                ],
+            "apps/asn1pars.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/ca.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/ciphers.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/cms.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/crl.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/crl2p7.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/dgst.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/dhparam.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/dsa.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/dsaparam.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/ec.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/ecparam.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/enc.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/engine.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/errstr.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/gendsa.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/genpkey.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/genrsa.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/nseq.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/ocsp.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/openssl" =>
+                [
+                    "apps/libapps.a",
+                    "libssl",
+                ],
+            "apps/openssl.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/passwd.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/pkcs12.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/pkcs7.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/pkcs8.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/pkey.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/pkeyparam.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/pkeyutl.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/prime.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/progs.h" =>
+                [
+                    "configdata.pm",
+                ],
+            "apps/rand.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/rehash.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/req.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/rsa.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/rsautl.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/s_client.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/s_server.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/s_time.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/sess_id.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/smime.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/speed.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/spkac.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/srp.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/storeutl.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/ts.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/verify.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/version.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "apps/x509.o" =>
+                [
+                    "apps/progs.h",
+                ],
+            "crypto/aes/aes-586.s" =>
+                [
+                    "crypto/perlasm/x86asm.pl",
+                ],
+            "crypto/aes/aesni-586.s" =>
+                [
+                    "crypto/perlasm/x86asm.pl",
+                ],
+            "crypto/aes/aest4-sparcv9.S" =>
+                [
+                    "crypto/perlasm/sparcv9_modes.pl",
+                ],
+            "crypto/aes/vpaes-586.s" =>
+                [
+                    "crypto/perlasm/x86asm.pl",
+                ],
+            "crypto/bf/bf-586.s" =>
+                [
+                    "crypto/perlasm/cbc.pl",
+                    "crypto/perlasm/x86asm.pl",
+                ],
+            "crypto/bn/bn-586.s" =>
+                [
+                    "crypto/perlasm/x86asm.pl",
+                ],
+            "crypto/bn/co-586.s" =>
+                [
+                    "crypto/perlasm/x86asm.pl",
+                ],
+            "crypto/bn/x86-gf2m.s" =>
+                [
+                    "crypto/perlasm/x86asm.pl",
+                ],
+            "crypto/bn/x86-mont.s" =>
+                [
+                    "crypto/perlasm/x86asm.pl",
+                ],
+            "crypto/buildinf.h" =>
+                [
+                    "configdata.pm",
+                ],
+            "crypto/camellia/cmll-x86.s" =>
+                [
+                    "crypto/perlasm/x86asm.pl",
+                ],
+            "crypto/camellia/cmllt4-sparcv9.S" =>
+                [
+                    "crypto/perlasm/sparcv9_modes.pl",
+                ],
+            "crypto/cast/cast-586.s" =>
+                [
+                    "crypto/perlasm/cbc.pl",
+                    "crypto/perlasm/x86asm.pl",
+                ],
+            "crypto/cversion.o" =>
+                [
+                    "crypto/buildinf.h",
+                ],
+            "crypto/des/crypt586.s" =>
+                [
+                    "crypto/perlasm/cbc.pl",
+                    "crypto/perlasm/x86asm.pl",
+                ],
+            "crypto/des/des-586.s" =>
+                [
+                    "crypto/perlasm/cbc.pl",
+                    "crypto/perlasm/x86asm.pl",
+                ],
+            "crypto/include/internal/bn_conf.h" =>
+                [
+                    "configdata.pm",
+                ],
+            "crypto/include/internal/dso_conf.h" =>
+                [
+                    "configdata.pm",
+                ],
+            "crypto/rc4/rc4-586.s" =>
+                [
+                    "crypto/perlasm/x86asm.pl",
+                ],
+            "crypto/ripemd/rmd-586.s" =>
+                [
+                    "crypto/perlasm/x86asm.pl",
+                ],
+            "crypto/sha/sha1-586.s" =>
+                [
+                    "crypto/perlasm/x86asm.pl",
+                ],
+            "crypto/sha/sha256-586.s" =>
+                [
+                    "crypto/perlasm/x86asm.pl",
+                ],
+            "crypto/sha/sha512-586.s" =>
+                [
+                    "crypto/perlasm/x86asm.pl",
+                ],
+            "crypto/whrlpool/wp-mmx.s" =>
+                [
+                    "crypto/perlasm/x86asm.pl",
+                ],
+            "crypto/x86cpuid.s" =>
+                [
+                    "crypto/perlasm/x86asm.pl",
+                ],
+            "fuzz/asn1-test" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "fuzz/asn1parse-test" =>
+                [
+                    "libcrypto",
+                ],
+            "fuzz/bignum-test" =>
+                [
+                    "libcrypto",
+                ],
+            "fuzz/bndiv-test" =>
+                [
+                    "libcrypto",
+                ],
+            "fuzz/client-test" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "fuzz/cms-test" =>
+                [
+                    "libcrypto",
+                ],
+            "fuzz/conf-test" =>
+                [
+                    "libcrypto",
+                ],
+            "fuzz/crl-test" =>
+                [
+                    "libcrypto",
+                ],
+            "fuzz/ct-test" =>
+                [
+                    "libcrypto",
+                ],
+            "fuzz/server-test" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "fuzz/x509-test" =>
+                [
+                    "libcrypto",
+                ],
+            "include/openssl/opensslconf.h" =>
+                [
+                    "configdata.pm",
+                ],
+            "libcrypto.map" =>
+                [
+                    "util/libcrypto.num",
+                ],
+            "libssl" =>
+                [
+                    "libcrypto",
+                ],
+            "libssl.map" =>
+                [
+                    "util/libssl.num",
+                ],
+            "test/aborttest" =>
+                [
+                    "libcrypto",
+                ],
+            "test/afalgtest" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/asn1_decode_test" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/asn1_encode_test" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/asn1_internal_test" =>
+                [
+                    "libcrypto.a",
+                    "test/libtestutil.a",
+                ],
+            "test/asn1_string_table_test" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/asn1_time_test" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/asynciotest" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                    "test/libtestutil.a",
+                ],
+            "test/asynctest" =>
+                [
+                    "libcrypto",
+                ],
+            "test/bad_dtls_test" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                    "test/libtestutil.a",
+                ],
+            "test/bftest" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/bio_callback_test" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/bio_enc_test" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/bio_memleak_test" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/bioprinttest" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/bntest" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/buildtest_c_aes" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_asn1" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_asn1t" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_async" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_bio" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_blowfish" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_bn" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_buffer" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_camellia" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_cast" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_cmac" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_cms" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_conf" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_conf_api" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_crypto" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_ct" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_des" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_dh" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_dsa" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_dtls1" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_e_os2" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_ebcdic" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_ec" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_ecdh" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_ecdsa" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_engine" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_evp" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_hmac" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_idea" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_kdf" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_lhash" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_md4" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_md5" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_mdc2" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_modes" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_obj_mac" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_objects" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_ocsp" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_opensslv" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_ossl_typ" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_pem" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_pem2" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_pkcs12" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_pkcs7" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_rand" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_rand_drbg" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_rc2" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_rc4" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_ripemd" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_rsa" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_safestack" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_seed" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_sha" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_srp" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_srtp" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_ssl" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_ssl2" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_stack" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_store" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_symhacks" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_tls1" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_ts" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_txt_db" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_ui" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_whrlpool" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_x509" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_x509_vfy" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/buildtest_c_x509v3" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/casttest" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/chacha_internal_test" =>
+                [
+                    "libcrypto.a",
+                    "test/libtestutil.a",
+                ],
+            "test/cipher_overhead_test" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                    "test/libtestutil.a",
+                ],
+            "test/cipherbytes_test" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                    "test/libtestutil.a",
+                ],
+            "test/cipherlist_test" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                    "test/libtestutil.a",
+                ],
+            "test/ciphername_test" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                    "test/libtestutil.a",
+                ],
+            "test/clienthellotest" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                    "test/libtestutil.a",
+                ],
+            "test/cmsapitest" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/conf_include_test" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/constant_time_test" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/crltest" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/ct_test" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/ctype_internal_test" =>
+                [
+                    "libcrypto.a",
+                    "test/libtestutil.a",
+                ],
+            "test/curve448_internal_test" =>
+                [
+                    "libcrypto.a",
+                    "test/libtestutil.a",
+                ],
+            "test/d2i_test" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/danetest" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                    "test/libtestutil.a",
+                ],
+            "test/destest" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/dhtest" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/drbg_cavs_test" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/drbgtest" =>
+                [
+                    "libcrypto.a",
+                    "test/libtestutil.a",
+                ],
+            "test/dsa_no_digest_size_test" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/dsatest" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/dtls_mtu_test" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                    "test/libtestutil.a",
+                ],
+            "test/dtlstest" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                    "test/libtestutil.a",
+                ],
+            "test/dtlsv1listentest" =>
+                [
+                    "libssl",
+                    "test/libtestutil.a",
+                ],
+            "test/ec_internal_test" =>
+                [
+                    "libcrypto.a",
+                    "test/libtestutil.a",
+                ],
+            "test/ecdsatest" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/ecstresstest" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/ectest" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/enginetest" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/errtest" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/evp_extra_test" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/evp_test" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/exdatatest" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/exptest" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/fatalerrtest" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                    "test/libtestutil.a",
+                ],
+            "test/gmdifftest" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/gosttest" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                    "test/libtestutil.a",
+                ],
+            "test/hmactest" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/ideatest" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/igetest" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/lhash_test" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/libtestutil.a" =>
+                [
+                    "libcrypto",
+                ],
+            "test/md2test" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/mdc2_internal_test" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/mdc2test" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/memleaktest" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/modes_internal_test" =>
+                [
+                    "libcrypto.a",
+                    "test/libtestutil.a",
+                ],
+            "test/ocspapitest" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/packettest" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/pbelutest" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/pemtest" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/pkey_meth_kdf_test" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/pkey_meth_test" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/poly1305_internal_test" =>
+                [
+                    "libcrypto.a",
+                    "test/libtestutil.a",
+                ],
+            "test/rc2test" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/rc4test" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/rc5test" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/rdrand_sanitytest" =>
+                [
+                    "libcrypto.a",
+                    "test/libtestutil.a",
+                ],
+            "test/recordlentest" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                    "test/libtestutil.a",
+                ],
+            "test/rsa_mp_test" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/rsa_test" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/sanitytest" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/secmemtest" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/servername_test" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                    "test/libtestutil.a",
+                ],
+            "test/siphash_internal_test" =>
+                [
+                    "libcrypto.a",
+                    "test/libtestutil.a",
+                ],
+            "test/sm2_internal_test" =>
+                [
+                    "libcrypto.a",
+                    "test/libtestutil.a",
+                ],
+            "test/sm4_internal_test" =>
+                [
+                    "libcrypto.a",
+                    "test/libtestutil.a",
+                ],
+            "test/srptest" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/ssl_cert_table_internal_test" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/ssl_test" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                    "test/libtestutil.a",
+                ],
+            "test/ssl_test_ctx_test" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                    "test/libtestutil.a",
+                ],
+            "test/sslapitest" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                    "test/libtestutil.a",
+                ],
+            "test/sslbuffertest" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                    "test/libtestutil.a",
+                ],
+            "test/sslcorrupttest" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                    "test/libtestutil.a",
+                ],
+            "test/ssltest_old" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "test/stack_test" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/sysdefaulttest" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                    "test/libtestutil.a",
+                ],
+            "test/test_test" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/threadstest" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/time_offset_test" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/tls13ccstest" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                    "test/libtestutil.a",
+                ],
+            "test/tls13encryptiontest" =>
+                [
+                    "libcrypto",
+                    "libssl.a",
+                    "test/libtestutil.a",
+                ],
+            "test/uitest" =>
+                [
+                    "apps/libapps.a",
+                    "libcrypto",
+                    "libssl",
+                    "test/libtestutil.a",
+                ],
+            "test/v3ext" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/v3nametest" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/verify_extra_test" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/versions" =>
+                [
+                    "libcrypto",
+                ],
+            "test/wpackettest" =>
+                [
+                    "libcrypto",
+                    "libssl.a",
+                    "test/libtestutil.a",
+                ],
+            "test/x509_check_cert_pkey_test" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/x509_dup_cert_test" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/x509_internal_test" =>
+                [
+                    "libcrypto.a",
+                    "test/libtestutil.a",
+                ],
+            "test/x509_time_test" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+            "test/x509aux" =>
+                [
+                    "libcrypto",
+                    "test/libtestutil.a",
+                ],
+        },
+    "dirinfo" =>
+        {
+            "apps" =>
+                {
+                    "products" =>
+                        {
+                            "bin" =>
+                                [
+                                    "apps/openssl",
+                                ],
+                            "lib" =>
+                                [
+                                    "apps/libapps.a",
+                                ],
+                            "script" =>
+                                [
+                                    "apps/CA.pl",
+                                    "apps/tsget.pl",
+                                ],
+                        },
+                },
+            "crypto" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/cpt_err.o",
+                            "crypto/cryptlib.o",
+                            "crypto/ctype.o",
+                            "crypto/cversion.o",
+                            "crypto/ebcdic.o",
+                            "crypto/ex_data.o",
+                            "crypto/getenv.o",
+                            "crypto/init.o",
+                            "crypto/mem.o",
+                            "crypto/mem_clr.o",
+                            "crypto/mem_dbg.o",
+                            "crypto/mem_sec.o",
+                            "crypto/o_dir.o",
+                            "crypto/o_fips.o",
+                            "crypto/o_fopen.o",
+                            "crypto/o_init.o",
+                            "crypto/o_str.o",
+                            "crypto/o_time.o",
+                            "crypto/threads_none.o",
+                            "crypto/threads_pthread.o",
+                            "crypto/threads_win.o",
+                            "crypto/uid.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/aes" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/aes/aes-mips.o",
+                            "crypto/aes/aes_cbc.o",
+                            "crypto/aes/aes_cfb.o",
+                            "crypto/aes/aes_ecb.o",
+                            "crypto/aes/aes_ige.o",
+                            "crypto/aes/aes_misc.o",
+                            "crypto/aes/aes_ofb.o",
+                            "crypto/aes/aes_wrap.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/aria" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/aria/aria.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/asn1" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/asn1/a_bitstr.o",
+                            "crypto/asn1/a_d2i_fp.o",
+                            "crypto/asn1/a_digest.o",
+                            "crypto/asn1/a_dup.o",
+                            "crypto/asn1/a_gentm.o",
+                            "crypto/asn1/a_i2d_fp.o",
+                            "crypto/asn1/a_int.o",
+                            "crypto/asn1/a_mbstr.o",
+                            "crypto/asn1/a_object.o",
+                            "crypto/asn1/a_octet.o",
+                            "crypto/asn1/a_print.o",
+                            "crypto/asn1/a_sign.o",
+                            "crypto/asn1/a_strex.o",
+                            "crypto/asn1/a_strnid.o",
+                            "crypto/asn1/a_time.o",
+                            "crypto/asn1/a_type.o",
+                            "crypto/asn1/a_utctm.o",
+                            "crypto/asn1/a_utf8.o",
+                            "crypto/asn1/a_verify.o",
+                            "crypto/asn1/ameth_lib.o",
+                            "crypto/asn1/asn1_err.o",
+                            "crypto/asn1/asn1_gen.o",
+                            "crypto/asn1/asn1_item_list.o",
+                            "crypto/asn1/asn1_lib.o",
+                            "crypto/asn1/asn1_par.o",
+                            "crypto/asn1/asn_mime.o",
+                            "crypto/asn1/asn_moid.o",
+                            "crypto/asn1/asn_mstbl.o",
+                            "crypto/asn1/asn_pack.o",
+                            "crypto/asn1/bio_asn1.o",
+                            "crypto/asn1/bio_ndef.o",
+                            "crypto/asn1/d2i_pr.o",
+                            "crypto/asn1/d2i_pu.o",
+                            "crypto/asn1/evp_asn1.o",
+                            "crypto/asn1/f_int.o",
+                            "crypto/asn1/f_string.o",
+                            "crypto/asn1/i2d_pr.o",
+                            "crypto/asn1/i2d_pu.o",
+                            "crypto/asn1/n_pkey.o",
+                            "crypto/asn1/nsseq.o",
+                            "crypto/asn1/p5_pbe.o",
+                            "crypto/asn1/p5_pbev2.o",
+                            "crypto/asn1/p5_scrypt.o",
+                            "crypto/asn1/p8_pkey.o",
+                            "crypto/asn1/t_bitst.o",
+                            "crypto/asn1/t_pkey.o",
+                            "crypto/asn1/t_spki.o",
+                            "crypto/asn1/tasn_dec.o",
+                            "crypto/asn1/tasn_enc.o",
+                            "crypto/asn1/tasn_fre.o",
+                            "crypto/asn1/tasn_new.o",
+                            "crypto/asn1/tasn_prn.o",
+                            "crypto/asn1/tasn_scn.o",
+                            "crypto/asn1/tasn_typ.o",
+                            "crypto/asn1/tasn_utl.o",
+                            "crypto/asn1/x_algor.o",
+                            "crypto/asn1/x_bignum.o",
+                            "crypto/asn1/x_info.o",
+                            "crypto/asn1/x_int64.o",
+                            "crypto/asn1/x_long.o",
+                            "crypto/asn1/x_pkey.o",
+                            "crypto/asn1/x_sig.o",
+                            "crypto/asn1/x_spki.o",
+                            "crypto/asn1/x_val.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/async" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/async/async.o",
+                            "crypto/async/async_err.o",
+                            "crypto/async/async_wait.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/async/arch" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/async/arch/async_null.o",
+                            "crypto/async/arch/async_posix.o",
+                            "crypto/async/arch/async_win.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/bf" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/bf/bf_cfb64.o",
+                            "crypto/bf/bf_ecb.o",
+                            "crypto/bf/bf_enc.o",
+                            "crypto/bf/bf_ofb64.o",
+                            "crypto/bf/bf_skey.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/bio" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/bio/b_addr.o",
+                            "crypto/bio/b_dump.o",
+                            "crypto/bio/b_print.o",
+                            "crypto/bio/b_sock.o",
+                            "crypto/bio/b_sock2.o",
+                            "crypto/bio/bf_buff.o",
+                            "crypto/bio/bf_lbuf.o",
+                            "crypto/bio/bf_nbio.o",
+                            "crypto/bio/bf_null.o",
+                            "crypto/bio/bio_cb.o",
+                            "crypto/bio/bio_err.o",
+                            "crypto/bio/bio_lib.o",
+                            "crypto/bio/bio_meth.o",
+                            "crypto/bio/bss_acpt.o",
+                            "crypto/bio/bss_bio.o",
+                            "crypto/bio/bss_conn.o",
+                            "crypto/bio/bss_dgram.o",
+                            "crypto/bio/bss_fd.o",
+                            "crypto/bio/bss_file.o",
+                            "crypto/bio/bss_log.o",
+                            "crypto/bio/bss_mem.o",
+                            "crypto/bio/bss_null.o",
+                            "crypto/bio/bss_sock.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/blake2" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/blake2/blake2b.o",
+                            "crypto/blake2/blake2s.o",
+                            "crypto/blake2/m_blake2b.o",
+                            "crypto/blake2/m_blake2s.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/bn" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/bn/bn-mips.o",
+                            "crypto/bn/bn_add.o",
+                            "crypto/bn/bn_blind.o",
+                            "crypto/bn/bn_const.o",
+                            "crypto/bn/bn_ctx.o",
+                            "crypto/bn/bn_depr.o",
+                            "crypto/bn/bn_dh.o",
+                            "crypto/bn/bn_div.o",
+                            "crypto/bn/bn_err.o",
+                            "crypto/bn/bn_exp.o",
+                            "crypto/bn/bn_exp2.o",
+                            "crypto/bn/bn_gcd.o",
+                            "crypto/bn/bn_gf2m.o",
+                            "crypto/bn/bn_intern.o",
+                            "crypto/bn/bn_kron.o",
+                            "crypto/bn/bn_lib.o",
+                            "crypto/bn/bn_mod.o",
+                            "crypto/bn/bn_mont.o",
+                            "crypto/bn/bn_mpi.o",
+                            "crypto/bn/bn_mul.o",
+                            "crypto/bn/bn_nist.o",
+                            "crypto/bn/bn_prime.o",
+                            "crypto/bn/bn_print.o",
+                            "crypto/bn/bn_rand.o",
+                            "crypto/bn/bn_recp.o",
+                            "crypto/bn/bn_shift.o",
+                            "crypto/bn/bn_sqr.o",
+                            "crypto/bn/bn_sqrt.o",
+                            "crypto/bn/bn_srp.o",
+                            "crypto/bn/bn_word.o",
+                            "crypto/bn/bn_x931p.o",
+                            "crypto/bn/mips-mont.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/buffer" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/buffer/buf_err.o",
+                            "crypto/buffer/buffer.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/camellia" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/camellia/camellia.o",
+                            "crypto/camellia/cmll_cbc.o",
+                            "crypto/camellia/cmll_cfb.o",
+                            "crypto/camellia/cmll_ctr.o",
+                            "crypto/camellia/cmll_ecb.o",
+                            "crypto/camellia/cmll_misc.o",
+                            "crypto/camellia/cmll_ofb.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/cast" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/cast/c_cfb64.o",
+                            "crypto/cast/c_ecb.o",
+                            "crypto/cast/c_enc.o",
+                            "crypto/cast/c_ofb64.o",
+                            "crypto/cast/c_skey.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/chacha" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/chacha/chacha_enc.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/cmac" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/cmac/cm_ameth.o",
+                            "crypto/cmac/cm_pmeth.o",
+                            "crypto/cmac/cmac.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/cms" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/cms/cms_asn1.o",
+                            "crypto/cms/cms_att.o",
+                            "crypto/cms/cms_cd.o",
+                            "crypto/cms/cms_dd.o",
+                            "crypto/cms/cms_enc.o",
+                            "crypto/cms/cms_env.o",
+                            "crypto/cms/cms_err.o",
+                            "crypto/cms/cms_ess.o",
+                            "crypto/cms/cms_io.o",
+                            "crypto/cms/cms_kari.o",
+                            "crypto/cms/cms_lib.o",
+                            "crypto/cms/cms_pwri.o",
+                            "crypto/cms/cms_sd.o",
+                            "crypto/cms/cms_smime.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/conf" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/conf/conf_api.o",
+                            "crypto/conf/conf_def.o",
+                            "crypto/conf/conf_err.o",
+                            "crypto/conf/conf_lib.o",
+                            "crypto/conf/conf_mall.o",
+                            "crypto/conf/conf_mod.o",
+                            "crypto/conf/conf_sap.o",
+                            "crypto/conf/conf_ssl.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/ct" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/ct/ct_b64.o",
+                            "crypto/ct/ct_err.o",
+                            "crypto/ct/ct_log.o",
+                            "crypto/ct/ct_oct.o",
+                            "crypto/ct/ct_policy.o",
+                            "crypto/ct/ct_prn.o",
+                            "crypto/ct/ct_sct.o",
+                            "crypto/ct/ct_sct_ctx.o",
+                            "crypto/ct/ct_vfy.o",
+                            "crypto/ct/ct_x509v3.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/des" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/des/cbc_cksm.o",
+                            "crypto/des/cbc_enc.o",
+                            "crypto/des/cfb64ede.o",
+                            "crypto/des/cfb64enc.o",
+                            "crypto/des/cfb_enc.o",
+                            "crypto/des/des_enc.o",
+                            "crypto/des/ecb3_enc.o",
+                            "crypto/des/ecb_enc.o",
+                            "crypto/des/fcrypt.o",
+                            "crypto/des/fcrypt_b.o",
+                            "crypto/des/ofb64ede.o",
+                            "crypto/des/ofb64enc.o",
+                            "crypto/des/ofb_enc.o",
+                            "crypto/des/pcbc_enc.o",
+                            "crypto/des/qud_cksm.o",
+                            "crypto/des/rand_key.o",
+                            "crypto/des/set_key.o",
+                            "crypto/des/str2key.o",
+                            "crypto/des/xcbc_enc.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/dh" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/dh/dh_ameth.o",
+                            "crypto/dh/dh_asn1.o",
+                            "crypto/dh/dh_check.o",
+                            "crypto/dh/dh_depr.o",
+                            "crypto/dh/dh_err.o",
+                            "crypto/dh/dh_gen.o",
+                            "crypto/dh/dh_kdf.o",
+                            "crypto/dh/dh_key.o",
+                            "crypto/dh/dh_lib.o",
+                            "crypto/dh/dh_meth.o",
+                            "crypto/dh/dh_pmeth.o",
+                            "crypto/dh/dh_prn.o",
+                            "crypto/dh/dh_rfc5114.o",
+                            "crypto/dh/dh_rfc7919.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/dsa" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/dsa/dsa_ameth.o",
+                            "crypto/dsa/dsa_asn1.o",
+                            "crypto/dsa/dsa_depr.o",
+                            "crypto/dsa/dsa_err.o",
+                            "crypto/dsa/dsa_gen.o",
+                            "crypto/dsa/dsa_key.o",
+                            "crypto/dsa/dsa_lib.o",
+                            "crypto/dsa/dsa_meth.o",
+                            "crypto/dsa/dsa_ossl.o",
+                            "crypto/dsa/dsa_pmeth.o",
+                            "crypto/dsa/dsa_prn.o",
+                            "crypto/dsa/dsa_sign.o",
+                            "crypto/dsa/dsa_vrf.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/dso" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/dso/dso_dl.o",
+                            "crypto/dso/dso_dlfcn.o",
+                            "crypto/dso/dso_err.o",
+                            "crypto/dso/dso_lib.o",
+                            "crypto/dso/dso_openssl.o",
+                            "crypto/dso/dso_vms.o",
+                            "crypto/dso/dso_win32.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/ec" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/ec/curve25519.o",
+                            "crypto/ec/ec2_oct.o",
+                            "crypto/ec/ec2_smpl.o",
+                            "crypto/ec/ec_ameth.o",
+                            "crypto/ec/ec_asn1.o",
+                            "crypto/ec/ec_check.o",
+                            "crypto/ec/ec_curve.o",
+                            "crypto/ec/ec_cvt.o",
+                            "crypto/ec/ec_err.o",
+                            "crypto/ec/ec_key.o",
+                            "crypto/ec/ec_kmeth.o",
+                            "crypto/ec/ec_lib.o",
+                            "crypto/ec/ec_mult.o",
+                            "crypto/ec/ec_oct.o",
+                            "crypto/ec/ec_pmeth.o",
+                            "crypto/ec/ec_print.o",
+                            "crypto/ec/ecdh_kdf.o",
+                            "crypto/ec/ecdh_ossl.o",
+                            "crypto/ec/ecdsa_ossl.o",
+                            "crypto/ec/ecdsa_sign.o",
+                            "crypto/ec/ecdsa_vrf.o",
+                            "crypto/ec/eck_prn.o",
+                            "crypto/ec/ecp_mont.o",
+                            "crypto/ec/ecp_nist.o",
+                            "crypto/ec/ecp_nistp224.o",
+                            "crypto/ec/ecp_nistp256.o",
+                            "crypto/ec/ecp_nistp521.o",
+                            "crypto/ec/ecp_nistputil.o",
+                            "crypto/ec/ecp_oct.o",
+                            "crypto/ec/ecp_smpl.o",
+                            "crypto/ec/ecx_meth.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/ec/curve448" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/ec/curve448/curve448.o",
+                            "crypto/ec/curve448/curve448_tables.o",
+                            "crypto/ec/curve448/eddsa.o",
+                            "crypto/ec/curve448/f_generic.o",
+                            "crypto/ec/curve448/scalar.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/ec/curve448/arch_32" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/ec/curve448/arch_32/f_impl.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/engine" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/engine/eng_all.o",
+                            "crypto/engine/eng_cnf.o",
+                            "crypto/engine/eng_ctrl.o",
+                            "crypto/engine/eng_dyn.o",
+                            "crypto/engine/eng_err.o",
+                            "crypto/engine/eng_fat.o",
+                            "crypto/engine/eng_init.o",
+                            "crypto/engine/eng_lib.o",
+                            "crypto/engine/eng_list.o",
+                            "crypto/engine/eng_openssl.o",
+                            "crypto/engine/eng_pkey.o",
+                            "crypto/engine/eng_rdrand.o",
+                            "crypto/engine/eng_table.o",
+                            "crypto/engine/tb_asnmth.o",
+                            "crypto/engine/tb_cipher.o",
+                            "crypto/engine/tb_dh.o",
+                            "crypto/engine/tb_digest.o",
+                            "crypto/engine/tb_dsa.o",
+                            "crypto/engine/tb_eckey.o",
+                            "crypto/engine/tb_pkmeth.o",
+                            "crypto/engine/tb_rand.o",
+                            "crypto/engine/tb_rsa.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/err" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/err/err.o",
+                            "crypto/err/err_all.o",
+                            "crypto/err/err_prn.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/evp" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/evp/bio_b64.o",
+                            "crypto/evp/bio_enc.o",
+                            "crypto/evp/bio_md.o",
+                            "crypto/evp/bio_ok.o",
+                            "crypto/evp/c_allc.o",
+                            "crypto/evp/c_alld.o",
+                            "crypto/evp/cmeth_lib.o",
+                            "crypto/evp/digest.o",
+                            "crypto/evp/e_aes.o",
+                            "crypto/evp/e_aes_cbc_hmac_sha1.o",
+                            "crypto/evp/e_aes_cbc_hmac_sha256.o",
+                            "crypto/evp/e_aria.o",
+                            "crypto/evp/e_bf.o",
+                            "crypto/evp/e_camellia.o",
+                            "crypto/evp/e_cast.o",
+                            "crypto/evp/e_chacha20_poly1305.o",
+                            "crypto/evp/e_des.o",
+                            "crypto/evp/e_des3.o",
+                            "crypto/evp/e_idea.o",
+                            "crypto/evp/e_null.o",
+                            "crypto/evp/e_old.o",
+                            "crypto/evp/e_rc2.o",
+                            "crypto/evp/e_rc4.o",
+                            "crypto/evp/e_rc4_hmac_md5.o",
+                            "crypto/evp/e_rc5.o",
+                            "crypto/evp/e_seed.o",
+                            "crypto/evp/e_sm4.o",
+                            "crypto/evp/e_xcbc_d.o",
+                            "crypto/evp/encode.o",
+                            "crypto/evp/evp_cnf.o",
+                            "crypto/evp/evp_enc.o",
+                            "crypto/evp/evp_err.o",
+                            "crypto/evp/evp_key.o",
+                            "crypto/evp/evp_lib.o",
+                            "crypto/evp/evp_pbe.o",
+                            "crypto/evp/evp_pkey.o",
+                            "crypto/evp/m_md2.o",
+                            "crypto/evp/m_md4.o",
+                            "crypto/evp/m_md5.o",
+                            "crypto/evp/m_md5_sha1.o",
+                            "crypto/evp/m_mdc2.o",
+                            "crypto/evp/m_null.o",
+                            "crypto/evp/m_ripemd.o",
+                            "crypto/evp/m_sha1.o",
+                            "crypto/evp/m_sha3.o",
+                            "crypto/evp/m_sigver.o",
+                            "crypto/evp/m_wp.o",
+                            "crypto/evp/names.o",
+                            "crypto/evp/p5_crpt.o",
+                            "crypto/evp/p5_crpt2.o",
+                            "crypto/evp/p_dec.o",
+                            "crypto/evp/p_enc.o",
+                            "crypto/evp/p_lib.o",
+                            "crypto/evp/p_open.o",
+                            "crypto/evp/p_seal.o",
+                            "crypto/evp/p_sign.o",
+                            "crypto/evp/p_verify.o",
+                            "crypto/evp/pbe_scrypt.o",
+                            "crypto/evp/pmeth_fn.o",
+                            "crypto/evp/pmeth_gn.o",
+                            "crypto/evp/pmeth_lib.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/hmac" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/hmac/hm_ameth.o",
+                            "crypto/hmac/hm_pmeth.o",
+                            "crypto/hmac/hmac.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/idea" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/idea/i_cbc.o",
+                            "crypto/idea/i_cfb64.o",
+                            "crypto/idea/i_ecb.o",
+                            "crypto/idea/i_ofb64.o",
+                            "crypto/idea/i_skey.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/kdf" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/kdf/hkdf.o",
+                            "crypto/kdf/kdf_err.o",
+                            "crypto/kdf/scrypt.o",
+                            "crypto/kdf/tls1_prf.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/lhash" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/lhash/lh_stats.o",
+                            "crypto/lhash/lhash.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/md4" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/md4/md4_dgst.o",
+                            "crypto/md4/md4_one.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/md5" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/md5/md5_dgst.o",
+                            "crypto/md5/md5_one.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/mdc2" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/mdc2/mdc2_one.o",
+                            "crypto/mdc2/mdc2dgst.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/modes" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/modes/cbc128.o",
+                            "crypto/modes/ccm128.o",
+                            "crypto/modes/cfb128.o",
+                            "crypto/modes/ctr128.o",
+                            "crypto/modes/cts128.o",
+                            "crypto/modes/gcm128.o",
+                            "crypto/modes/ocb128.o",
+                            "crypto/modes/ofb128.o",
+                            "crypto/modes/wrap128.o",
+                            "crypto/modes/xts128.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/objects" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/objects/o_names.o",
+                            "crypto/objects/obj_dat.o",
+                            "crypto/objects/obj_err.o",
+                            "crypto/objects/obj_lib.o",
+                            "crypto/objects/obj_xref.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/ocsp" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/ocsp/ocsp_asn.o",
+                            "crypto/ocsp/ocsp_cl.o",
+                            "crypto/ocsp/ocsp_err.o",
+                            "crypto/ocsp/ocsp_ext.o",
+                            "crypto/ocsp/ocsp_ht.o",
+                            "crypto/ocsp/ocsp_lib.o",
+                            "crypto/ocsp/ocsp_prn.o",
+                            "crypto/ocsp/ocsp_srv.o",
+                            "crypto/ocsp/ocsp_vfy.o",
+                            "crypto/ocsp/v3_ocsp.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/pem" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/pem/pem_all.o",
+                            "crypto/pem/pem_err.o",
+                            "crypto/pem/pem_info.o",
+                            "crypto/pem/pem_lib.o",
+                            "crypto/pem/pem_oth.o",
+                            "crypto/pem/pem_pk8.o",
+                            "crypto/pem/pem_pkey.o",
+                            "crypto/pem/pem_sign.o",
+                            "crypto/pem/pem_x509.o",
+                            "crypto/pem/pem_xaux.o",
+                            "crypto/pem/pvkfmt.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/pkcs12" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/pkcs12/p12_add.o",
+                            "crypto/pkcs12/p12_asn.o",
+                            "crypto/pkcs12/p12_attr.o",
+                            "crypto/pkcs12/p12_crpt.o",
+                            "crypto/pkcs12/p12_crt.o",
+                            "crypto/pkcs12/p12_decr.o",
+                            "crypto/pkcs12/p12_init.o",
+                            "crypto/pkcs12/p12_key.o",
+                            "crypto/pkcs12/p12_kiss.o",
+                            "crypto/pkcs12/p12_mutl.o",
+                            "crypto/pkcs12/p12_npas.o",
+                            "crypto/pkcs12/p12_p8d.o",
+                            "crypto/pkcs12/p12_p8e.o",
+                            "crypto/pkcs12/p12_sbag.o",
+                            "crypto/pkcs12/p12_utl.o",
+                            "crypto/pkcs12/pk12err.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/pkcs7" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/pkcs7/bio_pk7.o",
+                            "crypto/pkcs7/pk7_asn1.o",
+                            "crypto/pkcs7/pk7_attr.o",
+                            "crypto/pkcs7/pk7_doit.o",
+                            "crypto/pkcs7/pk7_lib.o",
+                            "crypto/pkcs7/pk7_mime.o",
+                            "crypto/pkcs7/pk7_smime.o",
+                            "crypto/pkcs7/pkcs7err.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/poly1305" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/poly1305/poly1305-mips.o",
+                            "crypto/poly1305/poly1305.o",
+                            "crypto/poly1305/poly1305_ameth.o",
+                            "crypto/poly1305/poly1305_pmeth.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/rand" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/rand/drbg_ctr.o",
+                            "crypto/rand/drbg_lib.o",
+                            "crypto/rand/rand_egd.o",
+                            "crypto/rand/rand_err.o",
+                            "crypto/rand/rand_lib.o",
+                            "crypto/rand/rand_unix.o",
+                            "crypto/rand/rand_vms.o",
+                            "crypto/rand/rand_win.o",
+                            "crypto/rand/randfile.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/rc2" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/rc2/rc2_cbc.o",
+                            "crypto/rc2/rc2_ecb.o",
+                            "crypto/rc2/rc2_skey.o",
+                            "crypto/rc2/rc2cfb64.o",
+                            "crypto/rc2/rc2ofb64.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/rc4" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/rc4/rc4_enc.o",
+                            "crypto/rc4/rc4_skey.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/ripemd" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/ripemd/rmd_dgst.o",
+                            "crypto/ripemd/rmd_one.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/rsa" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/rsa/rsa_ameth.o",
+                            "crypto/rsa/rsa_asn1.o",
+                            "crypto/rsa/rsa_chk.o",
+                            "crypto/rsa/rsa_crpt.o",
+                            "crypto/rsa/rsa_depr.o",
+                            "crypto/rsa/rsa_err.o",
+                            "crypto/rsa/rsa_gen.o",
+                            "crypto/rsa/rsa_lib.o",
+                            "crypto/rsa/rsa_meth.o",
+                            "crypto/rsa/rsa_mp.o",
+                            "crypto/rsa/rsa_none.o",
+                            "crypto/rsa/rsa_oaep.o",
+                            "crypto/rsa/rsa_ossl.o",
+                            "crypto/rsa/rsa_pk1.o",
+                            "crypto/rsa/rsa_pmeth.o",
+                            "crypto/rsa/rsa_prn.o",
+                            "crypto/rsa/rsa_pss.o",
+                            "crypto/rsa/rsa_saos.o",
+                            "crypto/rsa/rsa_sign.o",
+                            "crypto/rsa/rsa_ssl.o",
+                            "crypto/rsa/rsa_x931.o",
+                            "crypto/rsa/rsa_x931g.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/seed" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/seed/seed.o",
+                            "crypto/seed/seed_cbc.o",
+                            "crypto/seed/seed_cfb.o",
+                            "crypto/seed/seed_ecb.o",
+                            "crypto/seed/seed_ofb.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/sha" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/sha/keccak1600.o",
+                            "crypto/sha/sha1-mips.o",
+                            "crypto/sha/sha1_one.o",
+                            "crypto/sha/sha1dgst.o",
+                            "crypto/sha/sha256-mips.o",
+                            "crypto/sha/sha256.o",
+                            "crypto/sha/sha512-mips.o",
+                            "crypto/sha/sha512.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/siphash" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/siphash/siphash.o",
+                            "crypto/siphash/siphash_ameth.o",
+                            "crypto/siphash/siphash_pmeth.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/sm2" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/sm2/sm2_crypt.o",
+                            "crypto/sm2/sm2_err.o",
+                            "crypto/sm2/sm2_pmeth.o",
+                            "crypto/sm2/sm2_sign.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/sm3" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/sm3/m_sm3.o",
+                            "crypto/sm3/sm3.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/sm4" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/sm4/sm4.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/srp" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/srp/srp_lib.o",
+                            "crypto/srp/srp_vfy.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/stack" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/stack/stack.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/store" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/store/loader_file.o",
+                            "crypto/store/store_err.o",
+                            "crypto/store/store_init.o",
+                            "crypto/store/store_lib.o",
+                            "crypto/store/store_register.o",
+                            "crypto/store/store_strings.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/ts" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/ts/ts_asn1.o",
+                            "crypto/ts/ts_conf.o",
+                            "crypto/ts/ts_err.o",
+                            "crypto/ts/ts_lib.o",
+                            "crypto/ts/ts_req_print.o",
+                            "crypto/ts/ts_req_utils.o",
+                            "crypto/ts/ts_rsp_print.o",
+                            "crypto/ts/ts_rsp_sign.o",
+                            "crypto/ts/ts_rsp_utils.o",
+                            "crypto/ts/ts_rsp_verify.o",
+                            "crypto/ts/ts_verify_ctx.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/txt_db" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/txt_db/txt_db.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/ui" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/ui/ui_err.o",
+                            "crypto/ui/ui_lib.o",
+                            "crypto/ui/ui_null.o",
+                            "crypto/ui/ui_openssl.o",
+                            "crypto/ui/ui_util.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/whrlpool" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/whrlpool/wp_block.o",
+                            "crypto/whrlpool/wp_dgst.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/x509" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/x509/by_dir.o",
+                            "crypto/x509/by_file.o",
+                            "crypto/x509/t_crl.o",
+                            "crypto/x509/t_req.o",
+                            "crypto/x509/t_x509.o",
+                            "crypto/x509/x509_att.o",
+                            "crypto/x509/x509_cmp.o",
+                            "crypto/x509/x509_d2.o",
+                            "crypto/x509/x509_def.o",
+                            "crypto/x509/x509_err.o",
+                            "crypto/x509/x509_ext.o",
+                            "crypto/x509/x509_lu.o",
+                            "crypto/x509/x509_meth.o",
+                            "crypto/x509/x509_obj.o",
+                            "crypto/x509/x509_r2x.o",
+                            "crypto/x509/x509_req.o",
+                            "crypto/x509/x509_set.o",
+                            "crypto/x509/x509_trs.o",
+                            "crypto/x509/x509_txt.o",
+                            "crypto/x509/x509_v3.o",
+                            "crypto/x509/x509_vfy.o",
+                            "crypto/x509/x509_vpm.o",
+                            "crypto/x509/x509cset.o",
+                            "crypto/x509/x509name.o",
+                            "crypto/x509/x509rset.o",
+                            "crypto/x509/x509spki.o",
+                            "crypto/x509/x509type.o",
+                            "crypto/x509/x_all.o",
+                            "crypto/x509/x_attrib.o",
+                            "crypto/x509/x_crl.o",
+                            "crypto/x509/x_exten.o",
+                            "crypto/x509/x_name.o",
+                            "crypto/x509/x_pubkey.o",
+                            "crypto/x509/x_req.o",
+                            "crypto/x509/x_x509.o",
+                            "crypto/x509/x_x509a.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "crypto/x509v3" =>
+                {
+                    "deps" =>
+                        [
+                            "crypto/x509v3/pcy_cache.o",
+                            "crypto/x509v3/pcy_data.o",
+                            "crypto/x509v3/pcy_lib.o",
+                            "crypto/x509v3/pcy_map.o",
+                            "crypto/x509v3/pcy_node.o",
+                            "crypto/x509v3/pcy_tree.o",
+                            "crypto/x509v3/v3_addr.o",
+                            "crypto/x509v3/v3_admis.o",
+                            "crypto/x509v3/v3_akey.o",
+                            "crypto/x509v3/v3_akeya.o",
+                            "crypto/x509v3/v3_alt.o",
+                            "crypto/x509v3/v3_asid.o",
+                            "crypto/x509v3/v3_bcons.o",
+                            "crypto/x509v3/v3_bitst.o",
+                            "crypto/x509v3/v3_conf.o",
+                            "crypto/x509v3/v3_cpols.o",
+                            "crypto/x509v3/v3_crld.o",
+                            "crypto/x509v3/v3_enum.o",
+                            "crypto/x509v3/v3_extku.o",
+                            "crypto/x509v3/v3_genn.o",
+                            "crypto/x509v3/v3_ia5.o",
+                            "crypto/x509v3/v3_info.o",
+                            "crypto/x509v3/v3_int.o",
+                            "crypto/x509v3/v3_lib.o",
+                            "crypto/x509v3/v3_ncons.o",
+                            "crypto/x509v3/v3_pci.o",
+                            "crypto/x509v3/v3_pcia.o",
+                            "crypto/x509v3/v3_pcons.o",
+                            "crypto/x509v3/v3_pku.o",
+                            "crypto/x509v3/v3_pmaps.o",
+                            "crypto/x509v3/v3_prn.o",
+                            "crypto/x509v3/v3_purp.o",
+                            "crypto/x509v3/v3_skey.o",
+                            "crypto/x509v3/v3_sxnet.o",
+                            "crypto/x509v3/v3_tlsf.o",
+                            "crypto/x509v3/v3_utl.o",
+                            "crypto/x509v3/v3err.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "engines" =>
+                {
+                    "deps" =>
+                        [
+                            "engines/e_capi.o",
+                            "engines/e_padlock.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libcrypto",
+                                ],
+                        },
+                },
+            "fuzz" =>
+                {
+                    "products" =>
+                        {
+                            "bin" =>
+                                [
+                                    "fuzz/asn1-test",
+                                    "fuzz/asn1parse-test",
+                                    "fuzz/bignum-test",
+                                    "fuzz/bndiv-test",
+                                    "fuzz/client-test",
+                                    "fuzz/cms-test",
+                                    "fuzz/conf-test",
+                                    "fuzz/crl-test",
+                                    "fuzz/ct-test",
+                                    "fuzz/server-test",
+                                    "fuzz/x509-test",
+                                ],
+                        },
+                },
+            "ssl" =>
+                {
+                    "deps" =>
+                        [
+                            "ssl/bio_ssl.o",
+                            "ssl/d1_lib.o",
+                            "ssl/d1_msg.o",
+                            "ssl/d1_srtp.o",
+                            "ssl/methods.o",
+                            "ssl/packet.o",
+                            "ssl/pqueue.o",
+                            "ssl/s3_cbc.o",
+                            "ssl/s3_enc.o",
+                            "ssl/s3_lib.o",
+                            "ssl/s3_msg.o",
+                            "ssl/ssl_asn1.o",
+                            "ssl/ssl_cert.o",
+                            "ssl/ssl_ciph.o",
+                            "ssl/ssl_conf.o",
+                            "ssl/ssl_err.o",
+                            "ssl/ssl_init.o",
+                            "ssl/ssl_lib.o",
+                            "ssl/ssl_mcnf.o",
+                            "ssl/ssl_rsa.o",
+                            "ssl/ssl_sess.o",
+                            "ssl/ssl_stat.o",
+                            "ssl/ssl_txt.o",
+                            "ssl/ssl_utst.o",
+                            "ssl/t1_enc.o",
+                            "ssl/t1_lib.o",
+                            "ssl/t1_trce.o",
+                            "ssl/tls13_enc.o",
+                            "ssl/tls_srp.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libssl",
+                                ],
+                        },
+                },
+            "ssl/record" =>
+                {
+                    "deps" =>
+                        [
+                            "ssl/record/dtls1_bitmap.o",
+                            "ssl/record/rec_layer_d1.o",
+                            "ssl/record/rec_layer_s3.o",
+                            "ssl/record/ssl3_buffer.o",
+                            "ssl/record/ssl3_record.o",
+                            "ssl/record/ssl3_record_tls13.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libssl",
+                                ],
+                        },
+                },
+            "ssl/statem" =>
+                {
+                    "deps" =>
+                        [
+                            "ssl/statem/extensions.o",
+                            "ssl/statem/extensions_clnt.o",
+                            "ssl/statem/extensions_cust.o",
+                            "ssl/statem/extensions_srvr.o",
+                            "ssl/statem/statem.o",
+                            "ssl/statem/statem_clnt.o",
+                            "ssl/statem/statem_dtls.o",
+                            "ssl/statem/statem_lib.o",
+                            "ssl/statem/statem_srvr.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "libssl",
+                                ],
+                        },
+                },
+            "test/testutil" =>
+                {
+                    "deps" =>
+                        [
+                            "test/testutil/basic_output.o",
+                            "test/testutil/cb.o",
+                            "test/testutil/driver.o",
+                            "test/testutil/format_output.o",
+                            "test/testutil/init.o",
+                            "test/testutil/main.o",
+                            "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
+                            "test/testutil/stanza.o",
+                            "test/testutil/tap_bio.o",
+                            "test/testutil/test_cleanup.o",
+                            "test/testutil/tests.o",
+                        ],
+                    "products" =>
+                        {
+                            "lib" =>
+                                [
+                                    "test/libtestutil.a",
+                                ],
+                        },
+                },
+            "tools" =>
+                {
+                    "products" =>
+                        {
+                            "script" =>
+                                [
+                                    "tools/c_rehash",
+                                ],
+                        },
+                },
+            "util" =>
+                {
+                    "products" =>
+                        {
+                            "script" =>
+                                [
+                                    "util/shlib_wrap.sh",
+                                ],
+                        },
+                },
+        },
+    "engines" =>
+        [
+        ],
+    "extra" =>
+        [
+            "crypto/alphacpuid.pl",
+            "crypto/arm64cpuid.pl",
+            "crypto/armv4cpuid.pl",
+            "crypto/ia64cpuid.S",
+            "crypto/pariscid.pl",
+            "crypto/ppccpuid.pl",
+            "crypto/x86_64cpuid.pl",
+            "crypto/x86cpuid.pl",
+            "ms/applink.c",
+            "ms/uplink-x86.pl",
+            "ms/uplink.c",
+        ],
+    "generate" =>
+        {
+            "apps/progs.h" =>
+                [
+                    "apps/progs.pl",
+                    "\$(APPS_OPENSSL)",
+                ],
+            "crypto/aes/aes-586.s" =>
+                [
+                    "crypto/aes/asm/aes-586.pl",
+                    "\$(PERLASM_SCHEME)",
+                    "\$(LIB_CFLAGS)",
+                    "\$(LIB_CPPFLAGS)",
+                    "\$(PROCESSOR)",
+                ],
+            "crypto/aes/aes-armv4.S" =>
+                [
+                    "crypto/aes/asm/aes-armv4.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/aes/aes-ia64.s" =>
+                [
+                    "crypto/aes/asm/aes-ia64.S",
+                ],
+            "crypto/aes/aes-mips.S" =>
+                [
+                    "crypto/aes/asm/aes-mips.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/aes/aes-parisc.s" =>
+                [
+                    "crypto/aes/asm/aes-parisc.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/aes/aes-ppc.s" =>
+                [
+                    "crypto/aes/asm/aes-ppc.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/aes/aes-s390x.S" =>
+                [
+                    "crypto/aes/asm/aes-s390x.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/aes/aes-sparcv9.S" =>
+                [
+                    "crypto/aes/asm/aes-sparcv9.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/aes/aes-x86_64.s" =>
+                [
+                    "crypto/aes/asm/aes-x86_64.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/aes/aesfx-sparcv9.S" =>
+                [
+                    "crypto/aes/asm/aesfx-sparcv9.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/aes/aesni-mb-x86_64.s" =>
+                [
+                    "crypto/aes/asm/aesni-mb-x86_64.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/aes/aesni-sha1-x86_64.s" =>
+                [
+                    "crypto/aes/asm/aesni-sha1-x86_64.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/aes/aesni-sha256-x86_64.s" =>
+                [
+                    "crypto/aes/asm/aesni-sha256-x86_64.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/aes/aesni-x86.s" =>
+                [
+                    "crypto/aes/asm/aesni-x86.pl",
+                    "\$(PERLASM_SCHEME)",
+                    "\$(LIB_CFLAGS)",
+                    "\$(LIB_CPPFLAGS)",
+                    "\$(PROCESSOR)",
+                ],
+            "crypto/aes/aesni-x86_64.s" =>
+                [
+                    "crypto/aes/asm/aesni-x86_64.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/aes/aesp8-ppc.s" =>
+                [
+                    "crypto/aes/asm/aesp8-ppc.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/aes/aest4-sparcv9.S" =>
+                [
+                    "crypto/aes/asm/aest4-sparcv9.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/aes/aesv8-armx.S" =>
+                [
+                    "crypto/aes/asm/aesv8-armx.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/aes/bsaes-armv7.S" =>
+                [
+                    "crypto/aes/asm/bsaes-armv7.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/aes/bsaes-x86_64.s" =>
+                [
+                    "crypto/aes/asm/bsaes-x86_64.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/aes/vpaes-armv8.S" =>
+                [
+                    "crypto/aes/asm/vpaes-armv8.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/aes/vpaes-ppc.s" =>
+                [
+                    "crypto/aes/asm/vpaes-ppc.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/aes/vpaes-x86.s" =>
+                [
+                    "crypto/aes/asm/vpaes-x86.pl",
+                    "\$(PERLASM_SCHEME)",
+                    "\$(LIB_CFLAGS)",
+                    "\$(LIB_CPPFLAGS)",
+                    "\$(PROCESSOR)",
+                ],
+            "crypto/aes/vpaes-x86_64.s" =>
+                [
+                    "crypto/aes/asm/vpaes-x86_64.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/alphacpuid.s" =>
+                [
+                    "crypto/alphacpuid.pl",
+                ],
+            "crypto/arm64cpuid.S" =>
+                [
+                    "crypto/arm64cpuid.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/armv4cpuid.S" =>
+                [
+                    "crypto/armv4cpuid.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/bf/bf-586.s" =>
+                [
+                    "crypto/bf/asm/bf-586.pl",
+                    "\$(PERLASM_SCHEME)",
+                    "\$(LIB_CFLAGS)",
+                    "\$(LIB_CPPFLAGS)",
+                    "\$(PROCESSOR)",
+                ],
+            "crypto/bn/alpha-mont.S" =>
+                [
+                    "crypto/bn/asm/alpha-mont.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/bn/armv4-gf2m.S" =>
+                [
+                    "crypto/bn/asm/armv4-gf2m.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/bn/armv4-mont.S" =>
+                [
+                    "crypto/bn/asm/armv4-mont.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/bn/armv8-mont.S" =>
+                [
+                    "crypto/bn/asm/armv8-mont.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/bn/bn-586.s" =>
+                [
+                    "crypto/bn/asm/bn-586.pl",
+                    "\$(PERLASM_SCHEME)",
+                    "\$(LIB_CFLAGS)",
+                    "\$(LIB_CPPFLAGS)",
+                    "\$(PROCESSOR)",
+                ],
+            "crypto/bn/bn-ia64.s" =>
+                [
+                    "crypto/bn/asm/ia64.S",
+                ],
+            "crypto/bn/bn-mips.S" =>
+                [
+                    "crypto/bn/asm/mips.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/bn/bn-ppc.s" =>
+                [
+                    "crypto/bn/asm/ppc.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/bn/co-586.s" =>
+                [
+                    "crypto/bn/asm/co-586.pl",
+                    "\$(PERLASM_SCHEME)",
+                    "\$(LIB_CFLAGS)",
+                    "\$(LIB_CPPFLAGS)",
+                    "\$(PROCESSOR)",
+                ],
+            "crypto/bn/ia64-mont.s" =>
+                [
+                    "crypto/bn/asm/ia64-mont.pl",
+                    "\$(LIB_CFLAGS)",
+                    "\$(LIB_CPPFLAGS)",
+                ],
+            "crypto/bn/mips-mont.S" =>
+                [
+                    "crypto/bn/asm/mips-mont.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/bn/parisc-mont.s" =>
+                [
+                    "crypto/bn/asm/parisc-mont.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/bn/ppc-mont.s" =>
+                [
+                    "crypto/bn/asm/ppc-mont.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/bn/ppc64-mont.s" =>
+                [
+                    "crypto/bn/asm/ppc64-mont.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/bn/rsaz-avx2.s" =>
+                [
+                    "crypto/bn/asm/rsaz-avx2.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/bn/rsaz-x86_64.s" =>
+                [
+                    "crypto/bn/asm/rsaz-x86_64.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/bn/s390x-gf2m.s" =>
+                [
+                    "crypto/bn/asm/s390x-gf2m.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/bn/s390x-mont.S" =>
+                [
+                    "crypto/bn/asm/s390x-mont.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/bn/sparct4-mont.S" =>
+                [
+                    "crypto/bn/asm/sparct4-mont.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/bn/sparcv9-gf2m.S" =>
+                [
+                    "crypto/bn/asm/sparcv9-gf2m.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/bn/sparcv9-mont.S" =>
+                [
+                    "crypto/bn/asm/sparcv9-mont.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/bn/sparcv9a-mont.S" =>
+                [
+                    "crypto/bn/asm/sparcv9a-mont.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/bn/vis3-mont.S" =>
+                [
+                    "crypto/bn/asm/vis3-mont.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/bn/x86-gf2m.s" =>
+                [
+                    "crypto/bn/asm/x86-gf2m.pl",
+                    "\$(PERLASM_SCHEME)",
+                    "\$(LIB_CFLAGS)",
+                    "\$(LIB_CPPFLAGS)",
+                    "\$(PROCESSOR)",
+                ],
+            "crypto/bn/x86-mont.s" =>
+                [
+                    "crypto/bn/asm/x86-mont.pl",
+                    "\$(PERLASM_SCHEME)",
+                    "\$(LIB_CFLAGS)",
+                    "\$(LIB_CPPFLAGS)",
+                    "\$(PROCESSOR)",
+                ],
+            "crypto/bn/x86_64-gf2m.s" =>
+                [
+                    "crypto/bn/asm/x86_64-gf2m.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/bn/x86_64-mont.s" =>
+                [
+                    "crypto/bn/asm/x86_64-mont.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/bn/x86_64-mont5.s" =>
+                [
+                    "crypto/bn/asm/x86_64-mont5.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/buildinf.h" =>
+                [
+                    "util/mkbuildinf.pl",
+                    "\"\$(CC)",
+                    "\$(LIB_CFLAGS)",
+                    "\$(CPPFLAGS_Q)\"",
+                    "\"\$(PLATFORM)\"",
+                ],
+            "crypto/camellia/cmll-x86.s" =>
+                [
+                    "crypto/camellia/asm/cmll-x86.pl",
+                    "\$(PERLASM_SCHEME)",
+                    "\$(LIB_CFLAGS)",
+                    "\$(LIB_CPPFLAGS)",
+                    "\$(PROCESSOR)",
+                ],
+            "crypto/camellia/cmll-x86_64.s" =>
+                [
+                    "crypto/camellia/asm/cmll-x86_64.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/camellia/cmllt4-sparcv9.S" =>
+                [
+                    "crypto/camellia/asm/cmllt4-sparcv9.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/cast/cast-586.s" =>
+                [
+                    "crypto/cast/asm/cast-586.pl",
+                    "\$(PERLASM_SCHEME)",
+                    "\$(LIB_CFLAGS)",
+                    "\$(LIB_CPPFLAGS)",
+                    "\$(PROCESSOR)",
+                ],
+            "crypto/chacha/chacha-armv4.S" =>
+                [
+                    "crypto/chacha/asm/chacha-armv4.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/chacha/chacha-armv8.S" =>
+                [
+                    "crypto/chacha/asm/chacha-armv8.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/chacha/chacha-ppc.s" =>
+                [
+                    "crypto/chacha/asm/chacha-ppc.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/chacha/chacha-s390x.S" =>
+                [
+                    "crypto/chacha/asm/chacha-s390x.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/chacha/chacha-x86.s" =>
+                [
+                    "crypto/chacha/asm/chacha-x86.pl",
+                    "\$(PERLASM_SCHEME)",
+                    "\$(LIB_CFLAGS)",
+                    "\$(LIB_CPPFLAGS)",
+                    "\$(PROCESSOR)",
+                ],
+            "crypto/chacha/chacha-x86_64.s" =>
+                [
+                    "crypto/chacha/asm/chacha-x86_64.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/des/crypt586.s" =>
+                [
+                    "crypto/des/asm/crypt586.pl",
+                    "\$(PERLASM_SCHEME)",
+                    "\$(LIB_CFLAGS)",
+                    "\$(LIB_CPPFLAGS)",
+                ],
+            "crypto/des/des-586.s" =>
+                [
+                    "crypto/des/asm/des-586.pl",
+                    "\$(PERLASM_SCHEME)",
+                    "\$(LIB_CFLAGS)",
+                    "\$(LIB_CPPFLAGS)",
+                ],
+            "crypto/des/des_enc-sparc.S" =>
+                [
+                    "crypto/des/asm/des_enc.m4",
+                ],
+            "crypto/des/dest4-sparcv9.S" =>
+                [
+                    "crypto/des/asm/dest4-sparcv9.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/ec/ecp_nistz256-armv4.S" =>
+                [
+                    "crypto/ec/asm/ecp_nistz256-armv4.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/ec/ecp_nistz256-armv8.S" =>
+                [
+                    "crypto/ec/asm/ecp_nistz256-armv8.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/ec/ecp_nistz256-avx2.s" =>
+                [
+                    "crypto/ec/asm/ecp_nistz256-avx2.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/ec/ecp_nistz256-ppc64.s" =>
+                [
+                    "crypto/ec/asm/ecp_nistz256-ppc64.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/ec/ecp_nistz256-sparcv9.S" =>
+                [
+                    "crypto/ec/asm/ecp_nistz256-sparcv9.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/ec/ecp_nistz256-x86.s" =>
+                [
+                    "crypto/ec/asm/ecp_nistz256-x86.pl",
+                    "\$(PERLASM_SCHEME)",
+                    "\$(LIB_CFLAGS)",
+                    "\$(LIB_CPPFLAGS)",
+                    "\$(PROCESSOR)",
+                ],
+            "crypto/ec/ecp_nistz256-x86_64.s" =>
+                [
+                    "crypto/ec/asm/ecp_nistz256-x86_64.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/ec/x25519-ppc64.s" =>
+                [
+                    "crypto/ec/asm/x25519-ppc64.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/ec/x25519-x86_64.s" =>
+                [
+                    "crypto/ec/asm/x25519-x86_64.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/ia64cpuid.s" =>
+                [
+                    "crypto/ia64cpuid.S",
+                ],
+            "crypto/include/internal/bn_conf.h" =>
+                [
+                    "crypto/include/internal/bn_conf.h.in",
+                ],
+            "crypto/include/internal/dso_conf.h" =>
+                [
+                    "crypto/include/internal/dso_conf.h.in",
+                ],
+            "crypto/md5/md5-586.s" =>
+                [
+                    "crypto/md5/asm/md5-586.pl",
+                    "\$(PERLASM_SCHEME)",
+                    "\$(LIB_CFLAGS)",
+                    "\$(LIB_CPPFLAGS)",
+                ],
+            "crypto/md5/md5-sparcv9.S" =>
+                [
+                    "crypto/md5/asm/md5-sparcv9.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/md5/md5-x86_64.s" =>
+                [
+                    "crypto/md5/asm/md5-x86_64.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/modes/aesni-gcm-x86_64.s" =>
+                [
+                    "crypto/modes/asm/aesni-gcm-x86_64.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/modes/ghash-alpha.S" =>
+                [
+                    "crypto/modes/asm/ghash-alpha.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/modes/ghash-armv4.S" =>
+                [
+                    "crypto/modes/asm/ghash-armv4.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/modes/ghash-ia64.s" =>
+                [
+                    "crypto/modes/asm/ghash-ia64.pl",
+                    "\$(LIB_CFLAGS)",
+                    "\$(LIB_CPPFLAGS)",
+                ],
+            "crypto/modes/ghash-parisc.s" =>
+                [
+                    "crypto/modes/asm/ghash-parisc.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/modes/ghash-s390x.S" =>
+                [
+                    "crypto/modes/asm/ghash-s390x.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/modes/ghash-sparcv9.S" =>
+                [
+                    "crypto/modes/asm/ghash-sparcv9.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/modes/ghash-x86.s" =>
+                [
+                    "crypto/modes/asm/ghash-x86.pl",
+                    "\$(PERLASM_SCHEME)",
+                    "\$(LIB_CFLAGS)",
+                    "\$(LIB_CPPFLAGS)",
+                    "\$(PROCESSOR)",
+                ],
+            "crypto/modes/ghash-x86_64.s" =>
+                [
+                    "crypto/modes/asm/ghash-x86_64.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/modes/ghashp8-ppc.s" =>
+                [
+                    "crypto/modes/asm/ghashp8-ppc.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/modes/ghashv8-armx.S" =>
+                [
+                    "crypto/modes/asm/ghashv8-armx.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/pariscid.s" =>
+                [
+                    "crypto/pariscid.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/poly1305/poly1305-armv4.S" =>
+                [
+                    "crypto/poly1305/asm/poly1305-armv4.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/poly1305/poly1305-armv8.S" =>
+                [
+                    "crypto/poly1305/asm/poly1305-armv8.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/poly1305/poly1305-mips.S" =>
+                [
+                    "crypto/poly1305/asm/poly1305-mips.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/poly1305/poly1305-ppc.s" =>
+                [
+                    "crypto/poly1305/asm/poly1305-ppc.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/poly1305/poly1305-ppcfp.s" =>
+                [
+                    "crypto/poly1305/asm/poly1305-ppcfp.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/poly1305/poly1305-s390x.S" =>
+                [
+                    "crypto/poly1305/asm/poly1305-s390x.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/poly1305/poly1305-sparcv9.S" =>
+                [
+                    "crypto/poly1305/asm/poly1305-sparcv9.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/poly1305/poly1305-x86.s" =>
+                [
+                    "crypto/poly1305/asm/poly1305-x86.pl",
+                    "\$(PERLASM_SCHEME)",
+                    "\$(LIB_CFLAGS)",
+                    "\$(LIB_CPPFLAGS)",
+                    "\$(PROCESSOR)",
+                ],
+            "crypto/poly1305/poly1305-x86_64.s" =>
+                [
+                    "crypto/poly1305/asm/poly1305-x86_64.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/ppccpuid.s" =>
+                [
+                    "crypto/ppccpuid.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/rc4/rc4-586.s" =>
+                [
+                    "crypto/rc4/asm/rc4-586.pl",
+                    "\$(PERLASM_SCHEME)",
+                    "\$(LIB_CFLAGS)",
+                    "\$(LIB_CPPFLAGS)",
+                    "\$(PROCESSOR)",
+                ],
+            "crypto/rc4/rc4-md5-x86_64.s" =>
+                [
+                    "crypto/rc4/asm/rc4-md5-x86_64.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/rc4/rc4-parisc.s" =>
+                [
+                    "crypto/rc4/asm/rc4-parisc.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/rc4/rc4-s390x.s" =>
+                [
+                    "crypto/rc4/asm/rc4-s390x.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/rc4/rc4-x86_64.s" =>
+                [
+                    "crypto/rc4/asm/rc4-x86_64.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/ripemd/rmd-586.s" =>
+                [
+                    "crypto/ripemd/asm/rmd-586.pl",
+                    "\$(PERLASM_SCHEME)",
+                    "\$(LIB_CFLAGS)",
+                    "\$(LIB_CPPFLAGS)",
+                ],
+            "crypto/s390xcpuid.S" =>
+                [
+                    "crypto/s390xcpuid.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/sha/keccak1600-armv4.S" =>
+                [
+                    "crypto/sha/asm/keccak1600-armv4.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/sha/keccak1600-armv8.S" =>
+                [
+                    "crypto/sha/asm/keccak1600-armv8.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/sha/keccak1600-ppc64.s" =>
+                [
+                    "crypto/sha/asm/keccak1600-ppc64.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/sha/keccak1600-s390x.S" =>
+                [
+                    "crypto/sha/asm/keccak1600-s390x.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/sha/keccak1600-x86_64.s" =>
+                [
+                    "crypto/sha/asm/keccak1600-x86_64.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/sha/sha1-586.s" =>
+                [
+                    "crypto/sha/asm/sha1-586.pl",
+                    "\$(PERLASM_SCHEME)",
+                    "\$(LIB_CFLAGS)",
+                    "\$(LIB_CPPFLAGS)",
+                    "\$(PROCESSOR)",
+                ],
+            "crypto/sha/sha1-alpha.S" =>
+                [
+                    "crypto/sha/asm/sha1-alpha.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/sha/sha1-armv4-large.S" =>
+                [
+                    "crypto/sha/asm/sha1-armv4-large.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/sha/sha1-armv8.S" =>
+                [
+                    "crypto/sha/asm/sha1-armv8.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/sha/sha1-ia64.s" =>
+                [
+                    "crypto/sha/asm/sha1-ia64.pl",
+                    "\$(LIB_CFLAGS)",
+                    "\$(LIB_CPPFLAGS)",
+                ],
+            "crypto/sha/sha1-mb-x86_64.s" =>
+                [
+                    "crypto/sha/asm/sha1-mb-x86_64.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/sha/sha1-mips.S" =>
+                [
+                    "crypto/sha/asm/sha1-mips.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/sha/sha1-parisc.s" =>
+                [
+                    "crypto/sha/asm/sha1-parisc.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/sha/sha1-ppc.s" =>
+                [
+                    "crypto/sha/asm/sha1-ppc.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/sha/sha1-s390x.S" =>
+                [
+                    "crypto/sha/asm/sha1-s390x.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/sha/sha1-sparcv9.S" =>
+                [
+                    "crypto/sha/asm/sha1-sparcv9.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/sha/sha1-x86_64.s" =>
+                [
+                    "crypto/sha/asm/sha1-x86_64.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/sha/sha256-586.s" =>
+                [
+                    "crypto/sha/asm/sha256-586.pl",
+                    "\$(PERLASM_SCHEME)",
+                    "\$(LIB_CFLAGS)",
+                    "\$(LIB_CPPFLAGS)",
+                    "\$(PROCESSOR)",
+                ],
+            "crypto/sha/sha256-armv4.S" =>
+                [
+                    "crypto/sha/asm/sha256-armv4.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/sha/sha256-armv8.S" =>
+                [
+                    "crypto/sha/asm/sha512-armv8.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/sha/sha256-ia64.s" =>
+                [
+                    "crypto/sha/asm/sha512-ia64.pl",
+                    "\$(LIB_CFLAGS)",
+                    "\$(LIB_CPPFLAGS)",
+                ],
+            "crypto/sha/sha256-mb-x86_64.s" =>
+                [
+                    "crypto/sha/asm/sha256-mb-x86_64.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/sha/sha256-mips.S" =>
+                [
+                    "crypto/sha/asm/sha512-mips.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/sha/sha256-parisc.s" =>
+                [
+                    "crypto/sha/asm/sha512-parisc.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/sha/sha256-ppc.s" =>
+                [
+                    "crypto/sha/asm/sha512-ppc.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/sha/sha256-s390x.S" =>
+                [
+                    "crypto/sha/asm/sha512-s390x.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/sha/sha256-sparcv9.S" =>
+                [
+                    "crypto/sha/asm/sha512-sparcv9.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/sha/sha256-x86_64.s" =>
+                [
+                    "crypto/sha/asm/sha512-x86_64.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/sha/sha256p8-ppc.s" =>
+                [
+                    "crypto/sha/asm/sha512p8-ppc.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/sha/sha512-586.s" =>
+                [
+                    "crypto/sha/asm/sha512-586.pl",
+                    "\$(PERLASM_SCHEME)",
+                    "\$(LIB_CFLAGS)",
+                    "\$(LIB_CPPFLAGS)",
+                    "\$(PROCESSOR)",
+                ],
+            "crypto/sha/sha512-armv4.S" =>
+                [
+                    "crypto/sha/asm/sha512-armv4.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/sha/sha512-armv8.S" =>
+                [
+                    "crypto/sha/asm/sha512-armv8.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/sha/sha512-ia64.s" =>
+                [
+                    "crypto/sha/asm/sha512-ia64.pl",
+                    "\$(LIB_CFLAGS)",
+                    "\$(LIB_CPPFLAGS)",
+                ],
+            "crypto/sha/sha512-mips.S" =>
+                [
+                    "crypto/sha/asm/sha512-mips.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/sha/sha512-parisc.s" =>
+                [
+                    "crypto/sha/asm/sha512-parisc.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/sha/sha512-ppc.s" =>
+                [
+                    "crypto/sha/asm/sha512-ppc.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/sha/sha512-s390x.S" =>
+                [
+                    "crypto/sha/asm/sha512-s390x.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/sha/sha512-sparcv9.S" =>
+                [
+                    "crypto/sha/asm/sha512-sparcv9.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/sha/sha512-x86_64.s" =>
+                [
+                    "crypto/sha/asm/sha512-x86_64.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/sha/sha512p8-ppc.s" =>
+                [
+                    "crypto/sha/asm/sha512p8-ppc.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/uplink-ia64.s" =>
+                [
+                    "ms/uplink-ia64.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/uplink-x86.s" =>
+                [
+                    "ms/uplink-x86.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/uplink-x86_64.s" =>
+                [
+                    "ms/uplink-x86_64.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/whrlpool/wp-mmx.s" =>
+                [
+                    "crypto/whrlpool/asm/wp-mmx.pl",
+                    "\$(PERLASM_SCHEME)",
+                    "\$(LIB_CFLAGS)",
+                    "\$(LIB_CPPFLAGS)",
+                    "\$(PROCESSOR)",
+                ],
+            "crypto/whrlpool/wp-x86_64.s" =>
+                [
+                    "crypto/whrlpool/asm/wp-x86_64.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/x86_64cpuid.s" =>
+                [
+                    "crypto/x86_64cpuid.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "crypto/x86cpuid.s" =>
+                [
+                    "crypto/x86cpuid.pl",
+                    "\$(PERLASM_SCHEME)",
+                    "\$(LIB_CFLAGS)",
+                    "\$(LIB_CPPFLAGS)",
+                    "\$(PROCESSOR)",
+                ],
+            "engines/e_padlock-x86.s" =>
+                [
+                    "engines/asm/e_padlock-x86.pl",
+                    "\$(PERLASM_SCHEME)",
+                    "\$(LIB_CFLAGS)",
+                    "\$(LIB_CPPFLAGS)",
+                    "\$(PROCESSOR)",
+                ],
+            "engines/e_padlock-x86_64.s" =>
+                [
+                    "engines/asm/e_padlock-x86_64.pl",
+                    "\$(PERLASM_SCHEME)",
+                ],
+            "include/openssl/opensslconf.h" =>
+                [
+                    "include/openssl/opensslconf.h.in",
+                ],
+            "libcrypto.map" =>
+                [
+                    "util/mkdef.pl",
+                    "crypto",
+                    "linux",
+                ],
+            "libssl.map" =>
+                [
+                    "util/mkdef.pl",
+                    "ssl",
+                    "linux",
+                ],
+            "test/buildtest_aes.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "aes",
+                ],
+            "test/buildtest_asn1.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "asn1",
+                ],
+            "test/buildtest_asn1t.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "asn1t",
+                ],
+            "test/buildtest_async.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "async",
+                ],
+            "test/buildtest_bio.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "bio",
+                ],
+            "test/buildtest_blowfish.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "blowfish",
+                ],
+            "test/buildtest_bn.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "bn",
+                ],
+            "test/buildtest_buffer.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "buffer",
+                ],
+            "test/buildtest_camellia.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "camellia",
+                ],
+            "test/buildtest_cast.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "cast",
+                ],
+            "test/buildtest_cmac.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "cmac",
+                ],
+            "test/buildtest_cms.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "cms",
+                ],
+            "test/buildtest_conf.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "conf",
+                ],
+            "test/buildtest_conf_api.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "conf_api",
+                ],
+            "test/buildtest_crypto.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "crypto",
+                ],
+            "test/buildtest_ct.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "ct",
+                ],
+            "test/buildtest_des.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "des",
+                ],
+            "test/buildtest_dh.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "dh",
+                ],
+            "test/buildtest_dsa.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "dsa",
+                ],
+            "test/buildtest_dtls1.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "dtls1",
+                ],
+            "test/buildtest_e_os2.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "e_os2",
+                ],
+            "test/buildtest_ebcdic.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "ebcdic",
+                ],
+            "test/buildtest_ec.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "ec",
+                ],
+            "test/buildtest_ecdh.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "ecdh",
+                ],
+            "test/buildtest_ecdsa.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "ecdsa",
+                ],
+            "test/buildtest_engine.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "engine",
+                ],
+            "test/buildtest_evp.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "evp",
+                ],
+            "test/buildtest_hmac.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "hmac",
+                ],
+            "test/buildtest_idea.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "idea",
+                ],
+            "test/buildtest_kdf.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "kdf",
+                ],
+            "test/buildtest_lhash.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "lhash",
+                ],
+            "test/buildtest_md4.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "md4",
+                ],
+            "test/buildtest_md5.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "md5",
+                ],
+            "test/buildtest_mdc2.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "mdc2",
+                ],
+            "test/buildtest_modes.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "modes",
+                ],
+            "test/buildtest_obj_mac.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "obj_mac",
+                ],
+            "test/buildtest_objects.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "objects",
+                ],
+            "test/buildtest_ocsp.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "ocsp",
+                ],
+            "test/buildtest_opensslv.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "opensslv",
+                ],
+            "test/buildtest_ossl_typ.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "ossl_typ",
+                ],
+            "test/buildtest_pem.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "pem",
+                ],
+            "test/buildtest_pem2.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "pem2",
+                ],
+            "test/buildtest_pkcs12.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "pkcs12",
+                ],
+            "test/buildtest_pkcs7.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "pkcs7",
+                ],
+            "test/buildtest_rand.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "rand",
+                ],
+            "test/buildtest_rand_drbg.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "rand_drbg",
+                ],
+            "test/buildtest_rc2.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "rc2",
+                ],
+            "test/buildtest_rc4.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "rc4",
+                ],
+            "test/buildtest_ripemd.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "ripemd",
+                ],
+            "test/buildtest_rsa.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "rsa",
+                ],
+            "test/buildtest_safestack.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "safestack",
+                ],
+            "test/buildtest_seed.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "seed",
+                ],
+            "test/buildtest_sha.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "sha",
+                ],
+            "test/buildtest_srp.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "srp",
+                ],
+            "test/buildtest_srtp.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "srtp",
+                ],
+            "test/buildtest_ssl.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "ssl",
+                ],
+            "test/buildtest_ssl2.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "ssl2",
+                ],
+            "test/buildtest_stack.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "stack",
+                ],
+            "test/buildtest_store.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "store",
+                ],
+            "test/buildtest_symhacks.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "symhacks",
+                ],
+            "test/buildtest_tls1.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "tls1",
+                ],
+            "test/buildtest_ts.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "ts",
+                ],
+            "test/buildtest_txt_db.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "txt_db",
+                ],
+            "test/buildtest_ui.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "ui",
+                ],
+            "test/buildtest_whrlpool.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "whrlpool",
+                ],
+            "test/buildtest_x509.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "x509",
+                ],
+            "test/buildtest_x509_vfy.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "x509_vfy",
+                ],
+            "test/buildtest_x509v3.c" =>
+                [
+                    "test/generate_buildtest.pl",
+                    "x509v3",
+                ],
+        },
+    "includes" =>
+        {
+            "apps/app_rand.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "apps/apps.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "apps/asn1pars.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/bf_prefix.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "apps/ca.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/ciphers.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/cms.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/crl.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/crl2p7.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/dgst.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/dhparam.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/dsa.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/dsaparam.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/ec.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/ecparam.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/enc.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/engine.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/errstr.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/gendsa.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/genpkey.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/genrsa.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/nseq.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/ocsp.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/openssl.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/opt.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "apps/passwd.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/pkcs12.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/pkcs7.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/pkcs8.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/pkey.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/pkeyparam.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/pkeyutl.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/prime.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/progs.h" =>
+                [
+                    ".",
+                ],
+            "apps/rand.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/rehash.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/req.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/rsa.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/rsautl.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/s_cb.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "apps/s_client.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/s_server.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/s_socket.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "apps/s_time.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/sess_id.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/smime.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/speed.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/spkac.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/srp.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/storeutl.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/ts.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/verify.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/version.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "apps/x509.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "crypto/aes/aes-armv4.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/aes/aes-mips.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                    "crypto",
+                ],
+            "crypto/aes/aes-s390x.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/aes/aes-sparcv9.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/aes/aes_cbc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/aes/aes_cfb.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/aes/aes_ecb.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/aes/aes_ige.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/aes/aes_misc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/aes/aes_ofb.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/aes/aes_wrap.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/aes/aesfx-sparcv9.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/aes/aest4-sparcv9.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/aes/aesv8-armx.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/aes/bsaes-armv7.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/aria/aria.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/arm64cpuid.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/armv4cpuid.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/asn1/a_bitstr.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/a_d2i_fp.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/a_digest.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/a_dup.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/a_gentm.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/a_i2d_fp.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/a_int.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/a_mbstr.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/a_object.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/a_octet.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/a_print.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/a_sign.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/a_strex.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/a_strnid.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/a_time.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/a_type.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/a_utctm.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/a_utf8.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/a_verify.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/ameth_lib.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/asn1_err.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/asn1_gen.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/asn1_item_list.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/asn1_lib.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/asn1_par.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/asn_mime.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/asn_moid.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/asn_mstbl.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/asn_pack.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/bio_asn1.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/bio_ndef.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/d2i_pr.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/d2i_pu.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/evp_asn1.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/f_int.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/f_string.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/i2d_pr.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/i2d_pu.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/n_pkey.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/nsseq.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/p5_pbe.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/p5_pbev2.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/p5_scrypt.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/p8_pkey.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/t_bitst.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/t_pkey.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/t_spki.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/tasn_dec.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/tasn_enc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/tasn_fre.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/tasn_new.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/tasn_prn.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/tasn_scn.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/tasn_typ.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/tasn_utl.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/x_algor.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/x_bignum.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/x_info.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/x_int64.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/x_long.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/x_pkey.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/x_sig.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/x_spki.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/asn1/x_val.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/async/arch/async_null.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/async/arch/async_posix.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/async/arch/async_win.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/async/async.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/async/async_err.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/async/async_wait.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bf/bf_cfb64.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bf/bf_ecb.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bf/bf_enc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bf/bf_ofb64.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bf/bf_skey.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bio/b_addr.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bio/b_dump.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bio/b_print.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bio/b_sock.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bio/b_sock2.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bio/bf_buff.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bio/bf_lbuf.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bio/bf_nbio.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bio/bf_null.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bio/bio_cb.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bio/bio_err.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bio/bio_lib.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bio/bio_meth.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bio/bss_acpt.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bio/bss_bio.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bio/bss_conn.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bio/bss_dgram.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bio/bss_fd.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bio/bss_file.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bio/bss_log.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bio/bss_mem.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bio/bss_null.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bio/bss_sock.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/blake2/blake2b.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/blake2/blake2s.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/blake2/m_blake2b.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/blake2/m_blake2s.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bn/armv4-gf2m.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/bn/armv4-mont.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/bn/bn-mips.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                    "crypto",
+                ],
+            "crypto/bn/bn_add.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bn/bn_blind.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bn/bn_const.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bn/bn_ctx.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bn/bn_depr.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bn/bn_dh.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bn/bn_div.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bn/bn_err.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bn/bn_exp.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                    "crypto",
+                ],
+            "crypto/bn/bn_exp2.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bn/bn_gcd.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bn/bn_gf2m.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bn/bn_intern.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bn/bn_kron.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bn/bn_lib.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bn/bn_mod.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bn/bn_mont.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bn/bn_mpi.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bn/bn_mul.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bn/bn_nist.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bn/bn_prime.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bn/bn_print.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bn/bn_rand.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bn/bn_recp.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bn/bn_shift.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bn/bn_sqr.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bn/bn_sqrt.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bn/bn_srp.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bn/bn_word.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bn/bn_x931p.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/bn/mips-mont.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                    "crypto",
+                ],
+            "crypto/bn/sparct4-mont.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/bn/sparcv9-gf2m.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/bn/sparcv9-mont.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/bn/sparcv9a-mont.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/bn/vis3-mont.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/buffer/buf_err.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/buffer/buffer.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/buildinf.h" =>
+                [
+                    ".",
+                ],
+            "crypto/camellia/camellia.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/camellia/cmll_cbc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/camellia/cmll_cfb.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/camellia/cmll_ctr.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/camellia/cmll_ecb.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/camellia/cmll_misc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/camellia/cmll_ofb.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/camellia/cmllt4-sparcv9.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/cast/c_cfb64.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/cast/c_ecb.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/cast/c_enc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/cast/c_ofb64.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/cast/c_skey.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/chacha/chacha-armv4.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/chacha/chacha-armv8.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/chacha/chacha-s390x.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/chacha/chacha_enc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/cmac/cm_ameth.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/cmac/cm_pmeth.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/cmac/cmac.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/cms/cms_asn1.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/cms/cms_att.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/cms/cms_cd.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/cms/cms_dd.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/cms/cms_enc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/cms/cms_env.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/cms/cms_err.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/cms/cms_ess.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/cms/cms_io.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/cms/cms_kari.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/cms/cms_lib.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/cms/cms_pwri.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/cms/cms_sd.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/cms/cms_smime.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/conf/conf_api.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/conf/conf_def.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/conf/conf_err.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/conf/conf_lib.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/conf/conf_mall.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/conf/conf_mod.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/conf/conf_sap.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/conf/conf_ssl.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/cpt_err.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/cryptlib.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ct/ct_b64.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ct/ct_err.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ct/ct_log.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ct/ct_oct.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ct/ct_policy.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ct/ct_prn.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ct/ct_sct.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ct/ct_sct_ctx.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ct/ct_vfy.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ct/ct_x509v3.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ctype.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/cversion.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                    "crypto",
+                ],
+            "crypto/des/cbc_cksm.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/des/cbc_enc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/des/cfb64ede.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/des/cfb64enc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/des/cfb_enc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/des/des_enc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/des/dest4-sparcv9.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/des/ecb3_enc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/des/ecb_enc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/des/fcrypt.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/des/fcrypt_b.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/des/ofb64ede.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/des/ofb64enc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/des/ofb_enc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/des/pcbc_enc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/des/qud_cksm.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/des/rand_key.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/des/set_key.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/des/str2key.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/des/xcbc_enc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/dh/dh_ameth.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/dh/dh_asn1.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/dh/dh_check.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/dh/dh_depr.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/dh/dh_err.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/dh/dh_gen.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/dh/dh_kdf.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/dh/dh_key.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/dh/dh_lib.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/dh/dh_meth.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/dh/dh_pmeth.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/dh/dh_prn.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/dh/dh_rfc5114.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/dh/dh_rfc7919.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/dsa/dsa_ameth.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/dsa/dsa_asn1.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/dsa/dsa_depr.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/dsa/dsa_err.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/dsa/dsa_gen.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/dsa/dsa_key.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/dsa/dsa_lib.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/dsa/dsa_meth.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/dsa/dsa_ossl.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/dsa/dsa_pmeth.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/dsa/dsa_prn.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/dsa/dsa_sign.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/dsa/dsa_vrf.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/dso/dso_dl.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/dso/dso_dlfcn.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/dso/dso_err.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/dso/dso_lib.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/dso/dso_openssl.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/dso/dso_vms.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/dso/dso_win32.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ebcdic.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ec/curve25519.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ec/curve448/arch_32/f_impl.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                    "crypto/ec/curve448/arch_32",
+                    "crypto/ec/curve448",
+                ],
+            "crypto/ec/curve448/curve448.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                    "crypto/ec/curve448/arch_32",
+                    "crypto/ec/curve448",
+                ],
+            "crypto/ec/curve448/curve448_tables.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                    "crypto/ec/curve448/arch_32",
+                    "crypto/ec/curve448",
+                ],
+            "crypto/ec/curve448/eddsa.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                    "crypto/ec/curve448/arch_32",
+                    "crypto/ec/curve448",
+                ],
+            "crypto/ec/curve448/f_generic.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                    "crypto/ec/curve448/arch_32",
+                    "crypto/ec/curve448",
+                ],
+            "crypto/ec/curve448/scalar.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                    "crypto/ec/curve448/arch_32",
+                    "crypto/ec/curve448",
+                ],
+            "crypto/ec/ec2_oct.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ec/ec2_smpl.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ec/ec_ameth.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ec/ec_asn1.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ec/ec_check.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ec/ec_curve.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ec/ec_cvt.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ec/ec_err.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ec/ec_key.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ec/ec_kmeth.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ec/ec_lib.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ec/ec_mult.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ec/ec_oct.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ec/ec_pmeth.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ec/ec_print.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ec/ecdh_kdf.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ec/ecdh_ossl.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ec/ecdsa_ossl.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ec/ecdsa_sign.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ec/ecdsa_vrf.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ec/eck_prn.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ec/ecp_mont.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ec/ecp_nist.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ec/ecp_nistp224.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ec/ecp_nistp256.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ec/ecp_nistp521.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ec/ecp_nistputil.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ec/ecp_nistz256-armv4.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/ec/ecp_nistz256-armv8.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/ec/ecp_nistz256-sparcv9.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/ec/ecp_oct.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ec/ecp_smpl.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ec/ecx_meth.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/engine/eng_all.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/engine/eng_cnf.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/engine/eng_ctrl.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/engine/eng_dyn.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/engine/eng_err.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/engine/eng_fat.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/engine/eng_init.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/engine/eng_lib.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/engine/eng_list.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/engine/eng_openssl.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/engine/eng_pkey.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/engine/eng_rdrand.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/engine/eng_table.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/engine/tb_asnmth.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/engine/tb_cipher.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/engine/tb_dh.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/engine/tb_digest.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/engine/tb_dsa.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/engine/tb_eckey.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/engine/tb_pkmeth.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/engine/tb_rand.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/engine/tb_rsa.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/err/err.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/err/err_all.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/err/err_prn.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/bio_b64.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/bio_enc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/bio_md.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/bio_ok.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/c_allc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/c_alld.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/cmeth_lib.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/digest.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/e_aes.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                    "crypto",
+                    "crypto/modes",
+                ],
+            "crypto/evp/e_aes_cbc_hmac_sha1.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                    "crypto/modes",
+                ],
+            "crypto/evp/e_aes_cbc_hmac_sha256.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                    "crypto/modes",
+                ],
+            "crypto/evp/e_aria.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                    "crypto",
+                    "crypto/modes",
+                ],
+            "crypto/evp/e_bf.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/e_camellia.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                    "crypto",
+                    "crypto/modes",
+                ],
+            "crypto/evp/e_cast.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/e_chacha20_poly1305.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/e_des.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                    "crypto",
+                ],
+            "crypto/evp/e_des3.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                    "crypto",
+                ],
+            "crypto/evp/e_idea.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/e_null.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/e_old.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/e_rc2.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/e_rc4.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/e_rc4_hmac_md5.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/e_rc5.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/e_seed.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/e_sm4.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                    "crypto",
+                    "crypto/modes",
+                ],
+            "crypto/evp/e_xcbc_d.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/encode.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/evp_cnf.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/evp_enc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/evp_err.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/evp_key.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/evp_lib.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/evp_pbe.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/evp_pkey.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/m_md2.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/m_md4.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/m_md5.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/m_md5_sha1.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/m_mdc2.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/m_null.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/m_ripemd.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/m_sha1.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/m_sha3.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                    "crypto",
+                ],
+            "crypto/evp/m_sigver.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/m_wp.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/names.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/p5_crpt.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/p5_crpt2.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/p_dec.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/p_enc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/p_lib.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/p_open.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/p_seal.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/p_sign.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/p_verify.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/pbe_scrypt.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/pmeth_fn.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/pmeth_gn.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/evp/pmeth_lib.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ex_data.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/getenv.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/hmac/hm_ameth.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/hmac/hm_pmeth.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/hmac/hmac.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/idea/i_cbc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/idea/i_cfb64.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/idea/i_ecb.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/idea/i_ofb64.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/idea/i_skey.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/include/internal/bn_conf.h" =>
+                [
+                    ".",
+                ],
+            "crypto/include/internal/dso_conf.h" =>
+                [
+                    ".",
+                ],
+            "crypto/init.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/kdf/hkdf.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/kdf/kdf_err.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/kdf/scrypt.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/kdf/tls1_prf.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/lhash/lh_stats.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/lhash/lhash.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/md4/md4_dgst.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/md4/md4_one.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/md5/md5-sparcv9.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/md5/md5_dgst.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/md5/md5_one.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/mdc2/mdc2_one.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/mdc2/mdc2dgst.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/mem.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/mem_clr.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/mem_dbg.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/mem_sec.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/modes/cbc128.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/modes/ccm128.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/modes/cfb128.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/modes/ctr128.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/modes/cts128.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/modes/gcm128.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                    "crypto",
+                ],
+            "crypto/modes/ghash-armv4.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/modes/ghash-s390x.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/modes/ghash-sparcv9.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/modes/ghashv8-armx.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/modes/ocb128.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/modes/ofb128.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/modes/wrap128.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/modes/xts128.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/o_dir.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/o_fips.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/o_fopen.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/o_init.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/o_str.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/o_time.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/objects/o_names.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/objects/obj_dat.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/objects/obj_err.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/objects/obj_lib.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/objects/obj_xref.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ocsp/ocsp_asn.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ocsp/ocsp_cl.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ocsp/ocsp_err.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ocsp/ocsp_ext.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ocsp/ocsp_ht.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ocsp/ocsp_lib.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ocsp/ocsp_prn.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ocsp/ocsp_srv.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ocsp/ocsp_vfy.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ocsp/v3_ocsp.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pem/pem_all.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pem/pem_err.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pem/pem_info.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pem/pem_lib.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pem/pem_oth.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pem/pem_pk8.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pem/pem_pkey.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pem/pem_sign.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pem/pem_x509.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pem/pem_xaux.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pem/pvkfmt.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pkcs12/p12_add.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pkcs12/p12_asn.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pkcs12/p12_attr.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pkcs12/p12_crpt.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pkcs12/p12_crt.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pkcs12/p12_decr.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pkcs12/p12_init.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pkcs12/p12_key.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pkcs12/p12_kiss.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pkcs12/p12_mutl.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pkcs12/p12_npas.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pkcs12/p12_p8d.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pkcs12/p12_p8e.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pkcs12/p12_sbag.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pkcs12/p12_utl.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pkcs12/pk12err.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pkcs7/bio_pk7.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pkcs7/pk7_asn1.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pkcs7/pk7_attr.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pkcs7/pk7_doit.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pkcs7/pk7_lib.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pkcs7/pk7_mime.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pkcs7/pk7_smime.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/pkcs7/pkcs7err.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/poly1305/poly1305-armv4.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/poly1305/poly1305-armv8.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/poly1305/poly1305-mips.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                    "crypto",
+                ],
+            "crypto/poly1305/poly1305-sparcv9.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/poly1305/poly1305.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/poly1305/poly1305_ameth.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/poly1305/poly1305_pmeth.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rand/drbg_ctr.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rand/drbg_lib.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rand/rand_egd.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rand/rand_err.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rand/rand_lib.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rand/rand_unix.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rand/rand_vms.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rand/rand_win.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rand/randfile.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rc2/rc2_cbc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rc2/rc2_ecb.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rc2/rc2_skey.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rc2/rc2cfb64.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rc2/rc2ofb64.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rc4/rc4_enc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rc4/rc4_skey.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ripemd/rmd_dgst.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ripemd/rmd_one.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rsa/rsa_ameth.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rsa/rsa_asn1.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rsa/rsa_chk.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rsa/rsa_crpt.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rsa/rsa_depr.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rsa/rsa_err.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rsa/rsa_gen.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rsa/rsa_lib.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rsa/rsa_meth.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rsa/rsa_mp.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rsa/rsa_none.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rsa/rsa_oaep.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rsa/rsa_ossl.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rsa/rsa_pk1.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rsa/rsa_pmeth.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rsa/rsa_prn.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rsa/rsa_pss.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rsa/rsa_saos.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rsa/rsa_sign.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rsa/rsa_ssl.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rsa/rsa_x931.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/rsa/rsa_x931g.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/s390xcpuid.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/seed/seed.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/seed/seed_cbc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/seed/seed_cfb.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/seed/seed_ecb.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/seed/seed_ofb.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/sha/keccak1600-armv4.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/sha/keccak1600.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/sha/sha1-armv4-large.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/sha/sha1-armv8.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/sha/sha1-mips.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                    "crypto",
+                ],
+            "crypto/sha/sha1-s390x.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/sha/sha1-sparcv9.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/sha/sha1_one.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/sha/sha1dgst.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/sha/sha256-armv4.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/sha/sha256-armv8.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/sha/sha256-mips.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                    "crypto",
+                ],
+            "crypto/sha/sha256-s390x.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/sha/sha256-sparcv9.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/sha/sha256.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/sha/sha512-armv4.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/sha/sha512-armv8.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/sha/sha512-mips.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                    "crypto",
+                ],
+            "crypto/sha/sha512-s390x.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/sha/sha512-sparcv9.o" =>
+                [
+                    "crypto",
+                ],
+            "crypto/sha/sha512.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/siphash/siphash.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/siphash/siphash_ameth.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/siphash/siphash_pmeth.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/sm2/sm2_crypt.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/sm2/sm2_err.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/sm2/sm2_pmeth.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/sm2/sm2_sign.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/sm3/m_sm3.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/sm3/sm3.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/sm4/sm4.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/srp/srp_lib.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/srp/srp_vfy.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/stack/stack.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/store/loader_file.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/store/store_err.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/store/store_init.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/store/store_lib.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/store/store_register.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/store/store_strings.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/threads_none.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/threads_pthread.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/threads_win.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ts/ts_asn1.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ts/ts_conf.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ts/ts_err.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ts/ts_lib.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ts/ts_req_print.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ts/ts_req_utils.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ts/ts_rsp_print.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ts/ts_rsp_sign.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ts/ts_rsp_utils.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ts/ts_rsp_verify.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ts/ts_verify_ctx.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/txt_db/txt_db.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ui/ui_err.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ui/ui_lib.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ui/ui_null.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ui/ui_openssl.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/ui/ui_util.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/uid.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/whrlpool/wp_block.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/whrlpool/wp_dgst.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/by_dir.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/by_file.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/t_crl.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/t_req.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/t_x509.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/x509_att.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/x509_cmp.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/x509_d2.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/x509_def.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/x509_err.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/x509_ext.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/x509_lu.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/x509_meth.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/x509_obj.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/x509_r2x.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/x509_req.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/x509_set.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/x509_trs.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/x509_txt.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/x509_v3.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/x509_vfy.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/x509_vpm.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/x509cset.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/x509name.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/x509rset.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/x509spki.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/x509type.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/x_all.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/x_attrib.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/x_crl.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/x_exten.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/x_name.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/x_pubkey.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/x_req.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/x_x509.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509/x_x509a.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/pcy_cache.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/pcy_data.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/pcy_lib.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/pcy_map.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/pcy_node.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/pcy_tree.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/v3_addr.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/v3_admis.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/v3_akey.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/v3_akeya.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/v3_alt.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/v3_asid.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/v3_bcons.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/v3_bitst.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/v3_conf.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/v3_cpols.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/v3_crld.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/v3_enum.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/v3_extku.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/v3_genn.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/v3_ia5.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/v3_info.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/v3_int.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/v3_lib.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/v3_ncons.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/v3_pci.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/v3_pcia.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/v3_pcons.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/v3_pku.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/v3_pmaps.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/v3_prn.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/v3_purp.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/v3_skey.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/v3_sxnet.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/v3_tlsf.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/v3_utl.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "crypto/x509v3/v3err.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "engines/e_capi.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "engines/e_padlock.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "fuzz/asn1.o" =>
+                [
+                    "include",
+                ],
+            "fuzz/asn1parse.o" =>
+                [
+                    "include",
+                ],
+            "fuzz/bignum.o" =>
+                [
+                    "include",
+                ],
+            "fuzz/bndiv.o" =>
+                [
+                    "include",
+                ],
+            "fuzz/client.o" =>
+                [
+                    "include",
+                ],
+            "fuzz/cms.o" =>
+                [
+                    "include",
+                ],
+            "fuzz/conf.o" =>
+                [
+                    "include",
+                ],
+            "fuzz/crl.o" =>
+                [
+                    "include",
+                ],
+            "fuzz/ct.o" =>
+                [
+                    "include",
+                ],
+            "fuzz/server.o" =>
+                [
+                    "include",
+                ],
+            "fuzz/test-corpus.o" =>
+                [
+                    "include",
+                ],
+            "fuzz/x509.o" =>
+                [
+                    "include",
+                ],
+            "include/openssl/opensslconf.h" =>
+                [
+                    ".",
+                ],
+            "ssl/bio_ssl.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/d1_lib.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/d1_msg.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/d1_srtp.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/methods.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/packet.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/pqueue.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/record/dtls1_bitmap.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/record/rec_layer_d1.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/record/rec_layer_s3.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/record/ssl3_buffer.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/record/ssl3_record.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/record/ssl3_record_tls13.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/s3_cbc.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/s3_enc.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/s3_lib.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/s3_msg.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/ssl_asn1.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/ssl_cert.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/ssl_ciph.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/ssl_conf.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/ssl_err.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/ssl_init.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/ssl_lib.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/ssl_mcnf.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/ssl_rsa.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/ssl_sess.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/ssl_stat.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/ssl_txt.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/ssl_utst.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/statem/extensions.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/statem/extensions_clnt.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/statem/extensions_cust.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/statem/extensions_srvr.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/statem/statem.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/statem/statem_clnt.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/statem/statem_dtls.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/statem/statem_lib.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/statem/statem_srvr.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/t1_enc.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/t1_lib.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/t1_trce.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/tls13_enc.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "ssl/tls_srp.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "test/aborttest.o" =>
+                [
+                    "include",
+                ],
+            "test/afalgtest.o" =>
+                [
+                    "include",
+                ],
+            "test/asn1_decode_test.o" =>
+                [
+                    "include",
+                ],
+            "test/asn1_encode_test.o" =>
+                [
+                    "include",
+                ],
+            "test/asn1_internal_test.o" =>
+                [
+                    ".",
+                    "include",
+                    "crypto/include",
+                ],
+            "test/asn1_string_table_test.o" =>
+                [
+                    "include",
+                ],
+            "test/asn1_time_test.o" =>
+                [
+                    "include",
+                ],
+            "test/asynciotest.o" =>
+                [
+                    "include",
+                ],
+            "test/asynctest.o" =>
+                [
+                    "include",
+                ],
+            "test/bad_dtls_test.o" =>
+                [
+                    "include",
+                ],
+            "test/bftest.o" =>
+                [
+                    "include",
+                ],
+            "test/bio_callback_test.o" =>
+                [
+                    "include",
+                ],
+            "test/bio_enc_test.o" =>
+                [
+                    "include",
+                ],
+            "test/bio_memleak_test.o" =>
+                [
+                    "include",
+                ],
+            "test/bioprinttest.o" =>
+                [
+                    "include",
+                ],
+            "test/bntest.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_aes.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_asn1.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_asn1t.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_async.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_bio.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_blowfish.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_bn.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_buffer.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_camellia.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_cast.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_cmac.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_cms.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_conf.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_conf_api.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_crypto.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_ct.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_des.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_dh.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_dsa.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_dtls1.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_e_os2.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_ebcdic.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_ec.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_ecdh.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_ecdsa.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_engine.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_evp.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_hmac.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_idea.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_kdf.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_lhash.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_md4.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_md5.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_mdc2.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_modes.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_obj_mac.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_objects.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_ocsp.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_opensslv.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_ossl_typ.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_pem.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_pem2.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_pkcs12.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_pkcs7.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_rand.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_rand_drbg.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_rc2.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_rc4.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_ripemd.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_rsa.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_safestack.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_seed.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_sha.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_srp.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_srtp.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_ssl.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_ssl2.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_stack.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_store.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_symhacks.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_tls1.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_ts.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_txt_db.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_ui.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_whrlpool.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_x509.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_x509_vfy.o" =>
+                [
+                    "include",
+                ],
+            "test/buildtest_x509v3.o" =>
+                [
+                    "include",
+                ],
+            "test/casttest.o" =>
+                [
+                    "include",
+                ],
+            "test/chacha_internal_test.o" =>
+                [
+                    ".",
+                    "include",
+                    "crypto/include",
+                ],
+            "test/cipher_overhead_test.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "test/cipherbytes_test.o" =>
+                [
+                    "include",
+                ],
+            "test/cipherlist_test.o" =>
+                [
+                    "include",
+                ],
+            "test/ciphername_test.o" =>
+                [
+                    "include",
+                ],
+            "test/clienthellotest.o" =>
+                [
+                    "include",
+                ],
+            "test/cmsapitest.o" =>
+                [
+                    "include",
+                ],
+            "test/conf_include_test.o" =>
+                [
+                    "include",
+                ],
+            "test/constant_time_test.o" =>
+                [
+                    "include",
+                ],
+            "test/crltest.o" =>
+                [
+                    "include",
+                ],
+            "test/ct_test.o" =>
+                [
+                    "include",
+                ],
+            "test/ctype_internal_test.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
+            "test/curve448_internal_test.o" =>
+                [
+                    ".",
+                    "include",
+                    "crypto/ec/curve448",
+                ],
+            "test/d2i_test.o" =>
+                [
+                    "include",
+                ],
+            "test/danetest.o" =>
+                [
+                    "include",
+                ],
+            "test/destest.o" =>
+                [
+                    "include",
+                ],
+            "test/dhtest.o" =>
+                [
+                    "include",
+                ],
+            "test/drbg_cavs_data.o" =>
+                [
+                    "include",
+                    "test",
+                    ".",
+                ],
+            "test/drbg_cavs_test.o" =>
+                [
+                    "include",
+                    "test",
+                    ".",
+                ],
+            "test/drbgtest.o" =>
+                [
+                    "include",
+                ],
+            "test/dsa_no_digest_size_test.o" =>
+                [
+                    "include",
+                ],
+            "test/dsatest.o" =>
+                [
+                    "include",
+                ],
+            "test/dtls_mtu_test.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "test/dtlstest.o" =>
+                [
+                    "include",
+                ],
+            "test/dtlsv1listentest.o" =>
+                [
+                    "include",
+                ],
+            "test/ec_internal_test.o" =>
+                [
+                    "include",
+                    "crypto/ec",
+                    "crypto/include",
+                ],
+            "test/ecdsatest.o" =>
+                [
+                    "include",
+                ],
+            "test/ecstresstest.o" =>
+                [
+                    "include",
+                ],
+            "test/ectest.o" =>
+                [
+                    "include",
+                ],
+            "test/enginetest.o" =>
+                [
+                    "include",
+                ],
+            "test/errtest.o" =>
+                [
+                    "include",
+                ],
+            "test/evp_extra_test.o" =>
+                [
+                    "include",
+                    "crypto/include",
+                ],
+            "test/evp_test.o" =>
+                [
+                    "include",
+                ],
+            "test/exdatatest.o" =>
+                [
+                    "include",
+                ],
+            "test/exptest.o" =>
+                [
+                    "include",
+                ],
+            "test/fatalerrtest.o" =>
+                [
+                    "include",
+                ],
+            "test/gmdifftest.o" =>
+                [
+                    "include",
+                ],
+            "test/gosttest.o" =>
+                [
+                    "include",
+                    ".",
+                ],
+            "test/handshake_helper.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "test/hmactest.o" =>
+                [
+                    "include",
+                ],
+            "test/ideatest.o" =>
+                [
+                    "include",
+                ],
+            "test/igetest.o" =>
+                [
+                    "include",
+                ],
+            "test/lhash_test.o" =>
+                [
+                    "include",
+                ],
+            "test/md2test.o" =>
+                [
+                    "include",
+                ],
+            "test/mdc2_internal_test.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "test/mdc2test.o" =>
+                [
+                    "include",
+                ],
+            "test/memleaktest.o" =>
+                [
+                    "include",
+                ],
+            "test/modes_internal_test.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "test/ocspapitest.o" =>
+                [
+                    "include",
+                ],
+            "test/packettest.o" =>
+                [
+                    "include",
+                ],
+            "test/pbelutest.o" =>
+                [
+                    "include",
+                ],
+            "test/pemtest.o" =>
+                [
+                    "include",
+                ],
+            "test/pkey_meth_kdf_test.o" =>
+                [
+                    "include",
+                ],
+            "test/pkey_meth_test.o" =>
+                [
+                    "include",
+                ],
+            "test/poly1305_internal_test.o" =>
+                [
+                    ".",
+                    "include",
+                    "crypto/include",
+                ],
+            "test/rc2test.o" =>
+                [
+                    "include",
+                ],
+            "test/rc4test.o" =>
+                [
+                    "include",
+                ],
+            "test/rc5test.o" =>
+                [
+                    "include",
+                ],
+            "test/rdrand_sanitytest.o" =>
+                [
+                    "include",
+                ],
+            "test/recordlentest.o" =>
+                [
+                    "include",
+                ],
+            "test/rsa_complex.o" =>
+                [
+                    "include",
+                ],
+            "test/rsa_mp_test.o" =>
+                [
+                    "include",
+                ],
+            "test/rsa_test.o" =>
+                [
+                    "include",
+                ],
+            "test/sanitytest.o" =>
+                [
+                    "include",
+                ],
+            "test/secmemtest.o" =>
+                [
+                    "include",
+                ],
+            "test/servername_test.o" =>
+                [
+                    "include",
+                ],
+            "test/siphash_internal_test.o" =>
+                [
+                    ".",
+                    "include",
+                    "crypto/include",
+                ],
+            "test/sm2_internal_test.o" =>
+                [
+                    "include",
+                    "crypto/include",
+                ],
+            "test/sm4_internal_test.o" =>
+                [
+                    ".",
+                    "include",
+                    "crypto/include",
+                ],
+            "test/srptest.o" =>
+                [
+                    "include",
+                ],
+            "test/ssl_cert_table_internal_test.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "test/ssl_test.o" =>
+                [
+                    "include",
+                ],
+            "test/ssl_test_ctx.o" =>
+                [
+                    "include",
+                ],
+            "test/ssl_test_ctx_test.o" =>
+                [
+                    "include",
+                ],
+            "test/sslapitest.o" =>
+                [
+                    "include",
+                    ".",
+                ],
+            "test/sslbuffertest.o" =>
+                [
+                    "include",
+                ],
+            "test/sslcorrupttest.o" =>
+                [
+                    "include",
+                ],
+            "test/ssltest_old.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "test/ssltestlib.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "test/stack_test.o" =>
+                [
+                    "include",
+                ],
+            "test/sysdefaulttest.o" =>
+                [
+                    "include",
+                ],
+            "test/test_test.o" =>
+                [
+                    "include",
+                ],
+            "test/testutil/basic_output.o" =>
+                [
+                    "include",
+                ],
+            "test/testutil/cb.o" =>
+                [
+                    "include",
+                ],
+            "test/testutil/driver.o" =>
+                [
+                    "include",
+                ],
+            "test/testutil/format_output.o" =>
+                [
+                    "include",
+                ],
+            "test/testutil/init.o" =>
+                [
+                    "include",
+                ],
+            "test/testutil/main.o" =>
+                [
+                    "include",
+                ],
+            "test/testutil/output_helpers.o" =>
+                [
+                    "include",
+                ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
+            "test/testutil/stanza.o" =>
+                [
+                    "include",
+                ],
+            "test/testutil/tap_bio.o" =>
+                [
+                    "include",
+                ],
+            "test/testutil/test_cleanup.o" =>
+                [
+                    "include",
+                ],
+            "test/testutil/tests.o" =>
+                [
+                    "include",
+                ],
+            "test/threadstest.o" =>
+                [
+                    "include",
+                ],
+            "test/time_offset_test.o" =>
+                [
+                    "include",
+                ],
+            "test/tls13ccstest.o" =>
+                [
+                    "include",
+                ],
+            "test/tls13encryptiontest.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "test/uitest.o" =>
+                [
+                    ".",
+                    "include",
+                    "apps",
+                ],
+            "test/v3ext.o" =>
+                [
+                    "include",
+                ],
+            "test/v3nametest.o" =>
+                [
+                    "include",
+                ],
+            "test/verify_extra_test.o" =>
+                [
+                    "include",
+                ],
+            "test/versions.o" =>
+                [
+                    "include",
+                ],
+            "test/wpackettest.o" =>
+                [
+                    "include",
+                ],
+            "test/x509_check_cert_pkey_test.o" =>
+                [
+                    "include",
+                ],
+            "test/x509_dup_cert_test.o" =>
+                [
+                    "include",
+                ],
+            "test/x509_internal_test.o" =>
+                [
+                    ".",
+                    "include",
+                ],
+            "test/x509_time_test.o" =>
+                [
+                    "include",
+                ],
+            "test/x509aux.o" =>
+                [
+                    "include",
+                ],
+        },
+    "install" =>
+        {
+            "libraries" =>
+                [
+                    "libcrypto",
+                    "libssl",
+                ],
+            "programs" =>
+                [
+                    "apps/openssl",
+                ],
+            "scripts" =>
+                [
+                    "apps/CA.pl",
+                    "apps/tsget.pl",
+                    "tools/c_rehash",
+                ],
+        },
+    "ldadd" =>
+        {
+        },
+    "libraries" =>
+        [
+            "apps/libapps.a",
+            "libcrypto",
+            "libssl",
+            "test/libtestutil.a",
+        ],
+    "overrides" =>
+        [
+        ],
+    "programs" =>
+        [
+            "apps/openssl",
+            "fuzz/asn1-test",
+            "fuzz/asn1parse-test",
+            "fuzz/bignum-test",
+            "fuzz/bndiv-test",
+            "fuzz/client-test",
+            "fuzz/cms-test",
+            "fuzz/conf-test",
+            "fuzz/crl-test",
+            "fuzz/ct-test",
+            "fuzz/server-test",
+            "fuzz/x509-test",
+            "test/aborttest",
+            "test/afalgtest",
+            "test/asn1_decode_test",
+            "test/asn1_encode_test",
+            "test/asn1_internal_test",
+            "test/asn1_string_table_test",
+            "test/asn1_time_test",
+            "test/asynciotest",
+            "test/asynctest",
+            "test/bad_dtls_test",
+            "test/bftest",
+            "test/bio_callback_test",
+            "test/bio_enc_test",
+            "test/bio_memleak_test",
+            "test/bioprinttest",
+            "test/bntest",
+            "test/buildtest_c_aes",
+            "test/buildtest_c_asn1",
+            "test/buildtest_c_asn1t",
+            "test/buildtest_c_async",
+            "test/buildtest_c_bio",
+            "test/buildtest_c_blowfish",
+            "test/buildtest_c_bn",
+            "test/buildtest_c_buffer",
+            "test/buildtest_c_camellia",
+            "test/buildtest_c_cast",
+            "test/buildtest_c_cmac",
+            "test/buildtest_c_cms",
+            "test/buildtest_c_conf",
+            "test/buildtest_c_conf_api",
+            "test/buildtest_c_crypto",
+            "test/buildtest_c_ct",
+            "test/buildtest_c_des",
+            "test/buildtest_c_dh",
+            "test/buildtest_c_dsa",
+            "test/buildtest_c_dtls1",
+            "test/buildtest_c_e_os2",
+            "test/buildtest_c_ebcdic",
+            "test/buildtest_c_ec",
+            "test/buildtest_c_ecdh",
+            "test/buildtest_c_ecdsa",
+            "test/buildtest_c_engine",
+            "test/buildtest_c_evp",
+            "test/buildtest_c_hmac",
+            "test/buildtest_c_idea",
+            "test/buildtest_c_kdf",
+            "test/buildtest_c_lhash",
+            "test/buildtest_c_md4",
+            "test/buildtest_c_md5",
+            "test/buildtest_c_mdc2",
+            "test/buildtest_c_modes",
+            "test/buildtest_c_obj_mac",
+            "test/buildtest_c_objects",
+            "test/buildtest_c_ocsp",
+            "test/buildtest_c_opensslv",
+            "test/buildtest_c_ossl_typ",
+            "test/buildtest_c_pem",
+            "test/buildtest_c_pem2",
+            "test/buildtest_c_pkcs12",
+            "test/buildtest_c_pkcs7",
+            "test/buildtest_c_rand",
+            "test/buildtest_c_rand_drbg",
+            "test/buildtest_c_rc2",
+            "test/buildtest_c_rc4",
+            "test/buildtest_c_ripemd",
+            "test/buildtest_c_rsa",
+            "test/buildtest_c_safestack",
+            "test/buildtest_c_seed",
+            "test/buildtest_c_sha",
+            "test/buildtest_c_srp",
+            "test/buildtest_c_srtp",
+            "test/buildtest_c_ssl",
+            "test/buildtest_c_ssl2",
+            "test/buildtest_c_stack",
+            "test/buildtest_c_store",
+            "test/buildtest_c_symhacks",
+            "test/buildtest_c_tls1",
+            "test/buildtest_c_ts",
+            "test/buildtest_c_txt_db",
+            "test/buildtest_c_ui",
+            "test/buildtest_c_whrlpool",
+            "test/buildtest_c_x509",
+            "test/buildtest_c_x509_vfy",
+            "test/buildtest_c_x509v3",
+            "test/casttest",
+            "test/chacha_internal_test",
+            "test/cipher_overhead_test",
+            "test/cipherbytes_test",
+            "test/cipherlist_test",
+            "test/ciphername_test",
+            "test/clienthellotest",
+            "test/cmsapitest",
+            "test/conf_include_test",
+            "test/constant_time_test",
+            "test/crltest",
+            "test/ct_test",
+            "test/ctype_internal_test",
+            "test/curve448_internal_test",
+            "test/d2i_test",
+            "test/danetest",
+            "test/destest",
+            "test/dhtest",
+            "test/drbg_cavs_test",
+            "test/drbgtest",
+            "test/dsa_no_digest_size_test",
+            "test/dsatest",
+            "test/dtls_mtu_test",
+            "test/dtlstest",
+            "test/dtlsv1listentest",
+            "test/ec_internal_test",
+            "test/ecdsatest",
+            "test/ecstresstest",
+            "test/ectest",
+            "test/enginetest",
+            "test/errtest",
+            "test/evp_extra_test",
+            "test/evp_test",
+            "test/exdatatest",
+            "test/exptest",
+            "test/fatalerrtest",
+            "test/gmdifftest",
+            "test/gosttest",
+            "test/hmactest",
+            "test/ideatest",
+            "test/igetest",
+            "test/lhash_test",
+            "test/md2test",
+            "test/mdc2_internal_test",
+            "test/mdc2test",
+            "test/memleaktest",
+            "test/modes_internal_test",
+            "test/ocspapitest",
+            "test/packettest",
+            "test/pbelutest",
+            "test/pemtest",
+            "test/pkey_meth_kdf_test",
+            "test/pkey_meth_test",
+            "test/poly1305_internal_test",
+            "test/rc2test",
+            "test/rc4test",
+            "test/rc5test",
+            "test/rdrand_sanitytest",
+            "test/recordlentest",
+            "test/rsa_complex",
+            "test/rsa_mp_test",
+            "test/rsa_test",
+            "test/sanitytest",
+            "test/secmemtest",
+            "test/servername_test",
+            "test/siphash_internal_test",
+            "test/sm2_internal_test",
+            "test/sm4_internal_test",
+            "test/srptest",
+            "test/ssl_cert_table_internal_test",
+            "test/ssl_test",
+            "test/ssl_test_ctx_test",
+            "test/sslapitest",
+            "test/sslbuffertest",
+            "test/sslcorrupttest",
+            "test/ssltest_old",
+            "test/stack_test",
+            "test/sysdefaulttest",
+            "test/test_test",
+            "test/threadstest",
+            "test/time_offset_test",
+            "test/tls13ccstest",
+            "test/tls13encryptiontest",
+            "test/uitest",
+            "test/v3ext",
+            "test/v3nametest",
+            "test/verify_extra_test",
+            "test/versions",
+            "test/wpackettest",
+            "test/x509_check_cert_pkey_test",
+            "test/x509_dup_cert_test",
+            "test/x509_internal_test",
+            "test/x509_time_test",
+            "test/x509aux",
+        ],
+    "rawlines" =>
+        [
+            "##### SHA assembler implementations",
+            "",
+            "# GNU make \"catch all\"",
+            "crypto/sha/sha1-%.S:	crypto/sha/asm/sha1-%.pl",
+            "	CC=\"\$(CC)\" \$(PERL) \$< \$(PERLASM_SCHEME) \$\@",
+            "crypto/sha/sha256-%.S:	crypto/sha/asm/sha512-%.pl",
+            "	CC=\"\$(CC)\" \$(PERL) \$< \$(PERLASM_SCHEME) \$\@",
+            "crypto/sha/sha512-%.S:	crypto/sha/asm/sha512-%.pl",
+            "	CC=\"\$(CC)\" \$(PERL) \$< \$(PERLASM_SCHEME) \$\@",
+            "crypto/poly1305/poly1305-%.S:	crypto/poly1305/asm/poly1305-%.pl",
+            "	CC=\"\$(CC)\" \$(PERL) \$< \$(PERLASM_SCHEME) \$\@",
+            "##### AES assembler implementations",
+            "",
+            "# GNU make \"catch all\"",
+            "crypto/aes/aes-%.S:	crypto/aes/asm/aes-%.pl",
+            "	CC=\"\$(CC)\" \$(PERL) \$< \$(PERLASM_SCHEME) \$\@",
+            "crypto/aes/bsaes-%.S:	crypto/aes/asm/bsaes-%.pl",
+            "	CC=\"\$(CC)\" \$(PERL) \$< \$(PERLASM_SCHEME) \$\@",
+            "",
+            "# GNU make \"catch all\"",
+            "crypto/rc4/rc4-%.s:	crypto/rc4/asm/rc4-%.pl",
+            "	CC=\"\$(CC)\" \$(PERL) \$< \$(PERLASM_SCHEME) \$\@",
+            "##### CHACHA assembler implementations",
+            "",
+            "crypto/chacha/chacha-%.S:	crypto/chacha/asm/chacha-%.pl",
+            "	CC=\"\$(CC)\" \$(PERL) \$< \$(PERLASM_SCHEME) \$\@",
+            "# GNU make \"catch all\"",
+            "crypto/modes/ghash-%.S:	crypto/modes/asm/ghash-%.pl",
+            "	CC=\"\$(CC)\" \$(PERL) \$< \$(PERLASM_SCHEME) \$\@",
+            "crypto/ec/ecp_nistz256-%.S:	crypto/ec/asm/ecp_nistz256-%.pl",
+            "	CC=\"\$(CC)\" \$(PERL) \$< \$(PERLASM_SCHEME) \$\@",
+        ],
+    "rename" =>
+        {
+        },
+    "scripts" =>
+        [
+            "apps/CA.pl",
+            "apps/tsget.pl",
+            "tools/c_rehash",
+            "util/shlib_wrap.sh",
+        ],
+    "shared_sources" =>
+        {
+        },
+    "sources" =>
+        {
+            "apps/CA.pl" =>
+                [
+                    "apps/CA.pl.in",
+                ],
+            "apps/app_rand.o" =>
+                [
+                    "apps/app_rand.c",
+                ],
+            "apps/apps.o" =>
+                [
+                    "apps/apps.c",
+                ],
+            "apps/asn1pars.o" =>
+                [
+                    "apps/asn1pars.c",
+                ],
+            "apps/bf_prefix.o" =>
+                [
+                    "apps/bf_prefix.c",
+                ],
+            "apps/ca.o" =>
+                [
+                    "apps/ca.c",
+                ],
+            "apps/ciphers.o" =>
+                [
+                    "apps/ciphers.c",
+                ],
+            "apps/cms.o" =>
+                [
+                    "apps/cms.c",
+                ],
+            "apps/crl.o" =>
+                [
+                    "apps/crl.c",
+                ],
+            "apps/crl2p7.o" =>
+                [
+                    "apps/crl2p7.c",
+                ],
+            "apps/dgst.o" =>
+                [
+                    "apps/dgst.c",
+                ],
+            "apps/dhparam.o" =>
+                [
+                    "apps/dhparam.c",
+                ],
+            "apps/dsa.o" =>
+                [
+                    "apps/dsa.c",
+                ],
+            "apps/dsaparam.o" =>
+                [
+                    "apps/dsaparam.c",
+                ],
+            "apps/ec.o" =>
+                [
+                    "apps/ec.c",
+                ],
+            "apps/ecparam.o" =>
+                [
+                    "apps/ecparam.c",
+                ],
+            "apps/enc.o" =>
+                [
+                    "apps/enc.c",
+                ],
+            "apps/engine.o" =>
+                [
+                    "apps/engine.c",
+                ],
+            "apps/errstr.o" =>
+                [
+                    "apps/errstr.c",
+                ],
+            "apps/gendsa.o" =>
+                [
+                    "apps/gendsa.c",
+                ],
+            "apps/genpkey.o" =>
+                [
+                    "apps/genpkey.c",
+                ],
+            "apps/genrsa.o" =>
+                [
+                    "apps/genrsa.c",
+                ],
+            "apps/libapps.a" =>
+                [
+                    "apps/app_rand.o",
+                    "apps/apps.o",
+                    "apps/bf_prefix.o",
+                    "apps/opt.o",
+                    "apps/s_cb.o",
+                    "apps/s_socket.o",
+                ],
+            "apps/nseq.o" =>
+                [
+                    "apps/nseq.c",
+                ],
+            "apps/ocsp.o" =>
+                [
+                    "apps/ocsp.c",
+                ],
+            "apps/openssl" =>
+                [
+                    "apps/asn1pars.o",
+                    "apps/ca.o",
+                    "apps/ciphers.o",
+                    "apps/cms.o",
+                    "apps/crl.o",
+                    "apps/crl2p7.o",
+                    "apps/dgst.o",
+                    "apps/dhparam.o",
+                    "apps/dsa.o",
+                    "apps/dsaparam.o",
+                    "apps/ec.o",
+                    "apps/ecparam.o",
+                    "apps/enc.o",
+                    "apps/engine.o",
+                    "apps/errstr.o",
+                    "apps/gendsa.o",
+                    "apps/genpkey.o",
+                    "apps/genrsa.o",
+                    "apps/nseq.o",
+                    "apps/ocsp.o",
+                    "apps/openssl.o",
+                    "apps/passwd.o",
+                    "apps/pkcs12.o",
+                    "apps/pkcs7.o",
+                    "apps/pkcs8.o",
+                    "apps/pkey.o",
+                    "apps/pkeyparam.o",
+                    "apps/pkeyutl.o",
+                    "apps/prime.o",
+                    "apps/rand.o",
+                    "apps/rehash.o",
+                    "apps/req.o",
+                    "apps/rsa.o",
+                    "apps/rsautl.o",
+                    "apps/s_client.o",
+                    "apps/s_server.o",
+                    "apps/s_time.o",
+                    "apps/sess_id.o",
+                    "apps/smime.o",
+                    "apps/speed.o",
+                    "apps/spkac.o",
+                    "apps/srp.o",
+                    "apps/storeutl.o",
+                    "apps/ts.o",
+                    "apps/verify.o",
+                    "apps/version.o",
+                    "apps/x509.o",
+                ],
+            "apps/openssl.o" =>
+                [
+                    "apps/openssl.c",
+                ],
+            "apps/opt.o" =>
+                [
+                    "apps/opt.c",
+                ],
+            "apps/passwd.o" =>
+                [
+                    "apps/passwd.c",
+                ],
+            "apps/pkcs12.o" =>
+                [
+                    "apps/pkcs12.c",
+                ],
+            "apps/pkcs7.o" =>
+                [
+                    "apps/pkcs7.c",
+                ],
+            "apps/pkcs8.o" =>
+                [
+                    "apps/pkcs8.c",
+                ],
+            "apps/pkey.o" =>
+                [
+                    "apps/pkey.c",
+                ],
+            "apps/pkeyparam.o" =>
+                [
+                    "apps/pkeyparam.c",
+                ],
+            "apps/pkeyutl.o" =>
+                [
+                    "apps/pkeyutl.c",
+                ],
+            "apps/prime.o" =>
+                [
+                    "apps/prime.c",
+                ],
+            "apps/rand.o" =>
+                [
+                    "apps/rand.c",
+                ],
+            "apps/rehash.o" =>
+                [
+                    "apps/rehash.c",
+                ],
+            "apps/req.o" =>
+                [
+                    "apps/req.c",
+                ],
+            "apps/rsa.o" =>
+                [
+                    "apps/rsa.c",
+                ],
+            "apps/rsautl.o" =>
+                [
+                    "apps/rsautl.c",
+                ],
+            "apps/s_cb.o" =>
+                [
+                    "apps/s_cb.c",
+                ],
+            "apps/s_client.o" =>
+                [
+                    "apps/s_client.c",
+                ],
+            "apps/s_server.o" =>
+                [
+                    "apps/s_server.c",
+                ],
+            "apps/s_socket.o" =>
+                [
+                    "apps/s_socket.c",
+                ],
+            "apps/s_time.o" =>
+                [
+                    "apps/s_time.c",
+                ],
+            "apps/sess_id.o" =>
+                [
+                    "apps/sess_id.c",
+                ],
+            "apps/smime.o" =>
+                [
+                    "apps/smime.c",
+                ],
+            "apps/speed.o" =>
+                [
+                    "apps/speed.c",
+                ],
+            "apps/spkac.o" =>
+                [
+                    "apps/spkac.c",
+                ],
+            "apps/srp.o" =>
+                [
+                    "apps/srp.c",
+                ],
+            "apps/storeutl.o" =>
+                [
+                    "apps/storeutl.c",
+                ],
+            "apps/ts.o" =>
+                [
+                    "apps/ts.c",
+                ],
+            "apps/tsget.pl" =>
+                [
+                    "apps/tsget.in",
+                ],
+            "apps/verify.o" =>
+                [
+                    "apps/verify.c",
+                ],
+            "apps/version.o" =>
+                [
+                    "apps/version.c",
+                ],
+            "apps/x509.o" =>
+                [
+                    "apps/x509.c",
+                ],
+            "crypto/aes/aes-mips.o" =>
+                [
+                    "crypto/aes/aes-mips.S",
+                ],
+            "crypto/aes/aes_cbc.o" =>
+                [
+                    "crypto/aes/aes_cbc.c",
+                ],
+            "crypto/aes/aes_cfb.o" =>
+                [
+                    "crypto/aes/aes_cfb.c",
+                ],
+            "crypto/aes/aes_ecb.o" =>
+                [
+                    "crypto/aes/aes_ecb.c",
+                ],
+            "crypto/aes/aes_ige.o" =>
+                [
+                    "crypto/aes/aes_ige.c",
+                ],
+            "crypto/aes/aes_misc.o" =>
+                [
+                    "crypto/aes/aes_misc.c",
+                ],
+            "crypto/aes/aes_ofb.o" =>
+                [
+                    "crypto/aes/aes_ofb.c",
+                ],
+            "crypto/aes/aes_wrap.o" =>
+                [
+                    "crypto/aes/aes_wrap.c",
+                ],
+            "crypto/aria/aria.o" =>
+                [
+                    "crypto/aria/aria.c",
+                ],
+            "crypto/asn1/a_bitstr.o" =>
+                [
+                    "crypto/asn1/a_bitstr.c",
+                ],
+            "crypto/asn1/a_d2i_fp.o" =>
+                [
+                    "crypto/asn1/a_d2i_fp.c",
+                ],
+            "crypto/asn1/a_digest.o" =>
+                [
+                    "crypto/asn1/a_digest.c",
+                ],
+            "crypto/asn1/a_dup.o" =>
+                [
+                    "crypto/asn1/a_dup.c",
+                ],
+            "crypto/asn1/a_gentm.o" =>
+                [
+                    "crypto/asn1/a_gentm.c",
+                ],
+            "crypto/asn1/a_i2d_fp.o" =>
+                [
+                    "crypto/asn1/a_i2d_fp.c",
+                ],
+            "crypto/asn1/a_int.o" =>
+                [
+                    "crypto/asn1/a_int.c",
+                ],
+            "crypto/asn1/a_mbstr.o" =>
+                [
+                    "crypto/asn1/a_mbstr.c",
+                ],
+            "crypto/asn1/a_object.o" =>
+                [
+                    "crypto/asn1/a_object.c",
+                ],
+            "crypto/asn1/a_octet.o" =>
+                [
+                    "crypto/asn1/a_octet.c",
+                ],
+            "crypto/asn1/a_print.o" =>
+                [
+                    "crypto/asn1/a_print.c",
+                ],
+            "crypto/asn1/a_sign.o" =>
+                [
+                    "crypto/asn1/a_sign.c",
+                ],
+            "crypto/asn1/a_strex.o" =>
+                [
+                    "crypto/asn1/a_strex.c",
+                ],
+            "crypto/asn1/a_strnid.o" =>
+                [
+                    "crypto/asn1/a_strnid.c",
+                ],
+            "crypto/asn1/a_time.o" =>
+                [
+                    "crypto/asn1/a_time.c",
+                ],
+            "crypto/asn1/a_type.o" =>
+                [
+                    "crypto/asn1/a_type.c",
+                ],
+            "crypto/asn1/a_utctm.o" =>
+                [
+                    "crypto/asn1/a_utctm.c",
+                ],
+            "crypto/asn1/a_utf8.o" =>
+                [
+                    "crypto/asn1/a_utf8.c",
+                ],
+            "crypto/asn1/a_verify.o" =>
+                [
+                    "crypto/asn1/a_verify.c",
+                ],
+            "crypto/asn1/ameth_lib.o" =>
+                [
+                    "crypto/asn1/ameth_lib.c",
+                ],
+            "crypto/asn1/asn1_err.o" =>
+                [
+                    "crypto/asn1/asn1_err.c",
+                ],
+            "crypto/asn1/asn1_gen.o" =>
+                [
+                    "crypto/asn1/asn1_gen.c",
+                ],
+            "crypto/asn1/asn1_item_list.o" =>
+                [
+                    "crypto/asn1/asn1_item_list.c",
+                ],
+            "crypto/asn1/asn1_lib.o" =>
+                [
+                    "crypto/asn1/asn1_lib.c",
+                ],
+            "crypto/asn1/asn1_par.o" =>
+                [
+                    "crypto/asn1/asn1_par.c",
+                ],
+            "crypto/asn1/asn_mime.o" =>
+                [
+                    "crypto/asn1/asn_mime.c",
+                ],
+            "crypto/asn1/asn_moid.o" =>
+                [
+                    "crypto/asn1/asn_moid.c",
+                ],
+            "crypto/asn1/asn_mstbl.o" =>
+                [
+                    "crypto/asn1/asn_mstbl.c",
+                ],
+            "crypto/asn1/asn_pack.o" =>
+                [
+                    "crypto/asn1/asn_pack.c",
+                ],
+            "crypto/asn1/bio_asn1.o" =>
+                [
+                    "crypto/asn1/bio_asn1.c",
+                ],
+            "crypto/asn1/bio_ndef.o" =>
+                [
+                    "crypto/asn1/bio_ndef.c",
+                ],
+            "crypto/asn1/d2i_pr.o" =>
+                [
+                    "crypto/asn1/d2i_pr.c",
+                ],
+            "crypto/asn1/d2i_pu.o" =>
+                [
+                    "crypto/asn1/d2i_pu.c",
+                ],
+            "crypto/asn1/evp_asn1.o" =>
+                [
+                    "crypto/asn1/evp_asn1.c",
+                ],
+            "crypto/asn1/f_int.o" =>
+                [
+                    "crypto/asn1/f_int.c",
+                ],
+            "crypto/asn1/f_string.o" =>
+                [
+                    "crypto/asn1/f_string.c",
+                ],
+            "crypto/asn1/i2d_pr.o" =>
+                [
+                    "crypto/asn1/i2d_pr.c",
+                ],
+            "crypto/asn1/i2d_pu.o" =>
+                [
+                    "crypto/asn1/i2d_pu.c",
+                ],
+            "crypto/asn1/n_pkey.o" =>
+                [
+                    "crypto/asn1/n_pkey.c",
+                ],
+            "crypto/asn1/nsseq.o" =>
+                [
+                    "crypto/asn1/nsseq.c",
+                ],
+            "crypto/asn1/p5_pbe.o" =>
+                [
+                    "crypto/asn1/p5_pbe.c",
+                ],
+            "crypto/asn1/p5_pbev2.o" =>
+                [
+                    "crypto/asn1/p5_pbev2.c",
+                ],
+            "crypto/asn1/p5_scrypt.o" =>
+                [
+                    "crypto/asn1/p5_scrypt.c",
+                ],
+            "crypto/asn1/p8_pkey.o" =>
+                [
+                    "crypto/asn1/p8_pkey.c",
+                ],
+            "crypto/asn1/t_bitst.o" =>
+                [
+                    "crypto/asn1/t_bitst.c",
+                ],
+            "crypto/asn1/t_pkey.o" =>
+                [
+                    "crypto/asn1/t_pkey.c",
+                ],
+            "crypto/asn1/t_spki.o" =>
+                [
+                    "crypto/asn1/t_spki.c",
+                ],
+            "crypto/asn1/tasn_dec.o" =>
+                [
+                    "crypto/asn1/tasn_dec.c",
+                ],
+            "crypto/asn1/tasn_enc.o" =>
+                [
+                    "crypto/asn1/tasn_enc.c",
+                ],
+            "crypto/asn1/tasn_fre.o" =>
+                [
+                    "crypto/asn1/tasn_fre.c",
+                ],
+            "crypto/asn1/tasn_new.o" =>
+                [
+                    "crypto/asn1/tasn_new.c",
+                ],
+            "crypto/asn1/tasn_prn.o" =>
+                [
+                    "crypto/asn1/tasn_prn.c",
+                ],
+            "crypto/asn1/tasn_scn.o" =>
+                [
+                    "crypto/asn1/tasn_scn.c",
+                ],
+            "crypto/asn1/tasn_typ.o" =>
+                [
+                    "crypto/asn1/tasn_typ.c",
+                ],
+            "crypto/asn1/tasn_utl.o" =>
+                [
+                    "crypto/asn1/tasn_utl.c",
+                ],
+            "crypto/asn1/x_algor.o" =>
+                [
+                    "crypto/asn1/x_algor.c",
+                ],
+            "crypto/asn1/x_bignum.o" =>
+                [
+                    "crypto/asn1/x_bignum.c",
+                ],
+            "crypto/asn1/x_info.o" =>
+                [
+                    "crypto/asn1/x_info.c",
+                ],
+            "crypto/asn1/x_int64.o" =>
+                [
+                    "crypto/asn1/x_int64.c",
+                ],
+            "crypto/asn1/x_long.o" =>
+                [
+                    "crypto/asn1/x_long.c",
+                ],
+            "crypto/asn1/x_pkey.o" =>
+                [
+                    "crypto/asn1/x_pkey.c",
+                ],
+            "crypto/asn1/x_sig.o" =>
+                [
+                    "crypto/asn1/x_sig.c",
+                ],
+            "crypto/asn1/x_spki.o" =>
+                [
+                    "crypto/asn1/x_spki.c",
+                ],
+            "crypto/asn1/x_val.o" =>
+                [
+                    "crypto/asn1/x_val.c",
+                ],
+            "crypto/async/arch/async_null.o" =>
+                [
+                    "crypto/async/arch/async_null.c",
+                ],
+            "crypto/async/arch/async_posix.o" =>
+                [
+                    "crypto/async/arch/async_posix.c",
+                ],
+            "crypto/async/arch/async_win.o" =>
+                [
+                    "crypto/async/arch/async_win.c",
+                ],
+            "crypto/async/async.o" =>
+                [
+                    "crypto/async/async.c",
+                ],
+            "crypto/async/async_err.o" =>
+                [
+                    "crypto/async/async_err.c",
+                ],
+            "crypto/async/async_wait.o" =>
+                [
+                    "crypto/async/async_wait.c",
+                ],
+            "crypto/bf/bf_cfb64.o" =>
+                [
+                    "crypto/bf/bf_cfb64.c",
+                ],
+            "crypto/bf/bf_ecb.o" =>
+                [
+                    "crypto/bf/bf_ecb.c",
+                ],
+            "crypto/bf/bf_enc.o" =>
+                [
+                    "crypto/bf/bf_enc.c",
+                ],
+            "crypto/bf/bf_ofb64.o" =>
+                [
+                    "crypto/bf/bf_ofb64.c",
+                ],
+            "crypto/bf/bf_skey.o" =>
+                [
+                    "crypto/bf/bf_skey.c",
+                ],
+            "crypto/bio/b_addr.o" =>
+                [
+                    "crypto/bio/b_addr.c",
+                ],
+            "crypto/bio/b_dump.o" =>
+                [
+                    "crypto/bio/b_dump.c",
+                ],
+            "crypto/bio/b_print.o" =>
+                [
+                    "crypto/bio/b_print.c",
+                ],
+            "crypto/bio/b_sock.o" =>
+                [
+                    "crypto/bio/b_sock.c",
+                ],
+            "crypto/bio/b_sock2.o" =>
+                [
+                    "crypto/bio/b_sock2.c",
+                ],
+            "crypto/bio/bf_buff.o" =>
+                [
+                    "crypto/bio/bf_buff.c",
+                ],
+            "crypto/bio/bf_lbuf.o" =>
+                [
+                    "crypto/bio/bf_lbuf.c",
+                ],
+            "crypto/bio/bf_nbio.o" =>
+                [
+                    "crypto/bio/bf_nbio.c",
+                ],
+            "crypto/bio/bf_null.o" =>
+                [
+                    "crypto/bio/bf_null.c",
+                ],
+            "crypto/bio/bio_cb.o" =>
+                [
+                    "crypto/bio/bio_cb.c",
+                ],
+            "crypto/bio/bio_err.o" =>
+                [
+                    "crypto/bio/bio_err.c",
+                ],
+            "crypto/bio/bio_lib.o" =>
+                [
+                    "crypto/bio/bio_lib.c",
+                ],
+            "crypto/bio/bio_meth.o" =>
+                [
+                    "crypto/bio/bio_meth.c",
+                ],
+            "crypto/bio/bss_acpt.o" =>
+                [
+                    "crypto/bio/bss_acpt.c",
+                ],
+            "crypto/bio/bss_bio.o" =>
+                [
+                    "crypto/bio/bss_bio.c",
+                ],
+            "crypto/bio/bss_conn.o" =>
+                [
+                    "crypto/bio/bss_conn.c",
+                ],
+            "crypto/bio/bss_dgram.o" =>
+                [
+                    "crypto/bio/bss_dgram.c",
+                ],
+            "crypto/bio/bss_fd.o" =>
+                [
+                    "crypto/bio/bss_fd.c",
+                ],
+            "crypto/bio/bss_file.o" =>
+                [
+                    "crypto/bio/bss_file.c",
+                ],
+            "crypto/bio/bss_log.o" =>
+                [
+                    "crypto/bio/bss_log.c",
+                ],
+            "crypto/bio/bss_mem.o" =>
+                [
+                    "crypto/bio/bss_mem.c",
+                ],
+            "crypto/bio/bss_null.o" =>
+                [
+                    "crypto/bio/bss_null.c",
+                ],
+            "crypto/bio/bss_sock.o" =>
+                [
+                    "crypto/bio/bss_sock.c",
+                ],
+            "crypto/blake2/blake2b.o" =>
+                [
+                    "crypto/blake2/blake2b.c",
+                ],
+            "crypto/blake2/blake2s.o" =>
+                [
+                    "crypto/blake2/blake2s.c",
+                ],
+            "crypto/blake2/m_blake2b.o" =>
+                [
+                    "crypto/blake2/m_blake2b.c",
+                ],
+            "crypto/blake2/m_blake2s.o" =>
+                [
+                    "crypto/blake2/m_blake2s.c",
+                ],
+            "crypto/bn/bn-mips.o" =>
+                [
+                    "crypto/bn/bn-mips.S",
+                ],
+            "crypto/bn/bn_add.o" =>
+                [
+                    "crypto/bn/bn_add.c",
+                ],
+            "crypto/bn/bn_blind.o" =>
+                [
+                    "crypto/bn/bn_blind.c",
+                ],
+            "crypto/bn/bn_const.o" =>
+                [
+                    "crypto/bn/bn_const.c",
+                ],
+            "crypto/bn/bn_ctx.o" =>
+                [
+                    "crypto/bn/bn_ctx.c",
+                ],
+            "crypto/bn/bn_depr.o" =>
+                [
+                    "crypto/bn/bn_depr.c",
+                ],
+            "crypto/bn/bn_dh.o" =>
+                [
+                    "crypto/bn/bn_dh.c",
+                ],
+            "crypto/bn/bn_div.o" =>
+                [
+                    "crypto/bn/bn_div.c",
+                ],
+            "crypto/bn/bn_err.o" =>
+                [
+                    "crypto/bn/bn_err.c",
+                ],
+            "crypto/bn/bn_exp.o" =>
+                [
+                    "crypto/bn/bn_exp.c",
+                ],
+            "crypto/bn/bn_exp2.o" =>
+                [
+                    "crypto/bn/bn_exp2.c",
+                ],
+            "crypto/bn/bn_gcd.o" =>
+                [
+                    "crypto/bn/bn_gcd.c",
+                ],
+            "crypto/bn/bn_gf2m.o" =>
+                [
+                    "crypto/bn/bn_gf2m.c",
+                ],
+            "crypto/bn/bn_intern.o" =>
+                [
+                    "crypto/bn/bn_intern.c",
+                ],
+            "crypto/bn/bn_kron.o" =>
+                [
+                    "crypto/bn/bn_kron.c",
+                ],
+            "crypto/bn/bn_lib.o" =>
+                [
+                    "crypto/bn/bn_lib.c",
+                ],
+            "crypto/bn/bn_mod.o" =>
+                [
+                    "crypto/bn/bn_mod.c",
+                ],
+            "crypto/bn/bn_mont.o" =>
+                [
+                    "crypto/bn/bn_mont.c",
+                ],
+            "crypto/bn/bn_mpi.o" =>
+                [
+                    "crypto/bn/bn_mpi.c",
+                ],
+            "crypto/bn/bn_mul.o" =>
+                [
+                    "crypto/bn/bn_mul.c",
+                ],
+            "crypto/bn/bn_nist.o" =>
+                [
+                    "crypto/bn/bn_nist.c",
+                ],
+            "crypto/bn/bn_prime.o" =>
+                [
+                    "crypto/bn/bn_prime.c",
+                ],
+            "crypto/bn/bn_print.o" =>
+                [
+                    "crypto/bn/bn_print.c",
+                ],
+            "crypto/bn/bn_rand.o" =>
+                [
+                    "crypto/bn/bn_rand.c",
+                ],
+            "crypto/bn/bn_recp.o" =>
+                [
+                    "crypto/bn/bn_recp.c",
+                ],
+            "crypto/bn/bn_shift.o" =>
+                [
+                    "crypto/bn/bn_shift.c",
+                ],
+            "crypto/bn/bn_sqr.o" =>
+                [
+                    "crypto/bn/bn_sqr.c",
+                ],
+            "crypto/bn/bn_sqrt.o" =>
+                [
+                    "crypto/bn/bn_sqrt.c",
+                ],
+            "crypto/bn/bn_srp.o" =>
+                [
+                    "crypto/bn/bn_srp.c",
+                ],
+            "crypto/bn/bn_word.o" =>
+                [
+                    "crypto/bn/bn_word.c",
+                ],
+            "crypto/bn/bn_x931p.o" =>
+                [
+                    "crypto/bn/bn_x931p.c",
+                ],
+            "crypto/bn/mips-mont.o" =>
+                [
+                    "crypto/bn/mips-mont.S",
+                ],
+            "crypto/buffer/buf_err.o" =>
+                [
+                    "crypto/buffer/buf_err.c",
+                ],
+            "crypto/buffer/buffer.o" =>
+                [
+                    "crypto/buffer/buffer.c",
+                ],
+            "crypto/camellia/camellia.o" =>
+                [
+                    "crypto/camellia/camellia.c",
+                ],
+            "crypto/camellia/cmll_cbc.o" =>
+                [
+                    "crypto/camellia/cmll_cbc.c",
+                ],
+            "crypto/camellia/cmll_cfb.o" =>
+                [
+                    "crypto/camellia/cmll_cfb.c",
+                ],
+            "crypto/camellia/cmll_ctr.o" =>
+                [
+                    "crypto/camellia/cmll_ctr.c",
+                ],
+            "crypto/camellia/cmll_ecb.o" =>
+                [
+                    "crypto/camellia/cmll_ecb.c",
+                ],
+            "crypto/camellia/cmll_misc.o" =>
+                [
+                    "crypto/camellia/cmll_misc.c",
+                ],
+            "crypto/camellia/cmll_ofb.o" =>
+                [
+                    "crypto/camellia/cmll_ofb.c",
+                ],
+            "crypto/cast/c_cfb64.o" =>
+                [
+                    "crypto/cast/c_cfb64.c",
+                ],
+            "crypto/cast/c_ecb.o" =>
+                [
+                    "crypto/cast/c_ecb.c",
+                ],
+            "crypto/cast/c_enc.o" =>
+                [
+                    "crypto/cast/c_enc.c",
+                ],
+            "crypto/cast/c_ofb64.o" =>
+                [
+                    "crypto/cast/c_ofb64.c",
+                ],
+            "crypto/cast/c_skey.o" =>
+                [
+                    "crypto/cast/c_skey.c",
+                ],
+            "crypto/chacha/chacha_enc.o" =>
+                [
+                    "crypto/chacha/chacha_enc.c",
+                ],
+            "crypto/cmac/cm_ameth.o" =>
+                [
+                    "crypto/cmac/cm_ameth.c",
+                ],
+            "crypto/cmac/cm_pmeth.o" =>
+                [
+                    "crypto/cmac/cm_pmeth.c",
+                ],
+            "crypto/cmac/cmac.o" =>
+                [
+                    "crypto/cmac/cmac.c",
+                ],
+            "crypto/cms/cms_asn1.o" =>
+                [
+                    "crypto/cms/cms_asn1.c",
+                ],
+            "crypto/cms/cms_att.o" =>
+                [
+                    "crypto/cms/cms_att.c",
+                ],
+            "crypto/cms/cms_cd.o" =>
+                [
+                    "crypto/cms/cms_cd.c",
+                ],
+            "crypto/cms/cms_dd.o" =>
+                [
+                    "crypto/cms/cms_dd.c",
+                ],
+            "crypto/cms/cms_enc.o" =>
+                [
+                    "crypto/cms/cms_enc.c",
+                ],
+            "crypto/cms/cms_env.o" =>
+                [
+                    "crypto/cms/cms_env.c",
+                ],
+            "crypto/cms/cms_err.o" =>
+                [
+                    "crypto/cms/cms_err.c",
+                ],
+            "crypto/cms/cms_ess.o" =>
+                [
+                    "crypto/cms/cms_ess.c",
+                ],
+            "crypto/cms/cms_io.o" =>
+                [
+                    "crypto/cms/cms_io.c",
+                ],
+            "crypto/cms/cms_kari.o" =>
+                [
+                    "crypto/cms/cms_kari.c",
+                ],
+            "crypto/cms/cms_lib.o" =>
+                [
+                    "crypto/cms/cms_lib.c",
+                ],
+            "crypto/cms/cms_pwri.o" =>
+                [
+                    "crypto/cms/cms_pwri.c",
+                ],
+            "crypto/cms/cms_sd.o" =>
+                [
+                    "crypto/cms/cms_sd.c",
+                ],
+            "crypto/cms/cms_smime.o" =>
+                [
+                    "crypto/cms/cms_smime.c",
+                ],
+            "crypto/conf/conf_api.o" =>
+                [
+                    "crypto/conf/conf_api.c",
+                ],
+            "crypto/conf/conf_def.o" =>
+                [
+                    "crypto/conf/conf_def.c",
+                ],
+            "crypto/conf/conf_err.o" =>
+                [
+                    "crypto/conf/conf_err.c",
+                ],
+            "crypto/conf/conf_lib.o" =>
+                [
+                    "crypto/conf/conf_lib.c",
+                ],
+            "crypto/conf/conf_mall.o" =>
+                [
+                    "crypto/conf/conf_mall.c",
+                ],
+            "crypto/conf/conf_mod.o" =>
+                [
+                    "crypto/conf/conf_mod.c",
+                ],
+            "crypto/conf/conf_sap.o" =>
+                [
+                    "crypto/conf/conf_sap.c",
+                ],
+            "crypto/conf/conf_ssl.o" =>
+                [
+                    "crypto/conf/conf_ssl.c",
+                ],
+            "crypto/cpt_err.o" =>
+                [
+                    "crypto/cpt_err.c",
+                ],
+            "crypto/cryptlib.o" =>
+                [
+                    "crypto/cryptlib.c",
+                ],
+            "crypto/ct/ct_b64.o" =>
+                [
+                    "crypto/ct/ct_b64.c",
+                ],
+            "crypto/ct/ct_err.o" =>
+                [
+                    "crypto/ct/ct_err.c",
+                ],
+            "crypto/ct/ct_log.o" =>
+                [
+                    "crypto/ct/ct_log.c",
+                ],
+            "crypto/ct/ct_oct.o" =>
+                [
+                    "crypto/ct/ct_oct.c",
+                ],
+            "crypto/ct/ct_policy.o" =>
+                [
+                    "crypto/ct/ct_policy.c",
+                ],
+            "crypto/ct/ct_prn.o" =>
+                [
+                    "crypto/ct/ct_prn.c",
+                ],
+            "crypto/ct/ct_sct.o" =>
+                [
+                    "crypto/ct/ct_sct.c",
+                ],
+            "crypto/ct/ct_sct_ctx.o" =>
+                [
+                    "crypto/ct/ct_sct_ctx.c",
+                ],
+            "crypto/ct/ct_vfy.o" =>
+                [
+                    "crypto/ct/ct_vfy.c",
+                ],
+            "crypto/ct/ct_x509v3.o" =>
+                [
+                    "crypto/ct/ct_x509v3.c",
+                ],
+            "crypto/ctype.o" =>
+                [
+                    "crypto/ctype.c",
+                ],
+            "crypto/cversion.o" =>
+                [
+                    "crypto/cversion.c",
+                ],
+            "crypto/des/cbc_cksm.o" =>
+                [
+                    "crypto/des/cbc_cksm.c",
+                ],
+            "crypto/des/cbc_enc.o" =>
+                [
+                    "crypto/des/cbc_enc.c",
+                ],
+            "crypto/des/cfb64ede.o" =>
+                [
+                    "crypto/des/cfb64ede.c",
+                ],
+            "crypto/des/cfb64enc.o" =>
+                [
+                    "crypto/des/cfb64enc.c",
+                ],
+            "crypto/des/cfb_enc.o" =>
+                [
+                    "crypto/des/cfb_enc.c",
+                ],
+            "crypto/des/des_enc.o" =>
+                [
+                    "crypto/des/des_enc.c",
+                ],
+            "crypto/des/ecb3_enc.o" =>
+                [
+                    "crypto/des/ecb3_enc.c",
+                ],
+            "crypto/des/ecb_enc.o" =>
+                [
+                    "crypto/des/ecb_enc.c",
+                ],
+            "crypto/des/fcrypt.o" =>
+                [
+                    "crypto/des/fcrypt.c",
+                ],
+            "crypto/des/fcrypt_b.o" =>
+                [
+                    "crypto/des/fcrypt_b.c",
+                ],
+            "crypto/des/ofb64ede.o" =>
+                [
+                    "crypto/des/ofb64ede.c",
+                ],
+            "crypto/des/ofb64enc.o" =>
+                [
+                    "crypto/des/ofb64enc.c",
+                ],
+            "crypto/des/ofb_enc.o" =>
+                [
+                    "crypto/des/ofb_enc.c",
+                ],
+            "crypto/des/pcbc_enc.o" =>
+                [
+                    "crypto/des/pcbc_enc.c",
+                ],
+            "crypto/des/qud_cksm.o" =>
+                [
+                    "crypto/des/qud_cksm.c",
+                ],
+            "crypto/des/rand_key.o" =>
+                [
+                    "crypto/des/rand_key.c",
+                ],
+            "crypto/des/set_key.o" =>
+                [
+                    "crypto/des/set_key.c",
+                ],
+            "crypto/des/str2key.o" =>
+                [
+                    "crypto/des/str2key.c",
+                ],
+            "crypto/des/xcbc_enc.o" =>
+                [
+                    "crypto/des/xcbc_enc.c",
+                ],
+            "crypto/dh/dh_ameth.o" =>
+                [
+                    "crypto/dh/dh_ameth.c",
+                ],
+            "crypto/dh/dh_asn1.o" =>
+                [
+                    "crypto/dh/dh_asn1.c",
+                ],
+            "crypto/dh/dh_check.o" =>
+                [
+                    "crypto/dh/dh_check.c",
+                ],
+            "crypto/dh/dh_depr.o" =>
+                [
+                    "crypto/dh/dh_depr.c",
+                ],
+            "crypto/dh/dh_err.o" =>
+                [
+                    "crypto/dh/dh_err.c",
+                ],
+            "crypto/dh/dh_gen.o" =>
+                [
+                    "crypto/dh/dh_gen.c",
+                ],
+            "crypto/dh/dh_kdf.o" =>
+                [
+                    "crypto/dh/dh_kdf.c",
+                ],
+            "crypto/dh/dh_key.o" =>
+                [
+                    "crypto/dh/dh_key.c",
+                ],
+            "crypto/dh/dh_lib.o" =>
+                [
+                    "crypto/dh/dh_lib.c",
+                ],
+            "crypto/dh/dh_meth.o" =>
+                [
+                    "crypto/dh/dh_meth.c",
+                ],
+            "crypto/dh/dh_pmeth.o" =>
+                [
+                    "crypto/dh/dh_pmeth.c",
+                ],
+            "crypto/dh/dh_prn.o" =>
+                [
+                    "crypto/dh/dh_prn.c",
+                ],
+            "crypto/dh/dh_rfc5114.o" =>
+                [
+                    "crypto/dh/dh_rfc5114.c",
+                ],
+            "crypto/dh/dh_rfc7919.o" =>
+                [
+                    "crypto/dh/dh_rfc7919.c",
+                ],
+            "crypto/dsa/dsa_ameth.o" =>
+                [
+                    "crypto/dsa/dsa_ameth.c",
+                ],
+            "crypto/dsa/dsa_asn1.o" =>
+                [
+                    "crypto/dsa/dsa_asn1.c",
+                ],
+            "crypto/dsa/dsa_depr.o" =>
+                [
+                    "crypto/dsa/dsa_depr.c",
+                ],
+            "crypto/dsa/dsa_err.o" =>
+                [
+                    "crypto/dsa/dsa_err.c",
+                ],
+            "crypto/dsa/dsa_gen.o" =>
+                [
+                    "crypto/dsa/dsa_gen.c",
+                ],
+            "crypto/dsa/dsa_key.o" =>
+                [
+                    "crypto/dsa/dsa_key.c",
+                ],
+            "crypto/dsa/dsa_lib.o" =>
+                [
+                    "crypto/dsa/dsa_lib.c",
+                ],
+            "crypto/dsa/dsa_meth.o" =>
+                [
+                    "crypto/dsa/dsa_meth.c",
+                ],
+            "crypto/dsa/dsa_ossl.o" =>
+                [
+                    "crypto/dsa/dsa_ossl.c",
+                ],
+            "crypto/dsa/dsa_pmeth.o" =>
+                [
+                    "crypto/dsa/dsa_pmeth.c",
+                ],
+            "crypto/dsa/dsa_prn.o" =>
+                [
+                    "crypto/dsa/dsa_prn.c",
+                ],
+            "crypto/dsa/dsa_sign.o" =>
+                [
+                    "crypto/dsa/dsa_sign.c",
+                ],
+            "crypto/dsa/dsa_vrf.o" =>
+                [
+                    "crypto/dsa/dsa_vrf.c",
+                ],
+            "crypto/dso/dso_dl.o" =>
+                [
+                    "crypto/dso/dso_dl.c",
+                ],
+            "crypto/dso/dso_dlfcn.o" =>
+                [
+                    "crypto/dso/dso_dlfcn.c",
+                ],
+            "crypto/dso/dso_err.o" =>
+                [
+                    "crypto/dso/dso_err.c",
+                ],
+            "crypto/dso/dso_lib.o" =>
+                [
+                    "crypto/dso/dso_lib.c",
+                ],
+            "crypto/dso/dso_openssl.o" =>
+                [
+                    "crypto/dso/dso_openssl.c",
+                ],
+            "crypto/dso/dso_vms.o" =>
+                [
+                    "crypto/dso/dso_vms.c",
+                ],
+            "crypto/dso/dso_win32.o" =>
+                [
+                    "crypto/dso/dso_win32.c",
+                ],
+            "crypto/ebcdic.o" =>
+                [
+                    "crypto/ebcdic.c",
+                ],
+            "crypto/ec/curve25519.o" =>
+                [
+                    "crypto/ec/curve25519.c",
+                ],
+            "crypto/ec/curve448/arch_32/f_impl.o" =>
+                [
+                    "crypto/ec/curve448/arch_32/f_impl.c",
+                ],
+            "crypto/ec/curve448/curve448.o" =>
+                [
+                    "crypto/ec/curve448/curve448.c",
+                ],
+            "crypto/ec/curve448/curve448_tables.o" =>
+                [
+                    "crypto/ec/curve448/curve448_tables.c",
+                ],
+            "crypto/ec/curve448/eddsa.o" =>
+                [
+                    "crypto/ec/curve448/eddsa.c",
+                ],
+            "crypto/ec/curve448/f_generic.o" =>
+                [
+                    "crypto/ec/curve448/f_generic.c",
+                ],
+            "crypto/ec/curve448/scalar.o" =>
+                [
+                    "crypto/ec/curve448/scalar.c",
+                ],
+            "crypto/ec/ec2_oct.o" =>
+                [
+                    "crypto/ec/ec2_oct.c",
+                ],
+            "crypto/ec/ec2_smpl.o" =>
+                [
+                    "crypto/ec/ec2_smpl.c",
+                ],
+            "crypto/ec/ec_ameth.o" =>
+                [
+                    "crypto/ec/ec_ameth.c",
+                ],
+            "crypto/ec/ec_asn1.o" =>
+                [
+                    "crypto/ec/ec_asn1.c",
+                ],
+            "crypto/ec/ec_check.o" =>
+                [
+                    "crypto/ec/ec_check.c",
+                ],
+            "crypto/ec/ec_curve.o" =>
+                [
+                    "crypto/ec/ec_curve.c",
+                ],
+            "crypto/ec/ec_cvt.o" =>
+                [
+                    "crypto/ec/ec_cvt.c",
+                ],
+            "crypto/ec/ec_err.o" =>
+                [
+                    "crypto/ec/ec_err.c",
+                ],
+            "crypto/ec/ec_key.o" =>
+                [
+                    "crypto/ec/ec_key.c",
+                ],
+            "crypto/ec/ec_kmeth.o" =>
+                [
+                    "crypto/ec/ec_kmeth.c",
+                ],
+            "crypto/ec/ec_lib.o" =>
+                [
+                    "crypto/ec/ec_lib.c",
+                ],
+            "crypto/ec/ec_mult.o" =>
+                [
+                    "crypto/ec/ec_mult.c",
+                ],
+            "crypto/ec/ec_oct.o" =>
+                [
+                    "crypto/ec/ec_oct.c",
+                ],
+            "crypto/ec/ec_pmeth.o" =>
+                [
+                    "crypto/ec/ec_pmeth.c",
+                ],
+            "crypto/ec/ec_print.o" =>
+                [
+                    "crypto/ec/ec_print.c",
+                ],
+            "crypto/ec/ecdh_kdf.o" =>
+                [
+                    "crypto/ec/ecdh_kdf.c",
+                ],
+            "crypto/ec/ecdh_ossl.o" =>
+                [
+                    "crypto/ec/ecdh_ossl.c",
+                ],
+            "crypto/ec/ecdsa_ossl.o" =>
+                [
+                    "crypto/ec/ecdsa_ossl.c",
+                ],
+            "crypto/ec/ecdsa_sign.o" =>
+                [
+                    "crypto/ec/ecdsa_sign.c",
+                ],
+            "crypto/ec/ecdsa_vrf.o" =>
+                [
+                    "crypto/ec/ecdsa_vrf.c",
+                ],
+            "crypto/ec/eck_prn.o" =>
+                [
+                    "crypto/ec/eck_prn.c",
+                ],
+            "crypto/ec/ecp_mont.o" =>
+                [
+                    "crypto/ec/ecp_mont.c",
+                ],
+            "crypto/ec/ecp_nist.o" =>
+                [
+                    "crypto/ec/ecp_nist.c",
+                ],
+            "crypto/ec/ecp_nistp224.o" =>
+                [
+                    "crypto/ec/ecp_nistp224.c",
+                ],
+            "crypto/ec/ecp_nistp256.o" =>
+                [
+                    "crypto/ec/ecp_nistp256.c",
+                ],
+            "crypto/ec/ecp_nistp521.o" =>
+                [
+                    "crypto/ec/ecp_nistp521.c",
+                ],
+            "crypto/ec/ecp_nistputil.o" =>
+                [
+                    "crypto/ec/ecp_nistputil.c",
+                ],
+            "crypto/ec/ecp_oct.o" =>
+                [
+                    "crypto/ec/ecp_oct.c",
+                ],
+            "crypto/ec/ecp_smpl.o" =>
+                [
+                    "crypto/ec/ecp_smpl.c",
+                ],
+            "crypto/ec/ecx_meth.o" =>
+                [
+                    "crypto/ec/ecx_meth.c",
+                ],
+            "crypto/engine/eng_all.o" =>
+                [
+                    "crypto/engine/eng_all.c",
+                ],
+            "crypto/engine/eng_cnf.o" =>
+                [
+                    "crypto/engine/eng_cnf.c",
+                ],
+            "crypto/engine/eng_ctrl.o" =>
+                [
+                    "crypto/engine/eng_ctrl.c",
+                ],
+            "crypto/engine/eng_dyn.o" =>
+                [
+                    "crypto/engine/eng_dyn.c",
+                ],
+            "crypto/engine/eng_err.o" =>
+                [
+                    "crypto/engine/eng_err.c",
+                ],
+            "crypto/engine/eng_fat.o" =>
+                [
+                    "crypto/engine/eng_fat.c",
+                ],
+            "crypto/engine/eng_init.o" =>
+                [
+                    "crypto/engine/eng_init.c",
+                ],
+            "crypto/engine/eng_lib.o" =>
+                [
+                    "crypto/engine/eng_lib.c",
+                ],
+            "crypto/engine/eng_list.o" =>
+                [
+                    "crypto/engine/eng_list.c",
+                ],
+            "crypto/engine/eng_openssl.o" =>
+                [
+                    "crypto/engine/eng_openssl.c",
+                ],
+            "crypto/engine/eng_pkey.o" =>
+                [
+                    "crypto/engine/eng_pkey.c",
+                ],
+            "crypto/engine/eng_rdrand.o" =>
+                [
+                    "crypto/engine/eng_rdrand.c",
+                ],
+            "crypto/engine/eng_table.o" =>
+                [
+                    "crypto/engine/eng_table.c",
+                ],
+            "crypto/engine/tb_asnmth.o" =>
+                [
+                    "crypto/engine/tb_asnmth.c",
+                ],
+            "crypto/engine/tb_cipher.o" =>
+                [
+                    "crypto/engine/tb_cipher.c",
+                ],
+            "crypto/engine/tb_dh.o" =>
+                [
+                    "crypto/engine/tb_dh.c",
+                ],
+            "crypto/engine/tb_digest.o" =>
+                [
+                    "crypto/engine/tb_digest.c",
+                ],
+            "crypto/engine/tb_dsa.o" =>
+                [
+                    "crypto/engine/tb_dsa.c",
+                ],
+            "crypto/engine/tb_eckey.o" =>
+                [
+                    "crypto/engine/tb_eckey.c",
+                ],
+            "crypto/engine/tb_pkmeth.o" =>
+                [
+                    "crypto/engine/tb_pkmeth.c",
+                ],
+            "crypto/engine/tb_rand.o" =>
+                [
+                    "crypto/engine/tb_rand.c",
+                ],
+            "crypto/engine/tb_rsa.o" =>
+                [
+                    "crypto/engine/tb_rsa.c",
+                ],
+            "crypto/err/err.o" =>
+                [
+                    "crypto/err/err.c",
+                ],
+            "crypto/err/err_all.o" =>
+                [
+                    "crypto/err/err_all.c",
+                ],
+            "crypto/err/err_prn.o" =>
+                [
+                    "crypto/err/err_prn.c",
+                ],
+            "crypto/evp/bio_b64.o" =>
+                [
+                    "crypto/evp/bio_b64.c",
+                ],
+            "crypto/evp/bio_enc.o" =>
+                [
+                    "crypto/evp/bio_enc.c",
+                ],
+            "crypto/evp/bio_md.o" =>
+                [
+                    "crypto/evp/bio_md.c",
+                ],
+            "crypto/evp/bio_ok.o" =>
+                [
+                    "crypto/evp/bio_ok.c",
+                ],
+            "crypto/evp/c_allc.o" =>
+                [
+                    "crypto/evp/c_allc.c",
+                ],
+            "crypto/evp/c_alld.o" =>
+                [
+                    "crypto/evp/c_alld.c",
+                ],
+            "crypto/evp/cmeth_lib.o" =>
+                [
+                    "crypto/evp/cmeth_lib.c",
+                ],
+            "crypto/evp/digest.o" =>
+                [
+                    "crypto/evp/digest.c",
+                ],
+            "crypto/evp/e_aes.o" =>
+                [
+                    "crypto/evp/e_aes.c",
+                ],
+            "crypto/evp/e_aes_cbc_hmac_sha1.o" =>
+                [
+                    "crypto/evp/e_aes_cbc_hmac_sha1.c",
+                ],
+            "crypto/evp/e_aes_cbc_hmac_sha256.o" =>
+                [
+                    "crypto/evp/e_aes_cbc_hmac_sha256.c",
+                ],
+            "crypto/evp/e_aria.o" =>
+                [
+                    "crypto/evp/e_aria.c",
+                ],
+            "crypto/evp/e_bf.o" =>
+                [
+                    "crypto/evp/e_bf.c",
+                ],
+            "crypto/evp/e_camellia.o" =>
+                [
+                    "crypto/evp/e_camellia.c",
+                ],
+            "crypto/evp/e_cast.o" =>
+                [
+                    "crypto/evp/e_cast.c",
+                ],
+            "crypto/evp/e_chacha20_poly1305.o" =>
+                [
+                    "crypto/evp/e_chacha20_poly1305.c",
+                ],
+            "crypto/evp/e_des.o" =>
+                [
+                    "crypto/evp/e_des.c",
+                ],
+            "crypto/evp/e_des3.o" =>
+                [
+                    "crypto/evp/e_des3.c",
+                ],
+            "crypto/evp/e_idea.o" =>
+                [
+                    "crypto/evp/e_idea.c",
+                ],
+            "crypto/evp/e_null.o" =>
+                [
+                    "crypto/evp/e_null.c",
+                ],
+            "crypto/evp/e_old.o" =>
+                [
+                    "crypto/evp/e_old.c",
+                ],
+            "crypto/evp/e_rc2.o" =>
+                [
+                    "crypto/evp/e_rc2.c",
+                ],
+            "crypto/evp/e_rc4.o" =>
+                [
+                    "crypto/evp/e_rc4.c",
+                ],
+            "crypto/evp/e_rc4_hmac_md5.o" =>
+                [
+                    "crypto/evp/e_rc4_hmac_md5.c",
+                ],
+            "crypto/evp/e_rc5.o" =>
+                [
+                    "crypto/evp/e_rc5.c",
+                ],
+            "crypto/evp/e_seed.o" =>
+                [
+                    "crypto/evp/e_seed.c",
+                ],
+            "crypto/evp/e_sm4.o" =>
+                [
+                    "crypto/evp/e_sm4.c",
+                ],
+            "crypto/evp/e_xcbc_d.o" =>
+                [
+                    "crypto/evp/e_xcbc_d.c",
+                ],
+            "crypto/evp/encode.o" =>
+                [
+                    "crypto/evp/encode.c",
+                ],
+            "crypto/evp/evp_cnf.o" =>
+                [
+                    "crypto/evp/evp_cnf.c",
+                ],
+            "crypto/evp/evp_enc.o" =>
+                [
+                    "crypto/evp/evp_enc.c",
+                ],
+            "crypto/evp/evp_err.o" =>
+                [
+                    "crypto/evp/evp_err.c",
+                ],
+            "crypto/evp/evp_key.o" =>
+                [
+                    "crypto/evp/evp_key.c",
+                ],
+            "crypto/evp/evp_lib.o" =>
+                [
+                    "crypto/evp/evp_lib.c",
+                ],
+            "crypto/evp/evp_pbe.o" =>
+                [
+                    "crypto/evp/evp_pbe.c",
+                ],
+            "crypto/evp/evp_pkey.o" =>
+                [
+                    "crypto/evp/evp_pkey.c",
+                ],
+            "crypto/evp/m_md2.o" =>
+                [
+                    "crypto/evp/m_md2.c",
+                ],
+            "crypto/evp/m_md4.o" =>
+                [
+                    "crypto/evp/m_md4.c",
+                ],
+            "crypto/evp/m_md5.o" =>
+                [
+                    "crypto/evp/m_md5.c",
+                ],
+            "crypto/evp/m_md5_sha1.o" =>
+                [
+                    "crypto/evp/m_md5_sha1.c",
+                ],
+            "crypto/evp/m_mdc2.o" =>
+                [
+                    "crypto/evp/m_mdc2.c",
+                ],
+            "crypto/evp/m_null.o" =>
+                [
+                    "crypto/evp/m_null.c",
+                ],
+            "crypto/evp/m_ripemd.o" =>
+                [
+                    "crypto/evp/m_ripemd.c",
+                ],
+            "crypto/evp/m_sha1.o" =>
+                [
+                    "crypto/evp/m_sha1.c",
+                ],
+            "crypto/evp/m_sha3.o" =>
+                [
+                    "crypto/evp/m_sha3.c",
+                ],
+            "crypto/evp/m_sigver.o" =>
+                [
+                    "crypto/evp/m_sigver.c",
+                ],
+            "crypto/evp/m_wp.o" =>
+                [
+                    "crypto/evp/m_wp.c",
+                ],
+            "crypto/evp/names.o" =>
+                [
+                    "crypto/evp/names.c",
+                ],
+            "crypto/evp/p5_crpt.o" =>
+                [
+                    "crypto/evp/p5_crpt.c",
+                ],
+            "crypto/evp/p5_crpt2.o" =>
+                [
+                    "crypto/evp/p5_crpt2.c",
+                ],
+            "crypto/evp/p_dec.o" =>
+                [
+                    "crypto/evp/p_dec.c",
+                ],
+            "crypto/evp/p_enc.o" =>
+                [
+                    "crypto/evp/p_enc.c",
+                ],
+            "crypto/evp/p_lib.o" =>
+                [
+                    "crypto/evp/p_lib.c",
+                ],
+            "crypto/evp/p_open.o" =>
+                [
+                    "crypto/evp/p_open.c",
+                ],
+            "crypto/evp/p_seal.o" =>
+                [
+                    "crypto/evp/p_seal.c",
+                ],
+            "crypto/evp/p_sign.o" =>
+                [
+                    "crypto/evp/p_sign.c",
+                ],
+            "crypto/evp/p_verify.o" =>
+                [
+                    "crypto/evp/p_verify.c",
+                ],
+            "crypto/evp/pbe_scrypt.o" =>
+                [
+                    "crypto/evp/pbe_scrypt.c",
+                ],
+            "crypto/evp/pmeth_fn.o" =>
+                [
+                    "crypto/evp/pmeth_fn.c",
+                ],
+            "crypto/evp/pmeth_gn.o" =>
+                [
+                    "crypto/evp/pmeth_gn.c",
+                ],
+            "crypto/evp/pmeth_lib.o" =>
+                [
+                    "crypto/evp/pmeth_lib.c",
+                ],
+            "crypto/ex_data.o" =>
+                [
+                    "crypto/ex_data.c",
+                ],
+            "crypto/getenv.o" =>
+                [
+                    "crypto/getenv.c",
+                ],
+            "crypto/hmac/hm_ameth.o" =>
+                [
+                    "crypto/hmac/hm_ameth.c",
+                ],
+            "crypto/hmac/hm_pmeth.o" =>
+                [
+                    "crypto/hmac/hm_pmeth.c",
+                ],
+            "crypto/hmac/hmac.o" =>
+                [
+                    "crypto/hmac/hmac.c",
+                ],
+            "crypto/idea/i_cbc.o" =>
+                [
+                    "crypto/idea/i_cbc.c",
+                ],
+            "crypto/idea/i_cfb64.o" =>
+                [
+                    "crypto/idea/i_cfb64.c",
+                ],
+            "crypto/idea/i_ecb.o" =>
+                [
+                    "crypto/idea/i_ecb.c",
+                ],
+            "crypto/idea/i_ofb64.o" =>
+                [
+                    "crypto/idea/i_ofb64.c",
+                ],
+            "crypto/idea/i_skey.o" =>
+                [
+                    "crypto/idea/i_skey.c",
+                ],
+            "crypto/init.o" =>
+                [
+                    "crypto/init.c",
+                ],
+            "crypto/kdf/hkdf.o" =>
+                [
+                    "crypto/kdf/hkdf.c",
+                ],
+            "crypto/kdf/kdf_err.o" =>
+                [
+                    "crypto/kdf/kdf_err.c",
+                ],
+            "crypto/kdf/scrypt.o" =>
+                [
+                    "crypto/kdf/scrypt.c",
+                ],
+            "crypto/kdf/tls1_prf.o" =>
+                [
+                    "crypto/kdf/tls1_prf.c",
+                ],
+            "crypto/lhash/lh_stats.o" =>
+                [
+                    "crypto/lhash/lh_stats.c",
+                ],
+            "crypto/lhash/lhash.o" =>
+                [
+                    "crypto/lhash/lhash.c",
+                ],
+            "crypto/md4/md4_dgst.o" =>
+                [
+                    "crypto/md4/md4_dgst.c",
+                ],
+            "crypto/md4/md4_one.o" =>
+                [
+                    "crypto/md4/md4_one.c",
+                ],
+            "crypto/md5/md5_dgst.o" =>
+                [
+                    "crypto/md5/md5_dgst.c",
+                ],
+            "crypto/md5/md5_one.o" =>
+                [
+                    "crypto/md5/md5_one.c",
+                ],
+            "crypto/mdc2/mdc2_one.o" =>
+                [
+                    "crypto/mdc2/mdc2_one.c",
+                ],
+            "crypto/mdc2/mdc2dgst.o" =>
+                [
+                    "crypto/mdc2/mdc2dgst.c",
+                ],
+            "crypto/mem.o" =>
+                [
+                    "crypto/mem.c",
+                ],
+            "crypto/mem_clr.o" =>
+                [
+                    "crypto/mem_clr.c",
+                ],
+            "crypto/mem_dbg.o" =>
+                [
+                    "crypto/mem_dbg.c",
+                ],
+            "crypto/mem_sec.o" =>
+                [
+                    "crypto/mem_sec.c",
+                ],
+            "crypto/modes/cbc128.o" =>
+                [
+                    "crypto/modes/cbc128.c",
+                ],
+            "crypto/modes/ccm128.o" =>
+                [
+                    "crypto/modes/ccm128.c",
+                ],
+            "crypto/modes/cfb128.o" =>
+                [
+                    "crypto/modes/cfb128.c",
+                ],
+            "crypto/modes/ctr128.o" =>
+                [
+                    "crypto/modes/ctr128.c",
+                ],
+            "crypto/modes/cts128.o" =>
+                [
+                    "crypto/modes/cts128.c",
+                ],
+            "crypto/modes/gcm128.o" =>
+                [
+                    "crypto/modes/gcm128.c",
+                ],
+            "crypto/modes/ocb128.o" =>
+                [
+                    "crypto/modes/ocb128.c",
+                ],
+            "crypto/modes/ofb128.o" =>
+                [
+                    "crypto/modes/ofb128.c",
+                ],
+            "crypto/modes/wrap128.o" =>
+                [
+                    "crypto/modes/wrap128.c",
+                ],
+            "crypto/modes/xts128.o" =>
+                [
+                    "crypto/modes/xts128.c",
+                ],
+            "crypto/o_dir.o" =>
+                [
+                    "crypto/o_dir.c",
+                ],
+            "crypto/o_fips.o" =>
+                [
+                    "crypto/o_fips.c",
+                ],
+            "crypto/o_fopen.o" =>
+                [
+                    "crypto/o_fopen.c",
+                ],
+            "crypto/o_init.o" =>
+                [
+                    "crypto/o_init.c",
+                ],
+            "crypto/o_str.o" =>
+                [
+                    "crypto/o_str.c",
+                ],
+            "crypto/o_time.o" =>
+                [
+                    "crypto/o_time.c",
+                ],
+            "crypto/objects/o_names.o" =>
+                [
+                    "crypto/objects/o_names.c",
+                ],
+            "crypto/objects/obj_dat.o" =>
+                [
+                    "crypto/objects/obj_dat.c",
+                ],
+            "crypto/objects/obj_err.o" =>
+                [
+                    "crypto/objects/obj_err.c",
+                ],
+            "crypto/objects/obj_lib.o" =>
+                [
+                    "crypto/objects/obj_lib.c",
+                ],
+            "crypto/objects/obj_xref.o" =>
+                [
+                    "crypto/objects/obj_xref.c",
+                ],
+            "crypto/ocsp/ocsp_asn.o" =>
+                [
+                    "crypto/ocsp/ocsp_asn.c",
+                ],
+            "crypto/ocsp/ocsp_cl.o" =>
+                [
+                    "crypto/ocsp/ocsp_cl.c",
+                ],
+            "crypto/ocsp/ocsp_err.o" =>
+                [
+                    "crypto/ocsp/ocsp_err.c",
+                ],
+            "crypto/ocsp/ocsp_ext.o" =>
+                [
+                    "crypto/ocsp/ocsp_ext.c",
+                ],
+            "crypto/ocsp/ocsp_ht.o" =>
+                [
+                    "crypto/ocsp/ocsp_ht.c",
+                ],
+            "crypto/ocsp/ocsp_lib.o" =>
+                [
+                    "crypto/ocsp/ocsp_lib.c",
+                ],
+            "crypto/ocsp/ocsp_prn.o" =>
+                [
+                    "crypto/ocsp/ocsp_prn.c",
+                ],
+            "crypto/ocsp/ocsp_srv.o" =>
+                [
+                    "crypto/ocsp/ocsp_srv.c",
+                ],
+            "crypto/ocsp/ocsp_vfy.o" =>
+                [
+                    "crypto/ocsp/ocsp_vfy.c",
+                ],
+            "crypto/ocsp/v3_ocsp.o" =>
+                [
+                    "crypto/ocsp/v3_ocsp.c",
+                ],
+            "crypto/pem/pem_all.o" =>
+                [
+                    "crypto/pem/pem_all.c",
+                ],
+            "crypto/pem/pem_err.o" =>
+                [
+                    "crypto/pem/pem_err.c",
+                ],
+            "crypto/pem/pem_info.o" =>
+                [
+                    "crypto/pem/pem_info.c",
+                ],
+            "crypto/pem/pem_lib.o" =>
+                [
+                    "crypto/pem/pem_lib.c",
+                ],
+            "crypto/pem/pem_oth.o" =>
+                [
+                    "crypto/pem/pem_oth.c",
+                ],
+            "crypto/pem/pem_pk8.o" =>
+                [
+                    "crypto/pem/pem_pk8.c",
+                ],
+            "crypto/pem/pem_pkey.o" =>
+                [
+                    "crypto/pem/pem_pkey.c",
+                ],
+            "crypto/pem/pem_sign.o" =>
+                [
+                    "crypto/pem/pem_sign.c",
+                ],
+            "crypto/pem/pem_x509.o" =>
+                [
+                    "crypto/pem/pem_x509.c",
+                ],
+            "crypto/pem/pem_xaux.o" =>
+                [
+                    "crypto/pem/pem_xaux.c",
+                ],
+            "crypto/pem/pvkfmt.o" =>
+                [
+                    "crypto/pem/pvkfmt.c",
+                ],
+            "crypto/pkcs12/p12_add.o" =>
+                [
+                    "crypto/pkcs12/p12_add.c",
+                ],
+            "crypto/pkcs12/p12_asn.o" =>
+                [
+                    "crypto/pkcs12/p12_asn.c",
+                ],
+            "crypto/pkcs12/p12_attr.o" =>
+                [
+                    "crypto/pkcs12/p12_attr.c",
+                ],
+            "crypto/pkcs12/p12_crpt.o" =>
+                [
+                    "crypto/pkcs12/p12_crpt.c",
+                ],
+            "crypto/pkcs12/p12_crt.o" =>
+                [
+                    "crypto/pkcs12/p12_crt.c",
+                ],
+            "crypto/pkcs12/p12_decr.o" =>
+                [
+                    "crypto/pkcs12/p12_decr.c",
+                ],
+            "crypto/pkcs12/p12_init.o" =>
+                [
+                    "crypto/pkcs12/p12_init.c",
+                ],
+            "crypto/pkcs12/p12_key.o" =>
+                [
+                    "crypto/pkcs12/p12_key.c",
+                ],
+            "crypto/pkcs12/p12_kiss.o" =>
+                [
+                    "crypto/pkcs12/p12_kiss.c",
+                ],
+            "crypto/pkcs12/p12_mutl.o" =>
+                [
+                    "crypto/pkcs12/p12_mutl.c",
+                ],
+            "crypto/pkcs12/p12_npas.o" =>
+                [
+                    "crypto/pkcs12/p12_npas.c",
+                ],
+            "crypto/pkcs12/p12_p8d.o" =>
+                [
+                    "crypto/pkcs12/p12_p8d.c",
+                ],
+            "crypto/pkcs12/p12_p8e.o" =>
+                [
+                    "crypto/pkcs12/p12_p8e.c",
+                ],
+            "crypto/pkcs12/p12_sbag.o" =>
+                [
+                    "crypto/pkcs12/p12_sbag.c",
+                ],
+            "crypto/pkcs12/p12_utl.o" =>
+                [
+                    "crypto/pkcs12/p12_utl.c",
+                ],
+            "crypto/pkcs12/pk12err.o" =>
+                [
+                    "crypto/pkcs12/pk12err.c",
+                ],
+            "crypto/pkcs7/bio_pk7.o" =>
+                [
+                    "crypto/pkcs7/bio_pk7.c",
+                ],
+            "crypto/pkcs7/pk7_asn1.o" =>
+                [
+                    "crypto/pkcs7/pk7_asn1.c",
+                ],
+            "crypto/pkcs7/pk7_attr.o" =>
+                [
+                    "crypto/pkcs7/pk7_attr.c",
+                ],
+            "crypto/pkcs7/pk7_doit.o" =>
+                [
+                    "crypto/pkcs7/pk7_doit.c",
+                ],
+            "crypto/pkcs7/pk7_lib.o" =>
+                [
+                    "crypto/pkcs7/pk7_lib.c",
+                ],
+            "crypto/pkcs7/pk7_mime.o" =>
+                [
+                    "crypto/pkcs7/pk7_mime.c",
+                ],
+            "crypto/pkcs7/pk7_smime.o" =>
+                [
+                    "crypto/pkcs7/pk7_smime.c",
+                ],
+            "crypto/pkcs7/pkcs7err.o" =>
+                [
+                    "crypto/pkcs7/pkcs7err.c",
+                ],
+            "crypto/poly1305/poly1305-mips.o" =>
+                [
+                    "crypto/poly1305/poly1305-mips.S",
+                ],
+            "crypto/poly1305/poly1305.o" =>
+                [
+                    "crypto/poly1305/poly1305.c",
+                ],
+            "crypto/poly1305/poly1305_ameth.o" =>
+                [
+                    "crypto/poly1305/poly1305_ameth.c",
+                ],
+            "crypto/poly1305/poly1305_pmeth.o" =>
+                [
+                    "crypto/poly1305/poly1305_pmeth.c",
+                ],
+            "crypto/rand/drbg_ctr.o" =>
+                [
+                    "crypto/rand/drbg_ctr.c",
+                ],
+            "crypto/rand/drbg_lib.o" =>
+                [
+                    "crypto/rand/drbg_lib.c",
+                ],
+            "crypto/rand/rand_egd.o" =>
+                [
+                    "crypto/rand/rand_egd.c",
+                ],
+            "crypto/rand/rand_err.o" =>
+                [
+                    "crypto/rand/rand_err.c",
+                ],
+            "crypto/rand/rand_lib.o" =>
+                [
+                    "crypto/rand/rand_lib.c",
+                ],
+            "crypto/rand/rand_unix.o" =>
+                [
+                    "crypto/rand/rand_unix.c",
+                ],
+            "crypto/rand/rand_vms.o" =>
+                [
+                    "crypto/rand/rand_vms.c",
+                ],
+            "crypto/rand/rand_win.o" =>
+                [
+                    "crypto/rand/rand_win.c",
+                ],
+            "crypto/rand/randfile.o" =>
+                [
+                    "crypto/rand/randfile.c",
+                ],
+            "crypto/rc2/rc2_cbc.o" =>
+                [
+                    "crypto/rc2/rc2_cbc.c",
+                ],
+            "crypto/rc2/rc2_ecb.o" =>
+                [
+                    "crypto/rc2/rc2_ecb.c",
+                ],
+            "crypto/rc2/rc2_skey.o" =>
+                [
+                    "crypto/rc2/rc2_skey.c",
+                ],
+            "crypto/rc2/rc2cfb64.o" =>
+                [
+                    "crypto/rc2/rc2cfb64.c",
+                ],
+            "crypto/rc2/rc2ofb64.o" =>
+                [
+                    "crypto/rc2/rc2ofb64.c",
+                ],
+            "crypto/rc4/rc4_enc.o" =>
+                [
+                    "crypto/rc4/rc4_enc.c",
+                ],
+            "crypto/rc4/rc4_skey.o" =>
+                [
+                    "crypto/rc4/rc4_skey.c",
+                ],
+            "crypto/ripemd/rmd_dgst.o" =>
+                [
+                    "crypto/ripemd/rmd_dgst.c",
+                ],
+            "crypto/ripemd/rmd_one.o" =>
+                [
+                    "crypto/ripemd/rmd_one.c",
+                ],
+            "crypto/rsa/rsa_ameth.o" =>
+                [
+                    "crypto/rsa/rsa_ameth.c",
+                ],
+            "crypto/rsa/rsa_asn1.o" =>
+                [
+                    "crypto/rsa/rsa_asn1.c",
+                ],
+            "crypto/rsa/rsa_chk.o" =>
+                [
+                    "crypto/rsa/rsa_chk.c",
+                ],
+            "crypto/rsa/rsa_crpt.o" =>
+                [
+                    "crypto/rsa/rsa_crpt.c",
+                ],
+            "crypto/rsa/rsa_depr.o" =>
+                [
+                    "crypto/rsa/rsa_depr.c",
+                ],
+            "crypto/rsa/rsa_err.o" =>
+                [
+                    "crypto/rsa/rsa_err.c",
+                ],
+            "crypto/rsa/rsa_gen.o" =>
+                [
+                    "crypto/rsa/rsa_gen.c",
+                ],
+            "crypto/rsa/rsa_lib.o" =>
+                [
+                    "crypto/rsa/rsa_lib.c",
+                ],
+            "crypto/rsa/rsa_meth.o" =>
+                [
+                    "crypto/rsa/rsa_meth.c",
+                ],
+            "crypto/rsa/rsa_mp.o" =>
+                [
+                    "crypto/rsa/rsa_mp.c",
+                ],
+            "crypto/rsa/rsa_none.o" =>
+                [
+                    "crypto/rsa/rsa_none.c",
+                ],
+            "crypto/rsa/rsa_oaep.o" =>
+                [
+                    "crypto/rsa/rsa_oaep.c",
+                ],
+            "crypto/rsa/rsa_ossl.o" =>
+                [
+                    "crypto/rsa/rsa_ossl.c",
+                ],
+            "crypto/rsa/rsa_pk1.o" =>
+                [
+                    "crypto/rsa/rsa_pk1.c",
+                ],
+            "crypto/rsa/rsa_pmeth.o" =>
+                [
+                    "crypto/rsa/rsa_pmeth.c",
+                ],
+            "crypto/rsa/rsa_prn.o" =>
+                [
+                    "crypto/rsa/rsa_prn.c",
+                ],
+            "crypto/rsa/rsa_pss.o" =>
+                [
+                    "crypto/rsa/rsa_pss.c",
+                ],
+            "crypto/rsa/rsa_saos.o" =>
+                [
+                    "crypto/rsa/rsa_saos.c",
+                ],
+            "crypto/rsa/rsa_sign.o" =>
+                [
+                    "crypto/rsa/rsa_sign.c",
+                ],
+            "crypto/rsa/rsa_ssl.o" =>
+                [
+                    "crypto/rsa/rsa_ssl.c",
+                ],
+            "crypto/rsa/rsa_x931.o" =>
+                [
+                    "crypto/rsa/rsa_x931.c",
+                ],
+            "crypto/rsa/rsa_x931g.o" =>
+                [
+                    "crypto/rsa/rsa_x931g.c",
+                ],
+            "crypto/seed/seed.o" =>
+                [
+                    "crypto/seed/seed.c",
+                ],
+            "crypto/seed/seed_cbc.o" =>
+                [
+                    "crypto/seed/seed_cbc.c",
+                ],
+            "crypto/seed/seed_cfb.o" =>
+                [
+                    "crypto/seed/seed_cfb.c",
+                ],
+            "crypto/seed/seed_ecb.o" =>
+                [
+                    "crypto/seed/seed_ecb.c",
+                ],
+            "crypto/seed/seed_ofb.o" =>
+                [
+                    "crypto/seed/seed_ofb.c",
+                ],
+            "crypto/sha/keccak1600.o" =>
+                [
+                    "crypto/sha/keccak1600.c",
+                ],
+            "crypto/sha/sha1-mips.o" =>
+                [
+                    "crypto/sha/sha1-mips.S",
+                ],
+            "crypto/sha/sha1_one.o" =>
+                [
+                    "crypto/sha/sha1_one.c",
+                ],
+            "crypto/sha/sha1dgst.o" =>
+                [
+                    "crypto/sha/sha1dgst.c",
+                ],
+            "crypto/sha/sha256-mips.o" =>
+                [
+                    "crypto/sha/sha256-mips.S",
+                ],
+            "crypto/sha/sha256.o" =>
+                [
+                    "crypto/sha/sha256.c",
+                ],
+            "crypto/sha/sha512-mips.o" =>
+                [
+                    "crypto/sha/sha512-mips.S",
+                ],
+            "crypto/sha/sha512.o" =>
+                [
+                    "crypto/sha/sha512.c",
+                ],
+            "crypto/siphash/siphash.o" =>
+                [
+                    "crypto/siphash/siphash.c",
+                ],
+            "crypto/siphash/siphash_ameth.o" =>
+                [
+                    "crypto/siphash/siphash_ameth.c",
+                ],
+            "crypto/siphash/siphash_pmeth.o" =>
+                [
+                    "crypto/siphash/siphash_pmeth.c",
+                ],
+            "crypto/sm2/sm2_crypt.o" =>
+                [
+                    "crypto/sm2/sm2_crypt.c",
+                ],
+            "crypto/sm2/sm2_err.o" =>
+                [
+                    "crypto/sm2/sm2_err.c",
+                ],
+            "crypto/sm2/sm2_pmeth.o" =>
+                [
+                    "crypto/sm2/sm2_pmeth.c",
+                ],
+            "crypto/sm2/sm2_sign.o" =>
+                [
+                    "crypto/sm2/sm2_sign.c",
+                ],
+            "crypto/sm3/m_sm3.o" =>
+                [
+                    "crypto/sm3/m_sm3.c",
+                ],
+            "crypto/sm3/sm3.o" =>
+                [
+                    "crypto/sm3/sm3.c",
+                ],
+            "crypto/sm4/sm4.o" =>
+                [
+                    "crypto/sm4/sm4.c",
+                ],
+            "crypto/srp/srp_lib.o" =>
+                [
+                    "crypto/srp/srp_lib.c",
+                ],
+            "crypto/srp/srp_vfy.o" =>
+                [
+                    "crypto/srp/srp_vfy.c",
+                ],
+            "crypto/stack/stack.o" =>
+                [
+                    "crypto/stack/stack.c",
+                ],
+            "crypto/store/loader_file.o" =>
+                [
+                    "crypto/store/loader_file.c",
+                ],
+            "crypto/store/store_err.o" =>
+                [
+                    "crypto/store/store_err.c",
+                ],
+            "crypto/store/store_init.o" =>
+                [
+                    "crypto/store/store_init.c",
+                ],
+            "crypto/store/store_lib.o" =>
+                [
+                    "crypto/store/store_lib.c",
+                ],
+            "crypto/store/store_register.o" =>
+                [
+                    "crypto/store/store_register.c",
+                ],
+            "crypto/store/store_strings.o" =>
+                [
+                    "crypto/store/store_strings.c",
+                ],
+            "crypto/threads_none.o" =>
+                [
+                    "crypto/threads_none.c",
+                ],
+            "crypto/threads_pthread.o" =>
+                [
+                    "crypto/threads_pthread.c",
+                ],
+            "crypto/threads_win.o" =>
+                [
+                    "crypto/threads_win.c",
+                ],
+            "crypto/ts/ts_asn1.o" =>
+                [
+                    "crypto/ts/ts_asn1.c",
+                ],
+            "crypto/ts/ts_conf.o" =>
+                [
+                    "crypto/ts/ts_conf.c",
+                ],
+            "crypto/ts/ts_err.o" =>
+                [
+                    "crypto/ts/ts_err.c",
+                ],
+            "crypto/ts/ts_lib.o" =>
+                [
+                    "crypto/ts/ts_lib.c",
+                ],
+            "crypto/ts/ts_req_print.o" =>
+                [
+                    "crypto/ts/ts_req_print.c",
+                ],
+            "crypto/ts/ts_req_utils.o" =>
+                [
+                    "crypto/ts/ts_req_utils.c",
+                ],
+            "crypto/ts/ts_rsp_print.o" =>
+                [
+                    "crypto/ts/ts_rsp_print.c",
+                ],
+            "crypto/ts/ts_rsp_sign.o" =>
+                [
+                    "crypto/ts/ts_rsp_sign.c",
+                ],
+            "crypto/ts/ts_rsp_utils.o" =>
+                [
+                    "crypto/ts/ts_rsp_utils.c",
+                ],
+            "crypto/ts/ts_rsp_verify.o" =>
+                [
+                    "crypto/ts/ts_rsp_verify.c",
+                ],
+            "crypto/ts/ts_verify_ctx.o" =>
+                [
+                    "crypto/ts/ts_verify_ctx.c",
+                ],
+            "crypto/txt_db/txt_db.o" =>
+                [
+                    "crypto/txt_db/txt_db.c",
+                ],
+            "crypto/ui/ui_err.o" =>
+                [
+                    "crypto/ui/ui_err.c",
+                ],
+            "crypto/ui/ui_lib.o" =>
+                [
+                    "crypto/ui/ui_lib.c",
+                ],
+            "crypto/ui/ui_null.o" =>
+                [
+                    "crypto/ui/ui_null.c",
+                ],
+            "crypto/ui/ui_openssl.o" =>
+                [
+                    "crypto/ui/ui_openssl.c",
+                ],
+            "crypto/ui/ui_util.o" =>
+                [
+                    "crypto/ui/ui_util.c",
+                ],
+            "crypto/uid.o" =>
+                [
+                    "crypto/uid.c",
+                ],
+            "crypto/whrlpool/wp_block.o" =>
+                [
+                    "crypto/whrlpool/wp_block.c",
+                ],
+            "crypto/whrlpool/wp_dgst.o" =>
+                [
+                    "crypto/whrlpool/wp_dgst.c",
+                ],
+            "crypto/x509/by_dir.o" =>
+                [
+                    "crypto/x509/by_dir.c",
+                ],
+            "crypto/x509/by_file.o" =>
+                [
+                    "crypto/x509/by_file.c",
+                ],
+            "crypto/x509/t_crl.o" =>
+                [
+                    "crypto/x509/t_crl.c",
+                ],
+            "crypto/x509/t_req.o" =>
+                [
+                    "crypto/x509/t_req.c",
+                ],
+            "crypto/x509/t_x509.o" =>
+                [
+                    "crypto/x509/t_x509.c",
+                ],
+            "crypto/x509/x509_att.o" =>
+                [
+                    "crypto/x509/x509_att.c",
+                ],
+            "crypto/x509/x509_cmp.o" =>
+                [
+                    "crypto/x509/x509_cmp.c",
+                ],
+            "crypto/x509/x509_d2.o" =>
+                [
+                    "crypto/x509/x509_d2.c",
+                ],
+            "crypto/x509/x509_def.o" =>
+                [
+                    "crypto/x509/x509_def.c",
+                ],
+            "crypto/x509/x509_err.o" =>
+                [
+                    "crypto/x509/x509_err.c",
+                ],
+            "crypto/x509/x509_ext.o" =>
+                [
+                    "crypto/x509/x509_ext.c",
+                ],
+            "crypto/x509/x509_lu.o" =>
+                [
+                    "crypto/x509/x509_lu.c",
+                ],
+            "crypto/x509/x509_meth.o" =>
+                [
+                    "crypto/x509/x509_meth.c",
+                ],
+            "crypto/x509/x509_obj.o" =>
+                [
+                    "crypto/x509/x509_obj.c",
+                ],
+            "crypto/x509/x509_r2x.o" =>
+                [
+                    "crypto/x509/x509_r2x.c",
+                ],
+            "crypto/x509/x509_req.o" =>
+                [
+                    "crypto/x509/x509_req.c",
+                ],
+            "crypto/x509/x509_set.o" =>
+                [
+                    "crypto/x509/x509_set.c",
+                ],
+            "crypto/x509/x509_trs.o" =>
+                [
+                    "crypto/x509/x509_trs.c",
+                ],
+            "crypto/x509/x509_txt.o" =>
+                [
+                    "crypto/x509/x509_txt.c",
+                ],
+            "crypto/x509/x509_v3.o" =>
+                [
+                    "crypto/x509/x509_v3.c",
+                ],
+            "crypto/x509/x509_vfy.o" =>
+                [
+                    "crypto/x509/x509_vfy.c",
+                ],
+            "crypto/x509/x509_vpm.o" =>
+                [
+                    "crypto/x509/x509_vpm.c",
+                ],
+            "crypto/x509/x509cset.o" =>
+                [
+                    "crypto/x509/x509cset.c",
+                ],
+            "crypto/x509/x509name.o" =>
+                [
+                    "crypto/x509/x509name.c",
+                ],
+            "crypto/x509/x509rset.o" =>
+                [
+                    "crypto/x509/x509rset.c",
+                ],
+            "crypto/x509/x509spki.o" =>
+                [
+                    "crypto/x509/x509spki.c",
+                ],
+            "crypto/x509/x509type.o" =>
+                [
+                    "crypto/x509/x509type.c",
+                ],
+            "crypto/x509/x_all.o" =>
+                [
+                    "crypto/x509/x_all.c",
+                ],
+            "crypto/x509/x_attrib.o" =>
+                [
+                    "crypto/x509/x_attrib.c",
+                ],
+            "crypto/x509/x_crl.o" =>
+                [
+                    "crypto/x509/x_crl.c",
+                ],
+            "crypto/x509/x_exten.o" =>
+                [
+                    "crypto/x509/x_exten.c",
+                ],
+            "crypto/x509/x_name.o" =>
+                [
+                    "crypto/x509/x_name.c",
+                ],
+            "crypto/x509/x_pubkey.o" =>
+                [
+                    "crypto/x509/x_pubkey.c",
+                ],
+            "crypto/x509/x_req.o" =>
+                [
+                    "crypto/x509/x_req.c",
+                ],
+            "crypto/x509/x_x509.o" =>
+                [
+                    "crypto/x509/x_x509.c",
+                ],
+            "crypto/x509/x_x509a.o" =>
+                [
+                    "crypto/x509/x_x509a.c",
+                ],
+            "crypto/x509v3/pcy_cache.o" =>
+                [
+                    "crypto/x509v3/pcy_cache.c",
+                ],
+            "crypto/x509v3/pcy_data.o" =>
+                [
+                    "crypto/x509v3/pcy_data.c",
+                ],
+            "crypto/x509v3/pcy_lib.o" =>
+                [
+                    "crypto/x509v3/pcy_lib.c",
+                ],
+            "crypto/x509v3/pcy_map.o" =>
+                [
+                    "crypto/x509v3/pcy_map.c",
+                ],
+            "crypto/x509v3/pcy_node.o" =>
+                [
+                    "crypto/x509v3/pcy_node.c",
+                ],
+            "crypto/x509v3/pcy_tree.o" =>
+                [
+                    "crypto/x509v3/pcy_tree.c",
+                ],
+            "crypto/x509v3/v3_addr.o" =>
+                [
+                    "crypto/x509v3/v3_addr.c",
+                ],
+            "crypto/x509v3/v3_admis.o" =>
+                [
+                    "crypto/x509v3/v3_admis.c",
+                ],
+            "crypto/x509v3/v3_akey.o" =>
+                [
+                    "crypto/x509v3/v3_akey.c",
+                ],
+            "crypto/x509v3/v3_akeya.o" =>
+                [
+                    "crypto/x509v3/v3_akeya.c",
+                ],
+            "crypto/x509v3/v3_alt.o" =>
+                [
+                    "crypto/x509v3/v3_alt.c",
+                ],
+            "crypto/x509v3/v3_asid.o" =>
+                [
+                    "crypto/x509v3/v3_asid.c",
+                ],
+            "crypto/x509v3/v3_bcons.o" =>
+                [
+                    "crypto/x509v3/v3_bcons.c",
+                ],
+            "crypto/x509v3/v3_bitst.o" =>
+                [
+                    "crypto/x509v3/v3_bitst.c",
+                ],
+            "crypto/x509v3/v3_conf.o" =>
+                [
+                    "crypto/x509v3/v3_conf.c",
+                ],
+            "crypto/x509v3/v3_cpols.o" =>
+                [
+                    "crypto/x509v3/v3_cpols.c",
+                ],
+            "crypto/x509v3/v3_crld.o" =>
+                [
+                    "crypto/x509v3/v3_crld.c",
+                ],
+            "crypto/x509v3/v3_enum.o" =>
+                [
+                    "crypto/x509v3/v3_enum.c",
+                ],
+            "crypto/x509v3/v3_extku.o" =>
+                [
+                    "crypto/x509v3/v3_extku.c",
+                ],
+            "crypto/x509v3/v3_genn.o" =>
+                [
+                    "crypto/x509v3/v3_genn.c",
+                ],
+            "crypto/x509v3/v3_ia5.o" =>
+                [
+                    "crypto/x509v3/v3_ia5.c",
+                ],
+            "crypto/x509v3/v3_info.o" =>
+                [
+                    "crypto/x509v3/v3_info.c",
+                ],
+            "crypto/x509v3/v3_int.o" =>
+                [
+                    "crypto/x509v3/v3_int.c",
+                ],
+            "crypto/x509v3/v3_lib.o" =>
+                [
+                    "crypto/x509v3/v3_lib.c",
+                ],
+            "crypto/x509v3/v3_ncons.o" =>
+                [
+                    "crypto/x509v3/v3_ncons.c",
+                ],
+            "crypto/x509v3/v3_pci.o" =>
+                [
+                    "crypto/x509v3/v3_pci.c",
+                ],
+            "crypto/x509v3/v3_pcia.o" =>
+                [
+                    "crypto/x509v3/v3_pcia.c",
+                ],
+            "crypto/x509v3/v3_pcons.o" =>
+                [
+                    "crypto/x509v3/v3_pcons.c",
+                ],
+            "crypto/x509v3/v3_pku.o" =>
+                [
+                    "crypto/x509v3/v3_pku.c",
+                ],
+            "crypto/x509v3/v3_pmaps.o" =>
+                [
+                    "crypto/x509v3/v3_pmaps.c",
+                ],
+            "crypto/x509v3/v3_prn.o" =>
+                [
+                    "crypto/x509v3/v3_prn.c",
+                ],
+            "crypto/x509v3/v3_purp.o" =>
+                [
+                    "crypto/x509v3/v3_purp.c",
+                ],
+            "crypto/x509v3/v3_skey.o" =>
+                [
+                    "crypto/x509v3/v3_skey.c",
+                ],
+            "crypto/x509v3/v3_sxnet.o" =>
+                [
+                    "crypto/x509v3/v3_sxnet.c",
+                ],
+            "crypto/x509v3/v3_tlsf.o" =>
+                [
+                    "crypto/x509v3/v3_tlsf.c",
+                ],
+            "crypto/x509v3/v3_utl.o" =>
+                [
+                    "crypto/x509v3/v3_utl.c",
+                ],
+            "crypto/x509v3/v3err.o" =>
+                [
+                    "crypto/x509v3/v3err.c",
+                ],
+            "engines/e_capi.o" =>
+                [
+                    "engines/e_capi.c",
+                ],
+            "engines/e_padlock.o" =>
+                [
+                    "engines/e_padlock.c",
+                ],
+            "fuzz/asn1-test" =>
+                [
+                    "fuzz/asn1.o",
+                    "fuzz/test-corpus.o",
+                ],
+            "fuzz/asn1.o" =>
+                [
+                    "fuzz/asn1.c",
+                ],
+            "fuzz/asn1parse-test" =>
+                [
+                    "fuzz/asn1parse.o",
+                    "fuzz/test-corpus.o",
+                ],
+            "fuzz/asn1parse.o" =>
+                [
+                    "fuzz/asn1parse.c",
+                ],
+            "fuzz/bignum-test" =>
+                [
+                    "fuzz/bignum.o",
+                    "fuzz/test-corpus.o",
+                ],
+            "fuzz/bignum.o" =>
+                [
+                    "fuzz/bignum.c",
+                ],
+            "fuzz/bndiv-test" =>
+                [
+                    "fuzz/bndiv.o",
+                    "fuzz/test-corpus.o",
+                ],
+            "fuzz/bndiv.o" =>
+                [
+                    "fuzz/bndiv.c",
+                ],
+            "fuzz/client-test" =>
+                [
+                    "fuzz/client.o",
+                    "fuzz/test-corpus.o",
+                ],
+            "fuzz/client.o" =>
+                [
+                    "fuzz/client.c",
+                ],
+            "fuzz/cms-test" =>
+                [
+                    "fuzz/cms.o",
+                    "fuzz/test-corpus.o",
+                ],
+            "fuzz/cms.o" =>
+                [
+                    "fuzz/cms.c",
+                ],
+            "fuzz/conf-test" =>
+                [
+                    "fuzz/conf.o",
+                    "fuzz/test-corpus.o",
+                ],
+            "fuzz/conf.o" =>
+                [
+                    "fuzz/conf.c",
+                ],
+            "fuzz/crl-test" =>
+                [
+                    "fuzz/crl.o",
+                    "fuzz/test-corpus.o",
+                ],
+            "fuzz/crl.o" =>
+                [
+                    "fuzz/crl.c",
+                ],
+            "fuzz/ct-test" =>
+                [
+                    "fuzz/ct.o",
+                    "fuzz/test-corpus.o",
+                ],
+            "fuzz/ct.o" =>
+                [
+                    "fuzz/ct.c",
+                ],
+            "fuzz/server-test" =>
+                [
+                    "fuzz/server.o",
+                    "fuzz/test-corpus.o",
+                ],
+            "fuzz/server.o" =>
+                [
+                    "fuzz/server.c",
+                ],
+            "fuzz/test-corpus.o" =>
+                [
+                    "fuzz/test-corpus.c",
+                ],
+            "fuzz/x509-test" =>
+                [
+                    "fuzz/test-corpus.o",
+                    "fuzz/x509.o",
+                ],
+            "fuzz/x509.o" =>
+                [
+                    "fuzz/x509.c",
+                ],
+            "libcrypto" =>
+                [
+                    "crypto/aes/aes-mips.o",
+                    "crypto/aes/aes_cbc.o",
+                    "crypto/aes/aes_cfb.o",
+                    "crypto/aes/aes_ecb.o",
+                    "crypto/aes/aes_ige.o",
+                    "crypto/aes/aes_misc.o",
+                    "crypto/aes/aes_ofb.o",
+                    "crypto/aes/aes_wrap.o",
+                    "crypto/aria/aria.o",
+                    "crypto/asn1/a_bitstr.o",
+                    "crypto/asn1/a_d2i_fp.o",
+                    "crypto/asn1/a_digest.o",
+                    "crypto/asn1/a_dup.o",
+                    "crypto/asn1/a_gentm.o",
+                    "crypto/asn1/a_i2d_fp.o",
+                    "crypto/asn1/a_int.o",
+                    "crypto/asn1/a_mbstr.o",
+                    "crypto/asn1/a_object.o",
+                    "crypto/asn1/a_octet.o",
+                    "crypto/asn1/a_print.o",
+                    "crypto/asn1/a_sign.o",
+                    "crypto/asn1/a_strex.o",
+                    "crypto/asn1/a_strnid.o",
+                    "crypto/asn1/a_time.o",
+                    "crypto/asn1/a_type.o",
+                    "crypto/asn1/a_utctm.o",
+                    "crypto/asn1/a_utf8.o",
+                    "crypto/asn1/a_verify.o",
+                    "crypto/asn1/ameth_lib.o",
+                    "crypto/asn1/asn1_err.o",
+                    "crypto/asn1/asn1_gen.o",
+                    "crypto/asn1/asn1_item_list.o",
+                    "crypto/asn1/asn1_lib.o",
+                    "crypto/asn1/asn1_par.o",
+                    "crypto/asn1/asn_mime.o",
+                    "crypto/asn1/asn_moid.o",
+                    "crypto/asn1/asn_mstbl.o",
+                    "crypto/asn1/asn_pack.o",
+                    "crypto/asn1/bio_asn1.o",
+                    "crypto/asn1/bio_ndef.o",
+                    "crypto/asn1/d2i_pr.o",
+                    "crypto/asn1/d2i_pu.o",
+                    "crypto/asn1/evp_asn1.o",
+                    "crypto/asn1/f_int.o",
+                    "crypto/asn1/f_string.o",
+                    "crypto/asn1/i2d_pr.o",
+                    "crypto/asn1/i2d_pu.o",
+                    "crypto/asn1/n_pkey.o",
+                    "crypto/asn1/nsseq.o",
+                    "crypto/asn1/p5_pbe.o",
+                    "crypto/asn1/p5_pbev2.o",
+                    "crypto/asn1/p5_scrypt.o",
+                    "crypto/asn1/p8_pkey.o",
+                    "crypto/asn1/t_bitst.o",
+                    "crypto/asn1/t_pkey.o",
+                    "crypto/asn1/t_spki.o",
+                    "crypto/asn1/tasn_dec.o",
+                    "crypto/asn1/tasn_enc.o",
+                    "crypto/asn1/tasn_fre.o",
+                    "crypto/asn1/tasn_new.o",
+                    "crypto/asn1/tasn_prn.o",
+                    "crypto/asn1/tasn_scn.o",
+                    "crypto/asn1/tasn_typ.o",
+                    "crypto/asn1/tasn_utl.o",
+                    "crypto/asn1/x_algor.o",
+                    "crypto/asn1/x_bignum.o",
+                    "crypto/asn1/x_info.o",
+                    "crypto/asn1/x_int64.o",
+                    "crypto/asn1/x_long.o",
+                    "crypto/asn1/x_pkey.o",
+                    "crypto/asn1/x_sig.o",
+                    "crypto/asn1/x_spki.o",
+                    "crypto/asn1/x_val.o",
+                    "crypto/async/arch/async_null.o",
+                    "crypto/async/arch/async_posix.o",
+                    "crypto/async/arch/async_win.o",
+                    "crypto/async/async.o",
+                    "crypto/async/async_err.o",
+                    "crypto/async/async_wait.o",
+                    "crypto/bf/bf_cfb64.o",
+                    "crypto/bf/bf_ecb.o",
+                    "crypto/bf/bf_enc.o",
+                    "crypto/bf/bf_ofb64.o",
+                    "crypto/bf/bf_skey.o",
+                    "crypto/bio/b_addr.o",
+                    "crypto/bio/b_dump.o",
+                    "crypto/bio/b_print.o",
+                    "crypto/bio/b_sock.o",
+                    "crypto/bio/b_sock2.o",
+                    "crypto/bio/bf_buff.o",
+                    "crypto/bio/bf_lbuf.o",
+                    "crypto/bio/bf_nbio.o",
+                    "crypto/bio/bf_null.o",
+                    "crypto/bio/bio_cb.o",
+                    "crypto/bio/bio_err.o",
+                    "crypto/bio/bio_lib.o",
+                    "crypto/bio/bio_meth.o",
+                    "crypto/bio/bss_acpt.o",
+                    "crypto/bio/bss_bio.o",
+                    "crypto/bio/bss_conn.o",
+                    "crypto/bio/bss_dgram.o",
+                    "crypto/bio/bss_fd.o",
+                    "crypto/bio/bss_file.o",
+                    "crypto/bio/bss_log.o",
+                    "crypto/bio/bss_mem.o",
+                    "crypto/bio/bss_null.o",
+                    "crypto/bio/bss_sock.o",
+                    "crypto/blake2/blake2b.o",
+                    "crypto/blake2/blake2s.o",
+                    "crypto/blake2/m_blake2b.o",
+                    "crypto/blake2/m_blake2s.o",
+                    "crypto/bn/bn-mips.o",
+                    "crypto/bn/bn_add.o",
+                    "crypto/bn/bn_blind.o",
+                    "crypto/bn/bn_const.o",
+                    "crypto/bn/bn_ctx.o",
+                    "crypto/bn/bn_depr.o",
+                    "crypto/bn/bn_dh.o",
+                    "crypto/bn/bn_div.o",
+                    "crypto/bn/bn_err.o",
+                    "crypto/bn/bn_exp.o",
+                    "crypto/bn/bn_exp2.o",
+                    "crypto/bn/bn_gcd.o",
+                    "crypto/bn/bn_gf2m.o",
+                    "crypto/bn/bn_intern.o",
+                    "crypto/bn/bn_kron.o",
+                    "crypto/bn/bn_lib.o",
+                    "crypto/bn/bn_mod.o",
+                    "crypto/bn/bn_mont.o",
+                    "crypto/bn/bn_mpi.o",
+                    "crypto/bn/bn_mul.o",
+                    "crypto/bn/bn_nist.o",
+                    "crypto/bn/bn_prime.o",
+                    "crypto/bn/bn_print.o",
+                    "crypto/bn/bn_rand.o",
+                    "crypto/bn/bn_recp.o",
+                    "crypto/bn/bn_shift.o",
+                    "crypto/bn/bn_sqr.o",
+                    "crypto/bn/bn_sqrt.o",
+                    "crypto/bn/bn_srp.o",
+                    "crypto/bn/bn_word.o",
+                    "crypto/bn/bn_x931p.o",
+                    "crypto/bn/mips-mont.o",
+                    "crypto/buffer/buf_err.o",
+                    "crypto/buffer/buffer.o",
+                    "crypto/camellia/camellia.o",
+                    "crypto/camellia/cmll_cbc.o",
+                    "crypto/camellia/cmll_cfb.o",
+                    "crypto/camellia/cmll_ctr.o",
+                    "crypto/camellia/cmll_ecb.o",
+                    "crypto/camellia/cmll_misc.o",
+                    "crypto/camellia/cmll_ofb.o",
+                    "crypto/cast/c_cfb64.o",
+                    "crypto/cast/c_ecb.o",
+                    "crypto/cast/c_enc.o",
+                    "crypto/cast/c_ofb64.o",
+                    "crypto/cast/c_skey.o",
+                    "crypto/chacha/chacha_enc.o",
+                    "crypto/cmac/cm_ameth.o",
+                    "crypto/cmac/cm_pmeth.o",
+                    "crypto/cmac/cmac.o",
+                    "crypto/cms/cms_asn1.o",
+                    "crypto/cms/cms_att.o",
+                    "crypto/cms/cms_cd.o",
+                    "crypto/cms/cms_dd.o",
+                    "crypto/cms/cms_enc.o",
+                    "crypto/cms/cms_env.o",
+                    "crypto/cms/cms_err.o",
+                    "crypto/cms/cms_ess.o",
+                    "crypto/cms/cms_io.o",
+                    "crypto/cms/cms_kari.o",
+                    "crypto/cms/cms_lib.o",
+                    "crypto/cms/cms_pwri.o",
+                    "crypto/cms/cms_sd.o",
+                    "crypto/cms/cms_smime.o",
+                    "crypto/conf/conf_api.o",
+                    "crypto/conf/conf_def.o",
+                    "crypto/conf/conf_err.o",
+                    "crypto/conf/conf_lib.o",
+                    "crypto/conf/conf_mall.o",
+                    "crypto/conf/conf_mod.o",
+                    "crypto/conf/conf_sap.o",
+                    "crypto/conf/conf_ssl.o",
+                    "crypto/cpt_err.o",
+                    "crypto/cryptlib.o",
+                    "crypto/ct/ct_b64.o",
+                    "crypto/ct/ct_err.o",
+                    "crypto/ct/ct_log.o",
+                    "crypto/ct/ct_oct.o",
+                    "crypto/ct/ct_policy.o",
+                    "crypto/ct/ct_prn.o",
+                    "crypto/ct/ct_sct.o",
+                    "crypto/ct/ct_sct_ctx.o",
+                    "crypto/ct/ct_vfy.o",
+                    "crypto/ct/ct_x509v3.o",
+                    "crypto/ctype.o",
+                    "crypto/cversion.o",
+                    "crypto/des/cbc_cksm.o",
+                    "crypto/des/cbc_enc.o",
+                    "crypto/des/cfb64ede.o",
+                    "crypto/des/cfb64enc.o",
+                    "crypto/des/cfb_enc.o",
+                    "crypto/des/des_enc.o",
+                    "crypto/des/ecb3_enc.o",
+                    "crypto/des/ecb_enc.o",
+                    "crypto/des/fcrypt.o",
+                    "crypto/des/fcrypt_b.o",
+                    "crypto/des/ofb64ede.o",
+                    "crypto/des/ofb64enc.o",
+                    "crypto/des/ofb_enc.o",
+                    "crypto/des/pcbc_enc.o",
+                    "crypto/des/qud_cksm.o",
+                    "crypto/des/rand_key.o",
+                    "crypto/des/set_key.o",
+                    "crypto/des/str2key.o",
+                    "crypto/des/xcbc_enc.o",
+                    "crypto/dh/dh_ameth.o",
+                    "crypto/dh/dh_asn1.o",
+                    "crypto/dh/dh_check.o",
+                    "crypto/dh/dh_depr.o",
+                    "crypto/dh/dh_err.o",
+                    "crypto/dh/dh_gen.o",
+                    "crypto/dh/dh_kdf.o",
+                    "crypto/dh/dh_key.o",
+                    "crypto/dh/dh_lib.o",
+                    "crypto/dh/dh_meth.o",
+                    "crypto/dh/dh_pmeth.o",
+                    "crypto/dh/dh_prn.o",
+                    "crypto/dh/dh_rfc5114.o",
+                    "crypto/dh/dh_rfc7919.o",
+                    "crypto/dsa/dsa_ameth.o",
+                    "crypto/dsa/dsa_asn1.o",
+                    "crypto/dsa/dsa_depr.o",
+                    "crypto/dsa/dsa_err.o",
+                    "crypto/dsa/dsa_gen.o",
+                    "crypto/dsa/dsa_key.o",
+                    "crypto/dsa/dsa_lib.o",
+                    "crypto/dsa/dsa_meth.o",
+                    "crypto/dsa/dsa_ossl.o",
+                    "crypto/dsa/dsa_pmeth.o",
+                    "crypto/dsa/dsa_prn.o",
+                    "crypto/dsa/dsa_sign.o",
+                    "crypto/dsa/dsa_vrf.o",
+                    "crypto/dso/dso_dl.o",
+                    "crypto/dso/dso_dlfcn.o",
+                    "crypto/dso/dso_err.o",
+                    "crypto/dso/dso_lib.o",
+                    "crypto/dso/dso_openssl.o",
+                    "crypto/dso/dso_vms.o",
+                    "crypto/dso/dso_win32.o",
+                    "crypto/ebcdic.o",
+                    "crypto/ec/curve25519.o",
+                    "crypto/ec/curve448/arch_32/f_impl.o",
+                    "crypto/ec/curve448/curve448.o",
+                    "crypto/ec/curve448/curve448_tables.o",
+                    "crypto/ec/curve448/eddsa.o",
+                    "crypto/ec/curve448/f_generic.o",
+                    "crypto/ec/curve448/scalar.o",
+                    "crypto/ec/ec2_oct.o",
+                    "crypto/ec/ec2_smpl.o",
+                    "crypto/ec/ec_ameth.o",
+                    "crypto/ec/ec_asn1.o",
+                    "crypto/ec/ec_check.o",
+                    "crypto/ec/ec_curve.o",
+                    "crypto/ec/ec_cvt.o",
+                    "crypto/ec/ec_err.o",
+                    "crypto/ec/ec_key.o",
+                    "crypto/ec/ec_kmeth.o",
+                    "crypto/ec/ec_lib.o",
+                    "crypto/ec/ec_mult.o",
+                    "crypto/ec/ec_oct.o",
+                    "crypto/ec/ec_pmeth.o",
+                    "crypto/ec/ec_print.o",
+                    "crypto/ec/ecdh_kdf.o",
+                    "crypto/ec/ecdh_ossl.o",
+                    "crypto/ec/ecdsa_ossl.o",
+                    "crypto/ec/ecdsa_sign.o",
+                    "crypto/ec/ecdsa_vrf.o",
+                    "crypto/ec/eck_prn.o",
+                    "crypto/ec/ecp_mont.o",
+                    "crypto/ec/ecp_nist.o",
+                    "crypto/ec/ecp_nistp224.o",
+                    "crypto/ec/ecp_nistp256.o",
+                    "crypto/ec/ecp_nistp521.o",
+                    "crypto/ec/ecp_nistputil.o",
+                    "crypto/ec/ecp_oct.o",
+                    "crypto/ec/ecp_smpl.o",
+                    "crypto/ec/ecx_meth.o",
+                    "crypto/engine/eng_all.o",
+                    "crypto/engine/eng_cnf.o",
+                    "crypto/engine/eng_ctrl.o",
+                    "crypto/engine/eng_dyn.o",
+                    "crypto/engine/eng_err.o",
+                    "crypto/engine/eng_fat.o",
+                    "crypto/engine/eng_init.o",
+                    "crypto/engine/eng_lib.o",
+                    "crypto/engine/eng_list.o",
+                    "crypto/engine/eng_openssl.o",
+                    "crypto/engine/eng_pkey.o",
+                    "crypto/engine/eng_rdrand.o",
+                    "crypto/engine/eng_table.o",
+                    "crypto/engine/tb_asnmth.o",
+                    "crypto/engine/tb_cipher.o",
+                    "crypto/engine/tb_dh.o",
+                    "crypto/engine/tb_digest.o",
+                    "crypto/engine/tb_dsa.o",
+                    "crypto/engine/tb_eckey.o",
+                    "crypto/engine/tb_pkmeth.o",
+                    "crypto/engine/tb_rand.o",
+                    "crypto/engine/tb_rsa.o",
+                    "crypto/err/err.o",
+                    "crypto/err/err_all.o",
+                    "crypto/err/err_prn.o",
+                    "crypto/evp/bio_b64.o",
+                    "crypto/evp/bio_enc.o",
+                    "crypto/evp/bio_md.o",
+                    "crypto/evp/bio_ok.o",
+                    "crypto/evp/c_allc.o",
+                    "crypto/evp/c_alld.o",
+                    "crypto/evp/cmeth_lib.o",
+                    "crypto/evp/digest.o",
+                    "crypto/evp/e_aes.o",
+                    "crypto/evp/e_aes_cbc_hmac_sha1.o",
+                    "crypto/evp/e_aes_cbc_hmac_sha256.o",
+                    "crypto/evp/e_aria.o",
+                    "crypto/evp/e_bf.o",
+                    "crypto/evp/e_camellia.o",
+                    "crypto/evp/e_cast.o",
+                    "crypto/evp/e_chacha20_poly1305.o",
+                    "crypto/evp/e_des.o",
+                    "crypto/evp/e_des3.o",
+                    "crypto/evp/e_idea.o",
+                    "crypto/evp/e_null.o",
+                    "crypto/evp/e_old.o",
+                    "crypto/evp/e_rc2.o",
+                    "crypto/evp/e_rc4.o",
+                    "crypto/evp/e_rc4_hmac_md5.o",
+                    "crypto/evp/e_rc5.o",
+                    "crypto/evp/e_seed.o",
+                    "crypto/evp/e_sm4.o",
+                    "crypto/evp/e_xcbc_d.o",
+                    "crypto/evp/encode.o",
+                    "crypto/evp/evp_cnf.o",
+                    "crypto/evp/evp_enc.o",
+                    "crypto/evp/evp_err.o",
+                    "crypto/evp/evp_key.o",
+                    "crypto/evp/evp_lib.o",
+                    "crypto/evp/evp_pbe.o",
+                    "crypto/evp/evp_pkey.o",
+                    "crypto/evp/m_md2.o",
+                    "crypto/evp/m_md4.o",
+                    "crypto/evp/m_md5.o",
+                    "crypto/evp/m_md5_sha1.o",
+                    "crypto/evp/m_mdc2.o",
+                    "crypto/evp/m_null.o",
+                    "crypto/evp/m_ripemd.o",
+                    "crypto/evp/m_sha1.o",
+                    "crypto/evp/m_sha3.o",
+                    "crypto/evp/m_sigver.o",
+                    "crypto/evp/m_wp.o",
+                    "crypto/evp/names.o",
+                    "crypto/evp/p5_crpt.o",
+                    "crypto/evp/p5_crpt2.o",
+                    "crypto/evp/p_dec.o",
+                    "crypto/evp/p_enc.o",
+                    "crypto/evp/p_lib.o",
+                    "crypto/evp/p_open.o",
+                    "crypto/evp/p_seal.o",
+                    "crypto/evp/p_sign.o",
+                    "crypto/evp/p_verify.o",
+                    "crypto/evp/pbe_scrypt.o",
+                    "crypto/evp/pmeth_fn.o",
+                    "crypto/evp/pmeth_gn.o",
+                    "crypto/evp/pmeth_lib.o",
+                    "crypto/ex_data.o",
+                    "crypto/getenv.o",
+                    "crypto/hmac/hm_ameth.o",
+                    "crypto/hmac/hm_pmeth.o",
+                    "crypto/hmac/hmac.o",
+                    "crypto/idea/i_cbc.o",
+                    "crypto/idea/i_cfb64.o",
+                    "crypto/idea/i_ecb.o",
+                    "crypto/idea/i_ofb64.o",
+                    "crypto/idea/i_skey.o",
+                    "crypto/init.o",
+                    "crypto/kdf/hkdf.o",
+                    "crypto/kdf/kdf_err.o",
+                    "crypto/kdf/scrypt.o",
+                    "crypto/kdf/tls1_prf.o",
+                    "crypto/lhash/lh_stats.o",
+                    "crypto/lhash/lhash.o",
+                    "crypto/md4/md4_dgst.o",
+                    "crypto/md4/md4_one.o",
+                    "crypto/md5/md5_dgst.o",
+                    "crypto/md5/md5_one.o",
+                    "crypto/mdc2/mdc2_one.o",
+                    "crypto/mdc2/mdc2dgst.o",
+                    "crypto/mem.o",
+                    "crypto/mem_clr.o",
+                    "crypto/mem_dbg.o",
+                    "crypto/mem_sec.o",
+                    "crypto/modes/cbc128.o",
+                    "crypto/modes/ccm128.o",
+                    "crypto/modes/cfb128.o",
+                    "crypto/modes/ctr128.o",
+                    "crypto/modes/cts128.o",
+                    "crypto/modes/gcm128.o",
+                    "crypto/modes/ocb128.o",
+                    "crypto/modes/ofb128.o",
+                    "crypto/modes/wrap128.o",
+                    "crypto/modes/xts128.o",
+                    "crypto/o_dir.o",
+                    "crypto/o_fips.o",
+                    "crypto/o_fopen.o",
+                    "crypto/o_init.o",
+                    "crypto/o_str.o",
+                    "crypto/o_time.o",
+                    "crypto/objects/o_names.o",
+                    "crypto/objects/obj_dat.o",
+                    "crypto/objects/obj_err.o",
+                    "crypto/objects/obj_lib.o",
+                    "crypto/objects/obj_xref.o",
+                    "crypto/ocsp/ocsp_asn.o",
+                    "crypto/ocsp/ocsp_cl.o",
+                    "crypto/ocsp/ocsp_err.o",
+                    "crypto/ocsp/ocsp_ext.o",
+                    "crypto/ocsp/ocsp_ht.o",
+                    "crypto/ocsp/ocsp_lib.o",
+                    "crypto/ocsp/ocsp_prn.o",
+                    "crypto/ocsp/ocsp_srv.o",
+                    "crypto/ocsp/ocsp_vfy.o",
+                    "crypto/ocsp/v3_ocsp.o",
+                    "crypto/pem/pem_all.o",
+                    "crypto/pem/pem_err.o",
+                    "crypto/pem/pem_info.o",
+                    "crypto/pem/pem_lib.o",
+                    "crypto/pem/pem_oth.o",
+                    "crypto/pem/pem_pk8.o",
+                    "crypto/pem/pem_pkey.o",
+                    "crypto/pem/pem_sign.o",
+                    "crypto/pem/pem_x509.o",
+                    "crypto/pem/pem_xaux.o",
+                    "crypto/pem/pvkfmt.o",
+                    "crypto/pkcs12/p12_add.o",
+                    "crypto/pkcs12/p12_asn.o",
+                    "crypto/pkcs12/p12_attr.o",
+                    "crypto/pkcs12/p12_crpt.o",
+                    "crypto/pkcs12/p12_crt.o",
+                    "crypto/pkcs12/p12_decr.o",
+                    "crypto/pkcs12/p12_init.o",
+                    "crypto/pkcs12/p12_key.o",
+                    "crypto/pkcs12/p12_kiss.o",
+                    "crypto/pkcs12/p12_mutl.o",
+                    "crypto/pkcs12/p12_npas.o",
+                    "crypto/pkcs12/p12_p8d.o",
+                    "crypto/pkcs12/p12_p8e.o",
+                    "crypto/pkcs12/p12_sbag.o",
+                    "crypto/pkcs12/p12_utl.o",
+                    "crypto/pkcs12/pk12err.o",
+                    "crypto/pkcs7/bio_pk7.o",
+                    "crypto/pkcs7/pk7_asn1.o",
+                    "crypto/pkcs7/pk7_attr.o",
+                    "crypto/pkcs7/pk7_doit.o",
+                    "crypto/pkcs7/pk7_lib.o",
+                    "crypto/pkcs7/pk7_mime.o",
+                    "crypto/pkcs7/pk7_smime.o",
+                    "crypto/pkcs7/pkcs7err.o",
+                    "crypto/poly1305/poly1305-mips.o",
+                    "crypto/poly1305/poly1305.o",
+                    "crypto/poly1305/poly1305_ameth.o",
+                    "crypto/poly1305/poly1305_pmeth.o",
+                    "crypto/rand/drbg_ctr.o",
+                    "crypto/rand/drbg_lib.o",
+                    "crypto/rand/rand_egd.o",
+                    "crypto/rand/rand_err.o",
+                    "crypto/rand/rand_lib.o",
+                    "crypto/rand/rand_unix.o",
+                    "crypto/rand/rand_vms.o",
+                    "crypto/rand/rand_win.o",
+                    "crypto/rand/randfile.o",
+                    "crypto/rc2/rc2_cbc.o",
+                    "crypto/rc2/rc2_ecb.o",
+                    "crypto/rc2/rc2_skey.o",
+                    "crypto/rc2/rc2cfb64.o",
+                    "crypto/rc2/rc2ofb64.o",
+                    "crypto/rc4/rc4_enc.o",
+                    "crypto/rc4/rc4_skey.o",
+                    "crypto/ripemd/rmd_dgst.o",
+                    "crypto/ripemd/rmd_one.o",
+                    "crypto/rsa/rsa_ameth.o",
+                    "crypto/rsa/rsa_asn1.o",
+                    "crypto/rsa/rsa_chk.o",
+                    "crypto/rsa/rsa_crpt.o",
+                    "crypto/rsa/rsa_depr.o",
+                    "crypto/rsa/rsa_err.o",
+                    "crypto/rsa/rsa_gen.o",
+                    "crypto/rsa/rsa_lib.o",
+                    "crypto/rsa/rsa_meth.o",
+                    "crypto/rsa/rsa_mp.o",
+                    "crypto/rsa/rsa_none.o",
+                    "crypto/rsa/rsa_oaep.o",
+                    "crypto/rsa/rsa_ossl.o",
+                    "crypto/rsa/rsa_pk1.o",
+                    "crypto/rsa/rsa_pmeth.o",
+                    "crypto/rsa/rsa_prn.o",
+                    "crypto/rsa/rsa_pss.o",
+                    "crypto/rsa/rsa_saos.o",
+                    "crypto/rsa/rsa_sign.o",
+                    "crypto/rsa/rsa_ssl.o",
+                    "crypto/rsa/rsa_x931.o",
+                    "crypto/rsa/rsa_x931g.o",
+                    "crypto/seed/seed.o",
+                    "crypto/seed/seed_cbc.o",
+                    "crypto/seed/seed_cfb.o",
+                    "crypto/seed/seed_ecb.o",
+                    "crypto/seed/seed_ofb.o",
+                    "crypto/sha/keccak1600.o",
+                    "crypto/sha/sha1-mips.o",
+                    "crypto/sha/sha1_one.o",
+                    "crypto/sha/sha1dgst.o",
+                    "crypto/sha/sha256-mips.o",
+                    "crypto/sha/sha256.o",
+                    "crypto/sha/sha512-mips.o",
+                    "crypto/sha/sha512.o",
+                    "crypto/siphash/siphash.o",
+                    "crypto/siphash/siphash_ameth.o",
+                    "crypto/siphash/siphash_pmeth.o",
+                    "crypto/sm2/sm2_crypt.o",
+                    "crypto/sm2/sm2_err.o",
+                    "crypto/sm2/sm2_pmeth.o",
+                    "crypto/sm2/sm2_sign.o",
+                    "crypto/sm3/m_sm3.o",
+                    "crypto/sm3/sm3.o",
+                    "crypto/sm4/sm4.o",
+                    "crypto/srp/srp_lib.o",
+                    "crypto/srp/srp_vfy.o",
+                    "crypto/stack/stack.o",
+                    "crypto/store/loader_file.o",
+                    "crypto/store/store_err.o",
+                    "crypto/store/store_init.o",
+                    "crypto/store/store_lib.o",
+                    "crypto/store/store_register.o",
+                    "crypto/store/store_strings.o",
+                    "crypto/threads_none.o",
+                    "crypto/threads_pthread.o",
+                    "crypto/threads_win.o",
+                    "crypto/ts/ts_asn1.o",
+                    "crypto/ts/ts_conf.o",
+                    "crypto/ts/ts_err.o",
+                    "crypto/ts/ts_lib.o",
+                    "crypto/ts/ts_req_print.o",
+                    "crypto/ts/ts_req_utils.o",
+                    "crypto/ts/ts_rsp_print.o",
+                    "crypto/ts/ts_rsp_sign.o",
+                    "crypto/ts/ts_rsp_utils.o",
+                    "crypto/ts/ts_rsp_verify.o",
+                    "crypto/ts/ts_verify_ctx.o",
+                    "crypto/txt_db/txt_db.o",
+                    "crypto/ui/ui_err.o",
+                    "crypto/ui/ui_lib.o",
+                    "crypto/ui/ui_null.o",
+                    "crypto/ui/ui_openssl.o",
+                    "crypto/ui/ui_util.o",
+                    "crypto/uid.o",
+                    "crypto/whrlpool/wp_block.o",
+                    "crypto/whrlpool/wp_dgst.o",
+                    "crypto/x509/by_dir.o",
+                    "crypto/x509/by_file.o",
+                    "crypto/x509/t_crl.o",
+                    "crypto/x509/t_req.o",
+                    "crypto/x509/t_x509.o",
+                    "crypto/x509/x509_att.o",
+                    "crypto/x509/x509_cmp.o",
+                    "crypto/x509/x509_d2.o",
+                    "crypto/x509/x509_def.o",
+                    "crypto/x509/x509_err.o",
+                    "crypto/x509/x509_ext.o",
+                    "crypto/x509/x509_lu.o",
+                    "crypto/x509/x509_meth.o",
+                    "crypto/x509/x509_obj.o",
+                    "crypto/x509/x509_r2x.o",
+                    "crypto/x509/x509_req.o",
+                    "crypto/x509/x509_set.o",
+                    "crypto/x509/x509_trs.o",
+                    "crypto/x509/x509_txt.o",
+                    "crypto/x509/x509_v3.o",
+                    "crypto/x509/x509_vfy.o",
+                    "crypto/x509/x509_vpm.o",
+                    "crypto/x509/x509cset.o",
+                    "crypto/x509/x509name.o",
+                    "crypto/x509/x509rset.o",
+                    "crypto/x509/x509spki.o",
+                    "crypto/x509/x509type.o",
+                    "crypto/x509/x_all.o",
+                    "crypto/x509/x_attrib.o",
+                    "crypto/x509/x_crl.o",
+                    "crypto/x509/x_exten.o",
+                    "crypto/x509/x_name.o",
+                    "crypto/x509/x_pubkey.o",
+                    "crypto/x509/x_req.o",
+                    "crypto/x509/x_x509.o",
+                    "crypto/x509/x_x509a.o",
+                    "crypto/x509v3/pcy_cache.o",
+                    "crypto/x509v3/pcy_data.o",
+                    "crypto/x509v3/pcy_lib.o",
+                    "crypto/x509v3/pcy_map.o",
+                    "crypto/x509v3/pcy_node.o",
+                    "crypto/x509v3/pcy_tree.o",
+                    "crypto/x509v3/v3_addr.o",
+                    "crypto/x509v3/v3_admis.o",
+                    "crypto/x509v3/v3_akey.o",
+                    "crypto/x509v3/v3_akeya.o",
+                    "crypto/x509v3/v3_alt.o",
+                    "crypto/x509v3/v3_asid.o",
+                    "crypto/x509v3/v3_bcons.o",
+                    "crypto/x509v3/v3_bitst.o",
+                    "crypto/x509v3/v3_conf.o",
+                    "crypto/x509v3/v3_cpols.o",
+                    "crypto/x509v3/v3_crld.o",
+                    "crypto/x509v3/v3_enum.o",
+                    "crypto/x509v3/v3_extku.o",
+                    "crypto/x509v3/v3_genn.o",
+                    "crypto/x509v3/v3_ia5.o",
+                    "crypto/x509v3/v3_info.o",
+                    "crypto/x509v3/v3_int.o",
+                    "crypto/x509v3/v3_lib.o",
+                    "crypto/x509v3/v3_ncons.o",
+                    "crypto/x509v3/v3_pci.o",
+                    "crypto/x509v3/v3_pcia.o",
+                    "crypto/x509v3/v3_pcons.o",
+                    "crypto/x509v3/v3_pku.o",
+                    "crypto/x509v3/v3_pmaps.o",
+                    "crypto/x509v3/v3_prn.o",
+                    "crypto/x509v3/v3_purp.o",
+                    "crypto/x509v3/v3_skey.o",
+                    "crypto/x509v3/v3_sxnet.o",
+                    "crypto/x509v3/v3_tlsf.o",
+                    "crypto/x509v3/v3_utl.o",
+                    "crypto/x509v3/v3err.o",
+                    "engines/e_capi.o",
+                    "engines/e_padlock.o",
+                ],
+            "libssl" =>
+                [
+                    "ssl/bio_ssl.o",
+                    "ssl/d1_lib.o",
+                    "ssl/d1_msg.o",
+                    "ssl/d1_srtp.o",
+                    "ssl/methods.o",
+                    "ssl/packet.o",
+                    "ssl/pqueue.o",
+                    "ssl/record/dtls1_bitmap.o",
+                    "ssl/record/rec_layer_d1.o",
+                    "ssl/record/rec_layer_s3.o",
+                    "ssl/record/ssl3_buffer.o",
+                    "ssl/record/ssl3_record.o",
+                    "ssl/record/ssl3_record_tls13.o",
+                    "ssl/s3_cbc.o",
+                    "ssl/s3_enc.o",
+                    "ssl/s3_lib.o",
+                    "ssl/s3_msg.o",
+                    "ssl/ssl_asn1.o",
+                    "ssl/ssl_cert.o",
+                    "ssl/ssl_ciph.o",
+                    "ssl/ssl_conf.o",
+                    "ssl/ssl_err.o",
+                    "ssl/ssl_init.o",
+                    "ssl/ssl_lib.o",
+                    "ssl/ssl_mcnf.o",
+                    "ssl/ssl_rsa.o",
+                    "ssl/ssl_sess.o",
+                    "ssl/ssl_stat.o",
+                    "ssl/ssl_txt.o",
+                    "ssl/ssl_utst.o",
+                    "ssl/statem/extensions.o",
+                    "ssl/statem/extensions_clnt.o",
+                    "ssl/statem/extensions_cust.o",
+                    "ssl/statem/extensions_srvr.o",
+                    "ssl/statem/statem.o",
+                    "ssl/statem/statem_clnt.o",
+                    "ssl/statem/statem_dtls.o",
+                    "ssl/statem/statem_lib.o",
+                    "ssl/statem/statem_srvr.o",
+                    "ssl/t1_enc.o",
+                    "ssl/t1_lib.o",
+                    "ssl/t1_trce.o",
+                    "ssl/tls13_enc.o",
+                    "ssl/tls_srp.o",
+                ],
+            "ssl/bio_ssl.o" =>
+                [
+                    "ssl/bio_ssl.c",
+                ],
+            "ssl/d1_lib.o" =>
+                [
+                    "ssl/d1_lib.c",
+                ],
+            "ssl/d1_msg.o" =>
+                [
+                    "ssl/d1_msg.c",
+                ],
+            "ssl/d1_srtp.o" =>
+                [
+                    "ssl/d1_srtp.c",
+                ],
+            "ssl/methods.o" =>
+                [
+                    "ssl/methods.c",
+                ],
+            "ssl/packet.o" =>
+                [
+                    "ssl/packet.c",
+                ],
+            "ssl/pqueue.o" =>
+                [
+                    "ssl/pqueue.c",
+                ],
+            "ssl/record/dtls1_bitmap.o" =>
+                [
+                    "ssl/record/dtls1_bitmap.c",
+                ],
+            "ssl/record/rec_layer_d1.o" =>
+                [
+                    "ssl/record/rec_layer_d1.c",
+                ],
+            "ssl/record/rec_layer_s3.o" =>
+                [
+                    "ssl/record/rec_layer_s3.c",
+                ],
+            "ssl/record/ssl3_buffer.o" =>
+                [
+                    "ssl/record/ssl3_buffer.c",
+                ],
+            "ssl/record/ssl3_record.o" =>
+                [
+                    "ssl/record/ssl3_record.c",
+                ],
+            "ssl/record/ssl3_record_tls13.o" =>
+                [
+                    "ssl/record/ssl3_record_tls13.c",
+                ],
+            "ssl/s3_cbc.o" =>
+                [
+                    "ssl/s3_cbc.c",
+                ],
+            "ssl/s3_enc.o" =>
+                [
+                    "ssl/s3_enc.c",
+                ],
+            "ssl/s3_lib.o" =>
+                [
+                    "ssl/s3_lib.c",
+                ],
+            "ssl/s3_msg.o" =>
+                [
+                    "ssl/s3_msg.c",
+                ],
+            "ssl/ssl_asn1.o" =>
+                [
+                    "ssl/ssl_asn1.c",
+                ],
+            "ssl/ssl_cert.o" =>
+                [
+                    "ssl/ssl_cert.c",
+                ],
+            "ssl/ssl_ciph.o" =>
+                [
+                    "ssl/ssl_ciph.c",
+                ],
+            "ssl/ssl_conf.o" =>
+                [
+                    "ssl/ssl_conf.c",
+                ],
+            "ssl/ssl_err.o" =>
+                [
+                    "ssl/ssl_err.c",
+                ],
+            "ssl/ssl_init.o" =>
+                [
+                    "ssl/ssl_init.c",
+                ],
+            "ssl/ssl_lib.o" =>
+                [
+                    "ssl/ssl_lib.c",
+                ],
+            "ssl/ssl_mcnf.o" =>
+                [
+                    "ssl/ssl_mcnf.c",
+                ],
+            "ssl/ssl_rsa.o" =>
+                [
+                    "ssl/ssl_rsa.c",
+                ],
+            "ssl/ssl_sess.o" =>
+                [
+                    "ssl/ssl_sess.c",
+                ],
+            "ssl/ssl_stat.o" =>
+                [
+                    "ssl/ssl_stat.c",
+                ],
+            "ssl/ssl_txt.o" =>
+                [
+                    "ssl/ssl_txt.c",
+                ],
+            "ssl/ssl_utst.o" =>
+                [
+                    "ssl/ssl_utst.c",
+                ],
+            "ssl/statem/extensions.o" =>
+                [
+                    "ssl/statem/extensions.c",
+                ],
+            "ssl/statem/extensions_clnt.o" =>
+                [
+                    "ssl/statem/extensions_clnt.c",
+                ],
+            "ssl/statem/extensions_cust.o" =>
+                [
+                    "ssl/statem/extensions_cust.c",
+                ],
+            "ssl/statem/extensions_srvr.o" =>
+                [
+                    "ssl/statem/extensions_srvr.c",
+                ],
+            "ssl/statem/statem.o" =>
+                [
+                    "ssl/statem/statem.c",
+                ],
+            "ssl/statem/statem_clnt.o" =>
+                [
+                    "ssl/statem/statem_clnt.c",
+                ],
+            "ssl/statem/statem_dtls.o" =>
+                [
+                    "ssl/statem/statem_dtls.c",
+                ],
+            "ssl/statem/statem_lib.o" =>
+                [
+                    "ssl/statem/statem_lib.c",
+                ],
+            "ssl/statem/statem_srvr.o" =>
+                [
+                    "ssl/statem/statem_srvr.c",
+                ],
+            "ssl/t1_enc.o" =>
+                [
+                    "ssl/t1_enc.c",
+                ],
+            "ssl/t1_lib.o" =>
+                [
+                    "ssl/t1_lib.c",
+                ],
+            "ssl/t1_trce.o" =>
+                [
+                    "ssl/t1_trce.c",
+                ],
+            "ssl/tls13_enc.o" =>
+                [
+                    "ssl/tls13_enc.c",
+                ],
+            "ssl/tls_srp.o" =>
+                [
+                    "ssl/tls_srp.c",
+                ],
+            "test/aborttest" =>
+                [
+                    "test/aborttest.o",
+                ],
+            "test/aborttest.o" =>
+                [
+                    "test/aborttest.c",
+                ],
+            "test/afalgtest" =>
+                [
+                    "test/afalgtest.o",
+                ],
+            "test/afalgtest.o" =>
+                [
+                    "test/afalgtest.c",
+                ],
+            "test/asn1_decode_test" =>
+                [
+                    "test/asn1_decode_test.o",
+                ],
+            "test/asn1_decode_test.o" =>
+                [
+                    "test/asn1_decode_test.c",
+                ],
+            "test/asn1_encode_test" =>
+                [
+                    "test/asn1_encode_test.o",
+                ],
+            "test/asn1_encode_test.o" =>
+                [
+                    "test/asn1_encode_test.c",
+                ],
+            "test/asn1_internal_test" =>
+                [
+                    "test/asn1_internal_test.o",
+                ],
+            "test/asn1_internal_test.o" =>
+                [
+                    "test/asn1_internal_test.c",
+                ],
+            "test/asn1_string_table_test" =>
+                [
+                    "test/asn1_string_table_test.o",
+                ],
+            "test/asn1_string_table_test.o" =>
+                [
+                    "test/asn1_string_table_test.c",
+                ],
+            "test/asn1_time_test" =>
+                [
+                    "test/asn1_time_test.o",
+                ],
+            "test/asn1_time_test.o" =>
+                [
+                    "test/asn1_time_test.c",
+                ],
+            "test/asynciotest" =>
+                [
+                    "test/asynciotest.o",
+                    "test/ssltestlib.o",
+                ],
+            "test/asynciotest.o" =>
+                [
+                    "test/asynciotest.c",
+                ],
+            "test/asynctest" =>
+                [
+                    "test/asynctest.o",
+                ],
+            "test/asynctest.o" =>
+                [
+                    "test/asynctest.c",
+                ],
+            "test/bad_dtls_test" =>
+                [
+                    "test/bad_dtls_test.o",
+                ],
+            "test/bad_dtls_test.o" =>
+                [
+                    "test/bad_dtls_test.c",
+                ],
+            "test/bftest" =>
+                [
+                    "test/bftest.o",
+                ],
+            "test/bftest.o" =>
+                [
+                    "test/bftest.c",
+                ],
+            "test/bio_callback_test" =>
+                [
+                    "test/bio_callback_test.o",
+                ],
+            "test/bio_callback_test.o" =>
+                [
+                    "test/bio_callback_test.c",
+                ],
+            "test/bio_enc_test" =>
+                [
+                    "test/bio_enc_test.o",
+                ],
+            "test/bio_enc_test.o" =>
+                [
+                    "test/bio_enc_test.c",
+                ],
+            "test/bio_memleak_test" =>
+                [
+                    "test/bio_memleak_test.o",
+                ],
+            "test/bio_memleak_test.o" =>
+                [
+                    "test/bio_memleak_test.c",
+                ],
+            "test/bioprinttest" =>
+                [
+                    "test/bioprinttest.o",
+                ],
+            "test/bioprinttest.o" =>
+                [
+                    "test/bioprinttest.c",
+                ],
+            "test/bntest" =>
+                [
+                    "test/bntest.o",
+                ],
+            "test/bntest.o" =>
+                [
+                    "test/bntest.c",
+                ],
+            "test/buildtest_aes.o" =>
+                [
+                    "test/buildtest_aes.c",
+                ],
+            "test/buildtest_asn1.o" =>
+                [
+                    "test/buildtest_asn1.c",
+                ],
+            "test/buildtest_asn1t.o" =>
+                [
+                    "test/buildtest_asn1t.c",
+                ],
+            "test/buildtest_async.o" =>
+                [
+                    "test/buildtest_async.c",
+                ],
+            "test/buildtest_bio.o" =>
+                [
+                    "test/buildtest_bio.c",
+                ],
+            "test/buildtest_blowfish.o" =>
+                [
+                    "test/buildtest_blowfish.c",
+                ],
+            "test/buildtest_bn.o" =>
+                [
+                    "test/buildtest_bn.c",
+                ],
+            "test/buildtest_buffer.o" =>
+                [
+                    "test/buildtest_buffer.c",
+                ],
+            "test/buildtest_c_aes" =>
+                [
+                    "test/buildtest_aes.o",
+                ],
+            "test/buildtest_c_asn1" =>
+                [
+                    "test/buildtest_asn1.o",
+                ],
+            "test/buildtest_c_asn1t" =>
+                [
+                    "test/buildtest_asn1t.o",
+                ],
+            "test/buildtest_c_async" =>
+                [
+                    "test/buildtest_async.o",
+                ],
+            "test/buildtest_c_bio" =>
+                [
+                    "test/buildtest_bio.o",
+                ],
+            "test/buildtest_c_blowfish" =>
+                [
+                    "test/buildtest_blowfish.o",
+                ],
+            "test/buildtest_c_bn" =>
+                [
+                    "test/buildtest_bn.o",
+                ],
+            "test/buildtest_c_buffer" =>
+                [
+                    "test/buildtest_buffer.o",
+                ],
+            "test/buildtest_c_camellia" =>
+                [
+                    "test/buildtest_camellia.o",
+                ],
+            "test/buildtest_c_cast" =>
+                [
+                    "test/buildtest_cast.o",
+                ],
+            "test/buildtest_c_cmac" =>
+                [
+                    "test/buildtest_cmac.o",
+                ],
+            "test/buildtest_c_cms" =>
+                [
+                    "test/buildtest_cms.o",
+                ],
+            "test/buildtest_c_conf" =>
+                [
+                    "test/buildtest_conf.o",
+                ],
+            "test/buildtest_c_conf_api" =>
+                [
+                    "test/buildtest_conf_api.o",
+                ],
+            "test/buildtest_c_crypto" =>
+                [
+                    "test/buildtest_crypto.o",
+                ],
+            "test/buildtest_c_ct" =>
+                [
+                    "test/buildtest_ct.o",
+                ],
+            "test/buildtest_c_des" =>
+                [
+                    "test/buildtest_des.o",
+                ],
+            "test/buildtest_c_dh" =>
+                [
+                    "test/buildtest_dh.o",
+                ],
+            "test/buildtest_c_dsa" =>
+                [
+                    "test/buildtest_dsa.o",
+                ],
+            "test/buildtest_c_dtls1" =>
+                [
+                    "test/buildtest_dtls1.o",
+                ],
+            "test/buildtest_c_e_os2" =>
+                [
+                    "test/buildtest_e_os2.o",
+                ],
+            "test/buildtest_c_ebcdic" =>
+                [
+                    "test/buildtest_ebcdic.o",
+                ],
+            "test/buildtest_c_ec" =>
+                [
+                    "test/buildtest_ec.o",
+                ],
+            "test/buildtest_c_ecdh" =>
+                [
+                    "test/buildtest_ecdh.o",
+                ],
+            "test/buildtest_c_ecdsa" =>
+                [
+                    "test/buildtest_ecdsa.o",
+                ],
+            "test/buildtest_c_engine" =>
+                [
+                    "test/buildtest_engine.o",
+                ],
+            "test/buildtest_c_evp" =>
+                [
+                    "test/buildtest_evp.o",
+                ],
+            "test/buildtest_c_hmac" =>
+                [
+                    "test/buildtest_hmac.o",
+                ],
+            "test/buildtest_c_idea" =>
+                [
+                    "test/buildtest_idea.o",
+                ],
+            "test/buildtest_c_kdf" =>
+                [
+                    "test/buildtest_kdf.o",
+                ],
+            "test/buildtest_c_lhash" =>
+                [
+                    "test/buildtest_lhash.o",
+                ],
+            "test/buildtest_c_md4" =>
+                [
+                    "test/buildtest_md4.o",
+                ],
+            "test/buildtest_c_md5" =>
+                [
+                    "test/buildtest_md5.o",
+                ],
+            "test/buildtest_c_mdc2" =>
+                [
+                    "test/buildtest_mdc2.o",
+                ],
+            "test/buildtest_c_modes" =>
+                [
+                    "test/buildtest_modes.o",
+                ],
+            "test/buildtest_c_obj_mac" =>
+                [
+                    "test/buildtest_obj_mac.o",
+                ],
+            "test/buildtest_c_objects" =>
+                [
+                    "test/buildtest_objects.o",
+                ],
+            "test/buildtest_c_ocsp" =>
+                [
+                    "test/buildtest_ocsp.o",
+                ],
+            "test/buildtest_c_opensslv" =>
+                [
+                    "test/buildtest_opensslv.o",
+                ],
+            "test/buildtest_c_ossl_typ" =>
+                [
+                    "test/buildtest_ossl_typ.o",
+                ],
+            "test/buildtest_c_pem" =>
+                [
+                    "test/buildtest_pem.o",
+                ],
+            "test/buildtest_c_pem2" =>
+                [
+                    "test/buildtest_pem2.o",
+                ],
+            "test/buildtest_c_pkcs12" =>
+                [
+                    "test/buildtest_pkcs12.o",
+                ],
+            "test/buildtest_c_pkcs7" =>
+                [
+                    "test/buildtest_pkcs7.o",
+                ],
+            "test/buildtest_c_rand" =>
+                [
+                    "test/buildtest_rand.o",
+                ],
+            "test/buildtest_c_rand_drbg" =>
+                [
+                    "test/buildtest_rand_drbg.o",
+                ],
+            "test/buildtest_c_rc2" =>
+                [
+                    "test/buildtest_rc2.o",
+                ],
+            "test/buildtest_c_rc4" =>
+                [
+                    "test/buildtest_rc4.o",
+                ],
+            "test/buildtest_c_ripemd" =>
+                [
+                    "test/buildtest_ripemd.o",
+                ],
+            "test/buildtest_c_rsa" =>
+                [
+                    "test/buildtest_rsa.o",
+                ],
+            "test/buildtest_c_safestack" =>
+                [
+                    "test/buildtest_safestack.o",
+                ],
+            "test/buildtest_c_seed" =>
+                [
+                    "test/buildtest_seed.o",
+                ],
+            "test/buildtest_c_sha" =>
+                [
+                    "test/buildtest_sha.o",
+                ],
+            "test/buildtest_c_srp" =>
+                [
+                    "test/buildtest_srp.o",
+                ],
+            "test/buildtest_c_srtp" =>
+                [
+                    "test/buildtest_srtp.o",
+                ],
+            "test/buildtest_c_ssl" =>
+                [
+                    "test/buildtest_ssl.o",
+                ],
+            "test/buildtest_c_ssl2" =>
+                [
+                    "test/buildtest_ssl2.o",
+                ],
+            "test/buildtest_c_stack" =>
+                [
+                    "test/buildtest_stack.o",
+                ],
+            "test/buildtest_c_store" =>
+                [
+                    "test/buildtest_store.o",
+                ],
+            "test/buildtest_c_symhacks" =>
+                [
+                    "test/buildtest_symhacks.o",
+                ],
+            "test/buildtest_c_tls1" =>
+                [
+                    "test/buildtest_tls1.o",
+                ],
+            "test/buildtest_c_ts" =>
+                [
+                    "test/buildtest_ts.o",
+                ],
+            "test/buildtest_c_txt_db" =>
+                [
+                    "test/buildtest_txt_db.o",
+                ],
+            "test/buildtest_c_ui" =>
+                [
+                    "test/buildtest_ui.o",
+                ],
+            "test/buildtest_c_whrlpool" =>
+                [
+                    "test/buildtest_whrlpool.o",
+                ],
+            "test/buildtest_c_x509" =>
+                [
+                    "test/buildtest_x509.o",
+                ],
+            "test/buildtest_c_x509_vfy" =>
+                [
+                    "test/buildtest_x509_vfy.o",
+                ],
+            "test/buildtest_c_x509v3" =>
+                [
+                    "test/buildtest_x509v3.o",
+                ],
+            "test/buildtest_camellia.o" =>
+                [
+                    "test/buildtest_camellia.c",
+                ],
+            "test/buildtest_cast.o" =>
+                [
+                    "test/buildtest_cast.c",
+                ],
+            "test/buildtest_cmac.o" =>
+                [
+                    "test/buildtest_cmac.c",
+                ],
+            "test/buildtest_cms.o" =>
+                [
+                    "test/buildtest_cms.c",
+                ],
+            "test/buildtest_conf.o" =>
+                [
+                    "test/buildtest_conf.c",
+                ],
+            "test/buildtest_conf_api.o" =>
+                [
+                    "test/buildtest_conf_api.c",
+                ],
+            "test/buildtest_crypto.o" =>
+                [
+                    "test/buildtest_crypto.c",
+                ],
+            "test/buildtest_ct.o" =>
+                [
+                    "test/buildtest_ct.c",
+                ],
+            "test/buildtest_des.o" =>
+                [
+                    "test/buildtest_des.c",
+                ],
+            "test/buildtest_dh.o" =>
+                [
+                    "test/buildtest_dh.c",
+                ],
+            "test/buildtest_dsa.o" =>
+                [
+                    "test/buildtest_dsa.c",
+                ],
+            "test/buildtest_dtls1.o" =>
+                [
+                    "test/buildtest_dtls1.c",
+                ],
+            "test/buildtest_e_os2.o" =>
+                [
+                    "test/buildtest_e_os2.c",
+                ],
+            "test/buildtest_ebcdic.o" =>
+                [
+                    "test/buildtest_ebcdic.c",
+                ],
+            "test/buildtest_ec.o" =>
+                [
+                    "test/buildtest_ec.c",
+                ],
+            "test/buildtest_ecdh.o" =>
+                [
+                    "test/buildtest_ecdh.c",
+                ],
+            "test/buildtest_ecdsa.o" =>
+                [
+                    "test/buildtest_ecdsa.c",
+                ],
+            "test/buildtest_engine.o" =>
+                [
+                    "test/buildtest_engine.c",
+                ],
+            "test/buildtest_evp.o" =>
+                [
+                    "test/buildtest_evp.c",
+                ],
+            "test/buildtest_hmac.o" =>
+                [
+                    "test/buildtest_hmac.c",
+                ],
+            "test/buildtest_idea.o" =>
+                [
+                    "test/buildtest_idea.c",
+                ],
+            "test/buildtest_kdf.o" =>
+                [
+                    "test/buildtest_kdf.c",
+                ],
+            "test/buildtest_lhash.o" =>
+                [
+                    "test/buildtest_lhash.c",
+                ],
+            "test/buildtest_md4.o" =>
+                [
+                    "test/buildtest_md4.c",
+                ],
+            "test/buildtest_md5.o" =>
+                [
+                    "test/buildtest_md5.c",
+                ],
+            "test/buildtest_mdc2.o" =>
+                [
+                    "test/buildtest_mdc2.c",
+                ],
+            "test/buildtest_modes.o" =>
+                [
+                    "test/buildtest_modes.c",
+                ],
+            "test/buildtest_obj_mac.o" =>
+                [
+                    "test/buildtest_obj_mac.c",
+                ],
+            "test/buildtest_objects.o" =>
+                [
+                    "test/buildtest_objects.c",
+                ],
+            "test/buildtest_ocsp.o" =>
+                [
+                    "test/buildtest_ocsp.c",
+                ],
+            "test/buildtest_opensslv.o" =>
+                [
+                    "test/buildtest_opensslv.c",
+                ],
+            "test/buildtest_ossl_typ.o" =>
+                [
+                    "test/buildtest_ossl_typ.c",
+                ],
+            "test/buildtest_pem.o" =>
+                [
+                    "test/buildtest_pem.c",
+                ],
+            "test/buildtest_pem2.o" =>
+                [
+                    "test/buildtest_pem2.c",
+                ],
+            "test/buildtest_pkcs12.o" =>
+                [
+                    "test/buildtest_pkcs12.c",
+                ],
+            "test/buildtest_pkcs7.o" =>
+                [
+                    "test/buildtest_pkcs7.c",
+                ],
+            "test/buildtest_rand.o" =>
+                [
+                    "test/buildtest_rand.c",
+                ],
+            "test/buildtest_rand_drbg.o" =>
+                [
+                    "test/buildtest_rand_drbg.c",
+                ],
+            "test/buildtest_rc2.o" =>
+                [
+                    "test/buildtest_rc2.c",
+                ],
+            "test/buildtest_rc4.o" =>
+                [
+                    "test/buildtest_rc4.c",
+                ],
+            "test/buildtest_ripemd.o" =>
+                [
+                    "test/buildtest_ripemd.c",
+                ],
+            "test/buildtest_rsa.o" =>
+                [
+                    "test/buildtest_rsa.c",
+                ],
+            "test/buildtest_safestack.o" =>
+                [
+                    "test/buildtest_safestack.c",
+                ],
+            "test/buildtest_seed.o" =>
+                [
+                    "test/buildtest_seed.c",
+                ],
+            "test/buildtest_sha.o" =>
+                [
+                    "test/buildtest_sha.c",
+                ],
+            "test/buildtest_srp.o" =>
+                [
+                    "test/buildtest_srp.c",
+                ],
+            "test/buildtest_srtp.o" =>
+                [
+                    "test/buildtest_srtp.c",
+                ],
+            "test/buildtest_ssl.o" =>
+                [
+                    "test/buildtest_ssl.c",
+                ],
+            "test/buildtest_ssl2.o" =>
+                [
+                    "test/buildtest_ssl2.c",
+                ],
+            "test/buildtest_stack.o" =>
+                [
+                    "test/buildtest_stack.c",
+                ],
+            "test/buildtest_store.o" =>
+                [
+                    "test/buildtest_store.c",
+                ],
+            "test/buildtest_symhacks.o" =>
+                [
+                    "test/buildtest_symhacks.c",
+                ],
+            "test/buildtest_tls1.o" =>
+                [
+                    "test/buildtest_tls1.c",
+                ],
+            "test/buildtest_ts.o" =>
+                [
+                    "test/buildtest_ts.c",
+                ],
+            "test/buildtest_txt_db.o" =>
+                [
+                    "test/buildtest_txt_db.c",
+                ],
+            "test/buildtest_ui.o" =>
+                [
+                    "test/buildtest_ui.c",
+                ],
+            "test/buildtest_whrlpool.o" =>
+                [
+                    "test/buildtest_whrlpool.c",
+                ],
+            "test/buildtest_x509.o" =>
+                [
+                    "test/buildtest_x509.c",
+                ],
+            "test/buildtest_x509_vfy.o" =>
+                [
+                    "test/buildtest_x509_vfy.c",
+                ],
+            "test/buildtest_x509v3.o" =>
+                [
+                    "test/buildtest_x509v3.c",
+                ],
+            "test/casttest" =>
+                [
+                    "test/casttest.o",
+                ],
+            "test/casttest.o" =>
+                [
+                    "test/casttest.c",
+                ],
+            "test/chacha_internal_test" =>
+                [
+                    "test/chacha_internal_test.o",
+                ],
+            "test/chacha_internal_test.o" =>
+                [
+                    "test/chacha_internal_test.c",
+                ],
+            "test/cipher_overhead_test" =>
+                [
+                    "test/cipher_overhead_test.o",
+                ],
+            "test/cipher_overhead_test.o" =>
+                [
+                    "test/cipher_overhead_test.c",
+                ],
+            "test/cipherbytes_test" =>
+                [
+                    "test/cipherbytes_test.o",
+                ],
+            "test/cipherbytes_test.o" =>
+                [
+                    "test/cipherbytes_test.c",
+                ],
+            "test/cipherlist_test" =>
+                [
+                    "test/cipherlist_test.o",
+                ],
+            "test/cipherlist_test.o" =>
+                [
+                    "test/cipherlist_test.c",
+                ],
+            "test/ciphername_test" =>
+                [
+                    "test/ciphername_test.o",
+                ],
+            "test/ciphername_test.o" =>
+                [
+                    "test/ciphername_test.c",
+                ],
+            "test/clienthellotest" =>
+                [
+                    "test/clienthellotest.o",
+                ],
+            "test/clienthellotest.o" =>
+                [
+                    "test/clienthellotest.c",
+                ],
+            "test/cmsapitest" =>
+                [
+                    "test/cmsapitest.o",
+                ],
+            "test/cmsapitest.o" =>
+                [
+                    "test/cmsapitest.c",
+                ],
+            "test/conf_include_test" =>
+                [
+                    "test/conf_include_test.o",
+                ],
+            "test/conf_include_test.o" =>
+                [
+                    "test/conf_include_test.c",
+                ],
+            "test/constant_time_test" =>
+                [
+                    "test/constant_time_test.o",
+                ],
+            "test/constant_time_test.o" =>
+                [
+                    "test/constant_time_test.c",
+                ],
+            "test/crltest" =>
+                [
+                    "test/crltest.o",
+                ],
+            "test/crltest.o" =>
+                [
+                    "test/crltest.c",
+                ],
+            "test/ct_test" =>
+                [
+                    "test/ct_test.o",
+                ],
+            "test/ct_test.o" =>
+                [
+                    "test/ct_test.c",
+                ],
+            "test/ctype_internal_test" =>
+                [
+                    "test/ctype_internal_test.o",
+                ],
+            "test/ctype_internal_test.o" =>
+                [
+                    "test/ctype_internal_test.c",
+                ],
+            "test/curve448_internal_test" =>
+                [
+                    "test/curve448_internal_test.o",
+                ],
+            "test/curve448_internal_test.o" =>
+                [
+                    "test/curve448_internal_test.c",
+                ],
+            "test/d2i_test" =>
+                [
+                    "test/d2i_test.o",
+                ],
+            "test/d2i_test.o" =>
+                [
+                    "test/d2i_test.c",
+                ],
+            "test/danetest" =>
+                [
+                    "test/danetest.o",
+                ],
+            "test/danetest.o" =>
+                [
+                    "test/danetest.c",
+                ],
+            "test/destest" =>
+                [
+                    "test/destest.o",
+                ],
+            "test/destest.o" =>
+                [
+                    "test/destest.c",
+                ],
+            "test/dhtest" =>
+                [
+                    "test/dhtest.o",
+                ],
+            "test/dhtest.o" =>
+                [
+                    "test/dhtest.c",
+                ],
+            "test/drbg_cavs_data.o" =>
+                [
+                    "test/drbg_cavs_data.c",
+                ],
+            "test/drbg_cavs_test" =>
+                [
+                    "test/drbg_cavs_data.o",
+                    "test/drbg_cavs_test.o",
+                ],
+            "test/drbg_cavs_test.o" =>
+                [
+                    "test/drbg_cavs_test.c",
+                ],
+            "test/drbgtest" =>
+                [
+                    "test/drbgtest.o",
+                ],
+            "test/drbgtest.o" =>
+                [
+                    "test/drbgtest.c",
+                ],
+            "test/dsa_no_digest_size_test" =>
+                [
+                    "test/dsa_no_digest_size_test.o",
+                ],
+            "test/dsa_no_digest_size_test.o" =>
+                [
+                    "test/dsa_no_digest_size_test.c",
+                ],
+            "test/dsatest" =>
+                [
+                    "test/dsatest.o",
+                ],
+            "test/dsatest.o" =>
+                [
+                    "test/dsatest.c",
+                ],
+            "test/dtls_mtu_test" =>
+                [
+                    "test/dtls_mtu_test.o",
+                    "test/ssltestlib.o",
+                ],
+            "test/dtls_mtu_test.o" =>
+                [
+                    "test/dtls_mtu_test.c",
+                ],
+            "test/dtlstest" =>
+                [
+                    "test/dtlstest.o",
+                    "test/ssltestlib.o",
+                ],
+            "test/dtlstest.o" =>
+                [
+                    "test/dtlstest.c",
+                ],
+            "test/dtlsv1listentest" =>
+                [
+                    "test/dtlsv1listentest.o",
+                ],
+            "test/dtlsv1listentest.o" =>
+                [
+                    "test/dtlsv1listentest.c",
+                ],
+            "test/ec_internal_test" =>
+                [
+                    "test/ec_internal_test.o",
+                ],
+            "test/ec_internal_test.o" =>
+                [
+                    "test/ec_internal_test.c",
+                ],
+            "test/ecdsatest" =>
+                [
+                    "test/ecdsatest.o",
+                ],
+            "test/ecdsatest.o" =>
+                [
+                    "test/ecdsatest.c",
+                ],
+            "test/ecstresstest" =>
+                [
+                    "test/ecstresstest.o",
+                ],
+            "test/ecstresstest.o" =>
+                [
+                    "test/ecstresstest.c",
+                ],
+            "test/ectest" =>
+                [
+                    "test/ectest.o",
+                ],
+            "test/ectest.o" =>
+                [
+                    "test/ectest.c",
+                ],
+            "test/enginetest" =>
+                [
+                    "test/enginetest.o",
+                ],
+            "test/enginetest.o" =>
+                [
+                    "test/enginetest.c",
+                ],
+            "test/errtest" =>
+                [
+                    "test/errtest.o",
+                ],
+            "test/errtest.o" =>
+                [
+                    "test/errtest.c",
+                ],
+            "test/evp_extra_test" =>
+                [
+                    "test/evp_extra_test.o",
+                ],
+            "test/evp_extra_test.o" =>
+                [
+                    "test/evp_extra_test.c",
+                ],
+            "test/evp_test" =>
+                [
+                    "test/evp_test.o",
+                ],
+            "test/evp_test.o" =>
+                [
+                    "test/evp_test.c",
+                ],
+            "test/exdatatest" =>
+                [
+                    "test/exdatatest.o",
+                ],
+            "test/exdatatest.o" =>
+                [
+                    "test/exdatatest.c",
+                ],
+            "test/exptest" =>
+                [
+                    "test/exptest.o",
+                ],
+            "test/exptest.o" =>
+                [
+                    "test/exptest.c",
+                ],
+            "test/fatalerrtest" =>
+                [
+                    "test/fatalerrtest.o",
+                    "test/ssltestlib.o",
+                ],
+            "test/fatalerrtest.o" =>
+                [
+                    "test/fatalerrtest.c",
+                ],
+            "test/gmdifftest" =>
+                [
+                    "test/gmdifftest.o",
+                ],
+            "test/gmdifftest.o" =>
+                [
+                    "test/gmdifftest.c",
+                ],
+            "test/gosttest" =>
+                [
+                    "test/gosttest.o",
+                    "test/ssltestlib.o",
+                ],
+            "test/gosttest.o" =>
+                [
+                    "test/gosttest.c",
+                ],
+            "test/handshake_helper.o" =>
+                [
+                    "test/handshake_helper.c",
+                ],
+            "test/hmactest" =>
+                [
+                    "test/hmactest.o",
+                ],
+            "test/hmactest.o" =>
+                [
+                    "test/hmactest.c",
+                ],
+            "test/ideatest" =>
+                [
+                    "test/ideatest.o",
+                ],
+            "test/ideatest.o" =>
+                [
+                    "test/ideatest.c",
+                ],
+            "test/igetest" =>
+                [
+                    "test/igetest.o",
+                ],
+            "test/igetest.o" =>
+                [
+                    "test/igetest.c",
+                ],
+            "test/lhash_test" =>
+                [
+                    "test/lhash_test.o",
+                ],
+            "test/lhash_test.o" =>
+                [
+                    "test/lhash_test.c",
+                ],
+            "test/libtestutil.a" =>
+                [
+                    "test/testutil/basic_output.o",
+                    "test/testutil/cb.o",
+                    "test/testutil/driver.o",
+                    "test/testutil/format_output.o",
+                    "test/testutil/init.o",
+                    "test/testutil/main.o",
+                    "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
+                    "test/testutil/stanza.o",
+                    "test/testutil/tap_bio.o",
+                    "test/testutil/test_cleanup.o",
+                    "test/testutil/tests.o",
+                ],
+            "test/md2test" =>
+                [
+                    "test/md2test.o",
+                ],
+            "test/md2test.o" =>
+                [
+                    "test/md2test.c",
+                ],
+            "test/mdc2_internal_test" =>
+                [
+                    "test/mdc2_internal_test.o",
+                ],
+            "test/mdc2_internal_test.o" =>
+                [
+                    "test/mdc2_internal_test.c",
+                ],
+            "test/mdc2test" =>
+                [
+                    "test/mdc2test.o",
+                ],
+            "test/mdc2test.o" =>
+                [
+                    "test/mdc2test.c",
+                ],
+            "test/memleaktest" =>
+                [
+                    "test/memleaktest.o",
+                ],
+            "test/memleaktest.o" =>
+                [
+                    "test/memleaktest.c",
+                ],
+            "test/modes_internal_test" =>
+                [
+                    "test/modes_internal_test.o",
+                ],
+            "test/modes_internal_test.o" =>
+                [
+                    "test/modes_internal_test.c",
+                ],
+            "test/ocspapitest" =>
+                [
+                    "test/ocspapitest.o",
+                ],
+            "test/ocspapitest.o" =>
+                [
+                    "test/ocspapitest.c",
+                ],
+            "test/packettest" =>
+                [
+                    "test/packettest.o",
+                ],
+            "test/packettest.o" =>
+                [
+                    "test/packettest.c",
+                ],
+            "test/pbelutest" =>
+                [
+                    "test/pbelutest.o",
+                ],
+            "test/pbelutest.o" =>
+                [
+                    "test/pbelutest.c",
+                ],
+            "test/pemtest" =>
+                [
+                    "test/pemtest.o",
+                ],
+            "test/pemtest.o" =>
+                [
+                    "test/pemtest.c",
+                ],
+            "test/pkey_meth_kdf_test" =>
+                [
+                    "test/pkey_meth_kdf_test.o",
+                ],
+            "test/pkey_meth_kdf_test.o" =>
+                [
+                    "test/pkey_meth_kdf_test.c",
+                ],
+            "test/pkey_meth_test" =>
+                [
+                    "test/pkey_meth_test.o",
+                ],
+            "test/pkey_meth_test.o" =>
+                [
+                    "test/pkey_meth_test.c",
+                ],
+            "test/poly1305_internal_test" =>
+                [
+                    "test/poly1305_internal_test.o",
+                ],
+            "test/poly1305_internal_test.o" =>
+                [
+                    "test/poly1305_internal_test.c",
+                ],
+            "test/rc2test" =>
+                [
+                    "test/rc2test.o",
+                ],
+            "test/rc2test.o" =>
+                [
+                    "test/rc2test.c",
+                ],
+            "test/rc4test" =>
+                [
+                    "test/rc4test.o",
+                ],
+            "test/rc4test.o" =>
+                [
+                    "test/rc4test.c",
+                ],
+            "test/rc5test" =>
+                [
+                    "test/rc5test.o",
+                ],
+            "test/rc5test.o" =>
+                [
+                    "test/rc5test.c",
+                ],
+            "test/rdrand_sanitytest" =>
+                [
+                    "test/rdrand_sanitytest.o",
+                ],
+            "test/rdrand_sanitytest.o" =>
+                [
+                    "test/rdrand_sanitytest.c",
+                ],
+            "test/recordlentest" =>
+                [
+                    "test/recordlentest.o",
+                    "test/ssltestlib.o",
+                ],
+            "test/recordlentest.o" =>
+                [
+                    "test/recordlentest.c",
+                ],
+            "test/rsa_complex" =>
+                [
+                    "test/rsa_complex.o",
+                ],
+            "test/rsa_complex.o" =>
+                [
+                    "test/rsa_complex.c",
+                ],
+            "test/rsa_mp_test" =>
+                [
+                    "test/rsa_mp_test.o",
+                ],
+            "test/rsa_mp_test.o" =>
+                [
+                    "test/rsa_mp_test.c",
+                ],
+            "test/rsa_test" =>
+                [
+                    "test/rsa_test.o",
+                ],
+            "test/rsa_test.o" =>
+                [
+                    "test/rsa_test.c",
+                ],
+            "test/sanitytest" =>
+                [
+                    "test/sanitytest.o",
+                ],
+            "test/sanitytest.o" =>
+                [
+                    "test/sanitytest.c",
+                ],
+            "test/secmemtest" =>
+                [
+                    "test/secmemtest.o",
+                ],
+            "test/secmemtest.o" =>
+                [
+                    "test/secmemtest.c",
+                ],
+            "test/servername_test" =>
+                [
+                    "test/servername_test.o",
+                    "test/ssltestlib.o",
+                ],
+            "test/servername_test.o" =>
+                [
+                    "test/servername_test.c",
+                ],
+            "test/siphash_internal_test" =>
+                [
+                    "test/siphash_internal_test.o",
+                ],
+            "test/siphash_internal_test.o" =>
+                [
+                    "test/siphash_internal_test.c",
+                ],
+            "test/sm2_internal_test" =>
+                [
+                    "test/sm2_internal_test.o",
+                ],
+            "test/sm2_internal_test.o" =>
+                [
+                    "test/sm2_internal_test.c",
+                ],
+            "test/sm4_internal_test" =>
+                [
+                    "test/sm4_internal_test.o",
+                ],
+            "test/sm4_internal_test.o" =>
+                [
+                    "test/sm4_internal_test.c",
+                ],
+            "test/srptest" =>
+                [
+                    "test/srptest.o",
+                ],
+            "test/srptest.o" =>
+                [
+                    "test/srptest.c",
+                ],
+            "test/ssl_cert_table_internal_test" =>
+                [
+                    "test/ssl_cert_table_internal_test.o",
+                ],
+            "test/ssl_cert_table_internal_test.o" =>
+                [
+                    "test/ssl_cert_table_internal_test.c",
+                ],
+            "test/ssl_test" =>
+                [
+                    "test/handshake_helper.o",
+                    "test/ssl_test.o",
+                    "test/ssl_test_ctx.o",
+                ],
+            "test/ssl_test.o" =>
+                [
+                    "test/ssl_test.c",
+                ],
+            "test/ssl_test_ctx.o" =>
+                [
+                    "test/ssl_test_ctx.c",
+                ],
+            "test/ssl_test_ctx_test" =>
+                [
+                    "test/ssl_test_ctx.o",
+                    "test/ssl_test_ctx_test.o",
+                ],
+            "test/ssl_test_ctx_test.o" =>
+                [
+                    "test/ssl_test_ctx_test.c",
+                ],
+            "test/sslapitest" =>
+                [
+                    "test/sslapitest.o",
+                    "test/ssltestlib.o",
+                ],
+            "test/sslapitest.o" =>
+                [
+                    "test/sslapitest.c",
+                ],
+            "test/sslbuffertest" =>
+                [
+                    "test/sslbuffertest.o",
+                    "test/ssltestlib.o",
+                ],
+            "test/sslbuffertest.o" =>
+                [
+                    "test/sslbuffertest.c",
+                ],
+            "test/sslcorrupttest" =>
+                [
+                    "test/sslcorrupttest.o",
+                    "test/ssltestlib.o",
+                ],
+            "test/sslcorrupttest.o" =>
+                [
+                    "test/sslcorrupttest.c",
+                ],
+            "test/ssltest_old" =>
+                [
+                    "test/ssltest_old.o",
+                ],
+            "test/ssltest_old.o" =>
+                [
+                    "test/ssltest_old.c",
+                ],
+            "test/ssltestlib.o" =>
+                [
+                    "test/ssltestlib.c",
+                ],
+            "test/stack_test" =>
+                [
+                    "test/stack_test.o",
+                ],
+            "test/stack_test.o" =>
+                [
+                    "test/stack_test.c",
+                ],
+            "test/sysdefaulttest" =>
+                [
+                    "test/sysdefaulttest.o",
+                ],
+            "test/sysdefaulttest.o" =>
+                [
+                    "test/sysdefaulttest.c",
+                ],
+            "test/test_test" =>
+                [
+                    "test/test_test.o",
+                ],
+            "test/test_test.o" =>
+                [
+                    "test/test_test.c",
+                ],
+            "test/testutil/basic_output.o" =>
+                [
+                    "test/testutil/basic_output.c",
+                ],
+            "test/testutil/cb.o" =>
+                [
+                    "test/testutil/cb.c",
+                ],
+            "test/testutil/driver.o" =>
+                [
+                    "test/testutil/driver.c",
+                ],
+            "test/testutil/format_output.o" =>
+                [
+                    "test/testutil/format_output.c",
+                ],
+            "test/testutil/init.o" =>
+                [
+                    "test/testutil/init.c",
+                ],
+            "test/testutil/main.o" =>
+                [
+                    "test/testutil/main.c",
+                ],
+            "test/testutil/output_helpers.o" =>
+                [
+                    "test/testutil/output_helpers.c",
+                ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
+            "test/testutil/stanza.o" =>
+                [
+                    "test/testutil/stanza.c",
+                ],
+            "test/testutil/tap_bio.o" =>
+                [
+                    "test/testutil/tap_bio.c",
+                ],
+            "test/testutil/test_cleanup.o" =>
+                [
+                    "test/testutil/test_cleanup.c",
+                ],
+            "test/testutil/tests.o" =>
+                [
+                    "test/testutil/tests.c",
+                ],
+            "test/threadstest" =>
+                [
+                    "test/threadstest.o",
+                ],
+            "test/threadstest.o" =>
+                [
+                    "test/threadstest.c",
+                ],
+            "test/time_offset_test" =>
+                [
+                    "test/time_offset_test.o",
+                ],
+            "test/time_offset_test.o" =>
+                [
+                    "test/time_offset_test.c",
+                ],
+            "test/tls13ccstest" =>
+                [
+                    "test/ssltestlib.o",
+                    "test/tls13ccstest.o",
+                ],
+            "test/tls13ccstest.o" =>
+                [
+                    "test/tls13ccstest.c",
+                ],
+            "test/tls13encryptiontest" =>
+                [
+                    "test/tls13encryptiontest.o",
+                ],
+            "test/tls13encryptiontest.o" =>
+                [
+                    "test/tls13encryptiontest.c",
+                ],
+            "test/uitest" =>
+                [
+                    "test/uitest.o",
+                ],
+            "test/uitest.o" =>
+                [
+                    "test/uitest.c",
+                ],
+            "test/v3ext" =>
+                [
+                    "test/v3ext.o",
+                ],
+            "test/v3ext.o" =>
+                [
+                    "test/v3ext.c",
+                ],
+            "test/v3nametest" =>
+                [
+                    "test/v3nametest.o",
+                ],
+            "test/v3nametest.o" =>
+                [
+                    "test/v3nametest.c",
+                ],
+            "test/verify_extra_test" =>
+                [
+                    "test/verify_extra_test.o",
+                ],
+            "test/verify_extra_test.o" =>
+                [
+                    "test/verify_extra_test.c",
+                ],
+            "test/versions" =>
+                [
+                    "test/versions.o",
+                ],
+            "test/versions.o" =>
+                [
+                    "test/versions.c",
+                ],
+            "test/wpackettest" =>
+                [
+                    "test/wpackettest.o",
+                ],
+            "test/wpackettest.o" =>
+                [
+                    "test/wpackettest.c",
+                ],
+            "test/x509_check_cert_pkey_test" =>
+                [
+                    "test/x509_check_cert_pkey_test.o",
+                ],
+            "test/x509_check_cert_pkey_test.o" =>
+                [
+                    "test/x509_check_cert_pkey_test.c",
+                ],
+            "test/x509_dup_cert_test" =>
+                [
+                    "test/x509_dup_cert_test.o",
+                ],
+            "test/x509_dup_cert_test.o" =>
+                [
+                    "test/x509_dup_cert_test.c",
+                ],
+            "test/x509_internal_test" =>
+                [
+                    "test/x509_internal_test.o",
+                ],
+            "test/x509_internal_test.o" =>
+                [
+                    "test/x509_internal_test.c",
+                ],
+            "test/x509_time_test" =>
+                [
+                    "test/x509_time_test.o",
+                ],
+            "test/x509_time_test.o" =>
+                [
+                    "test/x509_time_test.c",
+                ],
+            "test/x509aux" =>
+                [
+                    "test/x509aux.o",
+                ],
+            "test/x509aux.o" =>
+                [
+                    "test/x509aux.c",
+                ],
+            "tools/c_rehash" =>
+                [
+                    "tools/c_rehash.in",
+                ],
+            "util/shlib_wrap.sh" =>
+                [
+                    "util/shlib_wrap.sh.in",
+                ],
+        },
+);
+
+# The following data is only used when this files is use as a script
+my @makevars = (
+    'AR',
+    'ARFLAGS',
+    'AS',
+    'ASFLAGS',
+    'CC',
+    'CFLAGS',
+    'CPP',
+    'CPPDEFINES',
+    'CPPFLAGS',
+    'CPPINCLUDES',
+    'CROSS_COMPILE',
+    'CXX',
+    'CXXFLAGS',
+    'HASHBANGPERL',
+    'LD',
+    'LDFLAGS',
+    'LDLIBS',
+    'MT',
+    'MTFLAGS',
+    'PERL',
+    'RANLIB',
+    'RC',
+    'RCFLAGS',
+    'RM',
+);
+my %disabled_info = (
+    'afalgeng' => {
+        macro => 'OPENSSL_NO_AFALGENG',
+    },
+    'asan' => {
+        macro => 'OPENSSL_NO_ASAN',
+    },
+    'comp' => {
+        macro => 'OPENSSL_NO_COMP',
+        skipped => [ 'crypto/comp' ],
+    },
+    'crypto-mdebug' => {
+        macro => 'OPENSSL_NO_CRYPTO_MDEBUG',
+    },
+    'crypto-mdebug-backtrace' => {
+        macro => 'OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE',
+    },
+    'devcryptoeng' => {
+        macro => 'OPENSSL_NO_DEVCRYPTOENG',
+    },
+    'ec_nistp_64_gcc_128' => {
+        macro => 'OPENSSL_NO_EC_NISTP_64_GCC_128',
+    },
+    'egd' => {
+        macro => 'OPENSSL_NO_EGD',
+    },
+    'external-tests' => {
+        macro => 'OPENSSL_NO_EXTERNAL_TESTS',
+    },
+    'fuzz-afl' => {
+        macro => 'OPENSSL_NO_FUZZ_AFL',
+    },
+    'fuzz-libfuzzer' => {
+        macro => 'OPENSSL_NO_FUZZ_LIBFUZZER',
+    },
+    'heartbeats' => {
+        macro => 'OPENSSL_NO_HEARTBEATS',
+    },
+    'md2' => {
+        macro => 'OPENSSL_NO_MD2',
+        skipped => [ 'crypto/md2' ],
+    },
+    'msan' => {
+        macro => 'OPENSSL_NO_MSAN',
+    },
+    'rc5' => {
+        macro => 'OPENSSL_NO_RC5',
+        skipped => [ 'crypto/rc5' ],
+    },
+    'sctp' => {
+        macro => 'OPENSSL_NO_SCTP',
+    },
+    'ssl3' => {
+        macro => 'OPENSSL_NO_SSL3',
+    },
+    'ssl3-method' => {
+        macro => 'OPENSSL_NO_SSL3_METHOD',
+    },
+    'ubsan' => {
+        macro => 'OPENSSL_NO_UBSAN',
+    },
+    'unit-test' => {
+        macro => 'OPENSSL_NO_UNIT_TEST',
+    },
+    'weak-ssl-ciphers' => {
+        macro => 'OPENSSL_NO_WEAK_SSL_CIPHERS',
+    },
+);
+my @user_crossable = qw( AR AS CC CXX CPP LD MT RANLIB RC );
+# If run directly, we can give some answers, and even reconfigure
+unless (caller) {
+    use Getopt::Long;
+    use File::Spec::Functions;
+    use File::Basename;
+    use Pod::Usage;
+
+    my $here = dirname($0);
+
+    my $dump = undef;
+    my $cmdline = undef;
+    my $options = undef;
+    my $target = undef;
+    my $envvars = undef;
+    my $makevars = undef;
+    my $buildparams = undef;
+    my $reconf = undef;
+    my $verbose = undef;
+    my $help = undef;
+    my $man = undef;
+    GetOptions('dump|d'                 => \$dump,
+               'command-line|c'         => \$cmdline,
+               'options|o'              => \$options,
+               'target|t'               => \$target,
+               'environment|e'          => \$envvars,
+               'make-variables|m'       => \$makevars,
+               'build-parameters|b'     => \$buildparams,
+               'reconfigure|reconf|r'   => \$reconf,
+               'verbose|v'              => \$verbose,
+               'help'                   => \$help,
+               'man'                    => \$man)
+        or die "Errors in command line arguments\n";
+
+    unless ($dump || $cmdline || $options || $target || $envvars || $makevars
+            || $buildparams || $reconf || $verbose || $help || $man) {
+        print STDERR <<"_____";
+You must give at least one option.
+For more information, do '$0 --help'
+_____
+        exit(2);
+    }
+
+    if ($help) {
+        pod2usage(-exitval => 0,
+                  -verbose => 1);
+    }
+    if ($man) {
+        pod2usage(-exitval => 0,
+                  -verbose => 2);
+    }
+    if ($dump || $cmdline) {
+        print "\nCommand line (with current working directory = $here):\n\n";
+        print '    ',join(' ',
+                          $config{PERL},
+                          catfile($config{sourcedir}, 'Configure'),
+                          @{$config{perlargv}}), "\n";
+        print "\nPerl information:\n\n";
+        print '    ',$config{perl_cmd},"\n";
+        print '    ',$config{perl_version},' for ',$config{perl_archname},"\n";
+    }
+    if ($dump || $options) {
+        my $longest = 0;
+        my $longest2 = 0;
+        foreach my $what (@disablables) {
+            $longest = length($what) if $longest < length($what);
+            $longest2 = length($disabled{$what})
+                if $disabled{$what} && $longest2 < length($disabled{$what});
+        }
+        print "\nEnabled features:\n\n";
+        foreach my $what (@disablables) {
+            print "    $what\n" unless $disabled{$what};
+        }
+        print "\nDisabled features:\n\n";
+        foreach my $what (@disablables) {
+            if ($disabled{$what}) {
+                print "    $what", ' ' x ($longest - length($what) + 1),
+                    "[$disabled{$what}]", ' ' x ($longest2 - length($disabled{$what}) + 1);
+                print $disabled_info{$what}->{macro}
+                    if $disabled_info{$what}->{macro};
+                print ' (skip ',
+                    join(', ', @{$disabled_info{$what}->{skipped}}),
+                    ')'
+                    if $disabled_info{$what}->{skipped};
+                print "\n";
+            }
+        }
+    }
+    if ($dump || $target) {
+        print "\nConfig target attributes:\n\n";
+        foreach (sort keys %target) {
+            next if $_ =~ m|^_| || $_ eq 'template';
+            my $quotify = sub {
+                map { (my $x = $_) =~ s|([\\\$\@"])|\\$1|g; "\"$x\""} @_;
+            };
+            print '    ', $_, ' => ';
+            if (ref($target{$_}) eq "ARRAY") {
+                print '[ ', join(', ', $quotify->(@{$target{$_}})), " ],\n";
+            } else {
+                print $quotify->($target{$_}), ",\n"
+            }
+        }
+    }
+    if ($dump || $envvars) {
+        print "\nRecorded environment:\n\n";
+        foreach (sort keys %{$config{perlenv}}) {
+            print '    ',$_,' = ',($config{perlenv}->{$_} || ''),"\n";
+        }
+    }
+    if ($dump || $makevars) {
+        print "\nMakevars:\n\n";
+        foreach my $var (@makevars) {
+            my $prefix = '';
+            $prefix = $config{CROSS_COMPILE}
+                if grep { $var eq $_ } @user_crossable;
+            $prefix //= '';
+            print '    ',$var,' ' x (16 - length $var),'= ',
+                (ref $config{$var} eq 'ARRAY'
+                 ? join(' ', @{$config{$var}})
+                 : $prefix.$config{$var}),
+                "\n"
+                if defined $config{$var};
+        }
+
+        my @buildfile = ($config{builddir}, $config{build_file});
+        unshift @buildfile, $here
+            unless file_name_is_absolute($config{builddir});
+        my $buildfile = canonpath(catdir(@buildfile));
+        print <<"_____";
+
+NOTE: These variables only represent the configuration view.  The build file
+template may have processed these variables further, please have a look at the
+build file for more exact data:
+    $buildfile
+_____
+    }
+    if ($dump || $buildparams) {
+        my @buildfile = ($config{builddir}, $config{build_file});
+        unshift @buildfile, $here
+            unless file_name_is_absolute($config{builddir});
+        print "\nbuild file:\n\n";
+        print "    ", canonpath(catfile(@buildfile)),"\n";
+
+        print "\nbuild file templates:\n\n";
+        foreach (@{$config{build_file_templates}}) {
+            my @tmpl = ($_);
+            unshift @tmpl, $here
+                unless file_name_is_absolute($config{sourcedir});
+            print '    ',canonpath(catfile(@tmpl)),"\n";
+        }
+    }
+    if ($reconf) {
+        if ($verbose) {
+            print 'Reconfiguring with: ', join(' ',@{$config{perlargv}}), "\n";
+            foreach (sort keys %{$config{perlenv}}) {
+                print '    ',$_,' = ',($config{perlenv}->{$_} || ""),"\n";
+            }
+        }
+
+        chdir $here;
+        exec $^X,catfile($config{sourcedir}, 'Configure'),'reconf';
+    }
+}
+
+1;
+
+__END__
+
+=head1 NAME
+
+configdata.pm - configuration data for OpenSSL builds
+
+=head1 SYNOPSIS
+
+Interactive:
+
+  perl configdata.pm [options]
+
+As data bank module:
+
+  use configdata;
+
+=head1 DESCRIPTION
+
+This module can be used in two modes, interactively and as a module containing
+all the data recorded by OpenSSL's Configure script.
+
+When used interactively, simply run it as any perl script, with at least one
+option, and you will get the information you ask for.  See L</OPTIONS> below.
+
+When loaded as a module, you get a few databanks with useful information to
+perform build related tasks.  The databanks are:
+
+    %config             Configured things.
+    %target             The OpenSSL config target with all inheritances
+                        resolved.
+    %disabled           The features that are disabled.
+    @disablables        The list of features that can be disabled.
+    %withargs           All data given through --with-THING options.
+    %unified_info       All information that was computed from the build.info
+                        files.
+
+=head1 OPTIONS
+
+=over 4
+
+=item B<--help>
+
+Print a brief help message and exit.
+
+=item B<--man>
+
+Print the manual page and exit.
+
+=item B<--dump> | B<-d>
+
+Print all relevant configuration data.  This is equivalent to B<--command-line>
+B<--options> B<--target> B<--environment> B<--make-variables>
+B<--build-parameters>.
+
+=item B<--command-line> | B<-c>
+
+Print the current configuration command line.
+
+=item B<--options> | B<-o>
+
+Print the features, both enabled and disabled, and display defined macro and
+skipped directories where applicable.
+
+=item B<--target> | B<-t>
+
+Print the config attributes for this config target.
+
+=item B<--environment> | B<-e>
+
+Print the environment variables and their values at the time of configuration.
+
+=item B<--make-variables> | B<-m>
+
+Print the main make variables generated in the current configuration
+
+=item B<--build-parameters> | B<-b>
+
+Print the build parameters, i.e. build file and build file templates.
+
+=item B<--reconfigure> | B<--reconf> | B<-r>
+
+Redo the configuration.
+
+=item B<--verbose> | B<-v>
+
+Verbose output.
+
+=back
+
+=cut
diff --git a/deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/aes/aes-mips.S b/deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/aes/aes-mips.S
new file mode 100644
index 00000000000000..3d7852ec2ed23c
--- /dev/null
+++ b/deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/aes/aes-mips.S
@@ -0,0 +1,1874 @@
+#include "mips_arch.h"
+
+.text
+#if !defined(__mips_eabi) && (!defined(__vxworks) || defined(__pic__))
+.option	pic2
+#endif
+.set	noat
+.align	5
+.ent	_mips_AES_encrypt
+_mips_AES_encrypt:
+	.frame	$29,0,$31
+	.set	reorder
+	lw	$12,0($6)
+	lw	$13,4($6)
+	lw	$14,8($6)
+	lw	$15,12($6)
+	lw	$30,240($6)
+	daddu $3,$6,16
+
+	xor	$8,$12
+	xor	$9,$13
+	xor	$10,$14
+	xor	$11,$15
+
+	subu	$30,1
+#if defined(__mips_smartmips)
+	ext	$1,$9,8,8
+.Loop_enc:
+	ext	$2,$10,8,8
+	ext	$24,$11,8,8
+	ext	$25,$8,8,8
+	lwxs	$12,$1($7)		# Te1[s1>>16]
+	ext	$1,$10,16,8
+	lwxs	$13,$2($7)		# Te1[s2>>16]
+	ext	$2,$11,16,8
+	lwxs	$14,$24($7)		# Te1[s3>>16]
+	ext	$24,$8,16,8
+	lwxs	$15,$25($7)		# Te1[s0>>16]
+	ext	$25,$9,16,8
+
+	lwxs	$16,$1($7)		# Te2[s2>>8]
+	ext	$1,$11,24,8
+	lwxs	$17,$2($7)		# Te2[s3>>8]
+	ext	$2,$8,24,8
+	lwxs	$18,$24($7)		# Te2[s0>>8]
+	ext	$24,$9,24,8
+	lwxs	$19,$25($7)		# Te2[s1>>8]
+	ext	$25,$10,24,8
+
+	lwxs	$20,$1($7)		# Te3[s3]
+	ext	$1,$8,0,8
+	lwxs	$21,$2($7)		# Te3[s0]
+	ext	$2,$9,0,8
+	lwxs	$22,$24($7)		# Te3[s1]
+	ext	$24,$10,0,8
+	lwxs	$23,$25($7)		# Te3[s2]
+	ext	$25,$11,0,8
+
+	rotr	$12,$12,24
+	rotr	$13,$13,24
+	rotr	$14,$14,24
+	rotr	$15,$15,24
+
+	rotr	$16,$16,16
+	rotr	$17,$17,16
+	rotr	$18,$18,16
+	rotr	$19,$19,16
+
+	xor	$12,$16
+	lwxs	$16,$1($7)		# Te0[s0>>24]
+	xor	$13,$17
+	lwxs	$17,$2($7)		# Te0[s1>>24]
+	xor	$14,$18
+	lwxs	$18,$24($7)		# Te0[s2>>24]
+	xor	$15,$19
+	lwxs	$19,$25($7)		# Te0[s3>>24]
+
+	rotr	$20,$20,8
+	lw	$8,0($3)
+	rotr	$21,$21,8
+	lw	$9,4($3)
+	rotr	$22,$22,8
+	lw	$10,8($3)
+	rotr	$23,$23,8
+	lw	$11,12($3)
+
+	xor	$12,$20
+	xor	$13,$21
+	xor	$14,$22
+	xor	$15,$23
+
+	xor	$12,$16
+	xor	$13,$17
+	xor	$14,$18
+	xor	$15,$19
+
+	subu	$30,1
+	daddu $3,16
+	xor	$8,$12
+	xor	$9,$13
+	xor	$10,$14
+	xor	$11,$15
+	.set	noreorder
+	bnez	$30,.Loop_enc
+	ext	$1,$9,8,8
+
+	srl	$1,$9,6
+#else
+	srl	$1,$9,6
+.Loop_enc:
+	srl	$2,$10,6
+	srl	$24,$11,6
+	srl	$25,$8,6
+	and	$1,0x3fc
+	and	$2,0x3fc
+	and	$24,0x3fc
+	and	$25,0x3fc
+	daddu $1,$7
+	daddu $2,$7
+	daddu $24,$7
+	daddu $25,$7
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	lw	$12,0($1)		# Te1[s1>>16]
+	srl	$1,$10,14
+	lw	$13,0($2)		# Te1[s2>>16]
+	srl	$2,$11,14
+	lw	$14,0($24)		# Te1[s3>>16]
+	srl	$24,$8,14
+	lw	$15,0($25)		# Te1[s0>>16]
+	srl	$25,$9,14
+#else
+	lwl	$12,2($1)		# Te1[s1>>16]
+	lwl	$13,2($2)		# Te1[s2>>16]
+	lwl	$14,2($24)		# Te1[s3>>16]
+	lwl	$15,2($25)		# Te1[s0>>16]
+	lwr	$12,3($1)		# Te1[s1>>16]
+	srl	$1,$10,14
+	lwr	$13,3($2)		# Te1[s2>>16]
+	srl	$2,$11,14
+	lwr	$14,3($24)		# Te1[s3>>16]
+	srl	$24,$8,14
+	lwr	$15,3($25)		# Te1[s0>>16]
+	srl	$25,$9,14
+#endif
+	and	$1,0x3fc
+	and	$2,0x3fc
+	and	$24,0x3fc
+	and	$25,0x3fc
+	daddu $1,$7
+	daddu $2,$7
+	daddu $24,$7
+	daddu $25,$7
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	rotr	$12,$12,24
+	rotr	$13,$13,24
+	rotr	$14,$14,24
+	rotr	$15,$15,24
+# if defined(_MIPSEL)
+	lw	$16,0($1)		# Te2[s2>>8]
+	srl	$1,$11,22
+	lw	$17,0($2)		# Te2[s3>>8]
+	srl	$2,$8,22
+	lw	$18,0($24)		# Te2[s0>>8]
+	srl	$24,$9,22
+	lw	$19,0($25)		# Te2[s1>>8]
+	srl	$25,$10,22
+
+	and	$1,0x3fc
+	and	$2,0x3fc
+	and	$24,0x3fc
+	and	$25,0x3fc
+	daddu $1,$7
+	daddu $2,$7
+	daddu $24,$7
+	daddu $25,$7
+	lw	$20,0($1)		# Te3[s3]
+	dins $1,$8,2,8
+	lw	$21,0($2)		# Te3[s0]
+	dins $2,$9,2,8
+	lw	$22,0($24)		# Te3[s1]
+	dins $24,$10,2,8
+	lw	$23,0($25)		# Te3[s2]
+	dins $25,$11,2,8
+# else
+	lw	$16,0($1)		# Te2[s2>>8]
+	dins $1,$11,2,8
+	lw	$17,0($2)		# Te2[s3>>8]
+	dins $2,$8,2,8
+	lw	$18,0($24)		# Te2[s0>>8]
+	dins $24,$9,2,8
+	lw	$19,0($25)		# Te2[s1>>8]
+	dins $25,$10,2,8
+
+	lw	$20,0($1)		# Te3[s3]
+	sll	$1,$8,2
+	lw	$21,0($2)		# Te3[s0]
+	sll	$2,$9,2
+	lw	$22,0($24)		# Te3[s1]
+	sll	$24,$10,2
+	lw	$23,0($25)		# Te3[s2]
+	sll	$25,$11,2
+
+	and	$1,0x3fc
+	and	$2,0x3fc
+	and	$24,0x3fc
+	and	$25,0x3fc
+	daddu $1,$7
+	daddu $2,$7
+	daddu $24,$7
+	daddu $25,$7
+# endif
+	rotr	$16,$16,16
+	rotr	$17,$17,16
+	rotr	$18,$18,16
+	rotr	$19,$19,16
+
+	rotr	$20,$20,8
+	rotr	$21,$21,8
+	rotr	$22,$22,8
+	rotr	$23,$23,8
+#else
+	lwl	$16,1($1)		# Te2[s2>>8]
+	lwl	$17,1($2)		# Te2[s3>>8]
+	lwl	$18,1($24)		# Te2[s0>>8]
+	lwl	$19,1($25)		# Te2[s1>>8]
+	lwr	$16,2($1)		# Te2[s2>>8]
+	srl	$1,$11,22
+	lwr	$17,2($2)		# Te2[s3>>8]
+	srl	$2,$8,22
+	lwr	$18,2($24)		# Te2[s0>>8]
+	srl	$24,$9,22
+	lwr	$19,2($25)		# Te2[s1>>8]
+	srl	$25,$10,22
+
+	and	$1,0x3fc
+	and	$2,0x3fc
+	and	$24,0x3fc
+	and	$25,0x3fc
+	daddu $1,$7
+	daddu $2,$7
+	daddu $24,$7
+	daddu $25,$7
+	lwl	$20,0($1)		# Te3[s3]
+	lwl	$21,0($2)		# Te3[s0]
+	lwl	$22,0($24)		# Te3[s1]
+	lwl	$23,0($25)		# Te3[s2]
+	lwr	$20,1($1)		# Te3[s3]
+	sll	$1,$8,2
+	lwr	$21,1($2)		# Te3[s0]
+	sll	$2,$9,2
+	lwr	$22,1($24)		# Te3[s1]
+	sll	$24,$10,2
+	lwr	$23,1($25)		# Te3[s2]
+	sll	$25,$11,2
+
+	and	$1,0x3fc
+	and	$2,0x3fc
+	and	$24,0x3fc
+	and	$25,0x3fc
+	daddu $1,$7
+	daddu $2,$7
+	daddu $24,$7
+	daddu $25,$7
+#endif
+	xor	$12,$16
+	lw	$16,0($1)		# Te0[s0>>24]
+	xor	$13,$17
+	lw	$17,0($2)		# Te0[s1>>24]
+	xor	$14,$18
+	lw	$18,0($24)		# Te0[s2>>24]
+	xor	$15,$19
+	lw	$19,0($25)		# Te0[s3>>24]
+
+	xor	$12,$20
+	lw	$8,0($3)
+	xor	$13,$21
+	lw	$9,4($3)
+	xor	$14,$22
+	lw	$10,8($3)
+	xor	$15,$23
+	lw	$11,12($3)
+
+	xor	$12,$16
+	xor	$13,$17
+	xor	$14,$18
+	xor	$15,$19
+
+	subu	$30,1
+	daddu $3,16
+	xor	$8,$12
+	xor	$9,$13
+	xor	$10,$14
+	xor	$11,$15
+	.set	noreorder
+	bnez	$30,.Loop_enc
+	srl	$1,$9,6
+#endif
+
+	.set	reorder
+	srl	$2,$10,6
+	srl	$24,$11,6
+	srl	$25,$8,6
+	and	$1,0x3fc
+	and	$2,0x3fc
+	and	$24,0x3fc
+	and	$25,0x3fc
+	daddu $1,$7
+	daddu $2,$7
+	daddu $24,$7
+	daddu $25,$7
+	lbu	$12,2($1)		# Te4[s1>>16]
+	srl	$1,$10,14
+	lbu	$13,2($2)		# Te4[s2>>16]
+	srl	$2,$11,14
+	lbu	$14,2($24)		# Te4[s3>>16]
+	srl	$24,$8,14
+	lbu	$15,2($25)		# Te4[s0>>16]
+	srl	$25,$9,14
+
+	and	$1,0x3fc
+	and	$2,0x3fc
+	and	$24,0x3fc
+	and	$25,0x3fc
+	daddu $1,$7
+	daddu $2,$7
+	daddu $24,$7
+	daddu $25,$7
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+# if defined(_MIPSEL)
+	lbu	$16,2($1)		# Te4[s2>>8]
+	dins $1,$8,2,8
+	lbu	$17,2($2)		# Te4[s3>>8]
+	dins $2,$9,2,8
+	lbu	$18,2($24)		# Te4[s0>>8]
+	dins $24,$10,2,8
+	lbu	$19,2($25)		# Te4[s1>>8]
+	dins $25,$11,2,8
+
+	lbu	$20,2($1)		# Te4[s0>>24]
+	srl	$1,$11,22
+	lbu	$21,2($2)		# Te4[s1>>24]
+	srl	$2,$8,22
+	lbu	$22,2($24)		# Te4[s2>>24]
+	srl	$24,$9,22
+	lbu	$23,2($25)		# Te4[s3>>24]
+	srl	$25,$10,22
+
+	and	$1,0x3fc
+	and	$2,0x3fc
+	and	$24,0x3fc
+	and	$25,0x3fc
+	daddu $1,$7
+	daddu $2,$7
+	daddu $24,$7
+	daddu $25,$7
+# else
+	lbu	$16,2($1)		# Te4[s2>>8]
+	sll	$1,$8,2
+	lbu	$17,2($2)		# Te4[s3>>8]
+	sll	$2,$9,2
+	lbu	$18,2($24)		# Te4[s0>>8]
+	sll	$24,$10,2
+	lbu	$19,2($25)		# Te4[s1>>8]
+	sll	$25,$11,2
+
+	and	$1,0x3fc
+	and	$2,0x3fc
+	and	$24,0x3fc
+	and	$25,0x3fc
+	daddu $1,$7
+	daddu $2,$7
+	daddu $24,$7
+	daddu $25,$7
+	lbu	$20,2($1)		# Te4[s0>>24]
+	dins $1,$11,2,8
+	lbu	$21,2($2)		# Te4[s1>>24]
+	dins $2,$8,2,8
+	lbu	$22,2($24)		# Te4[s2>>24]
+	dins $24,$9,2,8
+	lbu	$23,2($25)		# Te4[s3>>24]
+	dins $25,$10,2,8
+# endif
+	sll	$12,$12,8
+	sll	$13,$13,8
+	sll	$14,$14,8
+	sll	$15,$15,8
+
+	ins	$12,$16,16,8
+	lbu	$16,2($1)		# Te4[s3]
+	ins	$13,$17,16,8
+	lbu	$17,2($2)		# Te4[s0]
+	ins	$14,$18,16,8
+	lbu	$18,2($24)		# Te4[s1]
+	ins	$15,$19,16,8
+	lbu	$19,2($25)		# Te4[s2]
+
+	ins	$12,$20,0,8
+	lw	$8,0($3)
+	ins	$13,$21,0,8
+	lw	$9,4($3)
+	ins	$14,$22,0,8
+	lw	$10,8($3)
+	ins	$15,$23,0,8
+	lw	$11,12($3)
+
+	ins	$12,$16,24,8
+	ins	$13,$17,24,8
+	ins	$14,$18,24,8
+	ins	$15,$19,24,8
+#else
+	lbu	$16,2($1)		# Te4[s2>>8]
+	sll	$1,$8,2
+	lbu	$17,2($2)		# Te4[s3>>8]
+	sll	$2,$9,2
+	lbu	$18,2($24)		# Te4[s0>>8]
+	sll	$24,$10,2
+	lbu	$19,2($25)		# Te4[s1>>8]
+	sll	$25,$11,2
+
+	and	$1,0x3fc
+	and	$2,0x3fc
+	and	$24,0x3fc
+	and	$25,0x3fc
+	daddu $1,$7
+	daddu $2,$7
+	daddu $24,$7
+	daddu $25,$7
+	lbu	$20,2($1)		# Te4[s0>>24]
+	srl	$1,$11,22
+	lbu	$21,2($2)		# Te4[s1>>24]
+	srl	$2,$8,22
+	lbu	$22,2($24)		# Te4[s2>>24]
+	srl	$24,$9,22
+	lbu	$23,2($25)		# Te4[s3>>24]
+	srl	$25,$10,22
+
+	and	$1,0x3fc
+	and	$2,0x3fc
+	and	$24,0x3fc
+	and	$25,0x3fc
+	daddu $1,$7
+	daddu $2,$7
+	daddu $24,$7
+	daddu $25,$7
+
+	sll	$12,$12,8
+	sll	$13,$13,8
+	sll	$14,$14,8
+	sll	$15,$15,8
+
+	sll	$16,$16,16
+	sll	$17,$17,16
+	sll	$18,$18,16
+	sll	$19,$19,16
+
+	xor	$12,$16
+	lbu	$16,2($1)		# Te4[s3]
+	xor	$13,$17
+	lbu	$17,2($2)		# Te4[s0]
+	xor	$14,$18
+	lbu	$18,2($24)		# Te4[s1]
+	xor	$15,$19
+	lbu	$19,2($25)		# Te4[s2]
+
+	#sll	$20,$20,0
+	lw	$8,0($3)
+	#sll	$21,$21,0
+	lw	$9,4($3)
+	#sll	$22,$22,0
+	lw	$10,8($3)
+	#sll	$23,$23,0
+	lw	$11,12($3)
+
+	xor	$12,$20
+	xor	$13,$21
+	xor	$14,$22
+	xor	$15,$23
+
+	sll	$16,$16,24
+	sll	$17,$17,24
+	sll	$18,$18,24
+	sll	$19,$19,24
+
+	xor	$12,$16
+	xor	$13,$17
+	xor	$14,$18
+	xor	$15,$19
+#endif
+	xor	$8,$12
+	xor	$9,$13
+	xor	$10,$14
+	xor	$11,$15
+
+	jr	$31
+.end	_mips_AES_encrypt
+
+.align	5
+.globl	AES_encrypt
+.ent	AES_encrypt
+AES_encrypt:
+	.frame	$29,128,$31
+	.mask	0xc0ff0000,-8
+	.set	noreorder
+	dsubu $29,128
+	sd	$31,128-1*8($29)
+	sd	$30,128-2*8($29)
+	sd	$23,128-3*8($29)
+	sd	$22,128-4*8($29)
+	sd	$21,128-5*8($29)
+	sd	$20,128-6*8($29)
+	sd	$19,128-7*8($29)
+	sd	$18,128-8*8($29)
+	sd	$17,128-9*8($29)
+	sd	$16,128-10*8($29)
+	.cplocal	$7
+	.cpsetup	$25,$0,AES_encrypt
+	.set	reorder
+	dla	$7,AES_Te		# PIC-ified 'load address'
+
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	lw	$8,0($4)
+	lw	$9,4($4)
+	lw	$10,8($4)
+	lw	$11,12($4)
+#else
+	lwl	$8,0+3($4)
+	lwl	$9,4+3($4)
+	lwl	$10,8+3($4)
+	lwl	$11,12+3($4)
+	lwr	$8,0+0($4)
+	lwr	$9,4+0($4)
+	lwr	$10,8+0($4)
+	lwr	$11,12+0($4)
+#endif
+
+	bal	_mips_AES_encrypt
+
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	sw	$8,0($5)
+	sw	$9,4($5)
+	sw	$10,8($5)
+	sw	$11,12($5)
+#else
+	swr	$8,0+0($5)
+	swr	$9,4+0($5)
+	swr	$10,8+0($5)
+	swr	$11,12+0($5)
+	swl	$8,0+3($5)
+	swl	$9,4+3($5)
+	swl	$10,8+3($5)
+	swl	$11,12+3($5)
+#endif
+
+	.set	noreorder
+	ld	$31,128-1*8($29)
+	ld	$30,128-2*8($29)
+	ld	$23,128-3*8($29)
+	ld	$22,128-4*8($29)
+	ld	$21,128-5*8($29)
+	ld	$20,128-6*8($29)
+	ld	$19,128-7*8($29)
+	ld	$18,128-8*8($29)
+	ld	$17,128-9*8($29)
+	ld	$16,128-10*8($29)
+	jr	$31
+	daddu $29,128
+.end	AES_encrypt
+.align	5
+.ent	_mips_AES_decrypt
+_mips_AES_decrypt:
+	.frame	$29,0,$31
+	.set	reorder
+	lw	$12,0($6)
+	lw	$13,4($6)
+	lw	$14,8($6)
+	lw	$15,12($6)
+	lw	$30,240($6)
+	daddu $3,$6,16
+
+	xor	$8,$12
+	xor	$9,$13
+	xor	$10,$14
+	xor	$11,$15
+
+	subu	$30,1
+#if defined(__mips_smartmips)
+	ext	$1,$11,8,8
+.Loop_dec:
+	ext	$2,$8,8,8
+	ext	$24,$9,8,8
+	ext	$25,$10,8,8
+	lwxs	$12,$1($7)		# Td1[s3>>16]
+	ext	$1,$10,16,8
+	lwxs	$13,$2($7)		# Td1[s0>>16]
+	ext	$2,$11,16,8
+	lwxs	$14,$24($7)		# Td1[s1>>16]
+	ext	$24,$8,16,8
+	lwxs	$15,$25($7)		# Td1[s2>>16]
+	ext	$25,$9,16,8
+
+	lwxs	$16,$1($7)		# Td2[s2>>8]
+	ext	$1,$9,24,8
+	lwxs	$17,$2($7)		# Td2[s3>>8]
+	ext	$2,$10,24,8
+	lwxs	$18,$24($7)		# Td2[s0>>8]
+	ext	$24,$11,24,8
+	lwxs	$19,$25($7)		# Td2[s1>>8]
+	ext	$25,$8,24,8
+
+	lwxs	$20,$1($7)		# Td3[s1]
+	ext	$1,$8,0,8
+	lwxs	$21,$2($7)		# Td3[s2]
+	ext	$2,$9,0,8
+	lwxs	$22,$24($7)		# Td3[s3]
+	ext	$24,$10,0,8
+	lwxs	$23,$25($7)		# Td3[s0]
+	ext	$25,$11,0,8
+
+	rotr	$12,$12,24
+	rotr	$13,$13,24
+	rotr	$14,$14,24
+	rotr	$15,$15,24
+
+	rotr	$16,$16,16
+	rotr	$17,$17,16
+	rotr	$18,$18,16
+	rotr	$19,$19,16
+
+	xor	$12,$16
+	lwxs	$16,$1($7)		# Td0[s0>>24]
+	xor	$13,$17
+	lwxs	$17,$2($7)		# Td0[s1>>24]
+	xor	$14,$18
+	lwxs	$18,$24($7)		# Td0[s2>>24]
+	xor	$15,$19
+	lwxs	$19,$25($7)		# Td0[s3>>24]
+
+	rotr	$20,$20,8
+	lw	$8,0($3)
+	rotr	$21,$21,8
+	lw	$9,4($3)
+	rotr	$22,$22,8
+	lw	$10,8($3)
+	rotr	$23,$23,8
+	lw	$11,12($3)
+
+	xor	$12,$20
+	xor	$13,$21
+	xor	$14,$22
+	xor	$15,$23
+
+	xor	$12,$16
+	xor	$13,$17
+	xor	$14,$18
+	xor	$15,$19
+
+	subu	$30,1
+	daddu $3,16
+	xor	$8,$12
+	xor	$9,$13
+	xor	$10,$14
+	xor	$11,$15
+	.set	noreorder
+	bnez	$30,.Loop_dec
+	ext	$1,$11,8,8
+
+	srl	$1,$11,6
+#else
+	srl	$1,$11,6
+.Loop_dec:
+	srl	$2,$8,6
+	srl	$24,$9,6
+	srl	$25,$10,6
+	and	$1,0x3fc
+	and	$2,0x3fc
+	and	$24,0x3fc
+	and	$25,0x3fc
+	daddu $1,$7
+	daddu $2,$7
+	daddu $24,$7
+	daddu $25,$7
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	lw	$12,0($1)		# Td1[s3>>16]
+	srl	$1,$10,14
+	lw	$13,0($2)		# Td1[s0>>16]
+	srl	$2,$11,14
+	lw	$14,0($24)		# Td1[s1>>16]
+	srl	$24,$8,14
+	lw	$15,0($25)		# Td1[s2>>16]
+	srl	$25,$9,14
+#else
+	lwl	$12,2($1)		# Td1[s3>>16]
+	lwl	$13,2($2)		# Td1[s0>>16]
+	lwl	$14,2($24)		# Td1[s1>>16]
+	lwl	$15,2($25)		# Td1[s2>>16]
+	lwr	$12,3($1)		# Td1[s3>>16]
+	srl	$1,$10,14
+	lwr	$13,3($2)		# Td1[s0>>16]
+	srl	$2,$11,14
+	lwr	$14,3($24)		# Td1[s1>>16]
+	srl	$24,$8,14
+	lwr	$15,3($25)		# Td1[s2>>16]
+	srl	$25,$9,14
+#endif
+
+	and	$1,0x3fc
+	and	$2,0x3fc
+	and	$24,0x3fc
+	and	$25,0x3fc
+	daddu $1,$7
+	daddu $2,$7
+	daddu $24,$7
+	daddu $25,$7
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	rotr	$12,$12,24
+	rotr	$13,$13,24
+	rotr	$14,$14,24
+	rotr	$15,$15,24
+# if defined(_MIPSEL)
+	lw	$16,0($1)		# Td2[s2>>8]
+	srl	$1,$9,22
+	lw	$17,0($2)		# Td2[s3>>8]
+	srl	$2,$10,22
+	lw	$18,0($24)		# Td2[s0>>8]
+	srl	$24,$11,22
+	lw	$19,0($25)		# Td2[s1>>8]
+	srl	$25,$8,22
+
+	and	$1,0x3fc
+	and	$2,0x3fc
+	and	$24,0x3fc
+	and	$25,0x3fc
+	daddu $1,$7
+	daddu $2,$7
+	daddu $24,$7
+	daddu $25,$7
+	lw	$20,0($1)		# Td3[s1]
+	dins $1,$8,2,8
+	lw	$21,0($2)		# Td3[s2]
+	dins $2,$9,2,8
+	lw	$22,0($24)		# Td3[s3]
+	dins $24,$10,2,8
+	lw	$23,0($25)		# Td3[s0]
+	dins $25,$11,2,8
+#else
+	lw	$16,0($1)		# Td2[s2>>8]
+	dins $1,$9,2,8
+	lw	$17,0($2)		# Td2[s3>>8]
+	dins $2,$10,2,8
+	lw	$18,0($24)		# Td2[s0>>8]
+	dins $24,$11,2,8
+	lw	$19,0($25)		# Td2[s1>>8]
+	dins $25,$8,2,8
+
+	lw	$20,0($1)		# Td3[s1]
+	sll	$1,$8,2
+	lw	$21,0($2)		# Td3[s2]
+	sll	$2,$9,2
+	lw	$22,0($24)		# Td3[s3]
+	sll	$24,$10,2
+	lw	$23,0($25)		# Td3[s0]
+	sll	$25,$11,2
+
+	and	$1,0x3fc
+	and	$2,0x3fc
+	and	$24,0x3fc
+	and	$25,0x3fc
+	daddu $1,$7
+	daddu $2,$7
+	daddu $24,$7
+	daddu $25,$7
+#endif
+	rotr	$16,$16,16
+	rotr	$17,$17,16
+	rotr	$18,$18,16
+	rotr	$19,$19,16
+
+	rotr	$20,$20,8
+	rotr	$21,$21,8
+	rotr	$22,$22,8
+	rotr	$23,$23,8
+#else
+	lwl	$16,1($1)		# Td2[s2>>8]
+	lwl	$17,1($2)		# Td2[s3>>8]
+	lwl	$18,1($24)		# Td2[s0>>8]
+	lwl	$19,1($25)		# Td2[s1>>8]
+	lwr	$16,2($1)		# Td2[s2>>8]
+	srl	$1,$9,22
+	lwr	$17,2($2)		# Td2[s3>>8]
+	srl	$2,$10,22
+	lwr	$18,2($24)		# Td2[s0>>8]
+	srl	$24,$11,22
+	lwr	$19,2($25)		# Td2[s1>>8]
+	srl	$25,$8,22
+
+	and	$1,0x3fc
+	and	$2,0x3fc
+	and	$24,0x3fc
+	and	$25,0x3fc
+	daddu $1,$7
+	daddu $2,$7
+	daddu $24,$7
+	daddu $25,$7
+	lwl	$20,0($1)		# Td3[s1]
+	lwl	$21,0($2)		# Td3[s2]
+	lwl	$22,0($24)		# Td3[s3]
+	lwl	$23,0($25)		# Td3[s0]
+	lwr	$20,1($1)		# Td3[s1]
+	sll	$1,$8,2
+	lwr	$21,1($2)		# Td3[s2]
+	sll	$2,$9,2
+	lwr	$22,1($24)		# Td3[s3]
+	sll	$24,$10,2
+	lwr	$23,1($25)		# Td3[s0]
+	sll	$25,$11,2
+
+	and	$1,0x3fc
+	and	$2,0x3fc
+	and	$24,0x3fc
+	and	$25,0x3fc
+	daddu $1,$7
+	daddu $2,$7
+	daddu $24,$7
+	daddu $25,$7
+#endif
+
+	xor	$12,$16
+	lw	$16,0($1)		# Td0[s0>>24]
+	xor	$13,$17
+	lw	$17,0($2)		# Td0[s1>>24]
+	xor	$14,$18
+	lw	$18,0($24)		# Td0[s2>>24]
+	xor	$15,$19
+	lw	$19,0($25)		# Td0[s3>>24]
+
+	xor	$12,$20
+	lw	$8,0($3)
+	xor	$13,$21
+	lw	$9,4($3)
+	xor	$14,$22
+	lw	$10,8($3)
+	xor	$15,$23
+	lw	$11,12($3)
+
+	xor	$12,$16
+	xor	$13,$17
+	xor	$14,$18
+	xor	$15,$19
+
+	subu	$30,1
+	daddu $3,16
+	xor	$8,$12
+	xor	$9,$13
+	xor	$10,$14
+	xor	$11,$15
+	.set	noreorder
+	bnez	$30,.Loop_dec
+	srl	$1,$11,6
+#endif
+
+	.set	reorder
+	lw	$16,1024($7)		# prefetch Td4
+	srl	$1,$11,8
+	lw	$17,1024+32($7)
+	srl	$2,$8,8
+	lw	$18,1024+64($7)
+	srl	$24,$9,8
+	lw	$19,1024+96($7)
+	srl	$25,$10,8
+	lw	$20,1024+128($7)
+	and	$1,0xff
+	lw	$21,1024+160($7)
+	and	$2,0xff
+	lw	$22,1024+192($7)
+	and	$24,0xff
+	lw	$23,1024+224($7)
+	and	$25,0xff
+
+	daddu $1,$7
+	daddu $2,$7
+	daddu $24,$7
+	daddu $25,$7
+	lbu	$12,1024($1)		# Td4[s3>>16]
+	srl	$1,$10,16
+	lbu	$13,1024($2)		# Td4[s0>>16]
+	srl	$2,$11,16
+	lbu	$14,1024($24)		# Td4[s1>>16]
+	srl	$24,$8,16
+	lbu	$15,1024($25)		# Td4[s2>>16]
+	srl	$25,$9,16
+
+	and	$1,0xff
+	and	$2,0xff
+	and	$24,0xff
+	and	$25,0xff
+	daddu $1,$7
+	daddu $2,$7
+	daddu $24,$7
+	daddu $25,$7
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+# if defined(_MIPSEL)
+	lbu	$16,1024($1)		# Td4[s2>>8]
+	dins $1,$8,0,8
+	lbu	$17,1024($2)		# Td4[s3>>8]
+	dins $2,$9,0,8
+	lbu	$18,1024($24)		# Td4[s0>>8]
+	dins $24,$10,0,8
+	lbu	$19,1024($25)		# Td4[s1>>8]
+	dins $25,$11,0,8
+
+	lbu	$20,1024($1)		# Td4[s0>>24]
+	srl	$1,$9,24
+	lbu	$21,1024($2)		# Td4[s1>>24]
+	srl	$2,$10,24
+	lbu	$22,1024($24)		# Td4[s2>>24]
+	srl	$24,$11,24
+	lbu	$23,1024($25)		# Td4[s3>>24]
+	srl	$25,$8,24
+
+	daddu $1,$7
+	daddu $2,$7
+	daddu $24,$7
+	daddu $25,$7
+# else
+	lbu	$16,1024($1)		# Td4[s2>>8]
+	and	$1,$8,0xff
+	lbu	$17,1024($2)		# Td4[s3>>8]
+	and	$2,$9,0xff
+	lbu	$18,1024($24)		# Td4[s0>>8]
+	and	$24,$10,0xff
+	lbu	$19,1024($25)		# Td4[s1>>8]
+	and	$25,$11,0xff
+
+	daddu $1,$7
+	daddu $2,$7
+	daddu $24,$7
+	daddu $25,$7
+	lbu	$20,1024($1)		# Td4[s0>>24]
+	dins $1,$9,0,8
+	lbu	$21,1024($2)		# Td4[s1>>24]
+	dins $2,$10,0,8
+	lbu	$22,1024($24)		# Td4[s2>>24]
+	dins $24,$11,0,8
+	lbu	$23,1024($25)		# Td4[s3>>24]
+	dins $25,$8,0,8
+# endif
+	sll	$12,$12,8
+	sll	$13,$13,8
+	sll	$14,$14,8
+	sll	$15,$15,8
+
+	ins	$12,$16,16,8
+	lbu	$16,1024($1)		# Td4[s1]
+	ins	$13,$17,16,8
+	lbu	$17,1024($2)		# Td4[s2]
+	ins	$14,$18,16,8
+	lbu	$18,1024($24)		# Td4[s3]
+	ins	$15,$19,16,8
+	lbu	$19,1024($25)		# Td4[s0]
+
+	ins	$12,$20,0,8
+	lw	$8,0($3)
+	ins	$13,$21,0,8
+	lw	$9,4($3)
+	ins	$14,$22,0,8
+	lw	$10,8($3)
+	ins	$15,$23,0,8
+	lw	$11,12($3)
+
+	ins	$12,$16,24,8
+	ins	$13,$17,24,8
+	ins	$14,$18,24,8
+	ins	$15,$19,24,8
+#else
+	lbu	$16,1024($1)		# Td4[s2>>8]
+	and	$1,$8,0xff
+	lbu	$17,1024($2)		# Td4[s3>>8]
+	and	$2,$9,0xff
+	lbu	$18,1024($24)		# Td4[s0>>8]
+	and	$24,$10,0xff
+	lbu	$19,1024($25)		# Td4[s1>>8]
+	and	$25,$11,0xff
+
+	daddu $1,$7
+	daddu $2,$7
+	daddu $24,$7
+	daddu $25,$7
+	lbu	$20,1024($1)		# Td4[s0>>24]
+	srl	$1,$9,24
+	lbu	$21,1024($2)		# Td4[s1>>24]
+	srl	$2,$10,24
+	lbu	$22,1024($24)		# Td4[s2>>24]
+	srl	$24,$11,24
+	lbu	$23,1024($25)		# Td4[s3>>24]
+	srl	$25,$8,24
+
+	daddu $1,$7
+	daddu $2,$7
+	daddu $24,$7
+	daddu $25,$7
+
+	sll	$12,$12,8
+	sll	$13,$13,8
+	sll	$14,$14,8
+	sll	$15,$15,8
+
+	sll	$16,$16,16
+	sll	$17,$17,16
+	sll	$18,$18,16
+	sll	$19,$19,16
+
+	xor	$12,$16
+	lbu	$16,1024($1)		# Td4[s1]
+	xor	$13,$17
+	lbu	$17,1024($2)		# Td4[s2]
+	xor	$14,$18
+	lbu	$18,1024($24)		# Td4[s3]
+	xor	$15,$19
+	lbu	$19,1024($25)		# Td4[s0]
+
+	#sll	$20,$20,0
+	lw	$8,0($3)
+	#sll	$21,$21,0
+	lw	$9,4($3)
+	#sll	$22,$22,0
+	lw	$10,8($3)
+	#sll	$23,$23,0
+	lw	$11,12($3)
+
+	xor	$12,$20
+	xor	$13,$21
+	xor	$14,$22
+	xor	$15,$23
+
+	sll	$16,$16,24
+	sll	$17,$17,24
+	sll	$18,$18,24
+	sll	$19,$19,24
+
+	xor	$12,$16
+	xor	$13,$17
+	xor	$14,$18
+	xor	$15,$19
+#endif
+
+	xor	$8,$12
+	xor	$9,$13
+	xor	$10,$14
+	xor	$11,$15
+
+	jr	$31
+.end	_mips_AES_decrypt
+
+.align	5
+.globl	AES_decrypt
+.ent	AES_decrypt
+AES_decrypt:
+	.frame	$29,128,$31
+	.mask	0xc0ff0000,-8
+	.set	noreorder
+	dsubu $29,128
+	sd	$31,128-1*8($29)
+	sd	$30,128-2*8($29)
+	sd	$23,128-3*8($29)
+	sd	$22,128-4*8($29)
+	sd	$21,128-5*8($29)
+	sd	$20,128-6*8($29)
+	sd	$19,128-7*8($29)
+	sd	$18,128-8*8($29)
+	sd	$17,128-9*8($29)
+	sd	$16,128-10*8($29)
+	.cplocal	$7
+	.cpsetup	$25,$0,AES_decrypt
+	.set	reorder
+	dla	$7,AES_Td		# PIC-ified 'load address'
+
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	lw	$8,0($4)
+	lw	$9,4($4)
+	lw	$10,8($4)
+	lw	$11,12($4)
+#else
+	lwl	$8,0+3($4)
+	lwl	$9,4+3($4)
+	lwl	$10,8+3($4)
+	lwl	$11,12+3($4)
+	lwr	$8,0+0($4)
+	lwr	$9,4+0($4)
+	lwr	$10,8+0($4)
+	lwr	$11,12+0($4)
+#endif
+
+	bal	_mips_AES_decrypt
+
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	sw	$8,0($5)
+	sw	$9,4($5)
+	sw	$10,8($5)
+	sw	$11,12($5)
+#else
+	swr	$8,0+0($5)
+	swr	$9,4+0($5)
+	swr	$10,8+0($5)
+	swr	$11,12+0($5)
+	swl	$8,0+3($5)
+	swl	$9,4+3($5)
+	swl	$10,8+3($5)
+	swl	$11,12+3($5)
+#endif
+
+	.set	noreorder
+	ld	$31,128-1*8($29)
+	ld	$30,128-2*8($29)
+	ld	$23,128-3*8($29)
+	ld	$22,128-4*8($29)
+	ld	$21,128-5*8($29)
+	ld	$20,128-6*8($29)
+	ld	$19,128-7*8($29)
+	ld	$18,128-8*8($29)
+	ld	$17,128-9*8($29)
+	ld	$16,128-10*8($29)
+	jr	$31
+	daddu $29,128
+.end	AES_decrypt
+.align	5
+.ent	_mips_AES_set_encrypt_key
+_mips_AES_set_encrypt_key:
+	.frame	$29,0,$31
+	.set	noreorder
+	beqz	$4,.Lekey_done
+	li	$2,-1
+	beqz	$6,.Lekey_done
+	daddu $3,$7,256
+
+	.set	reorder
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	lw	$8,0($4)		# load 128 bits
+	lw	$9,4($4)
+	lw	$10,8($4)
+	lw	$11,12($4)
+#else
+	lwl	$8,0+3($4)	# load 128 bits
+	lwl	$9,4+3($4)
+	lwl	$10,8+3($4)
+	lwl	$11,12+3($4)
+	lwr	$8,0+0($4)
+	lwr	$9,4+0($4)
+	lwr	$10,8+0($4)
+	lwr	$11,12+0($4)
+#endif
+	li	$1,128
+	.set	noreorder
+	beq	$5,$1,.L128bits
+	li	$30,10
+
+	.set	reorder
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	lw	$12,16($4)		# load 192 bits
+	lw	$13,20($4)
+#else
+	lwl	$12,16+3($4)	# load 192 bits
+	lwl	$13,20+3($4)
+	lwr	$12,16+0($4)
+	lwr	$13,20+0($4)
+#endif
+	li	$1,192
+	.set	noreorder
+	beq	$5,$1,.L192bits
+	li	$30,8
+
+	.set	reorder
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	lw	$14,24($4)		# load 256 bits
+	lw	$15,28($4)
+#else
+	lwl	$14,24+3($4)	# load 256 bits
+	lwl	$15,28+3($4)
+	lwr	$14,24+0($4)
+	lwr	$15,28+0($4)
+#endif
+	li	$1,256
+	.set	noreorder
+	beq	$5,$1,.L256bits
+	li	$30,7
+
+	b	.Lekey_done
+	li	$2,-2
+
+.align	4
+.L128bits:
+	.set	reorder
+	srl	$1,$11,16
+	srl	$2,$11,8
+	and	$1,0xff
+	and	$2,0xff
+	and	$24,$11,0xff
+	srl	$25,$11,24
+	daddu $1,$7
+	daddu $2,$7
+	daddu $24,$7
+	daddu $25,$7
+	lbu	$1,0($1)
+	lbu	$2,0($2)
+	lbu	$24,0($24)
+	lbu	$25,0($25)
+
+	sw	$8,0($6)
+	sw	$9,4($6)
+	sw	$10,8($6)
+	sw	$11,12($6)
+	subu	$30,1
+	daddu $6,16
+
+	sll	$1,$1,8
+	#sll	$2,$2,0
+	sll	$24,$24,24
+	sll	$25,$25,16
+
+	xor	$8,$1
+	lw	$1,0($3)
+	xor	$8,$2
+	xor	$8,$24
+	xor	$8,$25
+	xor	$8,$1
+
+	xor	$9,$8
+	xor	$10,$9
+	xor	$11,$10
+
+	.set	noreorder
+	bnez	$30,.L128bits
+	daddu $3,4
+
+	sw	$8,0($6)
+	sw	$9,4($6)
+	sw	$10,8($6)
+	li	$30,10
+	sw	$11,12($6)
+	li	$2,0
+	sw	$30,80($6)
+	b	.Lekey_done
+	dsubu $6,10*16
+
+.align	4
+.L192bits:
+	.set	reorder
+	srl	$1,$13,16
+	srl	$2,$13,8
+	and	$1,0xff
+	and	$2,0xff
+	and	$24,$13,0xff
+	srl	$25,$13,24
+	daddu $1,$7
+	daddu $2,$7
+	daddu $24,$7
+	daddu $25,$7
+	lbu	$1,0($1)
+	lbu	$2,0($2)
+	lbu	$24,0($24)
+	lbu	$25,0($25)
+
+	sw	$8,0($6)
+	sw	$9,4($6)
+	sw	$10,8($6)
+	sw	$11,12($6)
+	sw	$12,16($6)
+	sw	$13,20($6)
+	subu	$30,1
+	daddu $6,24
+
+	sll	$1,$1,8
+	#sll	$2,$2,0
+	sll	$24,$24,24
+	sll	$25,$25,16
+
+	xor	$8,$1
+	lw	$1,0($3)
+	xor	$8,$2
+	xor	$8,$24
+	xor	$8,$25
+	xor	$8,$1
+
+	xor	$9,$8
+	xor	$10,$9
+	xor	$11,$10
+	xor	$12,$11
+	xor	$13,$12
+
+	.set	noreorder
+	bnez	$30,.L192bits
+	daddu $3,4
+
+	sw	$8,0($6)
+	sw	$9,4($6)
+	sw	$10,8($6)
+	li	$30,12
+	sw	$11,12($6)
+	li	$2,0
+	sw	$30,48($6)
+	b	.Lekey_done
+	dsubu $6,12*16
+
+.align	4
+.L256bits:
+	.set	reorder
+	srl	$1,$15,16
+	srl	$2,$15,8
+	and	$1,0xff
+	and	$2,0xff
+	and	$24,$15,0xff
+	srl	$25,$15,24
+	daddu $1,$7
+	daddu $2,$7
+	daddu $24,$7
+	daddu $25,$7
+	lbu	$1,0($1)
+	lbu	$2,0($2)
+	lbu	$24,0($24)
+	lbu	$25,0($25)
+
+	sw	$8,0($6)
+	sw	$9,4($6)
+	sw	$10,8($6)
+	sw	$11,12($6)
+	sw	$12,16($6)
+	sw	$13,20($6)
+	sw	$14,24($6)
+	sw	$15,28($6)
+	subu	$30,1
+
+	sll	$1,$1,8
+	#sll	$2,$2,0
+	sll	$24,$24,24
+	sll	$25,$25,16
+
+	xor	$8,$1
+	lw	$1,0($3)
+	xor	$8,$2
+	xor	$8,$24
+	xor	$8,$25
+	xor	$8,$1
+
+	xor	$9,$8
+	xor	$10,$9
+	xor	$11,$10
+	beqz	$30,.L256bits_done
+
+	srl	$1,$11,24
+	srl	$2,$11,16
+	srl	$24,$11,8
+	and	$25,$11,0xff
+	and	$2,0xff
+	and	$24,0xff
+	daddu $1,$7
+	daddu $2,$7
+	daddu $24,$7
+	daddu $25,$7
+	lbu	$1,0($1)
+	lbu	$2,0($2)
+	lbu	$24,0($24)
+	lbu	$25,0($25)
+	sll	$1,24
+	sll	$2,16
+	sll	$24,8
+
+	xor	$12,$1
+	xor	$12,$2
+	xor	$12,$24
+	xor	$12,$25
+
+	xor	$13,$12
+	xor	$14,$13
+	xor	$15,$14
+
+	daddu $6,32
+	.set	noreorder
+	b	.L256bits
+	daddu $3,4
+
+.L256bits_done:
+	sw	$8,32($6)
+	sw	$9,36($6)
+	sw	$10,40($6)
+	li	$30,14
+	sw	$11,44($6)
+	li	$2,0
+	sw	$30,48($6)
+	dsubu $6,12*16
+
+.Lekey_done:
+	jr	$31
+	nop
+.end	_mips_AES_set_encrypt_key
+
+.globl	AES_set_encrypt_key
+.ent	AES_set_encrypt_key
+AES_set_encrypt_key:
+	.frame	$29,64,$31
+	.mask	0xc0000000,-8
+	.set	noreorder
+	dsubu $29,64
+	sd	$31,64-1*8($29)
+	sd	$30,64-2*8($29)
+	.cplocal	$7
+	.cpsetup	$25,$0,AES_set_encrypt_key
+	.set	reorder
+	dla	$7,AES_Te4		# PIC-ified 'load address'
+
+	bal	_mips_AES_set_encrypt_key
+
+	.set	noreorder
+	move	$4,$2
+	ld	$31,64-1*8($29)
+	ld	$30,64-2*8($29)
+	jr	$31
+	daddu $29,64
+.end	AES_set_encrypt_key
+.align	5
+.globl	AES_set_decrypt_key
+.ent	AES_set_decrypt_key
+AES_set_decrypt_key:
+	.frame	$29,64,$31
+	.mask	0xc0000000,-8
+	.set	noreorder
+	dsubu $29,64
+	sd	$31,64-1*8($29)
+	sd	$30,64-2*8($29)
+	.cplocal	$7
+	.cpsetup	$25,$0,AES_set_decrypt_key
+	.set	reorder
+	dla	$7,AES_Te4		# PIC-ified 'load address'
+
+	bal	_mips_AES_set_encrypt_key
+
+	bltz	$2,.Ldkey_done
+
+	sll	$1,$30,4
+	daddu $4,$6,0
+	daddu $5,$6,$1
+.align	4
+.Lswap:
+	lw	$8,0($4)
+	lw	$9,4($4)
+	lw	$10,8($4)
+	lw	$11,12($4)
+	lw	$12,0($5)
+	lw	$13,4($5)
+	lw	$14,8($5)
+	lw	$15,12($5)
+	sw	$8,0($5)
+	sw	$9,4($5)
+	sw	$10,8($5)
+	sw	$11,12($5)
+	daddu $4,16
+	dsubu $5,16
+	sw	$12,-16($4)
+	sw	$13,-12($4)
+	sw	$14,-8($4)
+	sw	$15,-4($4)
+	bne	$4,$5,.Lswap
+
+	lw	$8,16($6)		# modulo-scheduled
+	lui	$2,0x8080
+	subu	$30,1
+	or	$2,0x8080
+	sll	$30,2
+	daddu $6,16
+	lui	$25,0x1b1b
+	nor	$24,$0,$2
+	or	$25,0x1b1b
+.align	4
+.Lmix:
+	and	$1,$8,$2
+	and	$9,$8,$24
+	srl	$10,$1,7
+	addu	$9,$9		# tp2<<1
+	subu	$1,$10
+	and	$1,$25
+	xor	$9,$1
+
+	and	$1,$9,$2
+	and	$10,$9,$24
+	srl	$11,$1,7
+	addu	$10,$10		# tp4<<1
+	subu	$1,$11
+	and	$1,$25
+	xor	$10,$1
+
+	and	$1,$10,$2
+	and	$11,$10,$24
+	srl	$12,$1,7
+	addu	$11,$11		# tp8<<1
+	subu	$1,$12
+	and	$1,$25
+	xor	$11,$1
+
+	xor	$12,$11,$8
+	xor	$15,$11,$10
+	xor	$13,$12,$9
+	xor	$14,$12,$10
+
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	rotr	$8,$14,16
+	 xor	$15,$9
+	rotr	$9,$12,24
+	xor	$15,$8
+	rotr	$10,$13,8
+	xor	$15,$9
+	lw	$8,4($6)		# modulo-scheduled
+	xor	$15,$10
+#else
+	sll	$8,$14,16
+	 xor	$15,$9
+	srl	$9,$14,16
+	xor	$15,$8
+	sll	$8,$12,8
+	xor	$15,$9
+	srl	$9,$12,24
+	xor	$15,$8
+	sll	$8,$13,24
+	xor	$15,$9
+	srl	$9,$13,8
+	xor	$15,$8
+	lw	$8,4($6)		# modulo-scheduled
+	xor	$15,$9
+#endif
+	subu	$30,1
+	sw	$15,0($6)
+	daddu $6,4
+	bnez	$30,.Lmix
+
+	li	$2,0
+.Ldkey_done:
+	.set	noreorder
+	move	$4,$2
+	ld	$31,64-1*8($29)
+	ld	$30,64-2*8($29)
+	jr	$31
+	daddu $29,64
+.end	AES_set_decrypt_key
+.rdata
+.align	10
+AES_Te:
+.byte	0xc6,0x63,0x63,0xa5,	0xf8,0x7c,0x7c,0x84	# Te0
+.byte	0xee,0x77,0x77,0x99,	0xf6,0x7b,0x7b,0x8d
+.byte	0xff,0xf2,0xf2,0x0d,	0xd6,0x6b,0x6b,0xbd
+.byte	0xde,0x6f,0x6f,0xb1,	0x91,0xc5,0xc5,0x54
+.byte	0x60,0x30,0x30,0x50,	0x02,0x01,0x01,0x03
+.byte	0xce,0x67,0x67,0xa9,	0x56,0x2b,0x2b,0x7d
+.byte	0xe7,0xfe,0xfe,0x19,	0xb5,0xd7,0xd7,0x62
+.byte	0x4d,0xab,0xab,0xe6,	0xec,0x76,0x76,0x9a
+.byte	0x8f,0xca,0xca,0x45,	0x1f,0x82,0x82,0x9d
+.byte	0x89,0xc9,0xc9,0x40,	0xfa,0x7d,0x7d,0x87
+.byte	0xef,0xfa,0xfa,0x15,	0xb2,0x59,0x59,0xeb
+.byte	0x8e,0x47,0x47,0xc9,	0xfb,0xf0,0xf0,0x0b
+.byte	0x41,0xad,0xad,0xec,	0xb3,0xd4,0xd4,0x67
+.byte	0x5f,0xa2,0xa2,0xfd,	0x45,0xaf,0xaf,0xea
+.byte	0x23,0x9c,0x9c,0xbf,	0x53,0xa4,0xa4,0xf7
+.byte	0xe4,0x72,0x72,0x96,	0x9b,0xc0,0xc0,0x5b
+.byte	0x75,0xb7,0xb7,0xc2,	0xe1,0xfd,0xfd,0x1c
+.byte	0x3d,0x93,0x93,0xae,	0x4c,0x26,0x26,0x6a
+.byte	0x6c,0x36,0x36,0x5a,	0x7e,0x3f,0x3f,0x41
+.byte	0xf5,0xf7,0xf7,0x02,	0x83,0xcc,0xcc,0x4f
+.byte	0x68,0x34,0x34,0x5c,	0x51,0xa5,0xa5,0xf4
+.byte	0xd1,0xe5,0xe5,0x34,	0xf9,0xf1,0xf1,0x08
+.byte	0xe2,0x71,0x71,0x93,	0xab,0xd8,0xd8,0x73
+.byte	0x62,0x31,0x31,0x53,	0x2a,0x15,0x15,0x3f
+.byte	0x08,0x04,0x04,0x0c,	0x95,0xc7,0xc7,0x52
+.byte	0x46,0x23,0x23,0x65,	0x9d,0xc3,0xc3,0x5e
+.byte	0x30,0x18,0x18,0x28,	0x37,0x96,0x96,0xa1
+.byte	0x0a,0x05,0x05,0x0f,	0x2f,0x9a,0x9a,0xb5
+.byte	0x0e,0x07,0x07,0x09,	0x24,0x12,0x12,0x36
+.byte	0x1b,0x80,0x80,0x9b,	0xdf,0xe2,0xe2,0x3d
+.byte	0xcd,0xeb,0xeb,0x26,	0x4e,0x27,0x27,0x69
+.byte	0x7f,0xb2,0xb2,0xcd,	0xea,0x75,0x75,0x9f
+.byte	0x12,0x09,0x09,0x1b,	0x1d,0x83,0x83,0x9e
+.byte	0x58,0x2c,0x2c,0x74,	0x34,0x1a,0x1a,0x2e
+.byte	0x36,0x1b,0x1b,0x2d,	0xdc,0x6e,0x6e,0xb2
+.byte	0xb4,0x5a,0x5a,0xee,	0x5b,0xa0,0xa0,0xfb
+.byte	0xa4,0x52,0x52,0xf6,	0x76,0x3b,0x3b,0x4d
+.byte	0xb7,0xd6,0xd6,0x61,	0x7d,0xb3,0xb3,0xce
+.byte	0x52,0x29,0x29,0x7b,	0xdd,0xe3,0xe3,0x3e
+.byte	0x5e,0x2f,0x2f,0x71,	0x13,0x84,0x84,0x97
+.byte	0xa6,0x53,0x53,0xf5,	0xb9,0xd1,0xd1,0x68
+.byte	0x00,0x00,0x00,0x00,	0xc1,0xed,0xed,0x2c
+.byte	0x40,0x20,0x20,0x60,	0xe3,0xfc,0xfc,0x1f
+.byte	0x79,0xb1,0xb1,0xc8,	0xb6,0x5b,0x5b,0xed
+.byte	0xd4,0x6a,0x6a,0xbe,	0x8d,0xcb,0xcb,0x46
+.byte	0x67,0xbe,0xbe,0xd9,	0x72,0x39,0x39,0x4b
+.byte	0x94,0x4a,0x4a,0xde,	0x98,0x4c,0x4c,0xd4
+.byte	0xb0,0x58,0x58,0xe8,	0x85,0xcf,0xcf,0x4a
+.byte	0xbb,0xd0,0xd0,0x6b,	0xc5,0xef,0xef,0x2a
+.byte	0x4f,0xaa,0xaa,0xe5,	0xed,0xfb,0xfb,0x16
+.byte	0x86,0x43,0x43,0xc5,	0x9a,0x4d,0x4d,0xd7
+.byte	0x66,0x33,0x33,0x55,	0x11,0x85,0x85,0x94
+.byte	0x8a,0x45,0x45,0xcf,	0xe9,0xf9,0xf9,0x10
+.byte	0x04,0x02,0x02,0x06,	0xfe,0x7f,0x7f,0x81
+.byte	0xa0,0x50,0x50,0xf0,	0x78,0x3c,0x3c,0x44
+.byte	0x25,0x9f,0x9f,0xba,	0x4b,0xa8,0xa8,0xe3
+.byte	0xa2,0x51,0x51,0xf3,	0x5d,0xa3,0xa3,0xfe
+.byte	0x80,0x40,0x40,0xc0,	0x05,0x8f,0x8f,0x8a
+.byte	0x3f,0x92,0x92,0xad,	0x21,0x9d,0x9d,0xbc
+.byte	0x70,0x38,0x38,0x48,	0xf1,0xf5,0xf5,0x04
+.byte	0x63,0xbc,0xbc,0xdf,	0x77,0xb6,0xb6,0xc1
+.byte	0xaf,0xda,0xda,0x75,	0x42,0x21,0x21,0x63
+.byte	0x20,0x10,0x10,0x30,	0xe5,0xff,0xff,0x1a
+.byte	0xfd,0xf3,0xf3,0x0e,	0xbf,0xd2,0xd2,0x6d
+.byte	0x81,0xcd,0xcd,0x4c,	0x18,0x0c,0x0c,0x14
+.byte	0x26,0x13,0x13,0x35,	0xc3,0xec,0xec,0x2f
+.byte	0xbe,0x5f,0x5f,0xe1,	0x35,0x97,0x97,0xa2
+.byte	0x88,0x44,0x44,0xcc,	0x2e,0x17,0x17,0x39
+.byte	0x93,0xc4,0xc4,0x57,	0x55,0xa7,0xa7,0xf2
+.byte	0xfc,0x7e,0x7e,0x82,	0x7a,0x3d,0x3d,0x47
+.byte	0xc8,0x64,0x64,0xac,	0xba,0x5d,0x5d,0xe7
+.byte	0x32,0x19,0x19,0x2b,	0xe6,0x73,0x73,0x95
+.byte	0xc0,0x60,0x60,0xa0,	0x19,0x81,0x81,0x98
+.byte	0x9e,0x4f,0x4f,0xd1,	0xa3,0xdc,0xdc,0x7f
+.byte	0x44,0x22,0x22,0x66,	0x54,0x2a,0x2a,0x7e
+.byte	0x3b,0x90,0x90,0xab,	0x0b,0x88,0x88,0x83
+.byte	0x8c,0x46,0x46,0xca,	0xc7,0xee,0xee,0x29
+.byte	0x6b,0xb8,0xb8,0xd3,	0x28,0x14,0x14,0x3c
+.byte	0xa7,0xde,0xde,0x79,	0xbc,0x5e,0x5e,0xe2
+.byte	0x16,0x0b,0x0b,0x1d,	0xad,0xdb,0xdb,0x76
+.byte	0xdb,0xe0,0xe0,0x3b,	0x64,0x32,0x32,0x56
+.byte	0x74,0x3a,0x3a,0x4e,	0x14,0x0a,0x0a,0x1e
+.byte	0x92,0x49,0x49,0xdb,	0x0c,0x06,0x06,0x0a
+.byte	0x48,0x24,0x24,0x6c,	0xb8,0x5c,0x5c,0xe4
+.byte	0x9f,0xc2,0xc2,0x5d,	0xbd,0xd3,0xd3,0x6e
+.byte	0x43,0xac,0xac,0xef,	0xc4,0x62,0x62,0xa6
+.byte	0x39,0x91,0x91,0xa8,	0x31,0x95,0x95,0xa4
+.byte	0xd3,0xe4,0xe4,0x37,	0xf2,0x79,0x79,0x8b
+.byte	0xd5,0xe7,0xe7,0x32,	0x8b,0xc8,0xc8,0x43
+.byte	0x6e,0x37,0x37,0x59,	0xda,0x6d,0x6d,0xb7
+.byte	0x01,0x8d,0x8d,0x8c,	0xb1,0xd5,0xd5,0x64
+.byte	0x9c,0x4e,0x4e,0xd2,	0x49,0xa9,0xa9,0xe0
+.byte	0xd8,0x6c,0x6c,0xb4,	0xac,0x56,0x56,0xfa
+.byte	0xf3,0xf4,0xf4,0x07,	0xcf,0xea,0xea,0x25
+.byte	0xca,0x65,0x65,0xaf,	0xf4,0x7a,0x7a,0x8e
+.byte	0x47,0xae,0xae,0xe9,	0x10,0x08,0x08,0x18
+.byte	0x6f,0xba,0xba,0xd5,	0xf0,0x78,0x78,0x88
+.byte	0x4a,0x25,0x25,0x6f,	0x5c,0x2e,0x2e,0x72
+.byte	0x38,0x1c,0x1c,0x24,	0x57,0xa6,0xa6,0xf1
+.byte	0x73,0xb4,0xb4,0xc7,	0x97,0xc6,0xc6,0x51
+.byte	0xcb,0xe8,0xe8,0x23,	0xa1,0xdd,0xdd,0x7c
+.byte	0xe8,0x74,0x74,0x9c,	0x3e,0x1f,0x1f,0x21
+.byte	0x96,0x4b,0x4b,0xdd,	0x61,0xbd,0xbd,0xdc
+.byte	0x0d,0x8b,0x8b,0x86,	0x0f,0x8a,0x8a,0x85
+.byte	0xe0,0x70,0x70,0x90,	0x7c,0x3e,0x3e,0x42
+.byte	0x71,0xb5,0xb5,0xc4,	0xcc,0x66,0x66,0xaa
+.byte	0x90,0x48,0x48,0xd8,	0x06,0x03,0x03,0x05
+.byte	0xf7,0xf6,0xf6,0x01,	0x1c,0x0e,0x0e,0x12
+.byte	0xc2,0x61,0x61,0xa3,	0x6a,0x35,0x35,0x5f
+.byte	0xae,0x57,0x57,0xf9,	0x69,0xb9,0xb9,0xd0
+.byte	0x17,0x86,0x86,0x91,	0x99,0xc1,0xc1,0x58
+.byte	0x3a,0x1d,0x1d,0x27,	0x27,0x9e,0x9e,0xb9
+.byte	0xd9,0xe1,0xe1,0x38,	0xeb,0xf8,0xf8,0x13
+.byte	0x2b,0x98,0x98,0xb3,	0x22,0x11,0x11,0x33
+.byte	0xd2,0x69,0x69,0xbb,	0xa9,0xd9,0xd9,0x70
+.byte	0x07,0x8e,0x8e,0x89,	0x33,0x94,0x94,0xa7
+.byte	0x2d,0x9b,0x9b,0xb6,	0x3c,0x1e,0x1e,0x22
+.byte	0x15,0x87,0x87,0x92,	0xc9,0xe9,0xe9,0x20
+.byte	0x87,0xce,0xce,0x49,	0xaa,0x55,0x55,0xff
+.byte	0x50,0x28,0x28,0x78,	0xa5,0xdf,0xdf,0x7a
+.byte	0x03,0x8c,0x8c,0x8f,	0x59,0xa1,0xa1,0xf8
+.byte	0x09,0x89,0x89,0x80,	0x1a,0x0d,0x0d,0x17
+.byte	0x65,0xbf,0xbf,0xda,	0xd7,0xe6,0xe6,0x31
+.byte	0x84,0x42,0x42,0xc6,	0xd0,0x68,0x68,0xb8
+.byte	0x82,0x41,0x41,0xc3,	0x29,0x99,0x99,0xb0
+.byte	0x5a,0x2d,0x2d,0x77,	0x1e,0x0f,0x0f,0x11
+.byte	0x7b,0xb0,0xb0,0xcb,	0xa8,0x54,0x54,0xfc
+.byte	0x6d,0xbb,0xbb,0xd6,	0x2c,0x16,0x16,0x3a
+
+AES_Td:
+.byte	0x51,0xf4,0xa7,0x50,	0x7e,0x41,0x65,0x53	# Td0
+.byte	0x1a,0x17,0xa4,0xc3,	0x3a,0x27,0x5e,0x96
+.byte	0x3b,0xab,0x6b,0xcb,	0x1f,0x9d,0x45,0xf1
+.byte	0xac,0xfa,0x58,0xab,	0x4b,0xe3,0x03,0x93
+.byte	0x20,0x30,0xfa,0x55,	0xad,0x76,0x6d,0xf6
+.byte	0x88,0xcc,0x76,0x91,	0xf5,0x02,0x4c,0x25
+.byte	0x4f,0xe5,0xd7,0xfc,	0xc5,0x2a,0xcb,0xd7
+.byte	0x26,0x35,0x44,0x80,	0xb5,0x62,0xa3,0x8f
+.byte	0xde,0xb1,0x5a,0x49,	0x25,0xba,0x1b,0x67
+.byte	0x45,0xea,0x0e,0x98,	0x5d,0xfe,0xc0,0xe1
+.byte	0xc3,0x2f,0x75,0x02,	0x81,0x4c,0xf0,0x12
+.byte	0x8d,0x46,0x97,0xa3,	0x6b,0xd3,0xf9,0xc6
+.byte	0x03,0x8f,0x5f,0xe7,	0x15,0x92,0x9c,0x95
+.byte	0xbf,0x6d,0x7a,0xeb,	0x95,0x52,0x59,0xda
+.byte	0xd4,0xbe,0x83,0x2d,	0x58,0x74,0x21,0xd3
+.byte	0x49,0xe0,0x69,0x29,	0x8e,0xc9,0xc8,0x44
+.byte	0x75,0xc2,0x89,0x6a,	0xf4,0x8e,0x79,0x78
+.byte	0x99,0x58,0x3e,0x6b,	0x27,0xb9,0x71,0xdd
+.byte	0xbe,0xe1,0x4f,0xb6,	0xf0,0x88,0xad,0x17
+.byte	0xc9,0x20,0xac,0x66,	0x7d,0xce,0x3a,0xb4
+.byte	0x63,0xdf,0x4a,0x18,	0xe5,0x1a,0x31,0x82
+.byte	0x97,0x51,0x33,0x60,	0x62,0x53,0x7f,0x45
+.byte	0xb1,0x64,0x77,0xe0,	0xbb,0x6b,0xae,0x84
+.byte	0xfe,0x81,0xa0,0x1c,	0xf9,0x08,0x2b,0x94
+.byte	0x70,0x48,0x68,0x58,	0x8f,0x45,0xfd,0x19
+.byte	0x94,0xde,0x6c,0x87,	0x52,0x7b,0xf8,0xb7
+.byte	0xab,0x73,0xd3,0x23,	0x72,0x4b,0x02,0xe2
+.byte	0xe3,0x1f,0x8f,0x57,	0x66,0x55,0xab,0x2a
+.byte	0xb2,0xeb,0x28,0x07,	0x2f,0xb5,0xc2,0x03
+.byte	0x86,0xc5,0x7b,0x9a,	0xd3,0x37,0x08,0xa5
+.byte	0x30,0x28,0x87,0xf2,	0x23,0xbf,0xa5,0xb2
+.byte	0x02,0x03,0x6a,0xba,	0xed,0x16,0x82,0x5c
+.byte	0x8a,0xcf,0x1c,0x2b,	0xa7,0x79,0xb4,0x92
+.byte	0xf3,0x07,0xf2,0xf0,	0x4e,0x69,0xe2,0xa1
+.byte	0x65,0xda,0xf4,0xcd,	0x06,0x05,0xbe,0xd5
+.byte	0xd1,0x34,0x62,0x1f,	0xc4,0xa6,0xfe,0x8a
+.byte	0x34,0x2e,0x53,0x9d,	0xa2,0xf3,0x55,0xa0
+.byte	0x05,0x8a,0xe1,0x32,	0xa4,0xf6,0xeb,0x75
+.byte	0x0b,0x83,0xec,0x39,	0x40,0x60,0xef,0xaa
+.byte	0x5e,0x71,0x9f,0x06,	0xbd,0x6e,0x10,0x51
+.byte	0x3e,0x21,0x8a,0xf9,	0x96,0xdd,0x06,0x3d
+.byte	0xdd,0x3e,0x05,0xae,	0x4d,0xe6,0xbd,0x46
+.byte	0x91,0x54,0x8d,0xb5,	0x71,0xc4,0x5d,0x05
+.byte	0x04,0x06,0xd4,0x6f,	0x60,0x50,0x15,0xff
+.byte	0x19,0x98,0xfb,0x24,	0xd6,0xbd,0xe9,0x97
+.byte	0x89,0x40,0x43,0xcc,	0x67,0xd9,0x9e,0x77
+.byte	0xb0,0xe8,0x42,0xbd,	0x07,0x89,0x8b,0x88
+.byte	0xe7,0x19,0x5b,0x38,	0x79,0xc8,0xee,0xdb
+.byte	0xa1,0x7c,0x0a,0x47,	0x7c,0x42,0x0f,0xe9
+.byte	0xf8,0x84,0x1e,0xc9,	0x00,0x00,0x00,0x00
+.byte	0x09,0x80,0x86,0x83,	0x32,0x2b,0xed,0x48
+.byte	0x1e,0x11,0x70,0xac,	0x6c,0x5a,0x72,0x4e
+.byte	0xfd,0x0e,0xff,0xfb,	0x0f,0x85,0x38,0x56
+.byte	0x3d,0xae,0xd5,0x1e,	0x36,0x2d,0x39,0x27
+.byte	0x0a,0x0f,0xd9,0x64,	0x68,0x5c,0xa6,0x21
+.byte	0x9b,0x5b,0x54,0xd1,	0x24,0x36,0x2e,0x3a
+.byte	0x0c,0x0a,0x67,0xb1,	0x93,0x57,0xe7,0x0f
+.byte	0xb4,0xee,0x96,0xd2,	0x1b,0x9b,0x91,0x9e
+.byte	0x80,0xc0,0xc5,0x4f,	0x61,0xdc,0x20,0xa2
+.byte	0x5a,0x77,0x4b,0x69,	0x1c,0x12,0x1a,0x16
+.byte	0xe2,0x93,0xba,0x0a,	0xc0,0xa0,0x2a,0xe5
+.byte	0x3c,0x22,0xe0,0x43,	0x12,0x1b,0x17,0x1d
+.byte	0x0e,0x09,0x0d,0x0b,	0xf2,0x8b,0xc7,0xad
+.byte	0x2d,0xb6,0xa8,0xb9,	0x14,0x1e,0xa9,0xc8
+.byte	0x57,0xf1,0x19,0x85,	0xaf,0x75,0x07,0x4c
+.byte	0xee,0x99,0xdd,0xbb,	0xa3,0x7f,0x60,0xfd
+.byte	0xf7,0x01,0x26,0x9f,	0x5c,0x72,0xf5,0xbc
+.byte	0x44,0x66,0x3b,0xc5,	0x5b,0xfb,0x7e,0x34
+.byte	0x8b,0x43,0x29,0x76,	0xcb,0x23,0xc6,0xdc
+.byte	0xb6,0xed,0xfc,0x68,	0xb8,0xe4,0xf1,0x63
+.byte	0xd7,0x31,0xdc,0xca,	0x42,0x63,0x85,0x10
+.byte	0x13,0x97,0x22,0x40,	0x84,0xc6,0x11,0x20
+.byte	0x85,0x4a,0x24,0x7d,	0xd2,0xbb,0x3d,0xf8
+.byte	0xae,0xf9,0x32,0x11,	0xc7,0x29,0xa1,0x6d
+.byte	0x1d,0x9e,0x2f,0x4b,	0xdc,0xb2,0x30,0xf3
+.byte	0x0d,0x86,0x52,0xec,	0x77,0xc1,0xe3,0xd0
+.byte	0x2b,0xb3,0x16,0x6c,	0xa9,0x70,0xb9,0x99
+.byte	0x11,0x94,0x48,0xfa,	0x47,0xe9,0x64,0x22
+.byte	0xa8,0xfc,0x8c,0xc4,	0xa0,0xf0,0x3f,0x1a
+.byte	0x56,0x7d,0x2c,0xd8,	0x22,0x33,0x90,0xef
+.byte	0x87,0x49,0x4e,0xc7,	0xd9,0x38,0xd1,0xc1
+.byte	0x8c,0xca,0xa2,0xfe,	0x98,0xd4,0x0b,0x36
+.byte	0xa6,0xf5,0x81,0xcf,	0xa5,0x7a,0xde,0x28
+.byte	0xda,0xb7,0x8e,0x26,	0x3f,0xad,0xbf,0xa4
+.byte	0x2c,0x3a,0x9d,0xe4,	0x50,0x78,0x92,0x0d
+.byte	0x6a,0x5f,0xcc,0x9b,	0x54,0x7e,0x46,0x62
+.byte	0xf6,0x8d,0x13,0xc2,	0x90,0xd8,0xb8,0xe8
+.byte	0x2e,0x39,0xf7,0x5e,	0x82,0xc3,0xaf,0xf5
+.byte	0x9f,0x5d,0x80,0xbe,	0x69,0xd0,0x93,0x7c
+.byte	0x6f,0xd5,0x2d,0xa9,	0xcf,0x25,0x12,0xb3
+.byte	0xc8,0xac,0x99,0x3b,	0x10,0x18,0x7d,0xa7
+.byte	0xe8,0x9c,0x63,0x6e,	0xdb,0x3b,0xbb,0x7b
+.byte	0xcd,0x26,0x78,0x09,	0x6e,0x59,0x18,0xf4
+.byte	0xec,0x9a,0xb7,0x01,	0x83,0x4f,0x9a,0xa8
+.byte	0xe6,0x95,0x6e,0x65,	0xaa,0xff,0xe6,0x7e
+.byte	0x21,0xbc,0xcf,0x08,	0xef,0x15,0xe8,0xe6
+.byte	0xba,0xe7,0x9b,0xd9,	0x4a,0x6f,0x36,0xce
+.byte	0xea,0x9f,0x09,0xd4,	0x29,0xb0,0x7c,0xd6
+.byte	0x31,0xa4,0xb2,0xaf,	0x2a,0x3f,0x23,0x31
+.byte	0xc6,0xa5,0x94,0x30,	0x35,0xa2,0x66,0xc0
+.byte	0x74,0x4e,0xbc,0x37,	0xfc,0x82,0xca,0xa6
+.byte	0xe0,0x90,0xd0,0xb0,	0x33,0xa7,0xd8,0x15
+.byte	0xf1,0x04,0x98,0x4a,	0x41,0xec,0xda,0xf7
+.byte	0x7f,0xcd,0x50,0x0e,	0x17,0x91,0xf6,0x2f
+.byte	0x76,0x4d,0xd6,0x8d,	0x43,0xef,0xb0,0x4d
+.byte	0xcc,0xaa,0x4d,0x54,	0xe4,0x96,0x04,0xdf
+.byte	0x9e,0xd1,0xb5,0xe3,	0x4c,0x6a,0x88,0x1b
+.byte	0xc1,0x2c,0x1f,0xb8,	0x46,0x65,0x51,0x7f
+.byte	0x9d,0x5e,0xea,0x04,	0x01,0x8c,0x35,0x5d
+.byte	0xfa,0x87,0x74,0x73,	0xfb,0x0b,0x41,0x2e
+.byte	0xb3,0x67,0x1d,0x5a,	0x92,0xdb,0xd2,0x52
+.byte	0xe9,0x10,0x56,0x33,	0x6d,0xd6,0x47,0x13
+.byte	0x9a,0xd7,0x61,0x8c,	0x37,0xa1,0x0c,0x7a
+.byte	0x59,0xf8,0x14,0x8e,	0xeb,0x13,0x3c,0x89
+.byte	0xce,0xa9,0x27,0xee,	0xb7,0x61,0xc9,0x35
+.byte	0xe1,0x1c,0xe5,0xed,	0x7a,0x47,0xb1,0x3c
+.byte	0x9c,0xd2,0xdf,0x59,	0x55,0xf2,0x73,0x3f
+.byte	0x18,0x14,0xce,0x79,	0x73,0xc7,0x37,0xbf
+.byte	0x53,0xf7,0xcd,0xea,	0x5f,0xfd,0xaa,0x5b
+.byte	0xdf,0x3d,0x6f,0x14,	0x78,0x44,0xdb,0x86
+.byte	0xca,0xaf,0xf3,0x81,	0xb9,0x68,0xc4,0x3e
+.byte	0x38,0x24,0x34,0x2c,	0xc2,0xa3,0x40,0x5f
+.byte	0x16,0x1d,0xc3,0x72,	0xbc,0xe2,0x25,0x0c
+.byte	0x28,0x3c,0x49,0x8b,	0xff,0x0d,0x95,0x41
+.byte	0x39,0xa8,0x01,0x71,	0x08,0x0c,0xb3,0xde
+.byte	0xd8,0xb4,0xe4,0x9c,	0x64,0x56,0xc1,0x90
+.byte	0x7b,0xcb,0x84,0x61,	0xd5,0x32,0xb6,0x70
+.byte	0x48,0x6c,0x5c,0x74,	0xd0,0xb8,0x57,0x42
+
+.byte	0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38	# Td4
+.byte	0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb
+.byte	0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87
+.byte	0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb
+.byte	0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d
+.byte	0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e
+.byte	0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2
+.byte	0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25
+.byte	0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16
+.byte	0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92
+.byte	0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda
+.byte	0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84
+.byte	0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a
+.byte	0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06
+.byte	0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02
+.byte	0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b
+.byte	0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea
+.byte	0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73
+.byte	0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85
+.byte	0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e
+.byte	0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89
+.byte	0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b
+.byte	0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20
+.byte	0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4
+.byte	0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31
+.byte	0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f
+.byte	0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d
+.byte	0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef
+.byte	0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0
+.byte	0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61
+.byte	0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26
+.byte	0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d
+
+AES_Te4:
+.byte	0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5	# Te4
+.byte	0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76
+.byte	0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0
+.byte	0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0
+.byte	0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc
+.byte	0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15
+.byte	0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a
+.byte	0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75
+.byte	0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0
+.byte	0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84
+.byte	0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b
+.byte	0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf
+.byte	0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85
+.byte	0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8
+.byte	0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5
+.byte	0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2
+.byte	0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17
+.byte	0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73
+.byte	0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88
+.byte	0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb
+.byte	0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c
+.byte	0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79
+.byte	0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9
+.byte	0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08
+.byte	0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6
+.byte	0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a
+.byte	0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e
+.byte	0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e
+.byte	0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94
+.byte	0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf
+.byte	0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68
+.byte	0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16
+
+.byte	0x01,0x00,0x00,0x00,	0x02,0x00,0x00,0x00	# rcon
+.byte	0x04,0x00,0x00,0x00,	0x08,0x00,0x00,0x00
+.byte	0x10,0x00,0x00,0x00,	0x20,0x00,0x00,0x00
+.byte	0x40,0x00,0x00,0x00,	0x80,0x00,0x00,0x00
+.byte	0x1B,0x00,0x00,0x00,	0x36,0x00,0x00,0x00
diff --git a/deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/bn/bn-mips.S b/deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/bn/bn-mips.S
new file mode 100644
index 00000000000000..bd5cf8340f1bf1
--- /dev/null
+++ b/deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/bn/bn-mips.S
@@ -0,0 +1,2180 @@
+#include "mips_arch.h"
+
+#if defined(_MIPS_ARCH_MIPS64R6)
+# define ddivu(rs,rt)
+# define mfqt(rd,rs,rt)	ddivu	rd,rs,rt
+# define mfrm(rd,rs,rt)	dmodu	rd,rs,rt
+#elif defined(_MIPS_ARCH_MIPS32R6)
+# define divu(rs,rt)
+# define mfqt(rd,rs,rt)	divu	rd,rs,rt
+# define mfrm(rd,rs,rt)	modu	rd,rs,rt
+#else
+# define ddivu(rs,rt)	ddivu	$0,rs,rt
+# define mfqt(rd,rs,rt)	mflo	rd
+# define mfrm(rd,rs,rt)	mfhi	rd
+#endif
+
+.rdata
+.asciiz	"mips3.s, Version 1.2"
+.asciiz	"MIPS II/III/IV ISA artwork by Andy Polyakov <appro@fy.chalmers.se>"
+
+.text
+.set	noat
+
+.align	5
+.globl	bn_mul_add_words
+.ent	bn_mul_add_words
+bn_mul_add_words:
+	.set	noreorder
+	bgtz	$6,bn_mul_add_words_internal
+	move	$2,$0
+	jr	$31
+	move	$4,$2
+.end	bn_mul_add_words
+
+.align	5
+.ent	bn_mul_add_words_internal
+bn_mul_add_words_internal:
+	.set	reorder
+	li	$3,-4
+	and	$8,$6,$3
+	beqz	$8,.L_bn_mul_add_words_tail
+
+.L_bn_mul_add_words_loop:
+	ld	$12,0($5)
+	dmultu	($12,$7)
+	ld	$13,0($4)
+	ld	$14,8($5)
+	ld	$15,8($4)
+	ld	$8,2*8($5)
+	ld	$9,2*8($4)
+	daddu	$13,$2
+	sltu	$2,$13,$2	# All manuals say it "compares 32-bit
+				# values", but it seems to work fine
+				# even on 64-bit registers.
+	mflo	($1,$12,$7)
+	mfhi	($12,$12,$7)
+	daddu	$13,$1
+	daddu	$2,$12
+	 dmultu	($14,$7)
+	sltu	$1,$13,$1
+	sd	$13,0($4)
+	daddu	$2,$1
+
+	ld	$10,3*8($5)
+	ld	$11,3*8($4)
+	daddu	$15,$2
+	sltu	$2,$15,$2
+	mflo	($1,$14,$7)
+	mfhi	($14,$14,$7)
+	daddu	$15,$1
+	daddu	$2,$14
+	 dmultu	($8,$7)
+	sltu	$1,$15,$1
+	sd	$15,8($4)
+	daddu	$2,$1
+
+	subu	$6,4
+	daddu $4,4*8
+	daddu $5,4*8
+	daddu	$9,$2
+	sltu	$2,$9,$2
+	mflo	($1,$8,$7)
+	mfhi	($8,$8,$7)
+	daddu	$9,$1
+	daddu	$2,$8
+	 dmultu	($10,$7)
+	sltu	$1,$9,$1
+	sd	$9,-2*8($4)
+	daddu	$2,$1
+
+
+	and	$8,$6,$3
+	daddu	$11,$2
+	sltu	$2,$11,$2
+	mflo	($1,$10,$7)
+	mfhi	($10,$10,$7)
+	daddu	$11,$1
+	daddu	$2,$10
+	sltu	$1,$11,$1
+	sd	$11,-8($4)
+	.set	noreorder
+	bgtz	$8,.L_bn_mul_add_words_loop
+	daddu	$2,$1
+
+	beqz	$6,.L_bn_mul_add_words_return
+	nop
+
+.L_bn_mul_add_words_tail:
+	.set	reorder
+	ld	$12,0($5)
+	dmultu	($12,$7)
+	ld	$13,0($4)
+	subu	$6,1
+	daddu	$13,$2
+	sltu	$2,$13,$2
+	mflo	($1,$12,$7)
+	mfhi	($12,$12,$7)
+	daddu	$13,$1
+	daddu	$2,$12
+	sltu	$1,$13,$1
+	sd	$13,0($4)
+	daddu	$2,$1
+	beqz	$6,.L_bn_mul_add_words_return
+
+	ld	$12,8($5)
+	dmultu	($12,$7)
+	ld	$13,8($4)
+	subu	$6,1
+	daddu	$13,$2
+	sltu	$2,$13,$2
+	mflo	($1,$12,$7)
+	mfhi	($12,$12,$7)
+	daddu	$13,$1
+	daddu	$2,$12
+	sltu	$1,$13,$1
+	sd	$13,8($4)
+	daddu	$2,$1
+	beqz	$6,.L_bn_mul_add_words_return
+
+	ld	$12,2*8($5)
+	dmultu	($12,$7)
+	ld	$13,2*8($4)
+	daddu	$13,$2
+	sltu	$2,$13,$2
+	mflo	($1,$12,$7)
+	mfhi	($12,$12,$7)
+	daddu	$13,$1
+	daddu	$2,$12
+	sltu	$1,$13,$1
+	sd	$13,2*8($4)
+	daddu	$2,$1
+
+.L_bn_mul_add_words_return:
+	.set	noreorder
+	jr	$31
+	move	$4,$2
+.end	bn_mul_add_words_internal
+
+.align	5
+.globl	bn_mul_words
+.ent	bn_mul_words
+bn_mul_words:
+	.set	noreorder
+	bgtz	$6,bn_mul_words_internal
+	move	$2,$0
+	jr	$31
+	move	$4,$2
+.end	bn_mul_words
+
+.align	5
+.ent	bn_mul_words_internal
+bn_mul_words_internal:
+	.set	reorder
+	li	$3,-4
+	and	$8,$6,$3
+	beqz	$8,.L_bn_mul_words_tail
+
+.L_bn_mul_words_loop:
+	ld	$12,0($5)
+	dmultu	($12,$7)
+	ld	$14,8($5)
+	ld	$8,2*8($5)
+	ld	$10,3*8($5)
+	mflo	($1,$12,$7)
+	mfhi	($12,$12,$7)
+	daddu	$2,$1
+	sltu	$13,$2,$1
+	 dmultu	($14,$7)
+	sd	$2,0($4)
+	daddu	$2,$13,$12
+
+	subu	$6,4
+	daddu $4,4*8
+	daddu $5,4*8
+	mflo	($1,$14,$7)
+	mfhi	($14,$14,$7)
+	daddu	$2,$1
+	sltu	$15,$2,$1
+	 dmultu	($8,$7)
+	sd	$2,-3*8($4)
+	daddu	$2,$15,$14
+
+	mflo	($1,$8,$7)
+	mfhi	($8,$8,$7)
+	daddu	$2,$1
+	sltu	$9,$2,$1
+	 dmultu	($10,$7)
+	sd	$2,-2*8($4)
+	daddu	$2,$9,$8
+
+	and	$8,$6,$3
+	mflo	($1,$10,$7)
+	mfhi	($10,$10,$7)
+	daddu	$2,$1
+	sltu	$11,$2,$1
+	sd	$2,-8($4)
+	.set	noreorder
+	bgtz	$8,.L_bn_mul_words_loop
+	daddu	$2,$11,$10
+
+	beqz	$6,.L_bn_mul_words_return
+	nop
+
+.L_bn_mul_words_tail:
+	.set	reorder
+	ld	$12,0($5)
+	dmultu	($12,$7)
+	subu	$6,1
+	mflo	($1,$12,$7)
+	mfhi	($12,$12,$7)
+	daddu	$2,$1
+	sltu	$13,$2,$1
+	sd	$2,0($4)
+	daddu	$2,$13,$12
+	beqz	$6,.L_bn_mul_words_return
+
+	ld	$12,8($5)
+	dmultu	($12,$7)
+	subu	$6,1
+	mflo	($1,$12,$7)
+	mfhi	($12,$12,$7)
+	daddu	$2,$1
+	sltu	$13,$2,$1
+	sd	$2,8($4)
+	daddu	$2,$13,$12
+	beqz	$6,.L_bn_mul_words_return
+
+	ld	$12,2*8($5)
+	dmultu	($12,$7)
+	mflo	($1,$12,$7)
+	mfhi	($12,$12,$7)
+	daddu	$2,$1
+	sltu	$13,$2,$1
+	sd	$2,2*8($4)
+	daddu	$2,$13,$12
+
+.L_bn_mul_words_return:
+	.set	noreorder
+	jr	$31
+	move	$4,$2
+.end	bn_mul_words_internal
+
+.align	5
+.globl	bn_sqr_words
+.ent	bn_sqr_words
+bn_sqr_words:
+	.set	noreorder
+	bgtz	$6,bn_sqr_words_internal
+	move	$2,$0
+	jr	$31
+	move	$4,$2
+.end	bn_sqr_words
+
+.align	5
+.ent	bn_sqr_words_internal
+bn_sqr_words_internal:
+	.set	reorder
+	li	$3,-4
+	and	$8,$6,$3
+	beqz	$8,.L_bn_sqr_words_tail
+
+.L_bn_sqr_words_loop:
+	ld	$12,0($5)
+	dmultu	($12,$12)
+	ld	$14,8($5)
+	ld	$8,2*8($5)
+	ld	$10,3*8($5)
+	mflo	($13,$12,$12)
+	mfhi	($12,$12,$12)
+	sd	$13,0($4)
+	sd	$12,8($4)
+
+	dmultu	($14,$14)
+	subu	$6,4
+	daddu $4,8*8
+	daddu $5,4*8
+	mflo	($15,$14,$14)
+	mfhi	($14,$14,$14)
+	sd	$15,-6*8($4)
+	sd	$14,-5*8($4)
+
+	dmultu	($8,$8)
+	mflo	($9,$8,$8)
+	mfhi	($8,$8,$8)
+	sd	$9,-4*8($4)
+	sd	$8,-3*8($4)
+
+
+	dmultu	($10,$10)
+	and	$8,$6,$3
+	mflo	($11,$10,$10)
+	mfhi	($10,$10,$10)
+	sd	$11,-2*8($4)
+
+	.set	noreorder
+	bgtz	$8,.L_bn_sqr_words_loop
+	sd	$10,-8($4)
+
+	beqz	$6,.L_bn_sqr_words_return
+	nop
+
+.L_bn_sqr_words_tail:
+	.set	reorder
+	ld	$12,0($5)
+	dmultu	($12,$12)
+	subu	$6,1
+	mflo	($13,$12,$12)
+	mfhi	($12,$12,$12)
+	sd	$13,0($4)
+	sd	$12,8($4)
+	beqz	$6,.L_bn_sqr_words_return
+
+	ld	$12,8($5)
+	dmultu	($12,$12)
+	subu	$6,1
+	mflo	($13,$12,$12)
+	mfhi	($12,$12,$12)
+	sd	$13,2*8($4)
+	sd	$12,3*8($4)
+	beqz	$6,.L_bn_sqr_words_return
+
+	ld	$12,2*8($5)
+	dmultu	($12,$12)
+	mflo	($13,$12,$12)
+	mfhi	($12,$12,$12)
+	sd	$13,4*8($4)
+	sd	$12,5*8($4)
+
+.L_bn_sqr_words_return:
+	.set	noreorder
+	jr	$31
+	move	$4,$2
+
+.end	bn_sqr_words_internal
+
+.align	5
+.globl	bn_add_words
+.ent	bn_add_words
+bn_add_words:
+	.set	noreorder
+	bgtz	$7,bn_add_words_internal
+	move	$2,$0
+	jr	$31
+	move	$4,$2
+.end	bn_add_words
+
+.align	5
+.ent	bn_add_words_internal
+bn_add_words_internal:
+	.set	reorder
+	li	$3,-4
+	and	$1,$7,$3
+	beqz	$1,.L_bn_add_words_tail
+
+.L_bn_add_words_loop:
+	ld	$12,0($5)
+	ld	$8,0($6)
+	subu	$7,4
+	ld	$13,8($5)
+	and	$1,$7,$3
+	ld	$14,2*8($5)
+	daddu $6,4*8
+	ld	$15,3*8($5)
+	daddu $4,4*8
+	ld	$9,-3*8($6)
+	daddu $5,4*8
+	ld	$10,-2*8($6)
+	ld	$11,-8($6)
+	daddu	$8,$12
+	sltu	$24,$8,$12
+	daddu	$12,$8,$2
+	sltu	$2,$12,$8
+	sd	$12,-4*8($4)
+	daddu	$2,$24
+
+	daddu	$9,$13
+	sltu	$25,$9,$13
+	daddu	$13,$9,$2
+	sltu	$2,$13,$9
+	sd	$13,-3*8($4)
+	daddu	$2,$25
+
+	daddu	$10,$14
+	sltu	$24,$10,$14
+	daddu	$14,$10,$2
+	sltu	$2,$14,$10
+	sd	$14,-2*8($4)
+	daddu	$2,$24
+
+	daddu	$11,$15
+	sltu	$25,$11,$15
+	daddu	$15,$11,$2
+	sltu	$2,$15,$11
+	sd	$15,-8($4)
+
+	.set	noreorder
+	bgtz	$1,.L_bn_add_words_loop
+	daddu	$2,$25
+
+	beqz	$7,.L_bn_add_words_return
+	nop
+
+.L_bn_add_words_tail:
+	.set	reorder
+	ld	$12,0($5)
+	ld	$8,0($6)
+	daddu	$8,$12
+	subu	$7,1
+	sltu	$24,$8,$12
+	daddu	$12,$8,$2
+	sltu	$2,$12,$8
+	sd	$12,0($4)
+	daddu	$2,$24
+	beqz	$7,.L_bn_add_words_return
+
+	ld	$13,8($5)
+	ld	$9,8($6)
+	daddu	$9,$13
+	subu	$7,1
+	sltu	$25,$9,$13
+	daddu	$13,$9,$2
+	sltu	$2,$13,$9
+	sd	$13,8($4)
+	daddu	$2,$25
+	beqz	$7,.L_bn_add_words_return
+
+	ld	$14,2*8($5)
+	ld	$10,2*8($6)
+	daddu	$10,$14
+	sltu	$24,$10,$14
+	daddu	$14,$10,$2
+	sltu	$2,$14,$10
+	sd	$14,2*8($4)
+	daddu	$2,$24
+
+.L_bn_add_words_return:
+	.set	noreorder
+	jr	$31
+	move	$4,$2
+
+.end	bn_add_words_internal
+
+.align	5
+.globl	bn_sub_words
+.ent	bn_sub_words
+bn_sub_words:
+	.set	noreorder
+	bgtz	$7,bn_sub_words_internal
+	move	$2,$0
+	jr	$31
+	move	$4,$0
+.end	bn_sub_words
+
+.align	5
+.ent	bn_sub_words_internal
+bn_sub_words_internal:
+	.set	reorder
+	li	$3,-4
+	and	$1,$7,$3
+	beqz	$1,.L_bn_sub_words_tail
+
+.L_bn_sub_words_loop:
+	ld	$12,0($5)
+	ld	$8,0($6)
+	subu	$7,4
+	ld	$13,8($5)
+	and	$1,$7,$3
+	ld	$14,2*8($5)
+	daddu $6,4*8
+	ld	$15,3*8($5)
+	daddu $4,4*8
+	ld	$9,-3*8($6)
+	daddu $5,4*8
+	ld	$10,-2*8($6)
+	ld	$11,-8($6)
+	sltu	$24,$12,$8
+	dsubu	$8,$12,$8
+	dsubu	$12,$8,$2
+	sgtu	$2,$12,$8
+	sd	$12,-4*8($4)
+	daddu	$2,$24
+
+	sltu	$25,$13,$9
+	dsubu	$9,$13,$9
+	dsubu	$13,$9,$2
+	sgtu	$2,$13,$9
+	sd	$13,-3*8($4)
+	daddu	$2,$25
+
+
+	sltu	$24,$14,$10
+	dsubu	$10,$14,$10
+	dsubu	$14,$10,$2
+	sgtu	$2,$14,$10
+	sd	$14,-2*8($4)
+	daddu	$2,$24
+
+	sltu	$25,$15,$11
+	dsubu	$11,$15,$11
+	dsubu	$15,$11,$2
+	sgtu	$2,$15,$11
+	sd	$15,-8($4)
+
+	.set	noreorder
+	bgtz	$1,.L_bn_sub_words_loop
+	daddu	$2,$25
+
+	beqz	$7,.L_bn_sub_words_return
+	nop
+
+.L_bn_sub_words_tail:
+	.set	reorder
+	ld	$12,0($5)
+	ld	$8,0($6)
+	subu	$7,1
+	sltu	$24,$12,$8
+	dsubu	$8,$12,$8
+	dsubu	$12,$8,$2
+	sgtu	$2,$12,$8
+	sd	$12,0($4)
+	daddu	$2,$24
+	beqz	$7,.L_bn_sub_words_return
+
+	ld	$13,8($5)
+	subu	$7,1
+	ld	$9,8($6)
+	sltu	$25,$13,$9
+	dsubu	$9,$13,$9
+	dsubu	$13,$9,$2
+	sgtu	$2,$13,$9
+	sd	$13,8($4)
+	daddu	$2,$25
+	beqz	$7,.L_bn_sub_words_return
+
+	ld	$14,2*8($5)
+	ld	$10,2*8($6)
+	sltu	$24,$14,$10
+	dsubu	$10,$14,$10
+	dsubu	$14,$10,$2
+	sgtu	$2,$14,$10
+	sd	$14,2*8($4)
+	daddu	$2,$24
+
+.L_bn_sub_words_return:
+	.set	noreorder
+	jr	$31
+	move	$4,$2
+.end	bn_sub_words_internal
+
+#if 0
+/*
+ * The bn_div_3_words entry point is re-used for constant-time interface.
+ * Implementation is retained as historical reference.
+ */
+.align 5
+.globl	bn_div_3_words
+.ent	bn_div_3_words
+bn_div_3_words:
+	.set	noreorder
+	move	$7,$4		# we know that bn_div_words does not
+				# touch $7, $10, $11 and preserves $6
+				# so that we can save two arguments
+				# and return address in registers
+				# instead of stack:-)
+
+	ld	$4,($7)
+	move	$10,$5
+	bne	$4,$6,bn_div_3_words_internal
+	ld	$5,-8($7)
+	li	$2,-1
+	jr	$31
+	move	$4,$2
+.end	bn_div_3_words
+
+.align	5
+.ent	bn_div_3_words_internal
+bn_div_3_words_internal:
+	.set	reorder
+	move	$11,$31
+	bal	bn_div_words_internal
+	move	$31,$11
+	dmultu	($10,$2)
+	ld	$14,-2*8($7)
+	move	$8,$0
+	mfhi	($13,$10,$2)
+	mflo	($12,$10,$2)
+	sltu	$24,$13,$5
+.L_bn_div_3_words_inner_loop:
+	bnez	$24,.L_bn_div_3_words_inner_loop_done
+	sgeu	$1,$14,$12
+	seq	$25,$13,$5
+	and	$1,$25
+	sltu	$15,$12,$10
+	daddu	$5,$6
+	dsubu	$13,$15
+	dsubu	$12,$10
+	sltu	$24,$13,$5
+	sltu	$8,$5,$6
+	or	$24,$8
+	.set	noreorder
+	beqz	$1,.L_bn_div_3_words_inner_loop
+	dsubu	$2,1
+	daddu	$2,1
+	.set	reorder
+.L_bn_div_3_words_inner_loop_done:
+	.set	noreorder
+	jr	$31
+	move	$4,$2
+.end	bn_div_3_words_internal
+#endif
+
+.align	5
+.globl	bn_div_words
+.ent	bn_div_words
+bn_div_words:
+	.set	noreorder
+	bnez	$6,bn_div_words_internal
+	li	$2,-1		# I would rather signal div-by-zero
+				# which can be done with 'break 7'
+	jr	$31
+	move	$4,$2
+.end	bn_div_words
+
+.align	5
+.ent	bn_div_words_internal
+bn_div_words_internal:
+	move	$3,$0
+	bltz	$6,.L_bn_div_words_body
+	move	$25,$3
+	dsll	$6,1
+	bgtz	$6,.-4
+	addu	$25,1
+
+	.set	reorder
+	negu	$13,$25
+	li	$14,-1
+	dsll	$14,$13
+	and	$14,$4
+	dsrl	$1,$5,$13
+	.set	noreorder
+	beqz	$14,.+12
+	nop
+	break	6		# signal overflow
+	.set	reorder
+	dsll	$4,$25
+	dsll	$5,$25
+	or	$4,$1
+.L_bn_div_words_body:
+	dsrl	$3,$6,4*8	# bits
+	sgeu	$1,$4,$6
+	.set	noreorder
+	beqz	$1,.+12
+	nop
+	dsubu	$4,$6
+	.set	reorder
+
+	li	$8,-1
+	dsrl	$9,$4,4*8	# bits
+	dsrl	$8,4*8	# q=0xffffffff
+	beq	$3,$9,.L_bn_div_words_skip_div1
+	ddivu	($4,$3)
+	mfqt	($8,$4,$3)
+.L_bn_div_words_skip_div1:
+	dmultu	($6,$8)
+	dsll	$15,$4,4*8	# bits
+	dsrl	$1,$5,4*8	# bits
+	or	$15,$1
+	mflo	($12,$6,$8)
+	mfhi	($13,$6,$8)
+.L_bn_div_words_inner_loop1:
+	sltu	$14,$15,$12
+	seq	$24,$9,$13
+	sltu	$1,$9,$13
+	and	$14,$24
+	sltu	$2,$12,$6
+	or	$1,$14
+	.set	noreorder
+	beqz	$1,.L_bn_div_words_inner_loop1_done
+	dsubu	$13,$2
+	dsubu	$12,$6
+	b	.L_bn_div_words_inner_loop1
+	dsubu	$8,1
+	.set	reorder
+.L_bn_div_words_inner_loop1_done:
+
+	dsll	$5,4*8	# bits
+	dsubu	$4,$15,$12
+	dsll	$2,$8,4*8	# bits
+
+	li	$8,-1
+	dsrl	$9,$4,4*8	# bits
+	dsrl	$8,4*8	# q=0xffffffff
+	beq	$3,$9,.L_bn_div_words_skip_div2
+	ddivu	($4,$3)
+	mfqt	($8,$4,$3)
+.L_bn_div_words_skip_div2:
+	dmultu	($6,$8)
+	dsll	$15,$4,4*8	# bits
+	dsrl	$1,$5,4*8	# bits
+	or	$15,$1
+	mflo	($12,$6,$8)
+	mfhi	($13,$6,$8)
+.L_bn_div_words_inner_loop2:
+	sltu	$14,$15,$12
+	seq	$24,$9,$13
+	sltu	$1,$9,$13
+	and	$14,$24
+	sltu	$3,$12,$6
+	or	$1,$14
+	.set	noreorder
+	beqz	$1,.L_bn_div_words_inner_loop2_done
+	dsubu	$13,$3
+	dsubu	$12,$6
+	b	.L_bn_div_words_inner_loop2
+	dsubu	$8,1
+	.set	reorder
+.L_bn_div_words_inner_loop2_done:
+
+	dsubu	$4,$15,$12
+	or	$2,$8
+	dsrl	$3,$4,$25	# $3 contains remainder if anybody wants it
+	dsrl	$6,$25		# restore $6
+
+	.set	noreorder
+	move	$5,$3
+	jr	$31
+	move	$4,$2
+.end	bn_div_words_internal
+
+.align	5
+.globl	bn_mul_comba8
+.ent	bn_mul_comba8
+bn_mul_comba8:
+	.set	noreorder
+	.frame	$29,6*8,$31
+	.mask	0x003f0000,-8
+	dsubu $29,6*8
+	sd	$21,5*8($29)
+	sd	$20,4*8($29)
+	sd	$19,3*8($29)
+	sd	$18,2*8($29)
+	sd	$17,1*8($29)
+	sd	$16,0*8($29)
+
+	.set	reorder
+	ld	$12,0($5)	# If compiled with -mips3 option on
+				# R5000 box assembler barks on this
+				# 1ine with "should not have mult/div
+				# as last instruction in bb (R10K
+				# bug)" warning. If anybody out there
+				# has a clue about how to circumvent
+				# this do send me a note.
+				#		<appro@fy.chalmers.se>
+
+	ld	$8,0($6)
+	ld	$13,8($5)
+	ld	$14,2*8($5)
+	dmultu	($12,$8)		# mul_add_c(a[0],b[0],c1,c2,c3);
+	ld	$15,3*8($5)
+	ld	$9,8($6)
+	ld	$10,2*8($6)
+	ld	$11,3*8($6)
+	mflo	($2,$12,$8)
+	mfhi	($3,$12,$8)
+
+	ld	$16,4*8($5)
+	ld	$18,5*8($5)
+	dmultu	($12,$9)		# mul_add_c(a[0],b[1],c2,c3,c1);
+	ld	$20,6*8($5)
+	ld	$5,7*8($5)
+	ld	$17,4*8($6)
+	ld	$19,5*8($6)
+	mflo	($24,$12,$9)
+	mfhi	($25,$12,$9)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	dmultu	($13,$8)		# mul_add_c(a[1],b[0],c2,c3,c1);
+	daddu	$7,$25,$1
+	ld	$21,6*8($6)
+	ld	$6,7*8($6)
+	sd	$2,0($4)	# r[0]=c1;
+	mflo	($24,$13,$8)
+	mfhi	($25,$13,$8)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	 dmultu	($14,$8)		# mul_add_c(a[2],b[0],c3,c1,c2);
+	daddu	$25,$1
+	daddu	$7,$25
+	sltu	$2,$7,$25
+	sd	$3,8($4)	# r[1]=c2;
+
+	mflo	($24,$14,$8)
+	mfhi	($25,$14,$8)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	dmultu	($13,$9)		# mul_add_c(a[1],b[1],c3,c1,c2);
+	daddu	$25,$1
+	daddu	$2,$25
+	mflo	($24,$13,$9)
+	mfhi	($25,$13,$9)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	dmultu	($12,$10)		# mul_add_c(a[0],b[2],c3,c1,c2);
+	daddu	$25,$1
+	daddu	$2,$25
+	sltu	$3,$2,$25
+	mflo	($24,$12,$10)
+	mfhi	($25,$12,$10)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	 dmultu	($12,$11)		# mul_add_c(a[0],b[3],c1,c2,c3);
+	daddu	$25,$1
+	daddu	$2,$25
+	sltu	$1,$2,$25
+	daddu	$3,$1
+	sd	$7,2*8($4)	# r[2]=c3;
+
+	mflo	($24,$12,$11)
+	mfhi	($25,$12,$11)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	dmultu	($13,$10)		# mul_add_c(a[1],b[2],c1,c2,c3);
+	daddu	$25,$1
+	daddu	$3,$25
+	sltu	$7,$3,$25
+	mflo	($24,$13,$10)
+	mfhi	($25,$13,$10)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	dmultu	($14,$9)		# mul_add_c(a[2],b[1],c1,c2,c3);
+	daddu	$25,$1
+	daddu	$3,$25
+	sltu	$1,$3,$25
+	daddu	$7,$1
+	mflo	($24,$14,$9)
+	mfhi	($25,$14,$9)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	dmultu	($15,$8)		# mul_add_c(a[3],b[0],c1,c2,c3);
+	daddu	$25,$1
+	daddu	$3,$25
+	sltu	$1,$3,$25
+	daddu	$7,$1
+	mflo	($24,$15,$8)
+	mfhi	($25,$15,$8)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	 dmultu	($16,$8)		# mul_add_c(a[4],b[0],c2,c3,c1);
+	daddu	$25,$1
+	daddu	$3,$25
+	sltu	$1,$3,$25
+	daddu	$7,$1
+	sd	$2,3*8($4)	# r[3]=c1;
+
+	mflo	($24,$16,$8)
+	mfhi	($25,$16,$8)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	dmultu	($15,$9)		# mul_add_c(a[3],b[1],c2,c3,c1);
+	daddu	$25,$1
+	daddu	$7,$25
+	sltu	$2,$7,$25
+	mflo	($24,$15,$9)
+	mfhi	($25,$15,$9)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	dmultu	($14,$10)		# mul_add_c(a[2],b[2],c2,c3,c1);
+	daddu	$25,$1
+	daddu	$7,$25
+	sltu	$1,$7,$25
+	daddu	$2,$1
+	mflo	($24,$14,$10)
+	mfhi	($25,$14,$10)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	dmultu	($13,$11)		# mul_add_c(a[1],b[3],c2,c3,c1);
+	daddu	$25,$1
+	daddu	$7,$25
+	sltu	$1,$7,$25
+	daddu	$2,$1
+	mflo	($24,$13,$11)
+	mfhi	($25,$13,$11)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	dmultu	($12,$17)		# mul_add_c(a[0],b[4],c2,c3,c1);
+	daddu	$25,$1
+	daddu	$7,$25
+	sltu	$1,$7,$25
+	daddu	$2,$1
+	mflo	($24,$12,$17)
+	mfhi	($25,$12,$17)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	 dmultu	($12,$19)		# mul_add_c(a[0],b[5],c3,c1,c2);
+	daddu	$25,$1
+	daddu	$7,$25
+	sltu	$1,$7,$25
+	daddu	$2,$1
+	sd	$3,4*8($4)	# r[4]=c2;
+
+	mflo	($24,$12,$19)
+	mfhi	($25,$12,$19)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	dmultu	($13,$17)		# mul_add_c(a[1],b[4],c3,c1,c2);
+	daddu	$25,$1
+	daddu	$2,$25
+	sltu	$3,$2,$25
+	mflo	($24,$13,$17)
+	mfhi	($25,$13,$17)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	dmultu	($14,$11)		# mul_add_c(a[2],b[3],c3,c1,c2);
+	daddu	$25,$1
+	daddu	$2,$25
+	sltu	$1,$2,$25
+	daddu	$3,$1
+	mflo	($24,$14,$11)
+	mfhi	($25,$14,$11)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	dmultu	($15,$10)		# mul_add_c(a[3],b[2],c3,c1,c2);
+	daddu	$25,$1
+	daddu	$2,$25
+	sltu	$1,$2,$25
+	daddu	$3,$1
+	mflo	($24,$15,$10)
+	mfhi	($25,$15,$10)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	dmultu	($16,$9)		# mul_add_c(a[4],b[1],c3,c1,c2);
+	daddu	$25,$1
+	daddu	$2,$25
+	sltu	$1,$2,$25
+	daddu	$3,$1
+	mflo	($24,$16,$9)
+	mfhi	($25,$16,$9)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	dmultu	($18,$8)		# mul_add_c(a[5],b[0],c3,c1,c2);
+	daddu	$25,$1
+	daddu	$2,$25
+	sltu	$1,$2,$25
+	daddu	$3,$1
+	mflo	($24,$18,$8)
+	mfhi	($25,$18,$8)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	 dmultu	($20,$8)		# mul_add_c(a[6],b[0],c1,c2,c3);
+	daddu	$25,$1
+	daddu	$2,$25
+	sltu	$1,$2,$25
+	daddu	$3,$1
+	sd	$7,5*8($4)	# r[5]=c3;
+
+	mflo	($24,$20,$8)
+	mfhi	($25,$20,$8)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	dmultu	($18,$9)		# mul_add_c(a[5],b[1],c1,c2,c3);
+	daddu	$25,$1
+	daddu	$3,$25
+	sltu	$7,$3,$25
+	mflo	($24,$18,$9)
+	mfhi	($25,$18,$9)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	dmultu	($16,$10)		# mul_add_c(a[4],b[2],c1,c2,c3);
+	daddu	$25,$1
+	daddu	$3,$25
+	sltu	$1,$3,$25
+	daddu	$7,$1
+	mflo	($24,$16,$10)
+	mfhi	($25,$16,$10)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	dmultu	($15,$11)		# mul_add_c(a[3],b[3],c1,c2,c3);
+	daddu	$25,$1
+	daddu	$3,$25
+	sltu	$1,$3,$25
+	daddu	$7,$1
+	mflo	($24,$15,$11)
+	mfhi	($25,$15,$11)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	dmultu	($14,$17)		# mul_add_c(a[2],b[4],c1,c2,c3);
+	daddu	$25,$1
+	daddu	$3,$25
+	sltu	$1,$3,$25
+	daddu	$7,$1
+	mflo	($24,$14,$17)
+	mfhi	($25,$14,$17)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	dmultu	($13,$19)		# mul_add_c(a[1],b[5],c1,c2,c3);
+	daddu	$25,$1
+	daddu	$3,$25
+	sltu	$1,$3,$25
+	daddu	$7,$1
+	mflo	($24,$13,$19)
+	mfhi	($25,$13,$19)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	dmultu	($12,$21)		# mul_add_c(a[0],b[6],c1,c2,c3);
+	daddu	$25,$1
+	daddu	$3,$25
+	sltu	$1,$3,$25
+	daddu	$7,$1
+	mflo	($24,$12,$21)
+	mfhi	($25,$12,$21)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	 dmultu	($12,$6)		# mul_add_c(a[0],b[7],c2,c3,c1);
+	daddu	$25,$1
+	daddu	$3,$25
+	sltu	$1,$3,$25
+	daddu	$7,$1
+	sd	$2,6*8($4)	# r[6]=c1;
+
+	mflo	($24,$12,$6)
+	mfhi	($25,$12,$6)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	dmultu	($13,$21)		# mul_add_c(a[1],b[6],c2,c3,c1);
+	daddu	$25,$1
+	daddu	$7,$25
+	sltu	$2,$7,$25
+	mflo	($24,$13,$21)
+	mfhi	($25,$13,$21)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	dmultu	($14,$19)		# mul_add_c(a[2],b[5],c2,c3,c1);
+	daddu	$25,$1
+	daddu	$7,$25
+	sltu	$1,$7,$25
+	daddu	$2,$1
+	mflo	($24,$14,$19)
+	mfhi	($25,$14,$19)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	dmultu	($15,$17)		# mul_add_c(a[3],b[4],c2,c3,c1);
+	daddu	$25,$1
+	daddu	$7,$25
+	sltu	$1,$7,$25
+	daddu	$2,$1
+	mflo	($24,$15,$17)
+	mfhi	($25,$15,$17)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	dmultu	($16,$11)		# mul_add_c(a[4],b[3],c2,c3,c1);
+	daddu	$25,$1
+	daddu	$7,$25
+	sltu	$1,$7,$25
+	daddu	$2,$1
+	mflo	($24,$16,$11)
+	mfhi	($25,$16,$11)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	dmultu	($18,$10)		# mul_add_c(a[5],b[2],c2,c3,c1);
+	daddu	$25,$1
+	daddu	$7,$25
+	sltu	$1,$7,$25
+	daddu	$2,$1
+	mflo	($24,$18,$10)
+	mfhi	($25,$18,$10)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	dmultu	($20,$9)		# mul_add_c(a[6],b[1],c2,c3,c1);
+	daddu	$25,$1
+	daddu	$7,$25
+	sltu	$1,$7,$25
+	daddu	$2,$1
+	mflo	($24,$20,$9)
+	mfhi	($25,$20,$9)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	dmultu	($5,$8)		# mul_add_c(a[7],b[0],c2,c3,c1);
+	daddu	$25,$1
+	daddu	$7,$25
+	sltu	$1,$7,$25
+	daddu	$2,$1
+	mflo	($24,$5,$8)
+	mfhi	($25,$5,$8)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	 dmultu	($5,$9)		# mul_add_c(a[7],b[1],c3,c1,c2);
+	daddu	$25,$1
+	daddu	$7,$25
+	sltu	$1,$7,$25
+	daddu	$2,$1
+	sd	$3,7*8($4)	# r[7]=c2;
+
+	mflo	($24,$5,$9)
+	mfhi	($25,$5,$9)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	dmultu	($20,$10)		# mul_add_c(a[6],b[2],c3,c1,c2);
+	daddu	$25,$1
+	daddu	$2,$25
+	sltu	$3,$2,$25
+	mflo	($24,$20,$10)
+	mfhi	($25,$20,$10)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	dmultu	($18,$11)		# mul_add_c(a[5],b[3],c3,c1,c2);
+	daddu	$25,$1
+	daddu	$2,$25
+	sltu	$1,$2,$25
+	daddu	$3,$1
+	mflo	($24,$18,$11)
+	mfhi	($25,$18,$11)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	dmultu	($16,$17)		# mul_add_c(a[4],b[4],c3,c1,c2);
+	daddu	$25,$1
+	daddu	$2,$25
+	sltu	$1,$2,$25
+	daddu	$3,$1
+	mflo	($24,$16,$17)
+	mfhi	($25,$16,$17)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	dmultu	($15,$19)		# mul_add_c(a[3],b[5],c3,c1,c2);
+	daddu	$25,$1
+	daddu	$2,$25
+	sltu	$1,$2,$25
+	daddu	$3,$1
+	mflo	($24,$15,$19)
+	mfhi	($25,$15,$19)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	dmultu	($14,$21)		# mul_add_c(a[2],b[6],c3,c1,c2);
+	daddu	$25,$1
+	daddu	$2,$25
+	sltu	$1,$2,$25
+	daddu	$3,$1
+	mflo	($24,$14,$21)
+	mfhi	($25,$14,$21)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	dmultu	($13,$6)		# mul_add_c(a[1],b[7],c3,c1,c2);
+	daddu	$25,$1
+	daddu	$2,$25
+	sltu	$1,$2,$25
+	daddu	$3,$1
+	mflo	($24,$13,$6)
+	mfhi	($25,$13,$6)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	 dmultu	($14,$6)		# mul_add_c(a[2],b[7],c1,c2,c3);
+	daddu	$25,$1
+	daddu	$2,$25
+	sltu	$1,$2,$25
+	daddu	$3,$1
+	sd	$7,8*8($4)	# r[8]=c3;
+
+	mflo	($24,$14,$6)
+	mfhi	($25,$14,$6)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	dmultu	($15,$21)		# mul_add_c(a[3],b[6],c1,c2,c3);
+	daddu	$25,$1
+	daddu	$3,$25
+	sltu	$7,$3,$25
+	mflo	($24,$15,$21)
+	mfhi	($25,$15,$21)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	dmultu	($16,$19)		# mul_add_c(a[4],b[5],c1,c2,c3);
+	daddu	$25,$1
+	daddu	$3,$25
+	sltu	$1,$3,$25
+	daddu	$7,$1
+	mflo	($24,$16,$19)
+	mfhi	($25,$16,$19)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	dmultu	($18,$17)		# mul_add_c(a[5],b[4],c1,c2,c3);
+	daddu	$25,$1
+	daddu	$3,$25
+	sltu	$1,$3,$25
+	daddu	$7,$1
+	mflo	($24,$18,$17)
+	mfhi	($25,$18,$17)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	dmultu	($20,$11)		# mul_add_c(a[6],b[3],c1,c2,c3);
+	daddu	$25,$1
+	daddu	$3,$25
+	sltu	$1,$3,$25
+	daddu	$7,$1
+	mflo	($24,$20,$11)
+	mfhi	($25,$20,$11)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	dmultu	($5,$10)		# mul_add_c(a[7],b[2],c1,c2,c3);
+	daddu	$25,$1
+	daddu	$3,$25
+	sltu	$1,$3,$25
+	daddu	$7,$1
+	mflo	($24,$5,$10)
+	mfhi	($25,$5,$10)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	 dmultu	($5,$11)		# mul_add_c(a[7],b[3],c2,c3,c1);
+	daddu	$25,$1
+	daddu	$3,$25
+	sltu	$1,$3,$25
+	daddu	$7,$1
+	sd	$2,9*8($4)	# r[9]=c1;
+
+	mflo	($24,$5,$11)
+	mfhi	($25,$5,$11)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	dmultu	($20,$17)		# mul_add_c(a[6],b[4],c2,c3,c1);
+	daddu	$25,$1
+	daddu	$7,$25
+	sltu	$2,$7,$25
+	mflo	($24,$20,$17)
+	mfhi	($25,$20,$17)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	dmultu	($18,$19)		# mul_add_c(a[5],b[5],c2,c3,c1);
+	daddu	$25,$1
+	daddu	$7,$25
+	sltu	$1,$7,$25
+	daddu	$2,$1
+	mflo	($24,$18,$19)
+	mfhi	($25,$18,$19)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	dmultu	($16,$21)		# mul_add_c(a[4],b[6],c2,c3,c1);
+	daddu	$25,$1
+	daddu	$7,$25
+	sltu	$1,$7,$25
+	daddu	$2,$1
+	mflo	($24,$16,$21)
+	mfhi	($25,$16,$21)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	dmultu	($15,$6)		# mul_add_c(a[3],b[7],c2,c3,c1);
+	daddu	$25,$1
+	daddu	$7,$25
+	sltu	$1,$7,$25
+	daddu	$2,$1
+	mflo	($24,$15,$6)
+	mfhi	($25,$15,$6)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	dmultu	($16,$6)		# mul_add_c(a[4],b[7],c3,c1,c2);
+	daddu	$25,$1
+	daddu	$7,$25
+	sltu	$1,$7,$25
+	daddu	$2,$1
+	sd	$3,10*8($4)	# r[10]=c2;
+
+	mflo	($24,$16,$6)
+	mfhi	($25,$16,$6)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	dmultu	($18,$21)		# mul_add_c(a[5],b[6],c3,c1,c2);
+	daddu	$25,$1
+	daddu	$2,$25
+	sltu	$3,$2,$25
+	mflo	($24,$18,$21)
+	mfhi	($25,$18,$21)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	dmultu	($20,$19)		# mul_add_c(a[6],b[5],c3,c1,c2);
+	daddu	$25,$1
+	daddu	$2,$25
+	sltu	$1,$2,$25
+	daddu	$3,$1
+	mflo	($24,$20,$19)
+	mfhi	($25,$20,$19)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	dmultu	($5,$17)		# mul_add_c(a[7],b[4],c3,c1,c2);
+	daddu	$25,$1
+	daddu	$2,$25
+	sltu	$1,$2,$25
+	daddu	$3,$1
+	mflo	($24,$5,$17)
+	mfhi	($25,$5,$17)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	 dmultu	($5,$19)		# mul_add_c(a[7],b[5],c1,c2,c3);
+	daddu	$25,$1
+	daddu	$2,$25
+	sltu	$1,$2,$25
+	daddu	$3,$1
+	sd	$7,11*8($4)	# r[11]=c3;
+
+	mflo	($24,$5,$19)
+	mfhi	($25,$5,$19)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	dmultu	($20,$21)		# mul_add_c(a[6],b[6],c1,c2,c3);
+	daddu	$25,$1
+	daddu	$3,$25
+	sltu	$7,$3,$25
+	mflo	($24,$20,$21)
+	mfhi	($25,$20,$21)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	dmultu	($18,$6)		# mul_add_c(a[5],b[7],c1,c2,c3);
+	daddu	$25,$1
+	daddu	$3,$25
+	sltu	$1,$3,$25
+	daddu	$7,$1
+	mflo	($24,$18,$6)
+	mfhi	($25,$18,$6)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	 dmultu	($20,$6)		# mul_add_c(a[6],b[7],c2,c3,c1);
+	daddu	$25,$1
+	daddu	$3,$25
+	sltu	$1,$3,$25
+	daddu	$7,$1
+	sd	$2,12*8($4)	# r[12]=c1;
+
+	mflo	($24,$20,$6)
+	mfhi	($25,$20,$6)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	dmultu	($5,$21)		# mul_add_c(a[7],b[6],c2,c3,c1);
+	daddu	$25,$1
+	daddu	$7,$25
+	sltu	$2,$7,$25
+	mflo	($24,$5,$21)
+	mfhi	($25,$5,$21)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	dmultu	($5,$6)		# mul_add_c(a[7],b[7],c3,c1,c2);
+	daddu	$25,$1
+	daddu	$7,$25
+	sltu	$1,$7,$25
+	daddu	$2,$1
+	sd	$3,13*8($4)	# r[13]=c2;
+
+	mflo	($24,$5,$6)
+	mfhi	($25,$5,$6)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	daddu	$25,$1
+	daddu	$2,$25
+	sd	$7,14*8($4)	# r[14]=c3;
+	sd	$2,15*8($4)	# r[15]=c1;
+
+	.set	noreorder
+	ld	$21,5*8($29)
+	ld	$20,4*8($29)
+	ld	$19,3*8($29)
+	ld	$18,2*8($29)
+	ld	$17,1*8($29)
+	ld	$16,0*8($29)
+	jr	$31
+	daddu $29,6*8
+.end	bn_mul_comba8
+
+.align	5
+.globl	bn_mul_comba4
+.ent	bn_mul_comba4
+bn_mul_comba4:
+	.set	reorder
+	ld	$12,0($5)
+	ld	$8,0($6)
+	ld	$13,8($5)
+	ld	$14,2*8($5)
+	dmultu	($12,$8)		# mul_add_c(a[0],b[0],c1,c2,c3);
+	ld	$15,3*8($5)
+	ld	$9,8($6)
+	ld	$10,2*8($6)
+	ld	$11,3*8($6)
+	mflo	($2,$12,$8)
+	mfhi	($3,$12,$8)
+	sd	$2,0($4)
+
+	dmultu	($12,$9)		# mul_add_c(a[0],b[1],c2,c3,c1);
+	mflo	($24,$12,$9)
+	mfhi	($25,$12,$9)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	dmultu	($13,$8)		# mul_add_c(a[1],b[0],c2,c3,c1);
+	daddu	$7,$25,$1
+	mflo	($24,$13,$8)
+	mfhi	($25,$13,$8)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	 dmultu	($14,$8)		# mul_add_c(a[2],b[0],c3,c1,c2);
+	daddu	$25,$1
+	daddu	$7,$25
+	sltu	$2,$7,$25
+	sd	$3,8($4)
+
+	mflo	($24,$14,$8)
+	mfhi	($25,$14,$8)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	dmultu	($13,$9)		# mul_add_c(a[1],b[1],c3,c1,c2);
+	daddu	$25,$1
+	daddu	$2,$25
+	mflo	($24,$13,$9)
+	mfhi	($25,$13,$9)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	dmultu	($12,$10)		# mul_add_c(a[0],b[2],c3,c1,c2);
+	daddu	$25,$1
+	daddu	$2,$25
+	sltu	$3,$2,$25
+	mflo	($24,$12,$10)
+	mfhi	($25,$12,$10)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	 dmultu	($12,$11)		# mul_add_c(a[0],b[3],c1,c2,c3);
+	daddu	$25,$1
+	daddu	$2,$25
+	sltu	$1,$2,$25
+	daddu	$3,$1
+	sd	$7,2*8($4)
+
+	mflo	($24,$12,$11)
+	mfhi	($25,$12,$11)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	dmultu	($13,$10)		# mul_add_c(a[1],b[2],c1,c2,c3);
+	daddu	$25,$1
+	daddu	$3,$25
+	sltu	$7,$3,$25
+	mflo	($24,$13,$10)
+	mfhi	($25,$13,$10)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	dmultu	($14,$9)		# mul_add_c(a[2],b[1],c1,c2,c3);
+	daddu	$25,$1
+	daddu	$3,$25
+	sltu	$1,$3,$25
+	daddu	$7,$1
+	mflo	($24,$14,$9)
+	mfhi	($25,$14,$9)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	dmultu	($15,$8)		# mul_add_c(a[3],b[0],c1,c2,c3);
+	daddu	$25,$1
+	daddu	$3,$25
+	sltu	$1,$3,$25
+	daddu	$7,$1
+	mflo	($24,$15,$8)
+	mfhi	($25,$15,$8)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	 dmultu	($15,$9)		# mul_add_c(a[3],b[1],c2,c3,c1);
+	daddu	$25,$1
+	daddu	$3,$25
+	sltu	$1,$3,$25
+	daddu	$7,$1
+	sd	$2,3*8($4)
+
+	mflo	($24,$15,$9)
+	mfhi	($25,$15,$9)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	dmultu	($14,$10)		# mul_add_c(a[2],b[2],c2,c3,c1);
+	daddu	$25,$1
+	daddu	$7,$25
+	sltu	$2,$7,$25
+	mflo	($24,$14,$10)
+	mfhi	($25,$14,$10)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	dmultu	($13,$11)		# mul_add_c(a[1],b[3],c2,c3,c1);
+	daddu	$25,$1
+	daddu	$7,$25
+	sltu	$1,$7,$25
+	daddu	$2,$1
+	mflo	($24,$13,$11)
+	mfhi	($25,$13,$11)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	 dmultu	($14,$11)		# mul_add_c(a[2],b[3],c3,c1,c2);
+	daddu	$25,$1
+	daddu	$7,$25
+	sltu	$1,$7,$25
+	daddu	$2,$1
+	sd	$3,4*8($4)
+
+	mflo	($24,$14,$11)
+	mfhi	($25,$14,$11)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	dmultu	($15,$10)		# mul_add_c(a[3],b[2],c3,c1,c2);
+	daddu	$25,$1
+	daddu	$2,$25
+	sltu	$3,$2,$25
+	mflo	($24,$15,$10)
+	mfhi	($25,$15,$10)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	 dmultu	($15,$11)		# mul_add_c(a[3],b[3],c1,c2,c3);
+	daddu	$25,$1
+	daddu	$2,$25
+	sltu	$1,$2,$25
+	daddu	$3,$1
+	sd	$7,5*8($4)
+
+	mflo	($24,$15,$11)
+	mfhi	($25,$15,$11)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	daddu	$25,$1
+	daddu	$3,$25
+	sd	$2,6*8($4)
+	sd	$3,7*8($4)
+
+	.set	noreorder
+	jr	$31
+	nop
+.end	bn_mul_comba4
+
+.align	5
+.globl	bn_sqr_comba8
+.ent	bn_sqr_comba8
+bn_sqr_comba8:
+	.set	reorder
+	ld	$12,0($5)
+	ld	$13,8($5)
+	ld	$14,2*8($5)
+	ld	$15,3*8($5)
+
+	dmultu	($12,$12)		# mul_add_c(a[0],b[0],c1,c2,c3);
+	ld	$8,4*8($5)
+	ld	$9,5*8($5)
+	ld	$10,6*8($5)
+	ld	$11,7*8($5)
+	mflo	($2,$12,$12)
+	mfhi	($3,$12,$12)
+	sd	$2,0($4)
+
+	dmultu	($12,$13)		# mul_add_c2(a[0],b[1],c2,c3,c1);
+	mflo	($24,$12,$13)
+	mfhi	($25,$12,$13)
+	slt	$2,$25,$0
+	dsll	$25,1
+	 dmultu	($14,$12)		# mul_add_c2(a[2],b[0],c3,c1,c2);
+	slt	$6,$24,$0
+	daddu	$25,$6
+	dsll	$24,1
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	daddu	$7,$25,$1
+	sd	$3,8($4)
+	mflo	($24,$14,$12)
+	mfhi	($25,$14,$12)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	 dmultu	($13,$13)		# forward multiplication
+	daddu	$7,$24
+	daddu	$1,$25
+	sltu	$24,$7,$24
+	daddu	$2,$1
+	daddu	$25,$24
+	sltu	$3,$2,$1
+	daddu	$2,$25
+	sltu	$25,$2,$25
+	daddu	$3,$25
+	mflo	($24,$13,$13)
+	mfhi	($25,$13,$13)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	 dmultu	($12,$15)		# mul_add_c2(a[0],b[3],c1,c2,c3);
+	daddu	$25,$1
+	daddu	$2,$25
+	sltu	$1,$2,$25
+	daddu	$3,$1
+	sd	$7,2*8($4)
+	mflo	($24,$12,$15)
+	mfhi	($25,$12,$15)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	 dmultu	($13,$14)		# forward multiplication
+	daddu	$2,$24
+	daddu	$1,$25
+	sltu	$24,$2,$24
+	daddu	$3,$1
+	daddu	$25,$24
+	sltu	$7,$3,$1
+	daddu	$3,$25
+	sltu	$25,$3,$25
+	daddu	$7,$25
+	mflo	($24,$13,$14)
+	mfhi	($25,$13,$14)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	 dmultu	($8,$12)		# forward multiplication
+	daddu	$2,$24
+	daddu	$1,$25
+	sltu	$24,$2,$24
+	daddu	$3,$1
+	daddu	$25,$24
+	sltu	$1,$3,$1
+	daddu	$3,$25
+	daddu	$7,$1
+	sltu	$25,$3,$25
+	daddu	$7,$25
+	mflo	($24,$8,$12)
+	mfhi	($25,$8,$12)
+	sd	$2,3*8($4)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	 dmultu	($15,$13)		# forward multiplication
+	daddu	$3,$24
+	daddu	$1,$25
+	sltu	$24,$3,$24
+	daddu	$7,$1
+	daddu	$25,$24
+	sltu	$2,$7,$1
+	daddu	$7,$25
+	sltu	$25,$7,$25
+	daddu	$2,$25
+	mflo	($24,$15,$13)
+	mfhi	($25,$15,$13)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	 dmultu	($14,$14)		# forward multiplication
+	daddu	$3,$24
+	daddu	$1,$25
+	sltu	$24,$3,$24
+	daddu	$7,$1
+	daddu	$25,$24
+	sltu	$1,$7,$1
+	daddu	$7,$25
+	daddu	$2,$1
+	sltu	$25,$7,$25
+	daddu	$2,$25
+	mflo	($24,$14,$14)
+	mfhi	($25,$14,$14)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	 dmultu	($12,$9)		# mul_add_c2(a[0],b[5],c3,c1,c2);
+	daddu	$25,$1
+	daddu	$7,$25
+	sltu	$1,$7,$25
+	daddu	$2,$1
+	sd	$3,4*8($4)
+	mflo	($24,$12,$9)
+	mfhi	($25,$12,$9)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	 dmultu	($13,$8)		# forward multiplication
+	daddu	$7,$24
+	daddu	$1,$25
+	sltu	$24,$7,$24
+	daddu	$2,$1
+	daddu	$25,$24
+	sltu	$3,$2,$1
+	daddu	$2,$25
+	sltu	$25,$2,$25
+	daddu	$3,$25
+	mflo	($24,$13,$8)
+	mfhi	($25,$13,$8)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	 dmultu	($14,$15)		# forward multiplication
+	daddu	$7,$24
+	daddu	$1,$25
+	sltu	$24,$7,$24
+	daddu	$2,$1
+	daddu	$25,$24
+	sltu	$1,$2,$1
+	daddu	$2,$25
+	daddu	$3,$1
+	sltu	$25,$2,$25
+	daddu	$3,$25
+	mflo	($24,$14,$15)
+	mfhi	($25,$14,$15)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	 dmultu	($10,$12)		# forward multiplication
+	daddu	$7,$24
+	daddu	$1,$25
+	sltu	$24,$7,$24
+	daddu	$2,$1
+	daddu	$25,$24
+	sltu	$1,$2,$1
+	daddu	$2,$25
+	daddu	$3,$1
+	sltu	$25,$2,$25
+	daddu	$3,$25
+	mflo	($24,$10,$12)
+	mfhi	($25,$10,$12)
+	sd	$7,5*8($4)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	 dmultu	($9,$13)		# forward multiplication
+	daddu	$2,$24
+	daddu	$1,$25
+	sltu	$24,$2,$24
+	daddu	$3,$1
+	daddu	$25,$24
+	sltu	$7,$3,$1
+	daddu	$3,$25
+	sltu	$25,$3,$25
+	daddu	$7,$25
+	mflo	($24,$9,$13)
+	mfhi	($25,$9,$13)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	 dmultu	($8,$14)		# forward multiplication
+	daddu	$2,$24
+	daddu	$1,$25
+	sltu	$24,$2,$24
+	daddu	$3,$1
+	daddu	$25,$24
+	sltu	$1,$3,$1
+	daddu	$3,$25
+	daddu	$7,$1
+	sltu	$25,$3,$25
+	daddu	$7,$25
+	mflo	($24,$8,$14)
+	mfhi	($25,$8,$14)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	 dmultu	($15,$15)		# forward multiplication
+	daddu	$2,$24
+	daddu	$1,$25
+	sltu	$24,$2,$24
+	daddu	$3,$1
+	daddu	$25,$24
+	sltu	$1,$3,$1
+	daddu	$3,$25
+	daddu	$7,$1
+	sltu	$25,$3,$25
+	daddu	$7,$25
+	mflo	($24,$15,$15)
+	mfhi	($25,$15,$15)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	 dmultu	($12,$11)		# mul_add_c2(a[0],b[7],c2,c3,c1);
+	daddu	$25,$1
+	daddu	$3,$25
+	sltu	$1,$3,$25
+	daddu	$7,$1
+	sd	$2,6*8($4)
+	mflo	($24,$12,$11)
+	mfhi	($25,$12,$11)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	 dmultu	($13,$10)		# forward multiplication
+	daddu	$3,$24
+	daddu	$1,$25
+	sltu	$24,$3,$24
+	daddu	$7,$1
+	daddu	$25,$24
+	sltu	$2,$7,$1
+	daddu	$7,$25
+	sltu	$25,$7,$25
+	daddu	$2,$25
+	mflo	($24,$13,$10)
+	mfhi	($25,$13,$10)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	 dmultu	($14,$9)		# forward multiplication
+	daddu	$3,$24
+	daddu	$1,$25
+	sltu	$24,$3,$24
+	daddu	$7,$1
+	daddu	$25,$24
+	sltu	$1,$7,$1
+	daddu	$7,$25
+	daddu	$2,$1
+	sltu	$25,$7,$25
+	daddu	$2,$25
+	mflo	($24,$14,$9)
+	mfhi	($25,$14,$9)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	 dmultu	($15,$8)		# forward multiplication
+	daddu	$3,$24
+	daddu	$1,$25
+	sltu	$24,$3,$24
+	daddu	$7,$1
+	daddu	$25,$24
+	sltu	$1,$7,$1
+	daddu	$7,$25
+	daddu	$2,$1
+	sltu	$25,$7,$25
+	daddu	$2,$25
+	mflo	($24,$15,$8)
+	mfhi	($25,$15,$8)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	 dmultu	($11,$13)		# forward multiplication
+	daddu	$3,$24
+	daddu	$1,$25
+	sltu	$24,$3,$24
+	daddu	$7,$1
+	daddu	$25,$24
+	sltu	$1,$7,$1
+	daddu	$7,$25
+	daddu	$2,$1
+	sltu	$25,$7,$25
+	daddu	$2,$25
+	mflo	($24,$11,$13)
+	mfhi	($25,$11,$13)
+	sd	$3,7*8($4)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	 dmultu	($10,$14)		# forward multiplication
+	daddu	$7,$24
+	daddu	$1,$25
+	sltu	$24,$7,$24
+	daddu	$2,$1
+	daddu	$25,$24
+	sltu	$3,$2,$1
+	daddu	$2,$25
+	sltu	$25,$2,$25
+	daddu	$3,$25
+	mflo	($24,$10,$14)
+	mfhi	($25,$10,$14)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	 dmultu	($9,$15)		# forward multiplication
+	daddu	$7,$24
+	daddu	$1,$25
+	sltu	$24,$7,$24
+	daddu	$2,$1
+	daddu	$25,$24
+	sltu	$1,$2,$1
+	daddu	$2,$25
+	daddu	$3,$1
+	sltu	$25,$2,$25
+	daddu	$3,$25
+	mflo	($24,$9,$15)
+	mfhi	($25,$9,$15)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	 dmultu	($8,$8)		# forward multiplication
+	daddu	$7,$24
+	daddu	$1,$25
+	sltu	$24,$7,$24
+	daddu	$2,$1
+	daddu	$25,$24
+	sltu	$1,$2,$1
+	daddu	$2,$25
+	daddu	$3,$1
+	sltu	$25,$2,$25
+	daddu	$3,$25
+	mflo	($24,$8,$8)
+	mfhi	($25,$8,$8)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	 dmultu	($14,$11)		# mul_add_c2(a[2],b[7],c1,c2,c3);
+	daddu	$25,$1
+	daddu	$2,$25
+	sltu	$1,$2,$25
+	daddu	$3,$1
+	sd	$7,8*8($4)
+	mflo	($24,$14,$11)
+	mfhi	($25,$14,$11)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	 dmultu	($15,$10)		# forward multiplication
+	daddu	$2,$24
+	daddu	$1,$25
+	sltu	$24,$2,$24
+	daddu	$3,$1
+	daddu	$25,$24
+	sltu	$7,$3,$1
+	daddu	$3,$25
+	sltu	$25,$3,$25
+	daddu	$7,$25
+	mflo	($24,$15,$10)
+	mfhi	($25,$15,$10)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	 dmultu	($8,$9)		# forward multiplication
+	daddu	$2,$24
+	daddu	$1,$25
+	sltu	$24,$2,$24
+	daddu	$3,$1
+	daddu	$25,$24
+	sltu	$1,$3,$1
+	daddu	$3,$25
+	daddu	$7,$1
+	sltu	$25,$3,$25
+	daddu	$7,$25
+	mflo	($24,$8,$9)
+	mfhi	($25,$8,$9)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	 dmultu	($11,$15)		# forward multiplication
+	daddu	$2,$24
+	daddu	$1,$25
+	sltu	$24,$2,$24
+	daddu	$3,$1
+	daddu	$25,$24
+	sltu	$1,$3,$1
+	daddu	$3,$25
+	daddu	$7,$1
+	sltu	$25,$3,$25
+	daddu	$7,$25
+	mflo	($24,$11,$15)
+	mfhi	($25,$11,$15)
+	sd	$2,9*8($4)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	 dmultu	($10,$8)		# forward multiplication
+	daddu	$3,$24
+	daddu	$1,$25
+	sltu	$24,$3,$24
+	daddu	$7,$1
+	daddu	$25,$24
+	sltu	$2,$7,$1
+	daddu	$7,$25
+	sltu	$25,$7,$25
+	daddu	$2,$25
+	mflo	($24,$10,$8)
+	mfhi	($25,$10,$8)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	 dmultu	($9,$9)		# forward multiplication
+	daddu	$3,$24
+	daddu	$1,$25
+	sltu	$24,$3,$24
+	daddu	$7,$1
+	daddu	$25,$24
+	sltu	$1,$7,$1
+	daddu	$7,$25
+	daddu	$2,$1
+	sltu	$25,$7,$25
+	daddu	$2,$25
+	mflo	($24,$9,$9)
+	mfhi	($25,$9,$9)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	 dmultu	($8,$11)		# mul_add_c2(a[4],b[7],c3,c1,c2);
+	daddu	$25,$1
+	daddu	$7,$25
+	sltu	$1,$7,$25
+	daddu	$2,$1
+	sd	$3,10*8($4)
+	mflo	($24,$8,$11)
+	mfhi	($25,$8,$11)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	 dmultu	($9,$10)		# forward multiplication
+	daddu	$7,$24
+	daddu	$1,$25
+	sltu	$24,$7,$24
+	daddu	$2,$1
+	daddu	$25,$24
+	sltu	$3,$2,$1
+	daddu	$2,$25
+	sltu	$25,$2,$25
+	daddu	$3,$25
+	mflo	($24,$9,$10)
+	mfhi	($25,$9,$10)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	 dmultu	($11,$9)		# forward multiplication
+	daddu	$7,$24
+	daddu	$1,$25
+	sltu	$24,$7,$24
+	daddu	$2,$1
+	daddu	$25,$24
+	sltu	$1,$2,$1
+	daddu	$2,$25
+	daddu	$3,$1
+	sltu	$25,$2,$25
+	daddu	$3,$25
+	mflo	($24,$11,$9)
+	mfhi	($25,$11,$9)
+	sd	$7,11*8($4)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	 dmultu	($10,$10)		# forward multiplication
+	daddu	$2,$24
+	daddu	$1,$25
+	sltu	$24,$2,$24
+	daddu	$3,$1
+	daddu	$25,$24
+	sltu	$7,$3,$1
+	daddu	$3,$25
+	sltu	$25,$3,$25
+	daddu	$7,$25
+	mflo	($24,$10,$10)
+	mfhi	($25,$10,$10)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	 dmultu	($10,$11)		# mul_add_c2(a[6],b[7],c2,c3,c1);
+	daddu	$25,$1
+	daddu	$3,$25
+	sltu	$1,$3,$25
+	daddu	$7,$1
+	sd	$2,12*8($4)
+	mflo	($24,$10,$11)
+	mfhi	($25,$10,$11)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	 dmultu	($11,$11)		# forward multiplication
+	daddu	$3,$24
+	daddu	$1,$25
+	sltu	$24,$3,$24
+	daddu	$7,$1
+	daddu	$25,$24
+	sltu	$2,$7,$1
+	daddu	$7,$25
+	sltu	$25,$7,$25
+	daddu	$2,$25
+	mflo	($24,$11,$11)
+	mfhi	($25,$11,$11)
+	sd	$3,13*8($4)
+
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	daddu	$25,$1
+	daddu	$2,$25
+	sd	$7,14*8($4)
+	sd	$2,15*8($4)
+
+	.set	noreorder
+	jr	$31
+	nop
+.end	bn_sqr_comba8
+
+.align	5
+.globl	bn_sqr_comba4
+.ent	bn_sqr_comba4
+bn_sqr_comba4:
+	.set	reorder
+	ld	$12,0($5)
+	ld	$13,8($5)
+	dmultu	($12,$12)		# mul_add_c(a[0],b[0],c1,c2,c3);
+	ld	$14,2*8($5)
+	ld	$15,3*8($5)
+	mflo	($2,$12,$12)
+	mfhi	($3,$12,$12)
+	sd	$2,0($4)
+
+	dmultu	($12,$13)		# mul_add_c2(a[0],b[1],c2,c3,c1);
+	mflo	($24,$12,$13)
+	mfhi	($25,$12,$13)
+	slt	$2,$25,$0
+	dsll	$25,1
+	 dmultu	($14,$12)		# mul_add_c2(a[2],b[0],c3,c1,c2);
+	slt	$6,$24,$0
+	daddu	$25,$6
+	dsll	$24,1
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	daddu	$7,$25,$1
+	sd	$3,8($4)
+	mflo	($24,$14,$12)
+	mfhi	($25,$14,$12)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	 dmultu	($13,$13)		# forward multiplication
+	daddu	$7,$24
+	daddu	$1,$25
+	sltu	$24,$7,$24
+	daddu	$2,$1
+	daddu	$25,$24
+	sltu	$3,$2,$1
+	daddu	$2,$25
+	sltu	$25,$2,$25
+	daddu	$3,$25
+	mflo	($24,$13,$13)
+	mfhi	($25,$13,$13)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	 dmultu	($12,$15)		# mul_add_c2(a[0],b[3],c1,c2,c3);
+	daddu	$25,$1
+	daddu	$2,$25
+	sltu	$1,$2,$25
+	daddu	$3,$1
+	sd	$7,2*8($4)
+	mflo	($24,$12,$15)
+	mfhi	($25,$12,$15)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	 dmultu	($13,$14)		# forward multiplication
+	daddu	$2,$24
+	daddu	$1,$25
+	sltu	$24,$2,$24
+	daddu	$3,$1
+	daddu	$25,$24
+	sltu	$7,$3,$1
+	daddu	$3,$25
+	sltu	$25,$3,$25
+	daddu	$7,$25
+	mflo	($24,$13,$14)
+	mfhi	($25,$13,$14)
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	 dmultu	($15,$13)		# forward multiplication
+	daddu	$2,$24
+	daddu	$1,$25
+	sltu	$24,$2,$24
+	daddu	$3,$1
+	daddu	$25,$24
+	sltu	$1,$3,$1
+	daddu	$3,$25
+	daddu	$7,$1
+	sltu	$25,$3,$25
+	daddu	$7,$25
+	mflo	($24,$15,$13)
+	mfhi	($25,$15,$13)
+	sd	$2,3*8($4)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	 dmultu	($14,$14)		# forward multiplication
+	daddu	$3,$24
+	daddu	$1,$25
+	sltu	$24,$3,$24
+	daddu	$7,$1
+	daddu	$25,$24
+	sltu	$2,$7,$1
+	daddu	$7,$25
+	sltu	$25,$7,$25
+	daddu	$2,$25
+	mflo	($24,$14,$14)
+	mfhi	($25,$14,$14)
+	daddu	$3,$24
+	sltu	$1,$3,$24
+	 dmultu	($14,$15)		# mul_add_c2(a[2],b[3],c3,c1,c2);
+	daddu	$25,$1
+	daddu	$7,$25
+	sltu	$1,$7,$25
+	daddu	$2,$1
+	sd	$3,4*8($4)
+	mflo	($24,$14,$15)
+	mfhi	($25,$14,$15)
+	daddu	$7,$24
+	sltu	$1,$7,$24
+	 dmultu	($15,$15)		# forward multiplication
+	daddu	$7,$24
+	daddu	$1,$25
+	sltu	$24,$7,$24
+	daddu	$2,$1
+	daddu	$25,$24
+	sltu	$3,$2,$1
+	daddu	$2,$25
+	sltu	$25,$2,$25
+	daddu	$3,$25
+	mflo	($24,$15,$15)
+	mfhi	($25,$15,$15)
+	sd	$7,5*8($4)
+
+	daddu	$2,$24
+	sltu	$1,$2,$24
+	daddu	$25,$1
+	daddu	$3,$25
+	sd	$2,6*8($4)
+	sd	$3,7*8($4)
+
+	.set	noreorder
+	jr	$31
+	nop
+.end	bn_sqr_comba4
diff --git a/deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/bn/mips-mont.S b/deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/bn/mips-mont.S
new file mode 100644
index 00000000000000..f107837fa17663
--- /dev/null
+++ b/deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/bn/mips-mont.S
@@ -0,0 +1,282 @@
+#include "mips_arch.h"
+
+.text
+
+.set	noat
+.set	noreorder
+
+.align	5
+.globl	bn_mul_mont
+.ent	bn_mul_mont
+bn_mul_mont:
+	slt	$1,$9,4
+	bnez	$1,1f
+	li	$2,0
+	slt	$1,$9,17	# on in-order CPU
+	bnez	$1,bn_mul_mont_internal
+	nop
+1:	jr	$31
+	li	$4,0
+.end	bn_mul_mont
+
+.align	5
+.ent	bn_mul_mont_internal
+bn_mul_mont_internal:
+	.frame	$30,14*8,$31
+	.mask	0x40000000|16711680,-8
+	dsubu $29,14*8
+	sd	$30,(14-1)*8($29)
+	sd	$23,(14-2)*8($29)
+	sd	$22,(14-3)*8($29)
+	sd	$21,(14-4)*8($29)
+	sd	$20,(14-5)*8($29)
+	sd	$19,(14-6)*8($29)
+	sd	$18,(14-7)*8($29)
+	sd	$17,(14-8)*8($29)
+	sd	$16,(14-9)*8($29)
+	move	$30,$29
+
+	.set	reorder
+	ld	$8,0($8)
+	ld	$13,0($6)	# bp[0]
+	ld	$12,0($5)	# ap[0]
+	ld	$14,0($7)	# np[0]
+
+	dsubu $29,2*8	# place for two extra words
+	sll	$9,3
+	li	$1,-4096
+	dsubu $29,$9
+	and	$29,$1
+
+	dmultu	($12,$13)
+	ld	$17,8($5)
+	ld	$19,8($7)
+	mflo	($10,$12,$13)
+	mfhi	($11,$12,$13)
+	dmultu	($10,$8)
+	mflo	($23,$10,$8)
+
+	dmultu	($17,$13)
+	mflo	($16,$17,$13)
+	mfhi	($17,$17,$13)
+
+	dmultu	($14,$23)
+	mflo	($24,$14,$23)
+	mfhi	($25,$14,$23)
+	dmultu	($19,$23)
+	daddu	$24,$10
+	sltu	$1,$24,$10
+	daddu	$25,$1
+	mflo	($18,$19,$23)
+	mfhi	($19,$19,$23)
+
+	move	$15,$29
+	li	$22,2*8
+.align	4
+.L1st:
+	.set	noreorder
+	daddu $12,$5,$22
+	daddu $14,$7,$22
+	ld	$12,($12)
+	ld	$14,($14)
+
+	dmultu	($12,$13)
+	daddu	$10,$16,$11
+	daddu	$24,$18,$25
+	sltu	$1,$10,$11
+	sltu	$2,$24,$25
+	daddu	$11,$17,$1
+	daddu	$25,$19,$2
+	mflo	($16,$12,$13)
+	mfhi	($17,$12,$13)
+
+	daddu	$24,$10
+	sltu	$1,$24,$10
+	dmultu	($14,$23)
+	daddu	$25,$1
+	addu	$22,8
+	sd	$24,($15)
+	sltu	$2,$22,$9
+	mflo	($18,$14,$23)
+	mfhi	($19,$14,$23)
+
+	bnez	$2,.L1st
+	daddu $15,8
+	.set	reorder
+
+	daddu	$10,$16,$11
+	sltu	$1,$10,$11
+	daddu	$11,$17,$1
+
+	daddu	$24,$18,$25
+	sltu	$2,$24,$25
+	daddu	$25,$19,$2
+	daddu	$24,$10
+	sltu	$1,$24,$10
+	daddu	$25,$1
+
+	sd	$24,($15)
+
+	daddu	$25,$11
+	sltu	$1,$25,$11
+	sd	$25,8($15)
+	sd	$1,2*8($15)
+
+	li	$21,8
+.align	4
+.Louter:
+	daddu $13,$6,$21
+	ld	$13,($13)
+	ld	$12,($5)
+	ld	$17,8($5)
+	ld	$20,($29)
+
+	dmultu	($12,$13)
+	ld	$14,($7)
+	ld	$19,8($7)
+	mflo	($10,$12,$13)
+	mfhi	($11,$12,$13)
+	daddu	$10,$20
+	dmultu	($10,$8)
+	sltu	$1,$10,$20
+	daddu	$11,$1
+	mflo	($23,$10,$8)
+
+	dmultu	($17,$13)
+	mflo	($16,$17,$13)
+	mfhi	($17,$17,$13)
+
+	dmultu	($14,$23)
+	mflo	($24,$14,$23)
+	mfhi	($25,$14,$23)
+
+	dmultu	($19,$23)
+	daddu	$24,$10
+	sltu	$1,$24,$10
+	daddu	$25,$1
+	mflo	($18,$19,$23)
+	mfhi	($19,$19,$23)
+
+	move	$15,$29
+	li	$22,2*8
+	ld	$20,8($15)
+.align	4
+.Linner:
+	.set	noreorder
+	daddu $12,$5,$22
+	daddu $14,$7,$22
+	ld	$12,($12)
+	ld	$14,($14)
+
+	dmultu	($12,$13)
+	daddu	$10,$16,$11
+	daddu	$24,$18,$25
+	sltu	$1,$10,$11
+	sltu	$2,$24,$25
+	daddu	$11,$17,$1
+	daddu	$25,$19,$2
+	mflo	($16,$12,$13)
+	mfhi	($17,$12,$13)
+
+	daddu	$10,$20
+	addu	$22,8
+	dmultu	($14,$23)
+	sltu	$1,$10,$20
+	daddu	$24,$10
+	daddu	$11,$1
+	sltu	$2,$24,$10
+	ld	$20,2*8($15)
+	daddu	$25,$2
+	sltu	$1,$22,$9
+	mflo	($18,$14,$23)
+	mfhi	($19,$14,$23)
+	sd	$24,($15)
+	bnez	$1,.Linner
+	daddu $15,8
+	.set	reorder
+
+	daddu	$10,$16,$11
+	sltu	$1,$10,$11
+	daddu	$11,$17,$1
+	daddu	$10,$20
+	sltu	$2,$10,$20
+	daddu	$11,$2
+
+	ld	$20,2*8($15)
+	daddu	$24,$18,$25
+	sltu	$1,$24,$25
+	daddu	$25,$19,$1
+	daddu	$24,$10
+	sltu	$2,$24,$10
+	daddu	$25,$2
+	sd	$24,($15)
+
+	daddu	$24,$25,$11
+	sltu	$25,$24,$11
+	daddu	$24,$20
+	sltu	$1,$24,$20
+	daddu	$25,$1
+	sd	$24,8($15)
+	sd	$25,2*8($15)
+
+	addu	$21,8
+	sltu	$2,$21,$9
+	bnez	$2,.Louter
+
+	.set	noreorder
+	daddu $20,$29,$9	# &tp[num]
+	move	$15,$29
+	move	$5,$29
+	li	$11,0		# clear borrow bit
+
+.align	4
+.Lsub:	ld	$10,($15)
+	ld	$24,($7)
+	daddu $15,8
+	daddu $7,8
+	dsubu	$24,$10,$24	# tp[i]-np[i]
+	sgtu	$1,$24,$10
+	dsubu	$10,$24,$11
+	sgtu	$11,$10,$24
+	sd	$10,($4)
+	or	$11,$1
+	sltu	$1,$15,$20
+	bnez	$1,.Lsub
+	daddu $4,8
+
+	dsubu	$11,$25,$11	# handle upmost overflow bit
+	move	$15,$29
+	dsubu $4,$9	# restore rp
+	not	$25,$11
+
+.Lcopy:	ld	$14,($15)	# conditional move
+	ld	$12,($4)
+	sd	$0,($15)
+	daddu $15,8
+	and	$14,$11
+	and	$12,$25
+	or	$12,$14
+	sltu	$1,$15,$20
+	sd	$12,($4)
+	bnez	$1,.Lcopy
+	daddu $4,8
+
+	li	$4,1
+	li	$2,1
+
+	.set	noreorder
+	move	$29,$30
+	ld	$30,(14-1)*8($29)
+	ld	$23,(14-2)*8($29)
+	ld	$22,(14-3)*8($29)
+	ld	$21,(14-4)*8($29)
+	ld	$20,(14-5)*8($29)
+	ld	$19,(14-6)*8($29)
+	ld	$18,(14-7)*8($29)
+	ld	$17,(14-8)*8($29)
+	ld	$16,(14-9)*8($29)
+	jr	$31
+	daddu $29,14*8
+.end	bn_mul_mont_internal
+.rdata
+.asciiz	"Montgomery Multiplication for MIPS, CRYPTOGAMS by <appro@openssl.org>"
diff --git a/deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/buildinf.h
new file mode 100644
index 00000000000000..f6a9d770f1eb3e
--- /dev/null
+++ b/deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/buildinf.h
@@ -0,0 +1,36 @@
+/*
+ * WARNING: do not edit!
+ * Generated by util/mkbuildinf.pl
+ *
+ * Copyright 2014-2017 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#define PLATFORM "platform: linux64-mips64"
+#define DATE "built on: Fri Sep 13 16:02:00 2019 UTC"
+
+/*
+ * Generate compiler_flags as an array of individual characters. This is a
+ * workaround for the situation where CFLAGS gets too long for a C90 string
+ * literal
+ */
+static const char compiler_flags[] = {
+    'c','o','m','p','i','l','e','r',':',' ','.','.','/','c','o','n',
+    'f','i','g','/','f','a','k','e','_','g','c','c','.','p','l',' ',
+    '-','f','P','I','C',' ','-','p','t','h','r','e','a','d',' ','-',
+    'm','a','b','i','=','6','4',' ','-','W','a',',','-','-','n','o',
+    'e','x','e','c','s','t','a','c','k',' ','-','W','a','l','l',' ',
+    '-','O','3',' ','-','D','O','P','E','N','S','S','L','_','U','S',
+    'E','_','N','O','D','E','L','E','T','E',' ','-','D','O','P','E',
+    'N','S','S','L','_','P','I','C',' ','-','D','O','P','E','N','S',
+    'S','L','_','B','N','_','A','S','M','_','M','O','N','T',' ','-',
+    'D','S','H','A','1','_','A','S','M',' ','-','D','S','H','A','2',
+    '5','6','_','A','S','M',' ','-','D','S','H','A','5','1','2','_',
+    'A','S','M',' ','-','D','A','E','S','_','A','S','M',' ','-','D',
+    'P','O','L','Y','1','3','0','5','_','A','S','M',' ','-','D','N',
+    'D','E','B','U','G','\0'
+};
diff --git a/deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/include/internal/bn_conf.h b/deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/include/internal/bn_conf.h
new file mode 100644
index 00000000000000..34bd8b78b4f90f
--- /dev/null
+++ b/deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/include/internal/bn_conf.h
@@ -0,0 +1,28 @@
+/* WARNING: do not edit! */
+/* Generated by Makefile from crypto/include/internal/bn_conf.h.in */
+/*
+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_BN_CONF_H
+# define HEADER_BN_CONF_H
+
+/*
+ * The contents of this file are not used in the UEFI build, as
+ * both 32-bit and 64-bit builds are supported from a single run
+ * of the Configure script.
+ */
+
+/* Should we define BN_DIV2W here? */
+
+/* Only one for the following should be defined */
+#define SIXTY_FOUR_BIT_LONG
+#undef SIXTY_FOUR_BIT
+#undef THIRTY_TWO_BIT
+
+#endif
diff --git a/deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/include/internal/dso_conf.h b/deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/include/internal/dso_conf.h
new file mode 100644
index 00000000000000..252266ec2acad6
--- /dev/null
+++ b/deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/include/internal/dso_conf.h
@@ -0,0 +1,17 @@
+/* WARNING: do not edit! */
+/* Generated by Makefile from crypto/include/internal/dso_conf.h.in */
+/*
+ * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#ifndef HEADER_DSO_CONF_H
+# define HEADER_DSO_CONF_H
+# define DSO_DLFCN
+# define HAVE_DLFCN_H
+# define DSO_EXTENSION ".so"
+#endif
diff --git a/deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/poly1305/poly1305-mips.S b/deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/poly1305/poly1305-mips.S
new file mode 100644
index 00000000000000..f1a6cd1c3c80fd
--- /dev/null
+++ b/deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/poly1305/poly1305-mips.S
@@ -0,0 +1,333 @@
+#include "mips_arch.h"
+
+#ifdef MIPSEB
+# define MSB 0
+# define LSB 7
+#else
+# define MSB 7
+# define LSB 0
+#endif
+
+.text
+.set	noat
+.set	noreorder
+
+.align	5
+.globl	poly1305_init
+.ent	poly1305_init
+poly1305_init:
+	.frame	$29,0,$31
+	.set	reorder
+
+	sd	$0,0($4)
+	sd	$0,8($4)
+	sd	$0,16($4)
+
+	beqz	$5,.Lno_key
+
+#if defined(_MIPS_ARCH_MIPS64R6)
+	ld	$8,0($5)
+	ld	$9,8($5)
+#else
+	ldl	$8,0+MSB($5)
+	ldl	$9,8+MSB($5)
+	ldr	$8,0+LSB($5)
+	ldr	$9,8+LSB($5)
+#endif
+#ifdef	MIPSEB
+# if defined(_MIPS_ARCH_MIPS64R2)
+	dsbh	$8,$8		# byte swap
+	 dsbh	$9,$9
+	dshd	$8,$8
+	 dshd	$9,$9
+# else
+	ori	$10,$0,0xFF
+	dsll	$1,$10,32
+	or	$10,$1		# 0x000000FF000000FF
+
+	and	$11,$8,$10	# byte swap
+	 and	$2,$9,$10
+	dsrl	$1,$8,24
+	 dsrl	$24,$9,24
+	dsll	$11,24
+	 dsll	$2,24
+	and	$1,$10
+	 and	$24,$10
+	dsll	$10,8			# 0x0000FF000000FF00
+	or	$11,$1
+	 or	$2,$24
+	and	$1,$8,$10
+	 and	$24,$9,$10
+	dsrl	$8,8
+	 dsrl	$9,8
+	dsll	$1,8
+	 dsll	$24,8
+	and	$8,$10
+	 and	$9,$10
+	or	$11,$1
+	 or	$2,$24
+	or	$8,$11
+	 or	$9,$2
+	dsrl	$11,$8,32
+	 dsrl	$2,$9,32
+	dsll	$8,32
+	 dsll	$9,32
+	or	$8,$11
+	 or	$9,$2
+# endif
+#endif
+	li	$10,1
+	dsll	$10,32
+	daddiu	$10,-63
+	dsll	$10,28
+	daddiu	$10,-1		# 0ffffffc0fffffff
+
+	and	$8,$10
+	daddiu	$10,-3		# 0ffffffc0ffffffc
+	and	$9,$10
+
+	sd	$8,24($4)
+	dsrl	$10,$9,2
+	sd	$9,32($4)
+	daddu	$10,$9		# s1 = r1 + (r1 >> 2)
+	sd	$10,40($4)
+
+.Lno_key:
+	li	$2,0			# return 0
+	jr	$31
+.end	poly1305_init
+.align	5
+.globl	poly1305_blocks
+.ent	poly1305_blocks
+poly1305_blocks:
+	.set	noreorder
+	dsrl	$6,4			# number of complete blocks
+	bnez	$6,poly1305_blocks_internal
+	nop
+	jr	$31
+	nop
+.end	poly1305_blocks
+
+.align	5
+.ent	poly1305_blocks_internal
+poly1305_blocks_internal:
+	.frame	$29,6*8,$31
+	.mask	0x00030000,-8
+	.set	noreorder
+	dsubu	$29,6*8
+	sd	$17,40($29)
+	sd	$16,32($29)
+	.set	reorder
+
+	ld	$12,0($4)		# load hash value
+	ld	$13,8($4)
+	ld	$14,16($4)
+
+	ld	$15,24($4)		# load key
+	ld	$16,32($4)
+	ld	$17,40($4)
+
+.Loop:
+#if defined(_MIPS_ARCH_MIPS64R6)
+	ld	$8,0($5)		# load input
+	ld	$9,8($5)
+#else
+	ldl	$8,0+MSB($5)	# load input
+	ldl	$9,8+MSB($5)
+	ldr	$8,0+LSB($5)
+	ldr	$9,8+LSB($5)
+#endif
+	daddiu	$6,-1
+	daddiu	$5,16
+#ifdef	MIPSEB
+# if defined(_MIPS_ARCH_MIPS64R2)
+	dsbh	$8,$8		# byte swap
+	 dsbh	$9,$9
+	dshd	$8,$8
+	 dshd	$9,$9
+# else
+	ori	$10,$0,0xFF
+	dsll	$1,$10,32
+	or	$10,$1		# 0x000000FF000000FF
+
+	and	$11,$8,$10	# byte swap
+	 and	$2,$9,$10
+	dsrl	$1,$8,24
+	 dsrl	$24,$9,24
+	dsll	$11,24
+	 dsll	$2,24
+	and	$1,$10
+	 and	$24,$10
+	dsll	$10,8			# 0x0000FF000000FF00
+	or	$11,$1
+	 or	$2,$24
+	and	$1,$8,$10
+	 and	$24,$9,$10
+	dsrl	$8,8
+	 dsrl	$9,8
+	dsll	$1,8
+	 dsll	$24,8
+	and	$8,$10
+	 and	$9,$10
+	or	$11,$1
+	 or	$2,$24
+	or	$8,$11
+	 or	$9,$2
+	dsrl	$11,$8,32
+	 dsrl	$2,$9,32
+	dsll	$8,32
+	 dsll	$9,32
+	or	$8,$11
+	 or	$9,$2
+# endif
+#endif
+	daddu	$12,$8		# accumulate input
+	daddu	$13,$9
+	sltu	$10,$12,$8
+	sltu	$11,$13,$9
+	daddu	$13,$10
+
+	dmultu	($15,$12)		# h0*r0
+	 daddu	$14,$7
+	 sltu	$10,$13,$10
+	mflo	($8,$15,$12)
+	mfhi	($9,$15,$12)
+
+	dmultu	($17,$13)		# h1*5*r1
+	 daddu	$10,$11
+	 daddu	$14,$10
+	mflo	($10,$17,$13)
+	mfhi	($11,$17,$13)
+
+	dmultu	($16,$12)		# h0*r1
+	 daddu	$8,$10
+	 daddu	$9,$11
+	mflo	($1,$16,$12)
+	mfhi	($25,$16,$12)
+	 sltu	$10,$8,$10
+	 daddu	$9,$10
+
+	dmultu	($15,$13)		# h1*r0
+	 daddu	$9,$1
+	 sltu	$1,$9,$1
+	mflo	($10,$15,$13)
+	mfhi	($11,$15,$13)
+	 daddu	$25,$1
+
+	dmultu	($17,$14)		# h2*5*r1
+	 daddu	$9,$10
+	 daddu	$25,$11
+	mflo	($1,$17,$14)
+
+	dmultu	($15,$14)		# h2*r0
+	 sltu	$10,$9,$10
+	 daddu	$25,$10
+	mflo	($2,$15,$14)
+
+	daddu	$9,$1
+	daddu	$25,$2
+	sltu	$1,$9,$1
+	daddu	$25,$1
+
+	li	$10,-4		# final reduction
+	and	$10,$25
+	dsrl	$11,$25,2
+	andi	$14,$25,3
+	daddu	$10,$11
+	daddu	$12,$8,$10
+	sltu	$10,$12,$10
+	daddu	$13,$9,$10
+	sltu	$10,$13,$10
+	daddu	$14,$14,$10
+
+	bnez	$6,.Loop
+
+	sd	$12,0($4)		# store hash value
+	sd	$13,8($4)
+	sd	$14,16($4)
+
+	.set	noreorder
+	ld	$17,40($29)		# epilogue
+	ld	$16,32($29)
+	jr	$31
+	daddu	$29,6*8
+.end	poly1305_blocks_internal
+.align	5
+.globl	poly1305_emit
+.ent	poly1305_emit
+poly1305_emit:
+	.frame	$29,0,$31
+	.set	reorder
+
+	ld	$10,0($4)
+	ld	$11,8($4)
+	ld	$1,16($4)
+
+	daddiu	$8,$10,5		# compare to modulus
+	sltiu	$2,$8,5
+	daddu	$9,$11,$2
+	sltu	$2,$9,$2
+	daddu	$1,$1,$2
+
+	dsrl	$1,2			# see if it carried/borrowed
+	dsubu	$1,$0,$1
+	nor	$2,$0,$1
+
+	and	$8,$1
+	and	$10,$2
+	and	$9,$1
+	and	$11,$2
+	or	$8,$10
+	or	$9,$11
+
+	lwu	$10,0($6)		# load nonce
+	lwu	$11,4($6)
+	lwu	$1,8($6)
+	lwu	$2,12($6)
+	dsll	$11,32
+	dsll	$2,32
+	or	$10,$11
+	or	$1,$2
+
+	daddu	$8,$10		# accumulate nonce
+	daddu	$9,$1
+	sltu	$10,$8,$10
+	daddu	$9,$10
+
+	dsrl	$10,$8,8		# write mac value
+	dsrl	$11,$8,16
+	dsrl	$1,$8,24
+	sb	$8,0($5)
+	dsrl	$2,$8,32
+	sb	$10,1($5)
+	dsrl	$10,$8,40
+	sb	$11,2($5)
+	dsrl	$11,$8,48
+	sb	$1,3($5)
+	dsrl	$1,$8,56
+	sb	$2,4($5)
+	dsrl	$2,$9,8
+	sb	$10,5($5)
+	dsrl	$10,$9,16
+	sb	$11,6($5)
+	dsrl	$11,$9,24
+	sb	$1,7($5)
+
+	sb	$9,8($5)
+	dsrl	$1,$9,32
+	sb	$2,9($5)
+	dsrl	$2,$9,40
+	sb	$10,10($5)
+	dsrl	$10,$9,48
+	sb	$11,11($5)
+	dsrl	$11,$9,56
+	sb	$1,12($5)
+	sb	$2,13($5)
+	sb	$10,14($5)
+	sb	$11,15($5)
+
+	jr	$31
+.end	poly1305_emit
+.rdata
+.asciiz	"Poly1305 for MIPS64, CRYPTOGAMS by <appro@openssl.org>"
+.align	2
diff --git a/deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/sha/sha1-mips.S b/deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/sha/sha1-mips.S
new file mode 100644
index 00000000000000..87a15a40a502e2
--- /dev/null
+++ b/deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/sha/sha1-mips.S
@@ -0,0 +1,3039 @@
+#include "mips_arch.h"
+
+.text
+
+.set	noat
+.set	noreorder
+.align	5
+.globl	sha1_block_data_order
+.ent	sha1_block_data_order
+sha1_block_data_order:
+	.frame	$29,16*8,$31
+	.mask	0xc0ff0000,-8
+	.set	noreorder
+	dsubu $29,16*8
+	sd	$31,(16-1)*8($29)
+	sd	$30,(16-2)*8($29)
+	sd	$23,(16-3)*8($29)
+	sd	$22,(16-4)*8($29)
+	sd	$21,(16-5)*8($29)
+	sd	$20,(16-6)*8($29)
+	sd	$19,(16-7)*8($29)
+	sd	$18,(16-8)*8($29)
+	sd	$17,(16-9)*8($29)
+	sd	$16,(16-10)*8($29)
+	dsll $6,6
+	daddu $6,$5
+	sd	$6,0($29)
+	lw	$1,0($4)
+	lw	$2,4($4)
+	lw	$3,8($4)
+	lw	$7,12($4)
+	b	.Loop
+	lw	$24,16($4)
+.align	4
+.Loop:
+	.set	reorder
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	lui	$31,0x5a82
+	lw	$8,($5)
+	ori	$31,0x7999	# K_00_19
+#else
+	lwl	$8,3($5)
+	lui	$31,0x5a82
+	lwr	$8,0($5)
+	ori	$31,0x7999	# K_00_19
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	$8,$8	# byte swap(0)
+	rotr	$8,$8,16
+#else
+	srl	$25,$8,24	# byte swap(0)
+	srl	$6,$8,8
+	andi	$30,$8,0xFF00
+	sll	$8,$8,24
+	andi	$6,0xFF00
+	sll	$30,$30,8
+	or	$8,$25
+	or	$6,$30
+	or	$8,$6
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$24,$31		# 0
+	xor	$25,$3,$7
+	rotr	$6,$1,27
+	and	$25,$2
+	addu	$24,$6
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	 lw	$9,1*4($5)
+#else
+	 lwl	$9,1*4+3($5)
+	 lwr	$9,1*4+0($5)
+#endif
+	xor	$25,$7
+	addu	$24,$8
+	rotr	$2,$2,2
+	addu	$24,$25
+#else
+	 lwl	$9,1*4+3($5)
+	sll	$25,$1,5	# 0
+	addu	$24,$31
+	 lwr	$9,1*4+0($5)
+	srl	$6,$1,27
+	addu	$24,$25
+	xor	$25,$3,$7
+	addu	$24,$6
+	sll	$30,$2,30
+	and	$25,$2
+	srl	$2,$2,2
+	xor	$25,$7
+	addu	$24,$8
+	or	$2,$30
+	addu	$24,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	$9,$9	# byte swap(1)
+	rotr	$9,$9,16
+#else
+	srl	$25,$9,24	# byte swap(1)
+	srl	$6,$9,8
+	andi	$30,$9,0xFF00
+	sll	$9,$9,24
+	andi	$6,0xFF00
+	sll	$30,$30,8
+	or	$9,$25
+	or	$6,$30
+	or	$9,$6
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$7,$31		# 1
+	xor	$25,$2,$3
+	rotr	$6,$24,27
+	and	$25,$1
+	addu	$7,$6
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	 lw	$10,2*4($5)
+#else
+	 lwl	$10,2*4+3($5)
+	 lwr	$10,2*4+0($5)
+#endif
+	xor	$25,$3
+	addu	$7,$9
+	rotr	$1,$1,2
+	addu	$7,$25
+#else
+	 lwl	$10,2*4+3($5)
+	sll	$25,$24,5	# 1
+	addu	$7,$31
+	 lwr	$10,2*4+0($5)
+	srl	$6,$24,27
+	addu	$7,$25
+	xor	$25,$2,$3
+	addu	$7,$6
+	sll	$30,$1,30
+	and	$25,$1
+	srl	$1,$1,2
+	xor	$25,$3
+	addu	$7,$9
+	or	$1,$30
+	addu	$7,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	$10,$10	# byte swap(2)
+	rotr	$10,$10,16
+#else
+	srl	$25,$10,24	# byte swap(2)
+	srl	$6,$10,8
+	andi	$30,$10,0xFF00
+	sll	$10,$10,24
+	andi	$6,0xFF00
+	sll	$30,$30,8
+	or	$10,$25
+	or	$6,$30
+	or	$10,$6
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$3,$31		# 2
+	xor	$25,$1,$2
+	rotr	$6,$7,27
+	and	$25,$24
+	addu	$3,$6
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	 lw	$11,3*4($5)
+#else
+	 lwl	$11,3*4+3($5)
+	 lwr	$11,3*4+0($5)
+#endif
+	xor	$25,$2
+	addu	$3,$10
+	rotr	$24,$24,2
+	addu	$3,$25
+#else
+	 lwl	$11,3*4+3($5)
+	sll	$25,$7,5	# 2
+	addu	$3,$31
+	 lwr	$11,3*4+0($5)
+	srl	$6,$7,27
+	addu	$3,$25
+	xor	$25,$1,$2
+	addu	$3,$6
+	sll	$30,$24,30
+	and	$25,$24
+	srl	$24,$24,2
+	xor	$25,$2
+	addu	$3,$10
+	or	$24,$30
+	addu	$3,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	$11,$11	# byte swap(3)
+	rotr	$11,$11,16
+#else
+	srl	$25,$11,24	# byte swap(3)
+	srl	$6,$11,8
+	andi	$30,$11,0xFF00
+	sll	$11,$11,24
+	andi	$6,0xFF00
+	sll	$30,$30,8
+	or	$11,$25
+	or	$6,$30
+	or	$11,$6
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$2,$31		# 3
+	xor	$25,$24,$1
+	rotr	$6,$3,27
+	and	$25,$7
+	addu	$2,$6
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	 lw	$12,4*4($5)
+#else
+	 lwl	$12,4*4+3($5)
+	 lwr	$12,4*4+0($5)
+#endif
+	xor	$25,$1
+	addu	$2,$11
+	rotr	$7,$7,2
+	addu	$2,$25
+#else
+	 lwl	$12,4*4+3($5)
+	sll	$25,$3,5	# 3
+	addu	$2,$31
+	 lwr	$12,4*4+0($5)
+	srl	$6,$3,27
+	addu	$2,$25
+	xor	$25,$24,$1
+	addu	$2,$6
+	sll	$30,$7,30
+	and	$25,$7
+	srl	$7,$7,2
+	xor	$25,$1
+	addu	$2,$11
+	or	$7,$30
+	addu	$2,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	$12,$12	# byte swap(4)
+	rotr	$12,$12,16
+#else
+	srl	$25,$12,24	# byte swap(4)
+	srl	$6,$12,8
+	andi	$30,$12,0xFF00
+	sll	$12,$12,24
+	andi	$6,0xFF00
+	sll	$30,$30,8
+	or	$12,$25
+	or	$6,$30
+	or	$12,$6
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$1,$31		# 4
+	xor	$25,$7,$24
+	rotr	$6,$2,27
+	and	$25,$3
+	addu	$1,$6
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	 lw	$13,5*4($5)
+#else
+	 lwl	$13,5*4+3($5)
+	 lwr	$13,5*4+0($5)
+#endif
+	xor	$25,$24
+	addu	$1,$12
+	rotr	$3,$3,2
+	addu	$1,$25
+#else
+	 lwl	$13,5*4+3($5)
+	sll	$25,$2,5	# 4
+	addu	$1,$31
+	 lwr	$13,5*4+0($5)
+	srl	$6,$2,27
+	addu	$1,$25
+	xor	$25,$7,$24
+	addu	$1,$6
+	sll	$30,$3,30
+	and	$25,$3
+	srl	$3,$3,2
+	xor	$25,$24
+	addu	$1,$12
+	or	$3,$30
+	addu	$1,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	$13,$13	# byte swap(5)
+	rotr	$13,$13,16
+#else
+	srl	$25,$13,24	# byte swap(5)
+	srl	$6,$13,8
+	andi	$30,$13,0xFF00
+	sll	$13,$13,24
+	andi	$6,0xFF00
+	sll	$30,$30,8
+	or	$13,$25
+	or	$6,$30
+	or	$13,$6
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$24,$31		# 5
+	xor	$25,$3,$7
+	rotr	$6,$1,27
+	and	$25,$2
+	addu	$24,$6
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	 lw	$14,6*4($5)
+#else
+	 lwl	$14,6*4+3($5)
+	 lwr	$14,6*4+0($5)
+#endif
+	xor	$25,$7
+	addu	$24,$13
+	rotr	$2,$2,2
+	addu	$24,$25
+#else
+	 lwl	$14,6*4+3($5)
+	sll	$25,$1,5	# 5
+	addu	$24,$31
+	 lwr	$14,6*4+0($5)
+	srl	$6,$1,27
+	addu	$24,$25
+	xor	$25,$3,$7
+	addu	$24,$6
+	sll	$30,$2,30
+	and	$25,$2
+	srl	$2,$2,2
+	xor	$25,$7
+	addu	$24,$13
+	or	$2,$30
+	addu	$24,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	$14,$14	# byte swap(6)
+	rotr	$14,$14,16
+#else
+	srl	$25,$14,24	# byte swap(6)
+	srl	$6,$14,8
+	andi	$30,$14,0xFF00
+	sll	$14,$14,24
+	andi	$6,0xFF00
+	sll	$30,$30,8
+	or	$14,$25
+	or	$6,$30
+	or	$14,$6
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$7,$31		# 6
+	xor	$25,$2,$3
+	rotr	$6,$24,27
+	and	$25,$1
+	addu	$7,$6
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	 lw	$15,7*4($5)
+#else
+	 lwl	$15,7*4+3($5)
+	 lwr	$15,7*4+0($5)
+#endif
+	xor	$25,$3
+	addu	$7,$14
+	rotr	$1,$1,2
+	addu	$7,$25
+#else
+	 lwl	$15,7*4+3($5)
+	sll	$25,$24,5	# 6
+	addu	$7,$31
+	 lwr	$15,7*4+0($5)
+	srl	$6,$24,27
+	addu	$7,$25
+	xor	$25,$2,$3
+	addu	$7,$6
+	sll	$30,$1,30
+	and	$25,$1
+	srl	$1,$1,2
+	xor	$25,$3
+	addu	$7,$14
+	or	$1,$30
+	addu	$7,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	$15,$15	# byte swap(7)
+	rotr	$15,$15,16
+#else
+	srl	$25,$15,24	# byte swap(7)
+	srl	$6,$15,8
+	andi	$30,$15,0xFF00
+	sll	$15,$15,24
+	andi	$6,0xFF00
+	sll	$30,$30,8
+	or	$15,$25
+	or	$6,$30
+	or	$15,$6
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$3,$31		# 7
+	xor	$25,$1,$2
+	rotr	$6,$7,27
+	and	$25,$24
+	addu	$3,$6
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	 lw	$16,8*4($5)
+#else
+	 lwl	$16,8*4+3($5)
+	 lwr	$16,8*4+0($5)
+#endif
+	xor	$25,$2
+	addu	$3,$15
+	rotr	$24,$24,2
+	addu	$3,$25
+#else
+	 lwl	$16,8*4+3($5)
+	sll	$25,$7,5	# 7
+	addu	$3,$31
+	 lwr	$16,8*4+0($5)
+	srl	$6,$7,27
+	addu	$3,$25
+	xor	$25,$1,$2
+	addu	$3,$6
+	sll	$30,$24,30
+	and	$25,$24
+	srl	$24,$24,2
+	xor	$25,$2
+	addu	$3,$15
+	or	$24,$30
+	addu	$3,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	$16,$16	# byte swap(8)
+	rotr	$16,$16,16
+#else
+	srl	$25,$16,24	# byte swap(8)
+	srl	$6,$16,8
+	andi	$30,$16,0xFF00
+	sll	$16,$16,24
+	andi	$6,0xFF00
+	sll	$30,$30,8
+	or	$16,$25
+	or	$6,$30
+	or	$16,$6
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$2,$31		# 8
+	xor	$25,$24,$1
+	rotr	$6,$3,27
+	and	$25,$7
+	addu	$2,$6
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	 lw	$17,9*4($5)
+#else
+	 lwl	$17,9*4+3($5)
+	 lwr	$17,9*4+0($5)
+#endif
+	xor	$25,$1
+	addu	$2,$16
+	rotr	$7,$7,2
+	addu	$2,$25
+#else
+	 lwl	$17,9*4+3($5)
+	sll	$25,$3,5	# 8
+	addu	$2,$31
+	 lwr	$17,9*4+0($5)
+	srl	$6,$3,27
+	addu	$2,$25
+	xor	$25,$24,$1
+	addu	$2,$6
+	sll	$30,$7,30
+	and	$25,$7
+	srl	$7,$7,2
+	xor	$25,$1
+	addu	$2,$16
+	or	$7,$30
+	addu	$2,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	$17,$17	# byte swap(9)
+	rotr	$17,$17,16
+#else
+	srl	$25,$17,24	# byte swap(9)
+	srl	$6,$17,8
+	andi	$30,$17,0xFF00
+	sll	$17,$17,24
+	andi	$6,0xFF00
+	sll	$30,$30,8
+	or	$17,$25
+	or	$6,$30
+	or	$17,$6
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$1,$31		# 9
+	xor	$25,$7,$24
+	rotr	$6,$2,27
+	and	$25,$3
+	addu	$1,$6
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	 lw	$18,10*4($5)
+#else
+	 lwl	$18,10*4+3($5)
+	 lwr	$18,10*4+0($5)
+#endif
+	xor	$25,$24
+	addu	$1,$17
+	rotr	$3,$3,2
+	addu	$1,$25
+#else
+	 lwl	$18,10*4+3($5)
+	sll	$25,$2,5	# 9
+	addu	$1,$31
+	 lwr	$18,10*4+0($5)
+	srl	$6,$2,27
+	addu	$1,$25
+	xor	$25,$7,$24
+	addu	$1,$6
+	sll	$30,$3,30
+	and	$25,$3
+	srl	$3,$3,2
+	xor	$25,$24
+	addu	$1,$17
+	or	$3,$30
+	addu	$1,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	$18,$18	# byte swap(10)
+	rotr	$18,$18,16
+#else
+	srl	$25,$18,24	# byte swap(10)
+	srl	$6,$18,8
+	andi	$30,$18,0xFF00
+	sll	$18,$18,24
+	andi	$6,0xFF00
+	sll	$30,$30,8
+	or	$18,$25
+	or	$6,$30
+	or	$18,$6
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$24,$31		# 10
+	xor	$25,$3,$7
+	rotr	$6,$1,27
+	and	$25,$2
+	addu	$24,$6
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	 lw	$19,11*4($5)
+#else
+	 lwl	$19,11*4+3($5)
+	 lwr	$19,11*4+0($5)
+#endif
+	xor	$25,$7
+	addu	$24,$18
+	rotr	$2,$2,2
+	addu	$24,$25
+#else
+	 lwl	$19,11*4+3($5)
+	sll	$25,$1,5	# 10
+	addu	$24,$31
+	 lwr	$19,11*4+0($5)
+	srl	$6,$1,27
+	addu	$24,$25
+	xor	$25,$3,$7
+	addu	$24,$6
+	sll	$30,$2,30
+	and	$25,$2
+	srl	$2,$2,2
+	xor	$25,$7
+	addu	$24,$18
+	or	$2,$30
+	addu	$24,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	$19,$19	# byte swap(11)
+	rotr	$19,$19,16
+#else
+	srl	$25,$19,24	# byte swap(11)
+	srl	$6,$19,8
+	andi	$30,$19,0xFF00
+	sll	$19,$19,24
+	andi	$6,0xFF00
+	sll	$30,$30,8
+	or	$19,$25
+	or	$6,$30
+	or	$19,$6
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$7,$31		# 11
+	xor	$25,$2,$3
+	rotr	$6,$24,27
+	and	$25,$1
+	addu	$7,$6
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	 lw	$20,12*4($5)
+#else
+	 lwl	$20,12*4+3($5)
+	 lwr	$20,12*4+0($5)
+#endif
+	xor	$25,$3
+	addu	$7,$19
+	rotr	$1,$1,2
+	addu	$7,$25
+#else
+	 lwl	$20,12*4+3($5)
+	sll	$25,$24,5	# 11
+	addu	$7,$31
+	 lwr	$20,12*4+0($5)
+	srl	$6,$24,27
+	addu	$7,$25
+	xor	$25,$2,$3
+	addu	$7,$6
+	sll	$30,$1,30
+	and	$25,$1
+	srl	$1,$1,2
+	xor	$25,$3
+	addu	$7,$19
+	or	$1,$30
+	addu	$7,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	$20,$20	# byte swap(12)
+	rotr	$20,$20,16
+#else
+	srl	$25,$20,24	# byte swap(12)
+	srl	$6,$20,8
+	andi	$30,$20,0xFF00
+	sll	$20,$20,24
+	andi	$6,0xFF00
+	sll	$30,$30,8
+	or	$20,$25
+	or	$6,$30
+	or	$20,$6
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$3,$31		# 12
+	xor	$25,$1,$2
+	rotr	$6,$7,27
+	and	$25,$24
+	addu	$3,$6
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	 lw	$21,13*4($5)
+#else
+	 lwl	$21,13*4+3($5)
+	 lwr	$21,13*4+0($5)
+#endif
+	xor	$25,$2
+	addu	$3,$20
+	rotr	$24,$24,2
+	addu	$3,$25
+#else
+	 lwl	$21,13*4+3($5)
+	sll	$25,$7,5	# 12
+	addu	$3,$31
+	 lwr	$21,13*4+0($5)
+	srl	$6,$7,27
+	addu	$3,$25
+	xor	$25,$1,$2
+	addu	$3,$6
+	sll	$30,$24,30
+	and	$25,$24
+	srl	$24,$24,2
+	xor	$25,$2
+	addu	$3,$20
+	or	$24,$30
+	addu	$3,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	$21,$21	# byte swap(13)
+	rotr	$21,$21,16
+#else
+	srl	$25,$21,24	# byte swap(13)
+	srl	$6,$21,8
+	andi	$30,$21,0xFF00
+	sll	$21,$21,24
+	andi	$6,0xFF00
+	sll	$30,$30,8
+	or	$21,$25
+	or	$6,$30
+	or	$21,$6
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$2,$31		# 13
+	xor	$25,$24,$1
+	rotr	$6,$3,27
+	and	$25,$7
+	addu	$2,$6
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	 lw	$22,14*4($5)
+#else
+	 lwl	$22,14*4+3($5)
+	 lwr	$22,14*4+0($5)
+#endif
+	xor	$25,$1
+	addu	$2,$21
+	rotr	$7,$7,2
+	addu	$2,$25
+#else
+	 lwl	$22,14*4+3($5)
+	sll	$25,$3,5	# 13
+	addu	$2,$31
+	 lwr	$22,14*4+0($5)
+	srl	$6,$3,27
+	addu	$2,$25
+	xor	$25,$24,$1
+	addu	$2,$6
+	sll	$30,$7,30
+	and	$25,$7
+	srl	$7,$7,2
+	xor	$25,$1
+	addu	$2,$21
+	or	$7,$30
+	addu	$2,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	$22,$22	# byte swap(14)
+	rotr	$22,$22,16
+#else
+	srl	$25,$22,24	# byte swap(14)
+	srl	$6,$22,8
+	andi	$30,$22,0xFF00
+	sll	$22,$22,24
+	andi	$6,0xFF00
+	sll	$30,$30,8
+	or	$22,$25
+	or	$6,$30
+	or	$22,$6
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$1,$31		# 14
+	xor	$25,$7,$24
+	rotr	$6,$2,27
+	and	$25,$3
+	addu	$1,$6
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	 lw	$23,15*4($5)
+#else
+	 lwl	$23,15*4+3($5)
+	 lwr	$23,15*4+0($5)
+#endif
+	xor	$25,$24
+	addu	$1,$22
+	rotr	$3,$3,2
+	addu	$1,$25
+#else
+	 lwl	$23,15*4+3($5)
+	sll	$25,$2,5	# 14
+	addu	$1,$31
+	 lwr	$23,15*4+0($5)
+	srl	$6,$2,27
+	addu	$1,$25
+	xor	$25,$7,$24
+	addu	$1,$6
+	sll	$30,$3,30
+	and	$25,$3
+	srl	$3,$3,2
+	xor	$25,$24
+	addu	$1,$22
+	or	$3,$30
+	addu	$1,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	$23,$23	# byte swap(15)
+	rotr	$23,$23,16
+#else
+	srl	$25,$23,24	# byte swap(15)
+	srl	$6,$23,8
+	andi	$30,$23,0xFF00
+	sll	$23,$23,24
+	andi	$6,0xFF00
+	sll	$30,$30,8
+	or	$23,$25
+	or	$23,$6
+	or	$23,$30
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$24,$31		# 15
+	 xor	$8,$10
+	xor	$25,$3,$7
+	rotr	$6,$1,27
+	 xor	$8,$16
+	and	$25,$2
+	addu	$24,$6
+	 xor	$8,$21
+	xor	$25,$7
+	addu	$24,$23
+	 rotr	$8,$8,31
+	rotr	$2,$2,2
+	addu	$24,$25
+#else
+	 xor	$8,$10
+	sll	$25,$1,5	# 15
+	addu	$24,$31
+	srl	$6,$1,27
+	addu	$24,$25
+	 xor	$8,$16
+	xor	$25,$3,$7
+	addu	$24,$6
+	 xor	$8,$21
+	sll	$30,$2,30
+	and	$25,$2
+	 srl	$6,$8,31
+	 addu	$8,$8
+	srl	$2,$2,2
+	xor	$25,$7
+	 or	$8,$6
+	addu	$24,$23
+	or	$2,$30
+	addu	$24,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$7,$31		# 16
+	 xor	$9,$11
+	xor	$25,$2,$3
+	rotr	$6,$24,27
+	 xor	$9,$17
+	and	$25,$1
+	addu	$7,$6
+	 xor	$9,$22
+	xor	$25,$3
+	addu	$7,$8
+	 rotr	$9,$9,31
+	rotr	$1,$1,2
+	addu	$7,$25
+#else
+	 xor	$9,$11
+	sll	$25,$24,5	# 16
+	addu	$7,$31
+	srl	$6,$24,27
+	addu	$7,$25
+	 xor	$9,$17
+	xor	$25,$2,$3
+	addu	$7,$6
+	 xor	$9,$22
+	sll	$30,$1,30
+	and	$25,$1
+	 srl	$6,$9,31
+	 addu	$9,$9
+	srl	$1,$1,2
+	xor	$25,$3
+	 or	$9,$6
+	addu	$7,$8
+	or	$1,$30
+	addu	$7,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$3,$31		# 17
+	 xor	$10,$12
+	xor	$25,$1,$2
+	rotr	$6,$7,27
+	 xor	$10,$18
+	and	$25,$24
+	addu	$3,$6
+	 xor	$10,$23
+	xor	$25,$2
+	addu	$3,$9
+	 rotr	$10,$10,31
+	rotr	$24,$24,2
+	addu	$3,$25
+#else
+	 xor	$10,$12
+	sll	$25,$7,5	# 17
+	addu	$3,$31
+	srl	$6,$7,27
+	addu	$3,$25
+	 xor	$10,$18
+	xor	$25,$1,$2
+	addu	$3,$6
+	 xor	$10,$23
+	sll	$30,$24,30
+	and	$25,$24
+	 srl	$6,$10,31
+	 addu	$10,$10
+	srl	$24,$24,2
+	xor	$25,$2
+	 or	$10,$6
+	addu	$3,$9
+	or	$24,$30
+	addu	$3,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$2,$31		# 18
+	 xor	$11,$13
+	xor	$25,$24,$1
+	rotr	$6,$3,27
+	 xor	$11,$19
+	and	$25,$7
+	addu	$2,$6
+	 xor	$11,$8
+	xor	$25,$1
+	addu	$2,$10
+	 rotr	$11,$11,31
+	rotr	$7,$7,2
+	addu	$2,$25
+#else
+	 xor	$11,$13
+	sll	$25,$3,5	# 18
+	addu	$2,$31
+	srl	$6,$3,27
+	addu	$2,$25
+	 xor	$11,$19
+	xor	$25,$24,$1
+	addu	$2,$6
+	 xor	$11,$8
+	sll	$30,$7,30
+	and	$25,$7
+	 srl	$6,$11,31
+	 addu	$11,$11
+	srl	$7,$7,2
+	xor	$25,$1
+	 or	$11,$6
+	addu	$2,$10
+	or	$7,$30
+	addu	$2,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$1,$31		# 19
+	 xor	$12,$14
+	xor	$25,$7,$24
+	rotr	$6,$2,27
+	 xor	$12,$20
+	and	$25,$3
+	addu	$1,$6
+	 xor	$12,$9
+	xor	$25,$24
+	addu	$1,$11
+	 rotr	$12,$12,31
+	rotr	$3,$3,2
+	addu	$1,$25
+#else
+	 xor	$12,$14
+	sll	$25,$2,5	# 19
+	addu	$1,$31
+	srl	$6,$2,27
+	addu	$1,$25
+	 xor	$12,$20
+	xor	$25,$7,$24
+	addu	$1,$6
+	 xor	$12,$9
+	sll	$30,$3,30
+	and	$25,$3
+	 srl	$6,$12,31
+	 addu	$12,$12
+	srl	$3,$3,2
+	xor	$25,$24
+	 or	$12,$6
+	addu	$1,$11
+	or	$3,$30
+	addu	$1,$25
+#endif
+	lui	$31,0x6ed9
+	ori	$31,0xeba1	# K_20_39
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$13,$15
+	addu	$24,$31		# 20
+	rotr	$6,$1,27
+	 xor	$13,$21
+	xor	$25,$3,$7
+	addu	$24,$6
+	 xor	$13,$10
+	xor	$25,$2
+	addu	$24,$12
+	 rotr	$13,$13,31
+	rotr	$2,$2,2
+	addu	$24,$25
+#else
+	 xor	$13,$15
+	sll	$25,$1,5	# 20
+	addu	$24,$31
+	srl	$6,$1,27
+	addu	$24,$25
+	 xor	$13,$21
+	xor	$25,$3,$7
+	addu	$24,$6
+	 xor	$13,$10
+	sll	$30,$2,30
+	xor	$25,$2
+	 srl	$6,$13,31
+	 addu	$13,$13
+	srl	$2,$2,2
+	addu	$24,$12
+	 or	$13,$6
+	or	$2,$30
+	addu	$24,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$14,$16
+	addu	$7,$31		# 21
+	rotr	$6,$24,27
+	 xor	$14,$22
+	xor	$25,$2,$3
+	addu	$7,$6
+	 xor	$14,$11
+	xor	$25,$1
+	addu	$7,$13
+	 rotr	$14,$14,31
+	rotr	$1,$1,2
+	addu	$7,$25
+#else
+	 xor	$14,$16
+	sll	$25,$24,5	# 21
+	addu	$7,$31
+	srl	$6,$24,27
+	addu	$7,$25
+	 xor	$14,$22
+	xor	$25,$2,$3
+	addu	$7,$6
+	 xor	$14,$11
+	sll	$30,$1,30
+	xor	$25,$1
+	 srl	$6,$14,31
+	 addu	$14,$14
+	srl	$1,$1,2
+	addu	$7,$13
+	 or	$14,$6
+	or	$1,$30
+	addu	$7,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$15,$17
+	addu	$3,$31		# 22
+	rotr	$6,$7,27
+	 xor	$15,$23
+	xor	$25,$1,$2
+	addu	$3,$6
+	 xor	$15,$12
+	xor	$25,$24
+	addu	$3,$14
+	 rotr	$15,$15,31
+	rotr	$24,$24,2
+	addu	$3,$25
+#else
+	 xor	$15,$17
+	sll	$25,$7,5	# 22
+	addu	$3,$31
+	srl	$6,$7,27
+	addu	$3,$25
+	 xor	$15,$23
+	xor	$25,$1,$2
+	addu	$3,$6
+	 xor	$15,$12
+	sll	$30,$24,30
+	xor	$25,$24
+	 srl	$6,$15,31
+	 addu	$15,$15
+	srl	$24,$24,2
+	addu	$3,$14
+	 or	$15,$6
+	or	$24,$30
+	addu	$3,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$16,$18
+	addu	$2,$31		# 23
+	rotr	$6,$3,27
+	 xor	$16,$8
+	xor	$25,$24,$1
+	addu	$2,$6
+	 xor	$16,$13
+	xor	$25,$7
+	addu	$2,$15
+	 rotr	$16,$16,31
+	rotr	$7,$7,2
+	addu	$2,$25
+#else
+	 xor	$16,$18
+	sll	$25,$3,5	# 23
+	addu	$2,$31
+	srl	$6,$3,27
+	addu	$2,$25
+	 xor	$16,$8
+	xor	$25,$24,$1
+	addu	$2,$6
+	 xor	$16,$13
+	sll	$30,$7,30
+	xor	$25,$7
+	 srl	$6,$16,31
+	 addu	$16,$16
+	srl	$7,$7,2
+	addu	$2,$15
+	 or	$16,$6
+	or	$7,$30
+	addu	$2,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$17,$19
+	addu	$1,$31		# 24
+	rotr	$6,$2,27
+	 xor	$17,$9
+	xor	$25,$7,$24
+	addu	$1,$6
+	 xor	$17,$14
+	xor	$25,$3
+	addu	$1,$16
+	 rotr	$17,$17,31
+	rotr	$3,$3,2
+	addu	$1,$25
+#else
+	 xor	$17,$19
+	sll	$25,$2,5	# 24
+	addu	$1,$31
+	srl	$6,$2,27
+	addu	$1,$25
+	 xor	$17,$9
+	xor	$25,$7,$24
+	addu	$1,$6
+	 xor	$17,$14
+	sll	$30,$3,30
+	xor	$25,$3
+	 srl	$6,$17,31
+	 addu	$17,$17
+	srl	$3,$3,2
+	addu	$1,$16
+	 or	$17,$6
+	or	$3,$30
+	addu	$1,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$18,$20
+	addu	$24,$31		# 25
+	rotr	$6,$1,27
+	 xor	$18,$10
+	xor	$25,$3,$7
+	addu	$24,$6
+	 xor	$18,$15
+	xor	$25,$2
+	addu	$24,$17
+	 rotr	$18,$18,31
+	rotr	$2,$2,2
+	addu	$24,$25
+#else
+	 xor	$18,$20
+	sll	$25,$1,5	# 25
+	addu	$24,$31
+	srl	$6,$1,27
+	addu	$24,$25
+	 xor	$18,$10
+	xor	$25,$3,$7
+	addu	$24,$6
+	 xor	$18,$15
+	sll	$30,$2,30
+	xor	$25,$2
+	 srl	$6,$18,31
+	 addu	$18,$18
+	srl	$2,$2,2
+	addu	$24,$17
+	 or	$18,$6
+	or	$2,$30
+	addu	$24,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$19,$21
+	addu	$7,$31		# 26
+	rotr	$6,$24,27
+	 xor	$19,$11
+	xor	$25,$2,$3
+	addu	$7,$6
+	 xor	$19,$16
+	xor	$25,$1
+	addu	$7,$18
+	 rotr	$19,$19,31
+	rotr	$1,$1,2
+	addu	$7,$25
+#else
+	 xor	$19,$21
+	sll	$25,$24,5	# 26
+	addu	$7,$31
+	srl	$6,$24,27
+	addu	$7,$25
+	 xor	$19,$11
+	xor	$25,$2,$3
+	addu	$7,$6
+	 xor	$19,$16
+	sll	$30,$1,30
+	xor	$25,$1
+	 srl	$6,$19,31
+	 addu	$19,$19
+	srl	$1,$1,2
+	addu	$7,$18
+	 or	$19,$6
+	or	$1,$30
+	addu	$7,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$20,$22
+	addu	$3,$31		# 27
+	rotr	$6,$7,27
+	 xor	$20,$12
+	xor	$25,$1,$2
+	addu	$3,$6
+	 xor	$20,$17
+	xor	$25,$24
+	addu	$3,$19
+	 rotr	$20,$20,31
+	rotr	$24,$24,2
+	addu	$3,$25
+#else
+	 xor	$20,$22
+	sll	$25,$7,5	# 27
+	addu	$3,$31
+	srl	$6,$7,27
+	addu	$3,$25
+	 xor	$20,$12
+	xor	$25,$1,$2
+	addu	$3,$6
+	 xor	$20,$17
+	sll	$30,$24,30
+	xor	$25,$24
+	 srl	$6,$20,31
+	 addu	$20,$20
+	srl	$24,$24,2
+	addu	$3,$19
+	 or	$20,$6
+	or	$24,$30
+	addu	$3,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$21,$23
+	addu	$2,$31		# 28
+	rotr	$6,$3,27
+	 xor	$21,$13
+	xor	$25,$24,$1
+	addu	$2,$6
+	 xor	$21,$18
+	xor	$25,$7
+	addu	$2,$20
+	 rotr	$21,$21,31
+	rotr	$7,$7,2
+	addu	$2,$25
+#else
+	 xor	$21,$23
+	sll	$25,$3,5	# 28
+	addu	$2,$31
+	srl	$6,$3,27
+	addu	$2,$25
+	 xor	$21,$13
+	xor	$25,$24,$1
+	addu	$2,$6
+	 xor	$21,$18
+	sll	$30,$7,30
+	xor	$25,$7
+	 srl	$6,$21,31
+	 addu	$21,$21
+	srl	$7,$7,2
+	addu	$2,$20
+	 or	$21,$6
+	or	$7,$30
+	addu	$2,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$22,$8
+	addu	$1,$31		# 29
+	rotr	$6,$2,27
+	 xor	$22,$14
+	xor	$25,$7,$24
+	addu	$1,$6
+	 xor	$22,$19
+	xor	$25,$3
+	addu	$1,$21
+	 rotr	$22,$22,31
+	rotr	$3,$3,2
+	addu	$1,$25
+#else
+	 xor	$22,$8
+	sll	$25,$2,5	# 29
+	addu	$1,$31
+	srl	$6,$2,27
+	addu	$1,$25
+	 xor	$22,$14
+	xor	$25,$7,$24
+	addu	$1,$6
+	 xor	$22,$19
+	sll	$30,$3,30
+	xor	$25,$3
+	 srl	$6,$22,31
+	 addu	$22,$22
+	srl	$3,$3,2
+	addu	$1,$21
+	 or	$22,$6
+	or	$3,$30
+	addu	$1,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$23,$9
+	addu	$24,$31		# 30
+	rotr	$6,$1,27
+	 xor	$23,$15
+	xor	$25,$3,$7
+	addu	$24,$6
+	 xor	$23,$20
+	xor	$25,$2
+	addu	$24,$22
+	 rotr	$23,$23,31
+	rotr	$2,$2,2
+	addu	$24,$25
+#else
+	 xor	$23,$9
+	sll	$25,$1,5	# 30
+	addu	$24,$31
+	srl	$6,$1,27
+	addu	$24,$25
+	 xor	$23,$15
+	xor	$25,$3,$7
+	addu	$24,$6
+	 xor	$23,$20
+	sll	$30,$2,30
+	xor	$25,$2
+	 srl	$6,$23,31
+	 addu	$23,$23
+	srl	$2,$2,2
+	addu	$24,$22
+	 or	$23,$6
+	or	$2,$30
+	addu	$24,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$8,$10
+	addu	$7,$31		# 31
+	rotr	$6,$24,27
+	 xor	$8,$16
+	xor	$25,$2,$3
+	addu	$7,$6
+	 xor	$8,$21
+	xor	$25,$1
+	addu	$7,$23
+	 rotr	$8,$8,31
+	rotr	$1,$1,2
+	addu	$7,$25
+#else
+	 xor	$8,$10
+	sll	$25,$24,5	# 31
+	addu	$7,$31
+	srl	$6,$24,27
+	addu	$7,$25
+	 xor	$8,$16
+	xor	$25,$2,$3
+	addu	$7,$6
+	 xor	$8,$21
+	sll	$30,$1,30
+	xor	$25,$1
+	 srl	$6,$8,31
+	 addu	$8,$8
+	srl	$1,$1,2
+	addu	$7,$23
+	 or	$8,$6
+	or	$1,$30
+	addu	$7,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$9,$11
+	addu	$3,$31		# 32
+	rotr	$6,$7,27
+	 xor	$9,$17
+	xor	$25,$1,$2
+	addu	$3,$6
+	 xor	$9,$22
+	xor	$25,$24
+	addu	$3,$8
+	 rotr	$9,$9,31
+	rotr	$24,$24,2
+	addu	$3,$25
+#else
+	 xor	$9,$11
+	sll	$25,$7,5	# 32
+	addu	$3,$31
+	srl	$6,$7,27
+	addu	$3,$25
+	 xor	$9,$17
+	xor	$25,$1,$2
+	addu	$3,$6
+	 xor	$9,$22
+	sll	$30,$24,30
+	xor	$25,$24
+	 srl	$6,$9,31
+	 addu	$9,$9
+	srl	$24,$24,2
+	addu	$3,$8
+	 or	$9,$6
+	or	$24,$30
+	addu	$3,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$10,$12
+	addu	$2,$31		# 33
+	rotr	$6,$3,27
+	 xor	$10,$18
+	xor	$25,$24,$1
+	addu	$2,$6
+	 xor	$10,$23
+	xor	$25,$7
+	addu	$2,$9
+	 rotr	$10,$10,31
+	rotr	$7,$7,2
+	addu	$2,$25
+#else
+	 xor	$10,$12
+	sll	$25,$3,5	# 33
+	addu	$2,$31
+	srl	$6,$3,27
+	addu	$2,$25
+	 xor	$10,$18
+	xor	$25,$24,$1
+	addu	$2,$6
+	 xor	$10,$23
+	sll	$30,$7,30
+	xor	$25,$7
+	 srl	$6,$10,31
+	 addu	$10,$10
+	srl	$7,$7,2
+	addu	$2,$9
+	 or	$10,$6
+	or	$7,$30
+	addu	$2,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$11,$13
+	addu	$1,$31		# 34
+	rotr	$6,$2,27
+	 xor	$11,$19
+	xor	$25,$7,$24
+	addu	$1,$6
+	 xor	$11,$8
+	xor	$25,$3
+	addu	$1,$10
+	 rotr	$11,$11,31
+	rotr	$3,$3,2
+	addu	$1,$25
+#else
+	 xor	$11,$13
+	sll	$25,$2,5	# 34
+	addu	$1,$31
+	srl	$6,$2,27
+	addu	$1,$25
+	 xor	$11,$19
+	xor	$25,$7,$24
+	addu	$1,$6
+	 xor	$11,$8
+	sll	$30,$3,30
+	xor	$25,$3
+	 srl	$6,$11,31
+	 addu	$11,$11
+	srl	$3,$3,2
+	addu	$1,$10
+	 or	$11,$6
+	or	$3,$30
+	addu	$1,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$12,$14
+	addu	$24,$31		# 35
+	rotr	$6,$1,27
+	 xor	$12,$20
+	xor	$25,$3,$7
+	addu	$24,$6
+	 xor	$12,$9
+	xor	$25,$2
+	addu	$24,$11
+	 rotr	$12,$12,31
+	rotr	$2,$2,2
+	addu	$24,$25
+#else
+	 xor	$12,$14
+	sll	$25,$1,5	# 35
+	addu	$24,$31
+	srl	$6,$1,27
+	addu	$24,$25
+	 xor	$12,$20
+	xor	$25,$3,$7
+	addu	$24,$6
+	 xor	$12,$9
+	sll	$30,$2,30
+	xor	$25,$2
+	 srl	$6,$12,31
+	 addu	$12,$12
+	srl	$2,$2,2
+	addu	$24,$11
+	 or	$12,$6
+	or	$2,$30
+	addu	$24,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$13,$15
+	addu	$7,$31		# 36
+	rotr	$6,$24,27
+	 xor	$13,$21
+	xor	$25,$2,$3
+	addu	$7,$6
+	 xor	$13,$10
+	xor	$25,$1
+	addu	$7,$12
+	 rotr	$13,$13,31
+	rotr	$1,$1,2
+	addu	$7,$25
+#else
+	 xor	$13,$15
+	sll	$25,$24,5	# 36
+	addu	$7,$31
+	srl	$6,$24,27
+	addu	$7,$25
+	 xor	$13,$21
+	xor	$25,$2,$3
+	addu	$7,$6
+	 xor	$13,$10
+	sll	$30,$1,30
+	xor	$25,$1
+	 srl	$6,$13,31
+	 addu	$13,$13
+	srl	$1,$1,2
+	addu	$7,$12
+	 or	$13,$6
+	or	$1,$30
+	addu	$7,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$14,$16
+	addu	$3,$31		# 37
+	rotr	$6,$7,27
+	 xor	$14,$22
+	xor	$25,$1,$2
+	addu	$3,$6
+	 xor	$14,$11
+	xor	$25,$24
+	addu	$3,$13
+	 rotr	$14,$14,31
+	rotr	$24,$24,2
+	addu	$3,$25
+#else
+	 xor	$14,$16
+	sll	$25,$7,5	# 37
+	addu	$3,$31
+	srl	$6,$7,27
+	addu	$3,$25
+	 xor	$14,$22
+	xor	$25,$1,$2
+	addu	$3,$6
+	 xor	$14,$11
+	sll	$30,$24,30
+	xor	$25,$24
+	 srl	$6,$14,31
+	 addu	$14,$14
+	srl	$24,$24,2
+	addu	$3,$13
+	 or	$14,$6
+	or	$24,$30
+	addu	$3,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$15,$17
+	addu	$2,$31		# 38
+	rotr	$6,$3,27
+	 xor	$15,$23
+	xor	$25,$24,$1
+	addu	$2,$6
+	 xor	$15,$12
+	xor	$25,$7
+	addu	$2,$14
+	 rotr	$15,$15,31
+	rotr	$7,$7,2
+	addu	$2,$25
+#else
+	 xor	$15,$17
+	sll	$25,$3,5	# 38
+	addu	$2,$31
+	srl	$6,$3,27
+	addu	$2,$25
+	 xor	$15,$23
+	xor	$25,$24,$1
+	addu	$2,$6
+	 xor	$15,$12
+	sll	$30,$7,30
+	xor	$25,$7
+	 srl	$6,$15,31
+	 addu	$15,$15
+	srl	$7,$7,2
+	addu	$2,$14
+	 or	$15,$6
+	or	$7,$30
+	addu	$2,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$16,$18
+	addu	$1,$31		# 39
+	rotr	$6,$2,27
+	 xor	$16,$8
+	xor	$25,$7,$24
+	addu	$1,$6
+	 xor	$16,$13
+	xor	$25,$3
+	addu	$1,$15
+	 rotr	$16,$16,31
+	rotr	$3,$3,2
+	addu	$1,$25
+#else
+	 xor	$16,$18
+	sll	$25,$2,5	# 39
+	addu	$1,$31
+	srl	$6,$2,27
+	addu	$1,$25
+	 xor	$16,$8
+	xor	$25,$7,$24
+	addu	$1,$6
+	 xor	$16,$13
+	sll	$30,$3,30
+	xor	$25,$3
+	 srl	$6,$16,31
+	 addu	$16,$16
+	srl	$3,$3,2
+	addu	$1,$15
+	 or	$16,$6
+	or	$3,$30
+	addu	$1,$25
+#endif
+	lui	$31,0x8f1b
+	ori	$31,0xbcdc	# K_40_59
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$24,$31		# 40
+	and	$25,$3,$7
+	 xor	$17,$19
+	rotr	$6,$1,27
+	addu	$24,$25
+	 xor	$17,$9
+	xor	$25,$3,$7
+	addu	$24,$6
+	 xor	$17,$14
+	and	$25,$2
+	addu	$24,$16
+	 rotr	$17,$17,31
+	rotr	$2,$2,2
+	addu	$24,$25
+#else
+	 xor	$17,$19
+	sll	$25,$1,5	# 40
+	addu	$24,$31
+	srl	$6,$1,27
+	addu	$24,$25
+	 xor	$17,$9
+	and	$25,$3,$7
+	addu	$24,$6
+	 xor	$17,$14
+	sll	$30,$2,30
+	addu	$24,$25
+	 srl	$6,$17,31
+	xor	$25,$3,$7
+	 addu	$17,$17
+	and	$25,$2
+	srl	$2,$2,2
+	 or	$17,$6
+	addu	$24,$16
+	or	$2,$30
+	addu	$24,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$7,$31		# 41
+	and	$25,$2,$3
+	 xor	$18,$20
+	rotr	$6,$24,27
+	addu	$7,$25
+	 xor	$18,$10
+	xor	$25,$2,$3
+	addu	$7,$6
+	 xor	$18,$15
+	and	$25,$1
+	addu	$7,$17
+	 rotr	$18,$18,31
+	rotr	$1,$1,2
+	addu	$7,$25
+#else
+	 xor	$18,$20
+	sll	$25,$24,5	# 41
+	addu	$7,$31
+	srl	$6,$24,27
+	addu	$7,$25
+	 xor	$18,$10
+	and	$25,$2,$3
+	addu	$7,$6
+	 xor	$18,$15
+	sll	$30,$1,30
+	addu	$7,$25
+	 srl	$6,$18,31
+	xor	$25,$2,$3
+	 addu	$18,$18
+	and	$25,$1
+	srl	$1,$1,2
+	 or	$18,$6
+	addu	$7,$17
+	or	$1,$30
+	addu	$7,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$3,$31		# 42
+	and	$25,$1,$2
+	 xor	$19,$21
+	rotr	$6,$7,27
+	addu	$3,$25
+	 xor	$19,$11
+	xor	$25,$1,$2
+	addu	$3,$6
+	 xor	$19,$16
+	and	$25,$24
+	addu	$3,$18
+	 rotr	$19,$19,31
+	rotr	$24,$24,2
+	addu	$3,$25
+#else
+	 xor	$19,$21
+	sll	$25,$7,5	# 42
+	addu	$3,$31
+	srl	$6,$7,27
+	addu	$3,$25
+	 xor	$19,$11
+	and	$25,$1,$2
+	addu	$3,$6
+	 xor	$19,$16
+	sll	$30,$24,30
+	addu	$3,$25
+	 srl	$6,$19,31
+	xor	$25,$1,$2
+	 addu	$19,$19
+	and	$25,$24
+	srl	$24,$24,2
+	 or	$19,$6
+	addu	$3,$18
+	or	$24,$30
+	addu	$3,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$2,$31		# 43
+	and	$25,$24,$1
+	 xor	$20,$22
+	rotr	$6,$3,27
+	addu	$2,$25
+	 xor	$20,$12
+	xor	$25,$24,$1
+	addu	$2,$6
+	 xor	$20,$17
+	and	$25,$7
+	addu	$2,$19
+	 rotr	$20,$20,31
+	rotr	$7,$7,2
+	addu	$2,$25
+#else
+	 xor	$20,$22
+	sll	$25,$3,5	# 43
+	addu	$2,$31
+	srl	$6,$3,27
+	addu	$2,$25
+	 xor	$20,$12
+	and	$25,$24,$1
+	addu	$2,$6
+	 xor	$20,$17
+	sll	$30,$7,30
+	addu	$2,$25
+	 srl	$6,$20,31
+	xor	$25,$24,$1
+	 addu	$20,$20
+	and	$25,$7
+	srl	$7,$7,2
+	 or	$20,$6
+	addu	$2,$19
+	or	$7,$30
+	addu	$2,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$1,$31		# 44
+	and	$25,$7,$24
+	 xor	$21,$23
+	rotr	$6,$2,27
+	addu	$1,$25
+	 xor	$21,$13
+	xor	$25,$7,$24
+	addu	$1,$6
+	 xor	$21,$18
+	and	$25,$3
+	addu	$1,$20
+	 rotr	$21,$21,31
+	rotr	$3,$3,2
+	addu	$1,$25
+#else
+	 xor	$21,$23
+	sll	$25,$2,5	# 44
+	addu	$1,$31
+	srl	$6,$2,27
+	addu	$1,$25
+	 xor	$21,$13
+	and	$25,$7,$24
+	addu	$1,$6
+	 xor	$21,$18
+	sll	$30,$3,30
+	addu	$1,$25
+	 srl	$6,$21,31
+	xor	$25,$7,$24
+	 addu	$21,$21
+	and	$25,$3
+	srl	$3,$3,2
+	 or	$21,$6
+	addu	$1,$20
+	or	$3,$30
+	addu	$1,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$24,$31		# 45
+	and	$25,$3,$7
+	 xor	$22,$8
+	rotr	$6,$1,27
+	addu	$24,$25
+	 xor	$22,$14
+	xor	$25,$3,$7
+	addu	$24,$6
+	 xor	$22,$19
+	and	$25,$2
+	addu	$24,$21
+	 rotr	$22,$22,31
+	rotr	$2,$2,2
+	addu	$24,$25
+#else
+	 xor	$22,$8
+	sll	$25,$1,5	# 45
+	addu	$24,$31
+	srl	$6,$1,27
+	addu	$24,$25
+	 xor	$22,$14
+	and	$25,$3,$7
+	addu	$24,$6
+	 xor	$22,$19
+	sll	$30,$2,30
+	addu	$24,$25
+	 srl	$6,$22,31
+	xor	$25,$3,$7
+	 addu	$22,$22
+	and	$25,$2
+	srl	$2,$2,2
+	 or	$22,$6
+	addu	$24,$21
+	or	$2,$30
+	addu	$24,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$7,$31		# 46
+	and	$25,$2,$3
+	 xor	$23,$9
+	rotr	$6,$24,27
+	addu	$7,$25
+	 xor	$23,$15
+	xor	$25,$2,$3
+	addu	$7,$6
+	 xor	$23,$20
+	and	$25,$1
+	addu	$7,$22
+	 rotr	$23,$23,31
+	rotr	$1,$1,2
+	addu	$7,$25
+#else
+	 xor	$23,$9
+	sll	$25,$24,5	# 46
+	addu	$7,$31
+	srl	$6,$24,27
+	addu	$7,$25
+	 xor	$23,$15
+	and	$25,$2,$3
+	addu	$7,$6
+	 xor	$23,$20
+	sll	$30,$1,30
+	addu	$7,$25
+	 srl	$6,$23,31
+	xor	$25,$2,$3
+	 addu	$23,$23
+	and	$25,$1
+	srl	$1,$1,2
+	 or	$23,$6
+	addu	$7,$22
+	or	$1,$30
+	addu	$7,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$3,$31		# 47
+	and	$25,$1,$2
+	 xor	$8,$10
+	rotr	$6,$7,27
+	addu	$3,$25
+	 xor	$8,$16
+	xor	$25,$1,$2
+	addu	$3,$6
+	 xor	$8,$21
+	and	$25,$24
+	addu	$3,$23
+	 rotr	$8,$8,31
+	rotr	$24,$24,2
+	addu	$3,$25
+#else
+	 xor	$8,$10
+	sll	$25,$7,5	# 47
+	addu	$3,$31
+	srl	$6,$7,27
+	addu	$3,$25
+	 xor	$8,$16
+	and	$25,$1,$2
+	addu	$3,$6
+	 xor	$8,$21
+	sll	$30,$24,30
+	addu	$3,$25
+	 srl	$6,$8,31
+	xor	$25,$1,$2
+	 addu	$8,$8
+	and	$25,$24
+	srl	$24,$24,2
+	 or	$8,$6
+	addu	$3,$23
+	or	$24,$30
+	addu	$3,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$2,$31		# 48
+	and	$25,$24,$1
+	 xor	$9,$11
+	rotr	$6,$3,27
+	addu	$2,$25
+	 xor	$9,$17
+	xor	$25,$24,$1
+	addu	$2,$6
+	 xor	$9,$22
+	and	$25,$7
+	addu	$2,$8
+	 rotr	$9,$9,31
+	rotr	$7,$7,2
+	addu	$2,$25
+#else
+	 xor	$9,$11
+	sll	$25,$3,5	# 48
+	addu	$2,$31
+	srl	$6,$3,27
+	addu	$2,$25
+	 xor	$9,$17
+	and	$25,$24,$1
+	addu	$2,$6
+	 xor	$9,$22
+	sll	$30,$7,30
+	addu	$2,$25
+	 srl	$6,$9,31
+	xor	$25,$24,$1
+	 addu	$9,$9
+	and	$25,$7
+	srl	$7,$7,2
+	 or	$9,$6
+	addu	$2,$8
+	or	$7,$30
+	addu	$2,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$1,$31		# 49
+	and	$25,$7,$24
+	 xor	$10,$12
+	rotr	$6,$2,27
+	addu	$1,$25
+	 xor	$10,$18
+	xor	$25,$7,$24
+	addu	$1,$6
+	 xor	$10,$23
+	and	$25,$3
+	addu	$1,$9
+	 rotr	$10,$10,31
+	rotr	$3,$3,2
+	addu	$1,$25
+#else
+	 xor	$10,$12
+	sll	$25,$2,5	# 49
+	addu	$1,$31
+	srl	$6,$2,27
+	addu	$1,$25
+	 xor	$10,$18
+	and	$25,$7,$24
+	addu	$1,$6
+	 xor	$10,$23
+	sll	$30,$3,30
+	addu	$1,$25
+	 srl	$6,$10,31
+	xor	$25,$7,$24
+	 addu	$10,$10
+	and	$25,$3
+	srl	$3,$3,2
+	 or	$10,$6
+	addu	$1,$9
+	or	$3,$30
+	addu	$1,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$24,$31		# 50
+	and	$25,$3,$7
+	 xor	$11,$13
+	rotr	$6,$1,27
+	addu	$24,$25
+	 xor	$11,$19
+	xor	$25,$3,$7
+	addu	$24,$6
+	 xor	$11,$8
+	and	$25,$2
+	addu	$24,$10
+	 rotr	$11,$11,31
+	rotr	$2,$2,2
+	addu	$24,$25
+#else
+	 xor	$11,$13
+	sll	$25,$1,5	# 50
+	addu	$24,$31
+	srl	$6,$1,27
+	addu	$24,$25
+	 xor	$11,$19
+	and	$25,$3,$7
+	addu	$24,$6
+	 xor	$11,$8
+	sll	$30,$2,30
+	addu	$24,$25
+	 srl	$6,$11,31
+	xor	$25,$3,$7
+	 addu	$11,$11
+	and	$25,$2
+	srl	$2,$2,2
+	 or	$11,$6
+	addu	$24,$10
+	or	$2,$30
+	addu	$24,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$7,$31		# 51
+	and	$25,$2,$3
+	 xor	$12,$14
+	rotr	$6,$24,27
+	addu	$7,$25
+	 xor	$12,$20
+	xor	$25,$2,$3
+	addu	$7,$6
+	 xor	$12,$9
+	and	$25,$1
+	addu	$7,$11
+	 rotr	$12,$12,31
+	rotr	$1,$1,2
+	addu	$7,$25
+#else
+	 xor	$12,$14
+	sll	$25,$24,5	# 51
+	addu	$7,$31
+	srl	$6,$24,27
+	addu	$7,$25
+	 xor	$12,$20
+	and	$25,$2,$3
+	addu	$7,$6
+	 xor	$12,$9
+	sll	$30,$1,30
+	addu	$7,$25
+	 srl	$6,$12,31
+	xor	$25,$2,$3
+	 addu	$12,$12
+	and	$25,$1
+	srl	$1,$1,2
+	 or	$12,$6
+	addu	$7,$11
+	or	$1,$30
+	addu	$7,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$3,$31		# 52
+	and	$25,$1,$2
+	 xor	$13,$15
+	rotr	$6,$7,27
+	addu	$3,$25
+	 xor	$13,$21
+	xor	$25,$1,$2
+	addu	$3,$6
+	 xor	$13,$10
+	and	$25,$24
+	addu	$3,$12
+	 rotr	$13,$13,31
+	rotr	$24,$24,2
+	addu	$3,$25
+#else
+	 xor	$13,$15
+	sll	$25,$7,5	# 52
+	addu	$3,$31
+	srl	$6,$7,27
+	addu	$3,$25
+	 xor	$13,$21
+	and	$25,$1,$2
+	addu	$3,$6
+	 xor	$13,$10
+	sll	$30,$24,30
+	addu	$3,$25
+	 srl	$6,$13,31
+	xor	$25,$1,$2
+	 addu	$13,$13
+	and	$25,$24
+	srl	$24,$24,2
+	 or	$13,$6
+	addu	$3,$12
+	or	$24,$30
+	addu	$3,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$2,$31		# 53
+	and	$25,$24,$1
+	 xor	$14,$16
+	rotr	$6,$3,27
+	addu	$2,$25
+	 xor	$14,$22
+	xor	$25,$24,$1
+	addu	$2,$6
+	 xor	$14,$11
+	and	$25,$7
+	addu	$2,$13
+	 rotr	$14,$14,31
+	rotr	$7,$7,2
+	addu	$2,$25
+#else
+	 xor	$14,$16
+	sll	$25,$3,5	# 53
+	addu	$2,$31
+	srl	$6,$3,27
+	addu	$2,$25
+	 xor	$14,$22
+	and	$25,$24,$1
+	addu	$2,$6
+	 xor	$14,$11
+	sll	$30,$7,30
+	addu	$2,$25
+	 srl	$6,$14,31
+	xor	$25,$24,$1
+	 addu	$14,$14
+	and	$25,$7
+	srl	$7,$7,2
+	 or	$14,$6
+	addu	$2,$13
+	or	$7,$30
+	addu	$2,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$1,$31		# 54
+	and	$25,$7,$24
+	 xor	$15,$17
+	rotr	$6,$2,27
+	addu	$1,$25
+	 xor	$15,$23
+	xor	$25,$7,$24
+	addu	$1,$6
+	 xor	$15,$12
+	and	$25,$3
+	addu	$1,$14
+	 rotr	$15,$15,31
+	rotr	$3,$3,2
+	addu	$1,$25
+#else
+	 xor	$15,$17
+	sll	$25,$2,5	# 54
+	addu	$1,$31
+	srl	$6,$2,27
+	addu	$1,$25
+	 xor	$15,$23
+	and	$25,$7,$24
+	addu	$1,$6
+	 xor	$15,$12
+	sll	$30,$3,30
+	addu	$1,$25
+	 srl	$6,$15,31
+	xor	$25,$7,$24
+	 addu	$15,$15
+	and	$25,$3
+	srl	$3,$3,2
+	 or	$15,$6
+	addu	$1,$14
+	or	$3,$30
+	addu	$1,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$24,$31		# 55
+	and	$25,$3,$7
+	 xor	$16,$18
+	rotr	$6,$1,27
+	addu	$24,$25
+	 xor	$16,$8
+	xor	$25,$3,$7
+	addu	$24,$6
+	 xor	$16,$13
+	and	$25,$2
+	addu	$24,$15
+	 rotr	$16,$16,31
+	rotr	$2,$2,2
+	addu	$24,$25
+#else
+	 xor	$16,$18
+	sll	$25,$1,5	# 55
+	addu	$24,$31
+	srl	$6,$1,27
+	addu	$24,$25
+	 xor	$16,$8
+	and	$25,$3,$7
+	addu	$24,$6
+	 xor	$16,$13
+	sll	$30,$2,30
+	addu	$24,$25
+	 srl	$6,$16,31
+	xor	$25,$3,$7
+	 addu	$16,$16
+	and	$25,$2
+	srl	$2,$2,2
+	 or	$16,$6
+	addu	$24,$15
+	or	$2,$30
+	addu	$24,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$7,$31		# 56
+	and	$25,$2,$3
+	 xor	$17,$19
+	rotr	$6,$24,27
+	addu	$7,$25
+	 xor	$17,$9
+	xor	$25,$2,$3
+	addu	$7,$6
+	 xor	$17,$14
+	and	$25,$1
+	addu	$7,$16
+	 rotr	$17,$17,31
+	rotr	$1,$1,2
+	addu	$7,$25
+#else
+	 xor	$17,$19
+	sll	$25,$24,5	# 56
+	addu	$7,$31
+	srl	$6,$24,27
+	addu	$7,$25
+	 xor	$17,$9
+	and	$25,$2,$3
+	addu	$7,$6
+	 xor	$17,$14
+	sll	$30,$1,30
+	addu	$7,$25
+	 srl	$6,$17,31
+	xor	$25,$2,$3
+	 addu	$17,$17
+	and	$25,$1
+	srl	$1,$1,2
+	 or	$17,$6
+	addu	$7,$16
+	or	$1,$30
+	addu	$7,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$3,$31		# 57
+	and	$25,$1,$2
+	 xor	$18,$20
+	rotr	$6,$7,27
+	addu	$3,$25
+	 xor	$18,$10
+	xor	$25,$1,$2
+	addu	$3,$6
+	 xor	$18,$15
+	and	$25,$24
+	addu	$3,$17
+	 rotr	$18,$18,31
+	rotr	$24,$24,2
+	addu	$3,$25
+#else
+	 xor	$18,$20
+	sll	$25,$7,5	# 57
+	addu	$3,$31
+	srl	$6,$7,27
+	addu	$3,$25
+	 xor	$18,$10
+	and	$25,$1,$2
+	addu	$3,$6
+	 xor	$18,$15
+	sll	$30,$24,30
+	addu	$3,$25
+	 srl	$6,$18,31
+	xor	$25,$1,$2
+	 addu	$18,$18
+	and	$25,$24
+	srl	$24,$24,2
+	 or	$18,$6
+	addu	$3,$17
+	or	$24,$30
+	addu	$3,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$2,$31		# 58
+	and	$25,$24,$1
+	 xor	$19,$21
+	rotr	$6,$3,27
+	addu	$2,$25
+	 xor	$19,$11
+	xor	$25,$24,$1
+	addu	$2,$6
+	 xor	$19,$16
+	and	$25,$7
+	addu	$2,$18
+	 rotr	$19,$19,31
+	rotr	$7,$7,2
+	addu	$2,$25
+#else
+	 xor	$19,$21
+	sll	$25,$3,5	# 58
+	addu	$2,$31
+	srl	$6,$3,27
+	addu	$2,$25
+	 xor	$19,$11
+	and	$25,$24,$1
+	addu	$2,$6
+	 xor	$19,$16
+	sll	$30,$7,30
+	addu	$2,$25
+	 srl	$6,$19,31
+	xor	$25,$24,$1
+	 addu	$19,$19
+	and	$25,$7
+	srl	$7,$7,2
+	 or	$19,$6
+	addu	$2,$18
+	or	$7,$30
+	addu	$2,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	addu	$1,$31		# 59
+	and	$25,$7,$24
+	 xor	$20,$22
+	rotr	$6,$2,27
+	addu	$1,$25
+	 xor	$20,$12
+	xor	$25,$7,$24
+	addu	$1,$6
+	 xor	$20,$17
+	and	$25,$3
+	addu	$1,$19
+	 rotr	$20,$20,31
+	rotr	$3,$3,2
+	addu	$1,$25
+#else
+	 xor	$20,$22
+	sll	$25,$2,5	# 59
+	addu	$1,$31
+	srl	$6,$2,27
+	addu	$1,$25
+	 xor	$20,$12
+	and	$25,$7,$24
+	addu	$1,$6
+	 xor	$20,$17
+	sll	$30,$3,30
+	addu	$1,$25
+	 srl	$6,$20,31
+	xor	$25,$7,$24
+	 addu	$20,$20
+	and	$25,$3
+	srl	$3,$3,2
+	 or	$20,$6
+	addu	$1,$19
+	or	$3,$30
+	addu	$1,$25
+#endif
+	lui	$31,0xca62
+	ori	$31,0xc1d6	# K_60_79
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$21,$23
+	addu	$24,$31		# 60
+	rotr	$6,$1,27
+	 xor	$21,$13
+	xor	$25,$3,$7
+	addu	$24,$6
+	 xor	$21,$18
+	xor	$25,$2
+	addu	$24,$20
+	 rotr	$21,$21,31
+	rotr	$2,$2,2
+	addu	$24,$25
+#else
+	 xor	$21,$23
+	sll	$25,$1,5	# 60
+	addu	$24,$31
+	srl	$6,$1,27
+	addu	$24,$25
+	 xor	$21,$13
+	xor	$25,$3,$7
+	addu	$24,$6
+	 xor	$21,$18
+	sll	$30,$2,30
+	xor	$25,$2
+	 srl	$6,$21,31
+	 addu	$21,$21
+	srl	$2,$2,2
+	addu	$24,$20
+	 or	$21,$6
+	or	$2,$30
+	addu	$24,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$22,$8
+	addu	$7,$31		# 61
+	rotr	$6,$24,27
+	 xor	$22,$14
+	xor	$25,$2,$3
+	addu	$7,$6
+	 xor	$22,$19
+	xor	$25,$1
+	addu	$7,$21
+	 rotr	$22,$22,31
+	rotr	$1,$1,2
+	addu	$7,$25
+#else
+	 xor	$22,$8
+	sll	$25,$24,5	# 61
+	addu	$7,$31
+	srl	$6,$24,27
+	addu	$7,$25
+	 xor	$22,$14
+	xor	$25,$2,$3
+	addu	$7,$6
+	 xor	$22,$19
+	sll	$30,$1,30
+	xor	$25,$1
+	 srl	$6,$22,31
+	 addu	$22,$22
+	srl	$1,$1,2
+	addu	$7,$21
+	 or	$22,$6
+	or	$1,$30
+	addu	$7,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$23,$9
+	addu	$3,$31		# 62
+	rotr	$6,$7,27
+	 xor	$23,$15
+	xor	$25,$1,$2
+	addu	$3,$6
+	 xor	$23,$20
+	xor	$25,$24
+	addu	$3,$22
+	 rotr	$23,$23,31
+	rotr	$24,$24,2
+	addu	$3,$25
+#else
+	 xor	$23,$9
+	sll	$25,$7,5	# 62
+	addu	$3,$31
+	srl	$6,$7,27
+	addu	$3,$25
+	 xor	$23,$15
+	xor	$25,$1,$2
+	addu	$3,$6
+	 xor	$23,$20
+	sll	$30,$24,30
+	xor	$25,$24
+	 srl	$6,$23,31
+	 addu	$23,$23
+	srl	$24,$24,2
+	addu	$3,$22
+	 or	$23,$6
+	or	$24,$30
+	addu	$3,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$8,$10
+	addu	$2,$31		# 63
+	rotr	$6,$3,27
+	 xor	$8,$16
+	xor	$25,$24,$1
+	addu	$2,$6
+	 xor	$8,$21
+	xor	$25,$7
+	addu	$2,$23
+	 rotr	$8,$8,31
+	rotr	$7,$7,2
+	addu	$2,$25
+#else
+	 xor	$8,$10
+	sll	$25,$3,5	# 63
+	addu	$2,$31
+	srl	$6,$3,27
+	addu	$2,$25
+	 xor	$8,$16
+	xor	$25,$24,$1
+	addu	$2,$6
+	 xor	$8,$21
+	sll	$30,$7,30
+	xor	$25,$7
+	 srl	$6,$8,31
+	 addu	$8,$8
+	srl	$7,$7,2
+	addu	$2,$23
+	 or	$8,$6
+	or	$7,$30
+	addu	$2,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$9,$11
+	addu	$1,$31		# 64
+	rotr	$6,$2,27
+	 xor	$9,$17
+	xor	$25,$7,$24
+	addu	$1,$6
+	 xor	$9,$22
+	xor	$25,$3
+	addu	$1,$8
+	 rotr	$9,$9,31
+	rotr	$3,$3,2
+	addu	$1,$25
+#else
+	 xor	$9,$11
+	sll	$25,$2,5	# 64
+	addu	$1,$31
+	srl	$6,$2,27
+	addu	$1,$25
+	 xor	$9,$17
+	xor	$25,$7,$24
+	addu	$1,$6
+	 xor	$9,$22
+	sll	$30,$3,30
+	xor	$25,$3
+	 srl	$6,$9,31
+	 addu	$9,$9
+	srl	$3,$3,2
+	addu	$1,$8
+	 or	$9,$6
+	or	$3,$30
+	addu	$1,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$10,$12
+	addu	$24,$31		# 65
+	rotr	$6,$1,27
+	 xor	$10,$18
+	xor	$25,$3,$7
+	addu	$24,$6
+	 xor	$10,$23
+	xor	$25,$2
+	addu	$24,$9
+	 rotr	$10,$10,31
+	rotr	$2,$2,2
+	addu	$24,$25
+#else
+	 xor	$10,$12
+	sll	$25,$1,5	# 65
+	addu	$24,$31
+	srl	$6,$1,27
+	addu	$24,$25
+	 xor	$10,$18
+	xor	$25,$3,$7
+	addu	$24,$6
+	 xor	$10,$23
+	sll	$30,$2,30
+	xor	$25,$2
+	 srl	$6,$10,31
+	 addu	$10,$10
+	srl	$2,$2,2
+	addu	$24,$9
+	 or	$10,$6
+	or	$2,$30
+	addu	$24,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$11,$13
+	addu	$7,$31		# 66
+	rotr	$6,$24,27
+	 xor	$11,$19
+	xor	$25,$2,$3
+	addu	$7,$6
+	 xor	$11,$8
+	xor	$25,$1
+	addu	$7,$10
+	 rotr	$11,$11,31
+	rotr	$1,$1,2
+	addu	$7,$25
+#else
+	 xor	$11,$13
+	sll	$25,$24,5	# 66
+	addu	$7,$31
+	srl	$6,$24,27
+	addu	$7,$25
+	 xor	$11,$19
+	xor	$25,$2,$3
+	addu	$7,$6
+	 xor	$11,$8
+	sll	$30,$1,30
+	xor	$25,$1
+	 srl	$6,$11,31
+	 addu	$11,$11
+	srl	$1,$1,2
+	addu	$7,$10
+	 or	$11,$6
+	or	$1,$30
+	addu	$7,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$12,$14
+	addu	$3,$31		# 67
+	rotr	$6,$7,27
+	 xor	$12,$20
+	xor	$25,$1,$2
+	addu	$3,$6
+	 xor	$12,$9
+	xor	$25,$24
+	addu	$3,$11
+	 rotr	$12,$12,31
+	rotr	$24,$24,2
+	addu	$3,$25
+#else
+	 xor	$12,$14
+	sll	$25,$7,5	# 67
+	addu	$3,$31
+	srl	$6,$7,27
+	addu	$3,$25
+	 xor	$12,$20
+	xor	$25,$1,$2
+	addu	$3,$6
+	 xor	$12,$9
+	sll	$30,$24,30
+	xor	$25,$24
+	 srl	$6,$12,31
+	 addu	$12,$12
+	srl	$24,$24,2
+	addu	$3,$11
+	 or	$12,$6
+	or	$24,$30
+	addu	$3,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$13,$15
+	addu	$2,$31		# 68
+	rotr	$6,$3,27
+	 xor	$13,$21
+	xor	$25,$24,$1
+	addu	$2,$6
+	 xor	$13,$10
+	xor	$25,$7
+	addu	$2,$12
+	 rotr	$13,$13,31
+	rotr	$7,$7,2
+	addu	$2,$25
+#else
+	 xor	$13,$15
+	sll	$25,$3,5	# 68
+	addu	$2,$31
+	srl	$6,$3,27
+	addu	$2,$25
+	 xor	$13,$21
+	xor	$25,$24,$1
+	addu	$2,$6
+	 xor	$13,$10
+	sll	$30,$7,30
+	xor	$25,$7
+	 srl	$6,$13,31
+	 addu	$13,$13
+	srl	$7,$7,2
+	addu	$2,$12
+	 or	$13,$6
+	or	$7,$30
+	addu	$2,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$14,$16
+	addu	$1,$31		# 69
+	rotr	$6,$2,27
+	 xor	$14,$22
+	xor	$25,$7,$24
+	addu	$1,$6
+	 xor	$14,$11
+	xor	$25,$3
+	addu	$1,$13
+	 rotr	$14,$14,31
+	rotr	$3,$3,2
+	addu	$1,$25
+#else
+	 xor	$14,$16
+	sll	$25,$2,5	# 69
+	addu	$1,$31
+	srl	$6,$2,27
+	addu	$1,$25
+	 xor	$14,$22
+	xor	$25,$7,$24
+	addu	$1,$6
+	 xor	$14,$11
+	sll	$30,$3,30
+	xor	$25,$3
+	 srl	$6,$14,31
+	 addu	$14,$14
+	srl	$3,$3,2
+	addu	$1,$13
+	 or	$14,$6
+	or	$3,$30
+	addu	$1,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$15,$17
+	addu	$24,$31		# 70
+	rotr	$6,$1,27
+	 xor	$15,$23
+	xor	$25,$3,$7
+	addu	$24,$6
+	 xor	$15,$12
+	xor	$25,$2
+	addu	$24,$14
+	 rotr	$15,$15,31
+	rotr	$2,$2,2
+	addu	$24,$25
+#else
+	 xor	$15,$17
+	sll	$25,$1,5	# 70
+	addu	$24,$31
+	srl	$6,$1,27
+	addu	$24,$25
+	 xor	$15,$23
+	xor	$25,$3,$7
+	addu	$24,$6
+	 xor	$15,$12
+	sll	$30,$2,30
+	xor	$25,$2
+	 srl	$6,$15,31
+	 addu	$15,$15
+	srl	$2,$2,2
+	addu	$24,$14
+	 or	$15,$6
+	or	$2,$30
+	addu	$24,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$16,$18
+	addu	$7,$31		# 71
+	rotr	$6,$24,27
+	 xor	$16,$8
+	xor	$25,$2,$3
+	addu	$7,$6
+	 xor	$16,$13
+	xor	$25,$1
+	addu	$7,$15
+	 rotr	$16,$16,31
+	rotr	$1,$1,2
+	addu	$7,$25
+#else
+	 xor	$16,$18
+	sll	$25,$24,5	# 71
+	addu	$7,$31
+	srl	$6,$24,27
+	addu	$7,$25
+	 xor	$16,$8
+	xor	$25,$2,$3
+	addu	$7,$6
+	 xor	$16,$13
+	sll	$30,$1,30
+	xor	$25,$1
+	 srl	$6,$16,31
+	 addu	$16,$16
+	srl	$1,$1,2
+	addu	$7,$15
+	 or	$16,$6
+	or	$1,$30
+	addu	$7,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$17,$19
+	addu	$3,$31		# 72
+	rotr	$6,$7,27
+	 xor	$17,$9
+	xor	$25,$1,$2
+	addu	$3,$6
+	 xor	$17,$14
+	xor	$25,$24
+	addu	$3,$16
+	 rotr	$17,$17,31
+	rotr	$24,$24,2
+	addu	$3,$25
+#else
+	 xor	$17,$19
+	sll	$25,$7,5	# 72
+	addu	$3,$31
+	srl	$6,$7,27
+	addu	$3,$25
+	 xor	$17,$9
+	xor	$25,$1,$2
+	addu	$3,$6
+	 xor	$17,$14
+	sll	$30,$24,30
+	xor	$25,$24
+	 srl	$6,$17,31
+	 addu	$17,$17
+	srl	$24,$24,2
+	addu	$3,$16
+	 or	$17,$6
+	or	$24,$30
+	addu	$3,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$18,$20
+	addu	$2,$31		# 73
+	rotr	$6,$3,27
+	 xor	$18,$10
+	xor	$25,$24,$1
+	addu	$2,$6
+	 xor	$18,$15
+	xor	$25,$7
+	addu	$2,$17
+	 rotr	$18,$18,31
+	rotr	$7,$7,2
+	addu	$2,$25
+#else
+	 xor	$18,$20
+	sll	$25,$3,5	# 73
+	addu	$2,$31
+	srl	$6,$3,27
+	addu	$2,$25
+	 xor	$18,$10
+	xor	$25,$24,$1
+	addu	$2,$6
+	 xor	$18,$15
+	sll	$30,$7,30
+	xor	$25,$7
+	 srl	$6,$18,31
+	 addu	$18,$18
+	srl	$7,$7,2
+	addu	$2,$17
+	 or	$18,$6
+	or	$7,$30
+	addu	$2,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$19,$21
+	addu	$1,$31		# 74
+	rotr	$6,$2,27
+	 xor	$19,$11
+	xor	$25,$7,$24
+	addu	$1,$6
+	 xor	$19,$16
+	xor	$25,$3
+	addu	$1,$18
+	 rotr	$19,$19,31
+	rotr	$3,$3,2
+	addu	$1,$25
+#else
+	 xor	$19,$21
+	sll	$25,$2,5	# 74
+	addu	$1,$31
+	srl	$6,$2,27
+	addu	$1,$25
+	 xor	$19,$11
+	xor	$25,$7,$24
+	addu	$1,$6
+	 xor	$19,$16
+	sll	$30,$3,30
+	xor	$25,$3
+	 srl	$6,$19,31
+	 addu	$19,$19
+	srl	$3,$3,2
+	addu	$1,$18
+	 or	$19,$6
+	or	$3,$30
+	addu	$1,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$20,$22
+	addu	$24,$31		# 75
+	rotr	$6,$1,27
+	 xor	$20,$12
+	xor	$25,$3,$7
+	addu	$24,$6
+	 xor	$20,$17
+	xor	$25,$2
+	addu	$24,$19
+	 rotr	$20,$20,31
+	rotr	$2,$2,2
+	addu	$24,$25
+#else
+	 xor	$20,$22
+	sll	$25,$1,5	# 75
+	addu	$24,$31
+	srl	$6,$1,27
+	addu	$24,$25
+	 xor	$20,$12
+	xor	$25,$3,$7
+	addu	$24,$6
+	 xor	$20,$17
+	sll	$30,$2,30
+	xor	$25,$2
+	 srl	$6,$20,31
+	 addu	$20,$20
+	srl	$2,$2,2
+	addu	$24,$19
+	 or	$20,$6
+	or	$2,$30
+	addu	$24,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$21,$23
+	addu	$7,$31		# 76
+	rotr	$6,$24,27
+	 xor	$21,$13
+	xor	$25,$2,$3
+	addu	$7,$6
+	 xor	$21,$18
+	xor	$25,$1
+	addu	$7,$20
+	 rotr	$21,$21,31
+	rotr	$1,$1,2
+	addu	$7,$25
+#else
+	 xor	$21,$23
+	sll	$25,$24,5	# 76
+	addu	$7,$31
+	srl	$6,$24,27
+	addu	$7,$25
+	 xor	$21,$13
+	xor	$25,$2,$3
+	addu	$7,$6
+	 xor	$21,$18
+	sll	$30,$1,30
+	xor	$25,$1
+	 srl	$6,$21,31
+	 addu	$21,$21
+	srl	$1,$1,2
+	addu	$7,$20
+	 or	$21,$6
+	or	$1,$30
+	addu	$7,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$22,$8
+	addu	$3,$31		# 77
+	rotr	$6,$7,27
+	 xor	$22,$14
+	xor	$25,$1,$2
+	addu	$3,$6
+	 xor	$22,$19
+	xor	$25,$24
+	addu	$3,$21
+	 rotr	$22,$22,31
+	rotr	$24,$24,2
+	addu	$3,$25
+#else
+	 xor	$22,$8
+	sll	$25,$7,5	# 77
+	addu	$3,$31
+	srl	$6,$7,27
+	addu	$3,$25
+	 xor	$22,$14
+	xor	$25,$1,$2
+	addu	$3,$6
+	 xor	$22,$19
+	sll	$30,$24,30
+	xor	$25,$24
+	 srl	$6,$22,31
+	 addu	$22,$22
+	srl	$24,$24,2
+	addu	$3,$21
+	 or	$22,$6
+	or	$24,$30
+	addu	$3,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 xor	$23,$9
+	addu	$2,$31		# 78
+	rotr	$6,$3,27
+	 xor	$23,$15
+	xor	$25,$24,$1
+	addu	$2,$6
+	 xor	$23,$20
+	xor	$25,$7
+	addu	$2,$22
+	 rotr	$23,$23,31
+	rotr	$7,$7,2
+	addu	$2,$25
+#else
+	 xor	$23,$9
+	sll	$25,$3,5	# 78
+	addu	$2,$31
+	srl	$6,$3,27
+	addu	$2,$25
+	 xor	$23,$15
+	xor	$25,$24,$1
+	addu	$2,$6
+	 xor	$23,$20
+	sll	$30,$7,30
+	xor	$25,$7
+	 srl	$6,$23,31
+	 addu	$23,$23
+	srl	$7,$7,2
+	addu	$2,$22
+	 or	$23,$6
+	or	$7,$30
+	addu	$2,$25
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	 lw	$8,0($4)
+	addu	$1,$31		# 79
+	 lw	$9,4($4)
+	rotr	$6,$2,27
+	 lw	$10,8($4)
+	xor	$25,$7,$24
+	addu	$1,$6
+	 lw	$11,12($4)
+	xor	$25,$3
+	addu	$1,$23
+	 lw	$12,16($4)
+	rotr	$3,$3,2
+	addu	$1,$25
+#else
+	 lw	$8,0($4)
+	sll	$25,$2,5	# 79
+	addu	$1,$31
+	 lw	$9,4($4)
+	srl	$6,$2,27
+	addu	$1,$25
+	 lw	$10,8($4)
+	xor	$25,$7,$24
+	addu	$1,$6
+	 lw	$11,12($4)
+	sll	$30,$3,30
+	xor	$25,$3
+	 lw	$12,16($4)
+	srl	$3,$3,2
+	addu	$1,$23
+	or	$3,$30
+	addu	$1,$25
+#endif
+	daddu $5,64
+	ld	$6,0($29)
+
+	addu	$1,$8
+	addu	$2,$9
+	sw	$1,0($4)
+	addu	$3,$10
+	addu	$7,$11
+	sw	$2,4($4)
+	addu	$24,$12
+	sw	$3,8($4)
+	sw	$7,12($4)
+	sw	$24,16($4)
+	.set	noreorder
+	bne	$5,$6,.Loop
+	nop
+
+	.set	noreorder
+	ld	$31,(16-1)*8($29)
+	ld	$30,(16-2)*8($29)
+	ld	$23,(16-3)*8($29)
+	ld	$22,(16-4)*8($29)
+	ld	$21,(16-5)*8($29)
+	ld	$20,(16-6)*8($29)
+	ld	$19,(16-7)*8($29)
+	ld	$18,(16-8)*8($29)
+	ld	$17,(16-9)*8($29)
+	ld	$16,(16-10)*8($29)
+	jr	$31
+	daddu $29,16*8
+.end	sha1_block_data_order
+.rdata
+.asciiz	"SHA1 for MIPS, CRYPTOGAMS by <appro@openssl.org>"
diff --git a/deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/sha/sha256-mips.S b/deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/sha/sha256-mips.S
new file mode 100644
index 00000000000000..0459f23f81b1ad
--- /dev/null
+++ b/deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/sha/sha256-mips.S
@@ -0,0 +1,3036 @@
+#include "mips_arch.h"
+
+.text
+.set	noat
+#if !defined(__mips_eabi) && (!defined(__vxworks) || defined(__pic__))
+.option	pic2
+#endif
+
+.align	5
+.globl	sha256_block_data_order
+.ent	sha256_block_data_order
+sha256_block_data_order:
+	.frame	$29,192,$31
+	.mask	0xc0ff0000,-8
+	.set	noreorder
+	dsubu $29,192
+	sd	$31,192-1*8($29)
+	sd	$30,192-2*8($29)
+	sd	$23,192-3*8($29)
+	sd	$22,192-4*8($29)
+	sd	$21,192-5*8($29)
+	sd	$20,192-6*8($29)
+	sd	$19,192-7*8($29)
+	sd	$18,192-8*8($29)
+	sd	$17,192-9*8($29)
+	sd	$16,192-10*8($29)
+	dsll $23,$6,6
+	.cplocal	$6
+	.cpsetup	$25,$0,sha256_block_data_order
+	.set	reorder
+	dla	$6,K256		# PIC-ified 'load address'
+
+	lw	$1,0*4($4)		# load context
+	lw	$2,1*4($4)
+	lw	$3,2*4($4)
+	lw	$7,3*4($4)
+	lw	$24,4*4($4)
+	lw	$25,5*4($4)
+	lw	$30,6*4($4)
+	lw	$31,7*4($4)
+
+	daddu $23,$5		# pointer to the end of input
+	sd	$23,16*4($29)
+	b	.Loop
+
+.align	5
+.Loop:
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	lw	$8,($5)
+#else
+	lwl	$8,3($5)
+	lwr	$8,0($5)
+#endif
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	lw	$9,4($5)
+#else
+	lwl	$9,7($5)
+	lwr	$9,4($5)
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	$8,$8		# byte swap(0)
+	rotr	$8,$8,16
+#else
+	srl	$13,$8,24		# byte swap(0)
+	srl	$14,$8,8
+	andi	$15,$8,0xFF00
+	sll	$8,$8,24
+	andi	$14,0xFF00
+	sll	$15,$15,8
+	or	$8,$13
+	or	$14,$15
+	or	$8,$14
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$15,$25,$30			# 0
+	rotr	$13,$24,6
+	addu	$12,$8,$31
+	rotr	$14,$24,11
+	and	$15,$24
+	rotr	$31,$24,25
+	xor	$13,$14
+	rotr	$14,$1,2
+	xor	$15,$30			# Ch(e,f,g)
+	xor	$13,$31			# Sigma1(e)
+
+	rotr	$31,$1,13
+	addu	$12,$15
+	lw	$15,0($6)		# K[0]
+	xor	$31,$14
+	rotr	$14,$1,22
+	addu	$12,$13
+	and	$13,$2,$3
+	xor	$31,$14			# Sigma0(a)
+	xor	$14,$2,$3
+#else
+	addu	$12,$8,$31			# 0
+	srl	$31,$24,6
+	xor	$15,$25,$30
+	sll	$14,$24,7
+	and	$15,$24
+	srl	$13,$24,11
+	xor	$31,$14
+	sll	$14,$24,21
+	xor	$31,$13
+	srl	$13,$24,25
+	xor	$31,$14
+	sll	$14,$24,26
+	xor	$31,$13
+	xor	$15,$30			# Ch(e,f,g)
+	xor	$13,$14,$31			# Sigma1(e)
+
+	srl	$31,$1,2
+	addu	$12,$15
+	lw	$15,0($6)		# K[0]
+	sll	$14,$1,10
+	addu	$12,$13
+	srl	$13,$1,13
+	xor	$31,$14
+	sll	$14,$1,19
+	xor	$31,$13
+	srl	$13,$1,22
+	xor	$31,$14
+	sll	$14,$1,30
+	xor	$31,$13
+	and	$13,$2,$3
+	xor	$31,$14			# Sigma0(a)
+	xor	$14,$2,$3
+#endif
+	sw	$8,0($29)	# offload to ring buffer
+	addu	$31,$13
+	and	$14,$1
+	addu	$12,$15			# +=K[0]
+	addu	$31,$14			# +=Maj(a,b,c)
+	addu	$7,$12
+	addu	$31,$12
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	lw	$10,8($5)
+#else
+	lwl	$10,11($5)
+	lwr	$10,8($5)
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	$9,$9		# byte swap(1)
+	rotr	$9,$9,16
+#else
+	srl	$14,$9,24		# byte swap(1)
+	srl	$15,$9,8
+	andi	$16,$9,0xFF00
+	sll	$9,$9,24
+	andi	$15,0xFF00
+	sll	$16,$16,8
+	or	$9,$14
+	or	$15,$16
+	or	$9,$15
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$16,$24,$25			# 1
+	rotr	$14,$7,6
+	addu	$13,$9,$30
+	rotr	$15,$7,11
+	and	$16,$7
+	rotr	$30,$7,25
+	xor	$14,$15
+	rotr	$15,$31,2
+	xor	$16,$25			# Ch(e,f,g)
+	xor	$14,$30			# Sigma1(e)
+
+	rotr	$30,$31,13
+	addu	$13,$16
+	lw	$16,4($6)		# K[1]
+	xor	$30,$15
+	rotr	$15,$31,22
+	addu	$13,$14
+	and	$14,$1,$2
+	xor	$30,$15			# Sigma0(a)
+	xor	$15,$1,$2
+#else
+	addu	$13,$9,$30			# 1
+	srl	$30,$7,6
+	xor	$16,$24,$25
+	sll	$15,$7,7
+	and	$16,$7
+	srl	$14,$7,11
+	xor	$30,$15
+	sll	$15,$7,21
+	xor	$30,$14
+	srl	$14,$7,25
+	xor	$30,$15
+	sll	$15,$7,26
+	xor	$30,$14
+	xor	$16,$25			# Ch(e,f,g)
+	xor	$14,$15,$30			# Sigma1(e)
+
+	srl	$30,$31,2
+	addu	$13,$16
+	lw	$16,4($6)		# K[1]
+	sll	$15,$31,10
+	addu	$13,$14
+	srl	$14,$31,13
+	xor	$30,$15
+	sll	$15,$31,19
+	xor	$30,$14
+	srl	$14,$31,22
+	xor	$30,$15
+	sll	$15,$31,30
+	xor	$30,$14
+	and	$14,$1,$2
+	xor	$30,$15			# Sigma0(a)
+	xor	$15,$1,$2
+#endif
+	sw	$9,4($29)	# offload to ring buffer
+	addu	$30,$14
+	and	$15,$31
+	addu	$13,$16			# +=K[1]
+	addu	$30,$15			# +=Maj(a,b,c)
+	addu	$3,$13
+	addu	$30,$13
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	lw	$11,12($5)
+#else
+	lwl	$11,15($5)
+	lwr	$11,12($5)
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	$10,$10		# byte swap(2)
+	rotr	$10,$10,16
+#else
+	srl	$15,$10,24		# byte swap(2)
+	srl	$16,$10,8
+	andi	$17,$10,0xFF00
+	sll	$10,$10,24
+	andi	$16,0xFF00
+	sll	$17,$17,8
+	or	$10,$15
+	or	$16,$17
+	or	$10,$16
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$17,$7,$24			# 2
+	rotr	$15,$3,6
+	addu	$14,$10,$25
+	rotr	$16,$3,11
+	and	$17,$3
+	rotr	$25,$3,25
+	xor	$15,$16
+	rotr	$16,$30,2
+	xor	$17,$24			# Ch(e,f,g)
+	xor	$15,$25			# Sigma1(e)
+
+	rotr	$25,$30,13
+	addu	$14,$17
+	lw	$17,8($6)		# K[2]
+	xor	$25,$16
+	rotr	$16,$30,22
+	addu	$14,$15
+	and	$15,$31,$1
+	xor	$25,$16			# Sigma0(a)
+	xor	$16,$31,$1
+#else
+	addu	$14,$10,$25			# 2
+	srl	$25,$3,6
+	xor	$17,$7,$24
+	sll	$16,$3,7
+	and	$17,$3
+	srl	$15,$3,11
+	xor	$25,$16
+	sll	$16,$3,21
+	xor	$25,$15
+	srl	$15,$3,25
+	xor	$25,$16
+	sll	$16,$3,26
+	xor	$25,$15
+	xor	$17,$24			# Ch(e,f,g)
+	xor	$15,$16,$25			# Sigma1(e)
+
+	srl	$25,$30,2
+	addu	$14,$17
+	lw	$17,8($6)		# K[2]
+	sll	$16,$30,10
+	addu	$14,$15
+	srl	$15,$30,13
+	xor	$25,$16
+	sll	$16,$30,19
+	xor	$25,$15
+	srl	$15,$30,22
+	xor	$25,$16
+	sll	$16,$30,30
+	xor	$25,$15
+	and	$15,$31,$1
+	xor	$25,$16			# Sigma0(a)
+	xor	$16,$31,$1
+#endif
+	sw	$10,8($29)	# offload to ring buffer
+	addu	$25,$15
+	and	$16,$30
+	addu	$14,$17			# +=K[2]
+	addu	$25,$16			# +=Maj(a,b,c)
+	addu	$2,$14
+	addu	$25,$14
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	lw	$12,16($5)
+#else
+	lwl	$12,19($5)
+	lwr	$12,16($5)
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	$11,$11		# byte swap(3)
+	rotr	$11,$11,16
+#else
+	srl	$16,$11,24		# byte swap(3)
+	srl	$17,$11,8
+	andi	$18,$11,0xFF00
+	sll	$11,$11,24
+	andi	$17,0xFF00
+	sll	$18,$18,8
+	or	$11,$16
+	or	$17,$18
+	or	$11,$17
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$18,$3,$7			# 3
+	rotr	$16,$2,6
+	addu	$15,$11,$24
+	rotr	$17,$2,11
+	and	$18,$2
+	rotr	$24,$2,25
+	xor	$16,$17
+	rotr	$17,$25,2
+	xor	$18,$7			# Ch(e,f,g)
+	xor	$16,$24			# Sigma1(e)
+
+	rotr	$24,$25,13
+	addu	$15,$18
+	lw	$18,12($6)		# K[3]
+	xor	$24,$17
+	rotr	$17,$25,22
+	addu	$15,$16
+	and	$16,$30,$31
+	xor	$24,$17			# Sigma0(a)
+	xor	$17,$30,$31
+#else
+	addu	$15,$11,$24			# 3
+	srl	$24,$2,6
+	xor	$18,$3,$7
+	sll	$17,$2,7
+	and	$18,$2
+	srl	$16,$2,11
+	xor	$24,$17
+	sll	$17,$2,21
+	xor	$24,$16
+	srl	$16,$2,25
+	xor	$24,$17
+	sll	$17,$2,26
+	xor	$24,$16
+	xor	$18,$7			# Ch(e,f,g)
+	xor	$16,$17,$24			# Sigma1(e)
+
+	srl	$24,$25,2
+	addu	$15,$18
+	lw	$18,12($6)		# K[3]
+	sll	$17,$25,10
+	addu	$15,$16
+	srl	$16,$25,13
+	xor	$24,$17
+	sll	$17,$25,19
+	xor	$24,$16
+	srl	$16,$25,22
+	xor	$24,$17
+	sll	$17,$25,30
+	xor	$24,$16
+	and	$16,$30,$31
+	xor	$24,$17			# Sigma0(a)
+	xor	$17,$30,$31
+#endif
+	sw	$11,12($29)	# offload to ring buffer
+	addu	$24,$16
+	and	$17,$25
+	addu	$15,$18			# +=K[3]
+	addu	$24,$17			# +=Maj(a,b,c)
+	addu	$1,$15
+	addu	$24,$15
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	lw	$13,20($5)
+#else
+	lwl	$13,23($5)
+	lwr	$13,20($5)
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	$12,$12		# byte swap(4)
+	rotr	$12,$12,16
+#else
+	srl	$17,$12,24		# byte swap(4)
+	srl	$18,$12,8
+	andi	$19,$12,0xFF00
+	sll	$12,$12,24
+	andi	$18,0xFF00
+	sll	$19,$19,8
+	or	$12,$17
+	or	$18,$19
+	or	$12,$18
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$19,$2,$3			# 4
+	rotr	$17,$1,6
+	addu	$16,$12,$7
+	rotr	$18,$1,11
+	and	$19,$1
+	rotr	$7,$1,25
+	xor	$17,$18
+	rotr	$18,$24,2
+	xor	$19,$3			# Ch(e,f,g)
+	xor	$17,$7			# Sigma1(e)
+
+	rotr	$7,$24,13
+	addu	$16,$19
+	lw	$19,16($6)		# K[4]
+	xor	$7,$18
+	rotr	$18,$24,22
+	addu	$16,$17
+	and	$17,$25,$30
+	xor	$7,$18			# Sigma0(a)
+	xor	$18,$25,$30
+#else
+	addu	$16,$12,$7			# 4
+	srl	$7,$1,6
+	xor	$19,$2,$3
+	sll	$18,$1,7
+	and	$19,$1
+	srl	$17,$1,11
+	xor	$7,$18
+	sll	$18,$1,21
+	xor	$7,$17
+	srl	$17,$1,25
+	xor	$7,$18
+	sll	$18,$1,26
+	xor	$7,$17
+	xor	$19,$3			# Ch(e,f,g)
+	xor	$17,$18,$7			# Sigma1(e)
+
+	srl	$7,$24,2
+	addu	$16,$19
+	lw	$19,16($6)		# K[4]
+	sll	$18,$24,10
+	addu	$16,$17
+	srl	$17,$24,13
+	xor	$7,$18
+	sll	$18,$24,19
+	xor	$7,$17
+	srl	$17,$24,22
+	xor	$7,$18
+	sll	$18,$24,30
+	xor	$7,$17
+	and	$17,$25,$30
+	xor	$7,$18			# Sigma0(a)
+	xor	$18,$25,$30
+#endif
+	sw	$12,16($29)	# offload to ring buffer
+	addu	$7,$17
+	and	$18,$24
+	addu	$16,$19			# +=K[4]
+	addu	$7,$18			# +=Maj(a,b,c)
+	addu	$31,$16
+	addu	$7,$16
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	lw	$14,24($5)
+#else
+	lwl	$14,27($5)
+	lwr	$14,24($5)
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	$13,$13		# byte swap(5)
+	rotr	$13,$13,16
+#else
+	srl	$18,$13,24		# byte swap(5)
+	srl	$19,$13,8
+	andi	$20,$13,0xFF00
+	sll	$13,$13,24
+	andi	$19,0xFF00
+	sll	$20,$20,8
+	or	$13,$18
+	or	$19,$20
+	or	$13,$19
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$20,$1,$2			# 5
+	rotr	$18,$31,6
+	addu	$17,$13,$3
+	rotr	$19,$31,11
+	and	$20,$31
+	rotr	$3,$31,25
+	xor	$18,$19
+	rotr	$19,$7,2
+	xor	$20,$2			# Ch(e,f,g)
+	xor	$18,$3			# Sigma1(e)
+
+	rotr	$3,$7,13
+	addu	$17,$20
+	lw	$20,20($6)		# K[5]
+	xor	$3,$19
+	rotr	$19,$7,22
+	addu	$17,$18
+	and	$18,$24,$25
+	xor	$3,$19			# Sigma0(a)
+	xor	$19,$24,$25
+#else
+	addu	$17,$13,$3			# 5
+	srl	$3,$31,6
+	xor	$20,$1,$2
+	sll	$19,$31,7
+	and	$20,$31
+	srl	$18,$31,11
+	xor	$3,$19
+	sll	$19,$31,21
+	xor	$3,$18
+	srl	$18,$31,25
+	xor	$3,$19
+	sll	$19,$31,26
+	xor	$3,$18
+	xor	$20,$2			# Ch(e,f,g)
+	xor	$18,$19,$3			# Sigma1(e)
+
+	srl	$3,$7,2
+	addu	$17,$20
+	lw	$20,20($6)		# K[5]
+	sll	$19,$7,10
+	addu	$17,$18
+	srl	$18,$7,13
+	xor	$3,$19
+	sll	$19,$7,19
+	xor	$3,$18
+	srl	$18,$7,22
+	xor	$3,$19
+	sll	$19,$7,30
+	xor	$3,$18
+	and	$18,$24,$25
+	xor	$3,$19			# Sigma0(a)
+	xor	$19,$24,$25
+#endif
+	sw	$13,20($29)	# offload to ring buffer
+	addu	$3,$18
+	and	$19,$7
+	addu	$17,$20			# +=K[5]
+	addu	$3,$19			# +=Maj(a,b,c)
+	addu	$30,$17
+	addu	$3,$17
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	lw	$15,28($5)
+#else
+	lwl	$15,31($5)
+	lwr	$15,28($5)
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	$14,$14		# byte swap(6)
+	rotr	$14,$14,16
+#else
+	srl	$19,$14,24		# byte swap(6)
+	srl	$20,$14,8
+	andi	$21,$14,0xFF00
+	sll	$14,$14,24
+	andi	$20,0xFF00
+	sll	$21,$21,8
+	or	$14,$19
+	or	$20,$21
+	or	$14,$20
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$21,$31,$1			# 6
+	rotr	$19,$30,6
+	addu	$18,$14,$2
+	rotr	$20,$30,11
+	and	$21,$30
+	rotr	$2,$30,25
+	xor	$19,$20
+	rotr	$20,$3,2
+	xor	$21,$1			# Ch(e,f,g)
+	xor	$19,$2			# Sigma1(e)
+
+	rotr	$2,$3,13
+	addu	$18,$21
+	lw	$21,24($6)		# K[6]
+	xor	$2,$20
+	rotr	$20,$3,22
+	addu	$18,$19
+	and	$19,$7,$24
+	xor	$2,$20			# Sigma0(a)
+	xor	$20,$7,$24
+#else
+	addu	$18,$14,$2			# 6
+	srl	$2,$30,6
+	xor	$21,$31,$1
+	sll	$20,$30,7
+	and	$21,$30
+	srl	$19,$30,11
+	xor	$2,$20
+	sll	$20,$30,21
+	xor	$2,$19
+	srl	$19,$30,25
+	xor	$2,$20
+	sll	$20,$30,26
+	xor	$2,$19
+	xor	$21,$1			# Ch(e,f,g)
+	xor	$19,$20,$2			# Sigma1(e)
+
+	srl	$2,$3,2
+	addu	$18,$21
+	lw	$21,24($6)		# K[6]
+	sll	$20,$3,10
+	addu	$18,$19
+	srl	$19,$3,13
+	xor	$2,$20
+	sll	$20,$3,19
+	xor	$2,$19
+	srl	$19,$3,22
+	xor	$2,$20
+	sll	$20,$3,30
+	xor	$2,$19
+	and	$19,$7,$24
+	xor	$2,$20			# Sigma0(a)
+	xor	$20,$7,$24
+#endif
+	sw	$14,24($29)	# offload to ring buffer
+	addu	$2,$19
+	and	$20,$3
+	addu	$18,$21			# +=K[6]
+	addu	$2,$20			# +=Maj(a,b,c)
+	addu	$25,$18
+	addu	$2,$18
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	lw	$16,32($5)
+#else
+	lwl	$16,35($5)
+	lwr	$16,32($5)
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	$15,$15		# byte swap(7)
+	rotr	$15,$15,16
+#else
+	srl	$20,$15,24		# byte swap(7)
+	srl	$21,$15,8
+	andi	$22,$15,0xFF00
+	sll	$15,$15,24
+	andi	$21,0xFF00
+	sll	$22,$22,8
+	or	$15,$20
+	or	$21,$22
+	or	$15,$21
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$22,$30,$31			# 7
+	rotr	$20,$25,6
+	addu	$19,$15,$1
+	rotr	$21,$25,11
+	and	$22,$25
+	rotr	$1,$25,25
+	xor	$20,$21
+	rotr	$21,$2,2
+	xor	$22,$31			# Ch(e,f,g)
+	xor	$20,$1			# Sigma1(e)
+
+	rotr	$1,$2,13
+	addu	$19,$22
+	lw	$22,28($6)		# K[7]
+	xor	$1,$21
+	rotr	$21,$2,22
+	addu	$19,$20
+	and	$20,$3,$7
+	xor	$1,$21			# Sigma0(a)
+	xor	$21,$3,$7
+#else
+	addu	$19,$15,$1			# 7
+	srl	$1,$25,6
+	xor	$22,$30,$31
+	sll	$21,$25,7
+	and	$22,$25
+	srl	$20,$25,11
+	xor	$1,$21
+	sll	$21,$25,21
+	xor	$1,$20
+	srl	$20,$25,25
+	xor	$1,$21
+	sll	$21,$25,26
+	xor	$1,$20
+	xor	$22,$31			# Ch(e,f,g)
+	xor	$20,$21,$1			# Sigma1(e)
+
+	srl	$1,$2,2
+	addu	$19,$22
+	lw	$22,28($6)		# K[7]
+	sll	$21,$2,10
+	addu	$19,$20
+	srl	$20,$2,13
+	xor	$1,$21
+	sll	$21,$2,19
+	xor	$1,$20
+	srl	$20,$2,22
+	xor	$1,$21
+	sll	$21,$2,30
+	xor	$1,$20
+	and	$20,$3,$7
+	xor	$1,$21			# Sigma0(a)
+	xor	$21,$3,$7
+#endif
+	sw	$15,28($29)	# offload to ring buffer
+	addu	$1,$20
+	and	$21,$2
+	addu	$19,$22			# +=K[7]
+	addu	$1,$21			# +=Maj(a,b,c)
+	addu	$24,$19
+	addu	$1,$19
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	lw	$17,36($5)
+#else
+	lwl	$17,39($5)
+	lwr	$17,36($5)
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	$16,$16		# byte swap(8)
+	rotr	$16,$16,16
+#else
+	srl	$21,$16,24		# byte swap(8)
+	srl	$22,$16,8
+	andi	$23,$16,0xFF00
+	sll	$16,$16,24
+	andi	$22,0xFF00
+	sll	$23,$23,8
+	or	$16,$21
+	or	$22,$23
+	or	$16,$22
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$23,$25,$30			# 8
+	rotr	$21,$24,6
+	addu	$20,$16,$31
+	rotr	$22,$24,11
+	and	$23,$24
+	rotr	$31,$24,25
+	xor	$21,$22
+	rotr	$22,$1,2
+	xor	$23,$30			# Ch(e,f,g)
+	xor	$21,$31			# Sigma1(e)
+
+	rotr	$31,$1,13
+	addu	$20,$23
+	lw	$23,32($6)		# K[8]
+	xor	$31,$22
+	rotr	$22,$1,22
+	addu	$20,$21
+	and	$21,$2,$3
+	xor	$31,$22			# Sigma0(a)
+	xor	$22,$2,$3
+#else
+	addu	$20,$16,$31			# 8
+	srl	$31,$24,6
+	xor	$23,$25,$30
+	sll	$22,$24,7
+	and	$23,$24
+	srl	$21,$24,11
+	xor	$31,$22
+	sll	$22,$24,21
+	xor	$31,$21
+	srl	$21,$24,25
+	xor	$31,$22
+	sll	$22,$24,26
+	xor	$31,$21
+	xor	$23,$30			# Ch(e,f,g)
+	xor	$21,$22,$31			# Sigma1(e)
+
+	srl	$31,$1,2
+	addu	$20,$23
+	lw	$23,32($6)		# K[8]
+	sll	$22,$1,10
+	addu	$20,$21
+	srl	$21,$1,13
+	xor	$31,$22
+	sll	$22,$1,19
+	xor	$31,$21
+	srl	$21,$1,22
+	xor	$31,$22
+	sll	$22,$1,30
+	xor	$31,$21
+	and	$21,$2,$3
+	xor	$31,$22			# Sigma0(a)
+	xor	$22,$2,$3
+#endif
+	sw	$16,32($29)	# offload to ring buffer
+	addu	$31,$21
+	and	$22,$1
+	addu	$20,$23			# +=K[8]
+	addu	$31,$22			# +=Maj(a,b,c)
+	addu	$7,$20
+	addu	$31,$20
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	lw	$18,40($5)
+#else
+	lwl	$18,43($5)
+	lwr	$18,40($5)
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	$17,$17		# byte swap(9)
+	rotr	$17,$17,16
+#else
+	srl	$22,$17,24		# byte swap(9)
+	srl	$23,$17,8
+	andi	$8,$17,0xFF00
+	sll	$17,$17,24
+	andi	$23,0xFF00
+	sll	$8,$8,8
+	or	$17,$22
+	or	$23,$8
+	or	$17,$23
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$8,$24,$25			# 9
+	rotr	$22,$7,6
+	addu	$21,$17,$30
+	rotr	$23,$7,11
+	and	$8,$7
+	rotr	$30,$7,25
+	xor	$22,$23
+	rotr	$23,$31,2
+	xor	$8,$25			# Ch(e,f,g)
+	xor	$22,$30			# Sigma1(e)
+
+	rotr	$30,$31,13
+	addu	$21,$8
+	lw	$8,36($6)		# K[9]
+	xor	$30,$23
+	rotr	$23,$31,22
+	addu	$21,$22
+	and	$22,$1,$2
+	xor	$30,$23			# Sigma0(a)
+	xor	$23,$1,$2
+#else
+	addu	$21,$17,$30			# 9
+	srl	$30,$7,6
+	xor	$8,$24,$25
+	sll	$23,$7,7
+	and	$8,$7
+	srl	$22,$7,11
+	xor	$30,$23
+	sll	$23,$7,21
+	xor	$30,$22
+	srl	$22,$7,25
+	xor	$30,$23
+	sll	$23,$7,26
+	xor	$30,$22
+	xor	$8,$25			# Ch(e,f,g)
+	xor	$22,$23,$30			# Sigma1(e)
+
+	srl	$30,$31,2
+	addu	$21,$8
+	lw	$8,36($6)		# K[9]
+	sll	$23,$31,10
+	addu	$21,$22
+	srl	$22,$31,13
+	xor	$30,$23
+	sll	$23,$31,19
+	xor	$30,$22
+	srl	$22,$31,22
+	xor	$30,$23
+	sll	$23,$31,30
+	xor	$30,$22
+	and	$22,$1,$2
+	xor	$30,$23			# Sigma0(a)
+	xor	$23,$1,$2
+#endif
+	sw	$17,36($29)	# offload to ring buffer
+	addu	$30,$22
+	and	$23,$31
+	addu	$21,$8			# +=K[9]
+	addu	$30,$23			# +=Maj(a,b,c)
+	addu	$3,$21
+	addu	$30,$21
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	lw	$19,44($5)
+#else
+	lwl	$19,47($5)
+	lwr	$19,44($5)
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	$18,$18		# byte swap(10)
+	rotr	$18,$18,16
+#else
+	srl	$23,$18,24		# byte swap(10)
+	srl	$8,$18,8
+	andi	$9,$18,0xFF00
+	sll	$18,$18,24
+	andi	$8,0xFF00
+	sll	$9,$9,8
+	or	$18,$23
+	or	$8,$9
+	or	$18,$8
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$9,$7,$24			# 10
+	rotr	$23,$3,6
+	addu	$22,$18,$25
+	rotr	$8,$3,11
+	and	$9,$3
+	rotr	$25,$3,25
+	xor	$23,$8
+	rotr	$8,$30,2
+	xor	$9,$24			# Ch(e,f,g)
+	xor	$23,$25			# Sigma1(e)
+
+	rotr	$25,$30,13
+	addu	$22,$9
+	lw	$9,40($6)		# K[10]
+	xor	$25,$8
+	rotr	$8,$30,22
+	addu	$22,$23
+	and	$23,$31,$1
+	xor	$25,$8			# Sigma0(a)
+	xor	$8,$31,$1
+#else
+	addu	$22,$18,$25			# 10
+	srl	$25,$3,6
+	xor	$9,$7,$24
+	sll	$8,$3,7
+	and	$9,$3
+	srl	$23,$3,11
+	xor	$25,$8
+	sll	$8,$3,21
+	xor	$25,$23
+	srl	$23,$3,25
+	xor	$25,$8
+	sll	$8,$3,26
+	xor	$25,$23
+	xor	$9,$24			# Ch(e,f,g)
+	xor	$23,$8,$25			# Sigma1(e)
+
+	srl	$25,$30,2
+	addu	$22,$9
+	lw	$9,40($6)		# K[10]
+	sll	$8,$30,10
+	addu	$22,$23
+	srl	$23,$30,13
+	xor	$25,$8
+	sll	$8,$30,19
+	xor	$25,$23
+	srl	$23,$30,22
+	xor	$25,$8
+	sll	$8,$30,30
+	xor	$25,$23
+	and	$23,$31,$1
+	xor	$25,$8			# Sigma0(a)
+	xor	$8,$31,$1
+#endif
+	sw	$18,40($29)	# offload to ring buffer
+	addu	$25,$23
+	and	$8,$30
+	addu	$22,$9			# +=K[10]
+	addu	$25,$8			# +=Maj(a,b,c)
+	addu	$2,$22
+	addu	$25,$22
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	lw	$20,48($5)
+#else
+	lwl	$20,51($5)
+	lwr	$20,48($5)
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	$19,$19		# byte swap(11)
+	rotr	$19,$19,16
+#else
+	srl	$8,$19,24		# byte swap(11)
+	srl	$9,$19,8
+	andi	$10,$19,0xFF00
+	sll	$19,$19,24
+	andi	$9,0xFF00
+	sll	$10,$10,8
+	or	$19,$8
+	or	$9,$10
+	or	$19,$9
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$10,$3,$7			# 11
+	rotr	$8,$2,6
+	addu	$23,$19,$24
+	rotr	$9,$2,11
+	and	$10,$2
+	rotr	$24,$2,25
+	xor	$8,$9
+	rotr	$9,$25,2
+	xor	$10,$7			# Ch(e,f,g)
+	xor	$8,$24			# Sigma1(e)
+
+	rotr	$24,$25,13
+	addu	$23,$10
+	lw	$10,44($6)		# K[11]
+	xor	$24,$9
+	rotr	$9,$25,22
+	addu	$23,$8
+	and	$8,$30,$31
+	xor	$24,$9			# Sigma0(a)
+	xor	$9,$30,$31
+#else
+	addu	$23,$19,$24			# 11
+	srl	$24,$2,6
+	xor	$10,$3,$7
+	sll	$9,$2,7
+	and	$10,$2
+	srl	$8,$2,11
+	xor	$24,$9
+	sll	$9,$2,21
+	xor	$24,$8
+	srl	$8,$2,25
+	xor	$24,$9
+	sll	$9,$2,26
+	xor	$24,$8
+	xor	$10,$7			# Ch(e,f,g)
+	xor	$8,$9,$24			# Sigma1(e)
+
+	srl	$24,$25,2
+	addu	$23,$10
+	lw	$10,44($6)		# K[11]
+	sll	$9,$25,10
+	addu	$23,$8
+	srl	$8,$25,13
+	xor	$24,$9
+	sll	$9,$25,19
+	xor	$24,$8
+	srl	$8,$25,22
+	xor	$24,$9
+	sll	$9,$25,30
+	xor	$24,$8
+	and	$8,$30,$31
+	xor	$24,$9			# Sigma0(a)
+	xor	$9,$30,$31
+#endif
+	sw	$19,44($29)	# offload to ring buffer
+	addu	$24,$8
+	and	$9,$25
+	addu	$23,$10			# +=K[11]
+	addu	$24,$9			# +=Maj(a,b,c)
+	addu	$1,$23
+	addu	$24,$23
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	lw	$21,52($5)
+#else
+	lwl	$21,55($5)
+	lwr	$21,52($5)
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	$20,$20		# byte swap(12)
+	rotr	$20,$20,16
+#else
+	srl	$9,$20,24		# byte swap(12)
+	srl	$10,$20,8
+	andi	$11,$20,0xFF00
+	sll	$20,$20,24
+	andi	$10,0xFF00
+	sll	$11,$11,8
+	or	$20,$9
+	or	$10,$11
+	or	$20,$10
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$11,$2,$3			# 12
+	rotr	$9,$1,6
+	addu	$8,$20,$7
+	rotr	$10,$1,11
+	and	$11,$1
+	rotr	$7,$1,25
+	xor	$9,$10
+	rotr	$10,$24,2
+	xor	$11,$3			# Ch(e,f,g)
+	xor	$9,$7			# Sigma1(e)
+
+	rotr	$7,$24,13
+	addu	$8,$11
+	lw	$11,48($6)		# K[12]
+	xor	$7,$10
+	rotr	$10,$24,22
+	addu	$8,$9
+	and	$9,$25,$30
+	xor	$7,$10			# Sigma0(a)
+	xor	$10,$25,$30
+#else
+	addu	$8,$20,$7			# 12
+	srl	$7,$1,6
+	xor	$11,$2,$3
+	sll	$10,$1,7
+	and	$11,$1
+	srl	$9,$1,11
+	xor	$7,$10
+	sll	$10,$1,21
+	xor	$7,$9
+	srl	$9,$1,25
+	xor	$7,$10
+	sll	$10,$1,26
+	xor	$7,$9
+	xor	$11,$3			# Ch(e,f,g)
+	xor	$9,$10,$7			# Sigma1(e)
+
+	srl	$7,$24,2
+	addu	$8,$11
+	lw	$11,48($6)		# K[12]
+	sll	$10,$24,10
+	addu	$8,$9
+	srl	$9,$24,13
+	xor	$7,$10
+	sll	$10,$24,19
+	xor	$7,$9
+	srl	$9,$24,22
+	xor	$7,$10
+	sll	$10,$24,30
+	xor	$7,$9
+	and	$9,$25,$30
+	xor	$7,$10			# Sigma0(a)
+	xor	$10,$25,$30
+#endif
+	sw	$20,48($29)	# offload to ring buffer
+	addu	$7,$9
+	and	$10,$24
+	addu	$8,$11			# +=K[12]
+	addu	$7,$10			# +=Maj(a,b,c)
+	addu	$31,$8
+	addu	$7,$8
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	lw	$22,56($5)
+#else
+	lwl	$22,59($5)
+	lwr	$22,56($5)
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	$21,$21		# byte swap(13)
+	rotr	$21,$21,16
+#else
+	srl	$10,$21,24		# byte swap(13)
+	srl	$11,$21,8
+	andi	$12,$21,0xFF00
+	sll	$21,$21,24
+	andi	$11,0xFF00
+	sll	$12,$12,8
+	or	$21,$10
+	or	$11,$12
+	or	$21,$11
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$12,$1,$2			# 13
+	rotr	$10,$31,6
+	addu	$9,$21,$3
+	rotr	$11,$31,11
+	and	$12,$31
+	rotr	$3,$31,25
+	xor	$10,$11
+	rotr	$11,$7,2
+	xor	$12,$2			# Ch(e,f,g)
+	xor	$10,$3			# Sigma1(e)
+
+	rotr	$3,$7,13
+	addu	$9,$12
+	lw	$12,52($6)		# K[13]
+	xor	$3,$11
+	rotr	$11,$7,22
+	addu	$9,$10
+	and	$10,$24,$25
+	xor	$3,$11			# Sigma0(a)
+	xor	$11,$24,$25
+#else
+	addu	$9,$21,$3			# 13
+	srl	$3,$31,6
+	xor	$12,$1,$2
+	sll	$11,$31,7
+	and	$12,$31
+	srl	$10,$31,11
+	xor	$3,$11
+	sll	$11,$31,21
+	xor	$3,$10
+	srl	$10,$31,25
+	xor	$3,$11
+	sll	$11,$31,26
+	xor	$3,$10
+	xor	$12,$2			# Ch(e,f,g)
+	xor	$10,$11,$3			# Sigma1(e)
+
+	srl	$3,$7,2
+	addu	$9,$12
+	lw	$12,52($6)		# K[13]
+	sll	$11,$7,10
+	addu	$9,$10
+	srl	$10,$7,13
+	xor	$3,$11
+	sll	$11,$7,19
+	xor	$3,$10
+	srl	$10,$7,22
+	xor	$3,$11
+	sll	$11,$7,30
+	xor	$3,$10
+	and	$10,$24,$25
+	xor	$3,$11			# Sigma0(a)
+	xor	$11,$24,$25
+#endif
+	sw	$21,52($29)	# offload to ring buffer
+	addu	$3,$10
+	and	$11,$7
+	addu	$9,$12			# +=K[13]
+	addu	$3,$11			# +=Maj(a,b,c)
+	addu	$30,$9
+	addu	$3,$9
+	lw	$8,0($29)	# prefetch from ring buffer
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	lw	$23,60($5)
+#else
+	lwl	$23,63($5)
+	lwr	$23,60($5)
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	$22,$22		# byte swap(14)
+	rotr	$22,$22,16
+#else
+	srl	$11,$22,24		# byte swap(14)
+	srl	$12,$22,8
+	andi	$13,$22,0xFF00
+	sll	$22,$22,24
+	andi	$12,0xFF00
+	sll	$13,$13,8
+	or	$22,$11
+	or	$12,$13
+	or	$22,$12
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$13,$31,$1			# 14
+	rotr	$11,$30,6
+	addu	$10,$22,$2
+	rotr	$12,$30,11
+	and	$13,$30
+	rotr	$2,$30,25
+	xor	$11,$12
+	rotr	$12,$3,2
+	xor	$13,$1			# Ch(e,f,g)
+	xor	$11,$2			# Sigma1(e)
+
+	rotr	$2,$3,13
+	addu	$10,$13
+	lw	$13,56($6)		# K[14]
+	xor	$2,$12
+	rotr	$12,$3,22
+	addu	$10,$11
+	and	$11,$7,$24
+	xor	$2,$12			# Sigma0(a)
+	xor	$12,$7,$24
+#else
+	addu	$10,$22,$2			# 14
+	srl	$2,$30,6
+	xor	$13,$31,$1
+	sll	$12,$30,7
+	and	$13,$30
+	srl	$11,$30,11
+	xor	$2,$12
+	sll	$12,$30,21
+	xor	$2,$11
+	srl	$11,$30,25
+	xor	$2,$12
+	sll	$12,$30,26
+	xor	$2,$11
+	xor	$13,$1			# Ch(e,f,g)
+	xor	$11,$12,$2			# Sigma1(e)
+
+	srl	$2,$3,2
+	addu	$10,$13
+	lw	$13,56($6)		# K[14]
+	sll	$12,$3,10
+	addu	$10,$11
+	srl	$11,$3,13
+	xor	$2,$12
+	sll	$12,$3,19
+	xor	$2,$11
+	srl	$11,$3,22
+	xor	$2,$12
+	sll	$12,$3,30
+	xor	$2,$11
+	and	$11,$7,$24
+	xor	$2,$12			# Sigma0(a)
+	xor	$12,$7,$24
+#endif
+	sw	$22,56($29)	# offload to ring buffer
+	addu	$2,$11
+	and	$12,$3
+	addu	$10,$13			# +=K[14]
+	addu	$2,$12			# +=Maj(a,b,c)
+	addu	$25,$10
+	addu	$2,$10
+	lw	$9,4($29)	# prefetch from ring buffer
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	wsbh	$23,$23		# byte swap(15)
+	rotr	$23,$23,16
+#else
+	srl	$12,$23,24		# byte swap(15)
+	srl	$13,$23,8
+	andi	$14,$23,0xFF00
+	sll	$23,$23,24
+	andi	$13,0xFF00
+	sll	$14,$14,8
+	or	$23,$12
+	or	$13,$14
+	or	$23,$13
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$14,$30,$31			# 15
+	rotr	$12,$25,6
+	addu	$11,$23,$1
+	rotr	$13,$25,11
+	and	$14,$25
+	rotr	$1,$25,25
+	xor	$12,$13
+	rotr	$13,$2,2
+	xor	$14,$31			# Ch(e,f,g)
+	xor	$12,$1			# Sigma1(e)
+
+	rotr	$1,$2,13
+	addu	$11,$14
+	lw	$14,60($6)		# K[15]
+	xor	$1,$13
+	rotr	$13,$2,22
+	addu	$11,$12
+	and	$12,$3,$7
+	xor	$1,$13			# Sigma0(a)
+	xor	$13,$3,$7
+#else
+	addu	$11,$23,$1			# 15
+	srl	$1,$25,6
+	xor	$14,$30,$31
+	sll	$13,$25,7
+	and	$14,$25
+	srl	$12,$25,11
+	xor	$1,$13
+	sll	$13,$25,21
+	xor	$1,$12
+	srl	$12,$25,25
+	xor	$1,$13
+	sll	$13,$25,26
+	xor	$1,$12
+	xor	$14,$31			# Ch(e,f,g)
+	xor	$12,$13,$1			# Sigma1(e)
+
+	srl	$1,$2,2
+	addu	$11,$14
+	lw	$14,60($6)		# K[15]
+	sll	$13,$2,10
+	addu	$11,$12
+	srl	$12,$2,13
+	xor	$1,$13
+	sll	$13,$2,19
+	xor	$1,$12
+	srl	$12,$2,22
+	xor	$1,$13
+	sll	$13,$2,30
+	xor	$1,$12
+	and	$12,$3,$7
+	xor	$1,$13			# Sigma0(a)
+	xor	$13,$3,$7
+#endif
+	sw	$23,60($29)	# offload to ring buffer
+	addu	$1,$12
+	and	$13,$2
+	addu	$11,$14			# +=K[15]
+	addu	$1,$13			# +=Maj(a,b,c)
+	addu	$24,$11
+	addu	$1,$11
+	lw	$10,8($29)	# prefetch from ring buffer
+	b	.L16_xx
+.align	4
+.L16_xx:
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	srl	$14,$9,3		# Xupdate(16)
+	rotr	$12,$9,7
+	addu	$8,$17			# +=X[i+9]
+	xor	$14,$12
+	rotr	$12,$9,18
+
+	srl	$15,$22,10
+	rotr	$13,$22,17
+	xor	$14,$12			# sigma0(X[i+1])
+	rotr	$12,$22,19
+	xor	$15,$13
+	addu	$8,$14
+#else
+	srl	$14,$9,3		# Xupdate(16)
+	addu	$8,$17			# +=X[i+9]
+	sll	$13,$9,14
+	srl	$12,$9,7
+	xor	$14,$13
+	sll	$13,11
+	xor	$14,$12
+	srl	$12,$9,18
+	xor	$14,$13
+
+	srl	$15,$22,10
+	xor	$14,$12			# sigma0(X[i+1])
+	sll	$13,$22,13
+	addu	$8,$14
+	srl	$12,$22,17
+	xor	$15,$13
+	sll	$13,2
+	xor	$15,$12
+	srl	$12,$22,19
+	xor	$15,$13
+#endif
+	xor	$15,$12			# sigma1(X[i+14])
+	addu	$8,$15
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$15,$25,$30			# 16
+	rotr	$13,$24,6
+	addu	$12,$8,$31
+	rotr	$14,$24,11
+	and	$15,$24
+	rotr	$31,$24,25
+	xor	$13,$14
+	rotr	$14,$1,2
+	xor	$15,$30			# Ch(e,f,g)
+	xor	$13,$31			# Sigma1(e)
+
+	rotr	$31,$1,13
+	addu	$12,$15
+	lw	$15,64($6)		# K[16]
+	xor	$31,$14
+	rotr	$14,$1,22
+	addu	$12,$13
+	and	$13,$2,$3
+	xor	$31,$14			# Sigma0(a)
+	xor	$14,$2,$3
+#else
+	addu	$12,$8,$31			# 16
+	srl	$31,$24,6
+	xor	$15,$25,$30
+	sll	$14,$24,7
+	and	$15,$24
+	srl	$13,$24,11
+	xor	$31,$14
+	sll	$14,$24,21
+	xor	$31,$13
+	srl	$13,$24,25
+	xor	$31,$14
+	sll	$14,$24,26
+	xor	$31,$13
+	xor	$15,$30			# Ch(e,f,g)
+	xor	$13,$14,$31			# Sigma1(e)
+
+	srl	$31,$1,2
+	addu	$12,$15
+	lw	$15,64($6)		# K[16]
+	sll	$14,$1,10
+	addu	$12,$13
+	srl	$13,$1,13
+	xor	$31,$14
+	sll	$14,$1,19
+	xor	$31,$13
+	srl	$13,$1,22
+	xor	$31,$14
+	sll	$14,$1,30
+	xor	$31,$13
+	and	$13,$2,$3
+	xor	$31,$14			# Sigma0(a)
+	xor	$14,$2,$3
+#endif
+	sw	$8,0($29)	# offload to ring buffer
+	addu	$31,$13
+	and	$14,$1
+	addu	$12,$15			# +=K[16]
+	addu	$31,$14			# +=Maj(a,b,c)
+	addu	$7,$12
+	addu	$31,$12
+	lw	$11,12($29)	# prefetch from ring buffer
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	srl	$15,$10,3		# Xupdate(17)
+	rotr	$13,$10,7
+	addu	$9,$18			# +=X[i+9]
+	xor	$15,$13
+	rotr	$13,$10,18
+
+	srl	$16,$23,10
+	rotr	$14,$23,17
+	xor	$15,$13			# sigma0(X[i+1])
+	rotr	$13,$23,19
+	xor	$16,$14
+	addu	$9,$15
+#else
+	srl	$15,$10,3		# Xupdate(17)
+	addu	$9,$18			# +=X[i+9]
+	sll	$14,$10,14
+	srl	$13,$10,7
+	xor	$15,$14
+	sll	$14,11
+	xor	$15,$13
+	srl	$13,$10,18
+	xor	$15,$14
+
+	srl	$16,$23,10
+	xor	$15,$13			# sigma0(X[i+1])
+	sll	$14,$23,13
+	addu	$9,$15
+	srl	$13,$23,17
+	xor	$16,$14
+	sll	$14,2
+	xor	$16,$13
+	srl	$13,$23,19
+	xor	$16,$14
+#endif
+	xor	$16,$13			# sigma1(X[i+14])
+	addu	$9,$16
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$16,$24,$25			# 17
+	rotr	$14,$7,6
+	addu	$13,$9,$30
+	rotr	$15,$7,11
+	and	$16,$7
+	rotr	$30,$7,25
+	xor	$14,$15
+	rotr	$15,$31,2
+	xor	$16,$25			# Ch(e,f,g)
+	xor	$14,$30			# Sigma1(e)
+
+	rotr	$30,$31,13
+	addu	$13,$16
+	lw	$16,68($6)		# K[17]
+	xor	$30,$15
+	rotr	$15,$31,22
+	addu	$13,$14
+	and	$14,$1,$2
+	xor	$30,$15			# Sigma0(a)
+	xor	$15,$1,$2
+#else
+	addu	$13,$9,$30			# 17
+	srl	$30,$7,6
+	xor	$16,$24,$25
+	sll	$15,$7,7
+	and	$16,$7
+	srl	$14,$7,11
+	xor	$30,$15
+	sll	$15,$7,21
+	xor	$30,$14
+	srl	$14,$7,25
+	xor	$30,$15
+	sll	$15,$7,26
+	xor	$30,$14
+	xor	$16,$25			# Ch(e,f,g)
+	xor	$14,$15,$30			# Sigma1(e)
+
+	srl	$30,$31,2
+	addu	$13,$16
+	lw	$16,68($6)		# K[17]
+	sll	$15,$31,10
+	addu	$13,$14
+	srl	$14,$31,13
+	xor	$30,$15
+	sll	$15,$31,19
+	xor	$30,$14
+	srl	$14,$31,22
+	xor	$30,$15
+	sll	$15,$31,30
+	xor	$30,$14
+	and	$14,$1,$2
+	xor	$30,$15			# Sigma0(a)
+	xor	$15,$1,$2
+#endif
+	sw	$9,4($29)	# offload to ring buffer
+	addu	$30,$14
+	and	$15,$31
+	addu	$13,$16			# +=K[17]
+	addu	$30,$15			# +=Maj(a,b,c)
+	addu	$3,$13
+	addu	$30,$13
+	lw	$12,16($29)	# prefetch from ring buffer
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	srl	$16,$11,3		# Xupdate(18)
+	rotr	$14,$11,7
+	addu	$10,$19			# +=X[i+9]
+	xor	$16,$14
+	rotr	$14,$11,18
+
+	srl	$17,$8,10
+	rotr	$15,$8,17
+	xor	$16,$14			# sigma0(X[i+1])
+	rotr	$14,$8,19
+	xor	$17,$15
+	addu	$10,$16
+#else
+	srl	$16,$11,3		# Xupdate(18)
+	addu	$10,$19			# +=X[i+9]
+	sll	$15,$11,14
+	srl	$14,$11,7
+	xor	$16,$15
+	sll	$15,11
+	xor	$16,$14
+	srl	$14,$11,18
+	xor	$16,$15
+
+	srl	$17,$8,10
+	xor	$16,$14			# sigma0(X[i+1])
+	sll	$15,$8,13
+	addu	$10,$16
+	srl	$14,$8,17
+	xor	$17,$15
+	sll	$15,2
+	xor	$17,$14
+	srl	$14,$8,19
+	xor	$17,$15
+#endif
+	xor	$17,$14			# sigma1(X[i+14])
+	addu	$10,$17
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$17,$7,$24			# 18
+	rotr	$15,$3,6
+	addu	$14,$10,$25
+	rotr	$16,$3,11
+	and	$17,$3
+	rotr	$25,$3,25
+	xor	$15,$16
+	rotr	$16,$30,2
+	xor	$17,$24			# Ch(e,f,g)
+	xor	$15,$25			# Sigma1(e)
+
+	rotr	$25,$30,13
+	addu	$14,$17
+	lw	$17,72($6)		# K[18]
+	xor	$25,$16
+	rotr	$16,$30,22
+	addu	$14,$15
+	and	$15,$31,$1
+	xor	$25,$16			# Sigma0(a)
+	xor	$16,$31,$1
+#else
+	addu	$14,$10,$25			# 18
+	srl	$25,$3,6
+	xor	$17,$7,$24
+	sll	$16,$3,7
+	and	$17,$3
+	srl	$15,$3,11
+	xor	$25,$16
+	sll	$16,$3,21
+	xor	$25,$15
+	srl	$15,$3,25
+	xor	$25,$16
+	sll	$16,$3,26
+	xor	$25,$15
+	xor	$17,$24			# Ch(e,f,g)
+	xor	$15,$16,$25			# Sigma1(e)
+
+	srl	$25,$30,2
+	addu	$14,$17
+	lw	$17,72($6)		# K[18]
+	sll	$16,$30,10
+	addu	$14,$15
+	srl	$15,$30,13
+	xor	$25,$16
+	sll	$16,$30,19
+	xor	$25,$15
+	srl	$15,$30,22
+	xor	$25,$16
+	sll	$16,$30,30
+	xor	$25,$15
+	and	$15,$31,$1
+	xor	$25,$16			# Sigma0(a)
+	xor	$16,$31,$1
+#endif
+	sw	$10,8($29)	# offload to ring buffer
+	addu	$25,$15
+	and	$16,$30
+	addu	$14,$17			# +=K[18]
+	addu	$25,$16			# +=Maj(a,b,c)
+	addu	$2,$14
+	addu	$25,$14
+	lw	$13,20($29)	# prefetch from ring buffer
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	srl	$17,$12,3		# Xupdate(19)
+	rotr	$15,$12,7
+	addu	$11,$20			# +=X[i+9]
+	xor	$17,$15
+	rotr	$15,$12,18
+
+	srl	$18,$9,10
+	rotr	$16,$9,17
+	xor	$17,$15			# sigma0(X[i+1])
+	rotr	$15,$9,19
+	xor	$18,$16
+	addu	$11,$17
+#else
+	srl	$17,$12,3		# Xupdate(19)
+	addu	$11,$20			# +=X[i+9]
+	sll	$16,$12,14
+	srl	$15,$12,7
+	xor	$17,$16
+	sll	$16,11
+	xor	$17,$15
+	srl	$15,$12,18
+	xor	$17,$16
+
+	srl	$18,$9,10
+	xor	$17,$15			# sigma0(X[i+1])
+	sll	$16,$9,13
+	addu	$11,$17
+	srl	$15,$9,17
+	xor	$18,$16
+	sll	$16,2
+	xor	$18,$15
+	srl	$15,$9,19
+	xor	$18,$16
+#endif
+	xor	$18,$15			# sigma1(X[i+14])
+	addu	$11,$18
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$18,$3,$7			# 19
+	rotr	$16,$2,6
+	addu	$15,$11,$24
+	rotr	$17,$2,11
+	and	$18,$2
+	rotr	$24,$2,25
+	xor	$16,$17
+	rotr	$17,$25,2
+	xor	$18,$7			# Ch(e,f,g)
+	xor	$16,$24			# Sigma1(e)
+
+	rotr	$24,$25,13
+	addu	$15,$18
+	lw	$18,76($6)		# K[19]
+	xor	$24,$17
+	rotr	$17,$25,22
+	addu	$15,$16
+	and	$16,$30,$31
+	xor	$24,$17			# Sigma0(a)
+	xor	$17,$30,$31
+#else
+	addu	$15,$11,$24			# 19
+	srl	$24,$2,6
+	xor	$18,$3,$7
+	sll	$17,$2,7
+	and	$18,$2
+	srl	$16,$2,11
+	xor	$24,$17
+	sll	$17,$2,21
+	xor	$24,$16
+	srl	$16,$2,25
+	xor	$24,$17
+	sll	$17,$2,26
+	xor	$24,$16
+	xor	$18,$7			# Ch(e,f,g)
+	xor	$16,$17,$24			# Sigma1(e)
+
+	srl	$24,$25,2
+	addu	$15,$18
+	lw	$18,76($6)		# K[19]
+	sll	$17,$25,10
+	addu	$15,$16
+	srl	$16,$25,13
+	xor	$24,$17
+	sll	$17,$25,19
+	xor	$24,$16
+	srl	$16,$25,22
+	xor	$24,$17
+	sll	$17,$25,30
+	xor	$24,$16
+	and	$16,$30,$31
+	xor	$24,$17			# Sigma0(a)
+	xor	$17,$30,$31
+#endif
+	sw	$11,12($29)	# offload to ring buffer
+	addu	$24,$16
+	and	$17,$25
+	addu	$15,$18			# +=K[19]
+	addu	$24,$17			# +=Maj(a,b,c)
+	addu	$1,$15
+	addu	$24,$15
+	lw	$14,24($29)	# prefetch from ring buffer
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	srl	$18,$13,3		# Xupdate(20)
+	rotr	$16,$13,7
+	addu	$12,$21			# +=X[i+9]
+	xor	$18,$16
+	rotr	$16,$13,18
+
+	srl	$19,$10,10
+	rotr	$17,$10,17
+	xor	$18,$16			# sigma0(X[i+1])
+	rotr	$16,$10,19
+	xor	$19,$17
+	addu	$12,$18
+#else
+	srl	$18,$13,3		# Xupdate(20)
+	addu	$12,$21			# +=X[i+9]
+	sll	$17,$13,14
+	srl	$16,$13,7
+	xor	$18,$17
+	sll	$17,11
+	xor	$18,$16
+	srl	$16,$13,18
+	xor	$18,$17
+
+	srl	$19,$10,10
+	xor	$18,$16			# sigma0(X[i+1])
+	sll	$17,$10,13
+	addu	$12,$18
+	srl	$16,$10,17
+	xor	$19,$17
+	sll	$17,2
+	xor	$19,$16
+	srl	$16,$10,19
+	xor	$19,$17
+#endif
+	xor	$19,$16			# sigma1(X[i+14])
+	addu	$12,$19
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$19,$2,$3			# 20
+	rotr	$17,$1,6
+	addu	$16,$12,$7
+	rotr	$18,$1,11
+	and	$19,$1
+	rotr	$7,$1,25
+	xor	$17,$18
+	rotr	$18,$24,2
+	xor	$19,$3			# Ch(e,f,g)
+	xor	$17,$7			# Sigma1(e)
+
+	rotr	$7,$24,13
+	addu	$16,$19
+	lw	$19,80($6)		# K[20]
+	xor	$7,$18
+	rotr	$18,$24,22
+	addu	$16,$17
+	and	$17,$25,$30
+	xor	$7,$18			# Sigma0(a)
+	xor	$18,$25,$30
+#else
+	addu	$16,$12,$7			# 20
+	srl	$7,$1,6
+	xor	$19,$2,$3
+	sll	$18,$1,7
+	and	$19,$1
+	srl	$17,$1,11
+	xor	$7,$18
+	sll	$18,$1,21
+	xor	$7,$17
+	srl	$17,$1,25
+	xor	$7,$18
+	sll	$18,$1,26
+	xor	$7,$17
+	xor	$19,$3			# Ch(e,f,g)
+	xor	$17,$18,$7			# Sigma1(e)
+
+	srl	$7,$24,2
+	addu	$16,$19
+	lw	$19,80($6)		# K[20]
+	sll	$18,$24,10
+	addu	$16,$17
+	srl	$17,$24,13
+	xor	$7,$18
+	sll	$18,$24,19
+	xor	$7,$17
+	srl	$17,$24,22
+	xor	$7,$18
+	sll	$18,$24,30
+	xor	$7,$17
+	and	$17,$25,$30
+	xor	$7,$18			# Sigma0(a)
+	xor	$18,$25,$30
+#endif
+	sw	$12,16($29)	# offload to ring buffer
+	addu	$7,$17
+	and	$18,$24
+	addu	$16,$19			# +=K[20]
+	addu	$7,$18			# +=Maj(a,b,c)
+	addu	$31,$16
+	addu	$7,$16
+	lw	$15,28($29)	# prefetch from ring buffer
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	srl	$19,$14,3		# Xupdate(21)
+	rotr	$17,$14,7
+	addu	$13,$22			# +=X[i+9]
+	xor	$19,$17
+	rotr	$17,$14,18
+
+	srl	$20,$11,10
+	rotr	$18,$11,17
+	xor	$19,$17			# sigma0(X[i+1])
+	rotr	$17,$11,19
+	xor	$20,$18
+	addu	$13,$19
+#else
+	srl	$19,$14,3		# Xupdate(21)
+	addu	$13,$22			# +=X[i+9]
+	sll	$18,$14,14
+	srl	$17,$14,7
+	xor	$19,$18
+	sll	$18,11
+	xor	$19,$17
+	srl	$17,$14,18
+	xor	$19,$18
+
+	srl	$20,$11,10
+	xor	$19,$17			# sigma0(X[i+1])
+	sll	$18,$11,13
+	addu	$13,$19
+	srl	$17,$11,17
+	xor	$20,$18
+	sll	$18,2
+	xor	$20,$17
+	srl	$17,$11,19
+	xor	$20,$18
+#endif
+	xor	$20,$17			# sigma1(X[i+14])
+	addu	$13,$20
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$20,$1,$2			# 21
+	rotr	$18,$31,6
+	addu	$17,$13,$3
+	rotr	$19,$31,11
+	and	$20,$31
+	rotr	$3,$31,25
+	xor	$18,$19
+	rotr	$19,$7,2
+	xor	$20,$2			# Ch(e,f,g)
+	xor	$18,$3			# Sigma1(e)
+
+	rotr	$3,$7,13
+	addu	$17,$20
+	lw	$20,84($6)		# K[21]
+	xor	$3,$19
+	rotr	$19,$7,22
+	addu	$17,$18
+	and	$18,$24,$25
+	xor	$3,$19			# Sigma0(a)
+	xor	$19,$24,$25
+#else
+	addu	$17,$13,$3			# 21
+	srl	$3,$31,6
+	xor	$20,$1,$2
+	sll	$19,$31,7
+	and	$20,$31
+	srl	$18,$31,11
+	xor	$3,$19
+	sll	$19,$31,21
+	xor	$3,$18
+	srl	$18,$31,25
+	xor	$3,$19
+	sll	$19,$31,26
+	xor	$3,$18
+	xor	$20,$2			# Ch(e,f,g)
+	xor	$18,$19,$3			# Sigma1(e)
+
+	srl	$3,$7,2
+	addu	$17,$20
+	lw	$20,84($6)		# K[21]
+	sll	$19,$7,10
+	addu	$17,$18
+	srl	$18,$7,13
+	xor	$3,$19
+	sll	$19,$7,19
+	xor	$3,$18
+	srl	$18,$7,22
+	xor	$3,$19
+	sll	$19,$7,30
+	xor	$3,$18
+	and	$18,$24,$25
+	xor	$3,$19			# Sigma0(a)
+	xor	$19,$24,$25
+#endif
+	sw	$13,20($29)	# offload to ring buffer
+	addu	$3,$18
+	and	$19,$7
+	addu	$17,$20			# +=K[21]
+	addu	$3,$19			# +=Maj(a,b,c)
+	addu	$30,$17
+	addu	$3,$17
+	lw	$16,32($29)	# prefetch from ring buffer
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	srl	$20,$15,3		# Xupdate(22)
+	rotr	$18,$15,7
+	addu	$14,$23			# +=X[i+9]
+	xor	$20,$18
+	rotr	$18,$15,18
+
+	srl	$21,$12,10
+	rotr	$19,$12,17
+	xor	$20,$18			# sigma0(X[i+1])
+	rotr	$18,$12,19
+	xor	$21,$19
+	addu	$14,$20
+#else
+	srl	$20,$15,3		# Xupdate(22)
+	addu	$14,$23			# +=X[i+9]
+	sll	$19,$15,14
+	srl	$18,$15,7
+	xor	$20,$19
+	sll	$19,11
+	xor	$20,$18
+	srl	$18,$15,18
+	xor	$20,$19
+
+	srl	$21,$12,10
+	xor	$20,$18			# sigma0(X[i+1])
+	sll	$19,$12,13
+	addu	$14,$20
+	srl	$18,$12,17
+	xor	$21,$19
+	sll	$19,2
+	xor	$21,$18
+	srl	$18,$12,19
+	xor	$21,$19
+#endif
+	xor	$21,$18			# sigma1(X[i+14])
+	addu	$14,$21
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$21,$31,$1			# 22
+	rotr	$19,$30,6
+	addu	$18,$14,$2
+	rotr	$20,$30,11
+	and	$21,$30
+	rotr	$2,$30,25
+	xor	$19,$20
+	rotr	$20,$3,2
+	xor	$21,$1			# Ch(e,f,g)
+	xor	$19,$2			# Sigma1(e)
+
+	rotr	$2,$3,13
+	addu	$18,$21
+	lw	$21,88($6)		# K[22]
+	xor	$2,$20
+	rotr	$20,$3,22
+	addu	$18,$19
+	and	$19,$7,$24
+	xor	$2,$20			# Sigma0(a)
+	xor	$20,$7,$24
+#else
+	addu	$18,$14,$2			# 22
+	srl	$2,$30,6
+	xor	$21,$31,$1
+	sll	$20,$30,7
+	and	$21,$30
+	srl	$19,$30,11
+	xor	$2,$20
+	sll	$20,$30,21
+	xor	$2,$19
+	srl	$19,$30,25
+	xor	$2,$20
+	sll	$20,$30,26
+	xor	$2,$19
+	xor	$21,$1			# Ch(e,f,g)
+	xor	$19,$20,$2			# Sigma1(e)
+
+	srl	$2,$3,2
+	addu	$18,$21
+	lw	$21,88($6)		# K[22]
+	sll	$20,$3,10
+	addu	$18,$19
+	srl	$19,$3,13
+	xor	$2,$20
+	sll	$20,$3,19
+	xor	$2,$19
+	srl	$19,$3,22
+	xor	$2,$20
+	sll	$20,$3,30
+	xor	$2,$19
+	and	$19,$7,$24
+	xor	$2,$20			# Sigma0(a)
+	xor	$20,$7,$24
+#endif
+	sw	$14,24($29)	# offload to ring buffer
+	addu	$2,$19
+	and	$20,$3
+	addu	$18,$21			# +=K[22]
+	addu	$2,$20			# +=Maj(a,b,c)
+	addu	$25,$18
+	addu	$2,$18
+	lw	$17,36($29)	# prefetch from ring buffer
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	srl	$21,$16,3		# Xupdate(23)
+	rotr	$19,$16,7
+	addu	$15,$8			# +=X[i+9]
+	xor	$21,$19
+	rotr	$19,$16,18
+
+	srl	$22,$13,10
+	rotr	$20,$13,17
+	xor	$21,$19			# sigma0(X[i+1])
+	rotr	$19,$13,19
+	xor	$22,$20
+	addu	$15,$21
+#else
+	srl	$21,$16,3		# Xupdate(23)
+	addu	$15,$8			# +=X[i+9]
+	sll	$20,$16,14
+	srl	$19,$16,7
+	xor	$21,$20
+	sll	$20,11
+	xor	$21,$19
+	srl	$19,$16,18
+	xor	$21,$20
+
+	srl	$22,$13,10
+	xor	$21,$19			# sigma0(X[i+1])
+	sll	$20,$13,13
+	addu	$15,$21
+	srl	$19,$13,17
+	xor	$22,$20
+	sll	$20,2
+	xor	$22,$19
+	srl	$19,$13,19
+	xor	$22,$20
+#endif
+	xor	$22,$19			# sigma1(X[i+14])
+	addu	$15,$22
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$22,$30,$31			# 23
+	rotr	$20,$25,6
+	addu	$19,$15,$1
+	rotr	$21,$25,11
+	and	$22,$25
+	rotr	$1,$25,25
+	xor	$20,$21
+	rotr	$21,$2,2
+	xor	$22,$31			# Ch(e,f,g)
+	xor	$20,$1			# Sigma1(e)
+
+	rotr	$1,$2,13
+	addu	$19,$22
+	lw	$22,92($6)		# K[23]
+	xor	$1,$21
+	rotr	$21,$2,22
+	addu	$19,$20
+	and	$20,$3,$7
+	xor	$1,$21			# Sigma0(a)
+	xor	$21,$3,$7
+#else
+	addu	$19,$15,$1			# 23
+	srl	$1,$25,6
+	xor	$22,$30,$31
+	sll	$21,$25,7
+	and	$22,$25
+	srl	$20,$25,11
+	xor	$1,$21
+	sll	$21,$25,21
+	xor	$1,$20
+	srl	$20,$25,25
+	xor	$1,$21
+	sll	$21,$25,26
+	xor	$1,$20
+	xor	$22,$31			# Ch(e,f,g)
+	xor	$20,$21,$1			# Sigma1(e)
+
+	srl	$1,$2,2
+	addu	$19,$22
+	lw	$22,92($6)		# K[23]
+	sll	$21,$2,10
+	addu	$19,$20
+	srl	$20,$2,13
+	xor	$1,$21
+	sll	$21,$2,19
+	xor	$1,$20
+	srl	$20,$2,22
+	xor	$1,$21
+	sll	$21,$2,30
+	xor	$1,$20
+	and	$20,$3,$7
+	xor	$1,$21			# Sigma0(a)
+	xor	$21,$3,$7
+#endif
+	sw	$15,28($29)	# offload to ring buffer
+	addu	$1,$20
+	and	$21,$2
+	addu	$19,$22			# +=K[23]
+	addu	$1,$21			# +=Maj(a,b,c)
+	addu	$24,$19
+	addu	$1,$19
+	lw	$18,40($29)	# prefetch from ring buffer
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	srl	$22,$17,3		# Xupdate(24)
+	rotr	$20,$17,7
+	addu	$16,$9			# +=X[i+9]
+	xor	$22,$20
+	rotr	$20,$17,18
+
+	srl	$23,$14,10
+	rotr	$21,$14,17
+	xor	$22,$20			# sigma0(X[i+1])
+	rotr	$20,$14,19
+	xor	$23,$21
+	addu	$16,$22
+#else
+	srl	$22,$17,3		# Xupdate(24)
+	addu	$16,$9			# +=X[i+9]
+	sll	$21,$17,14
+	srl	$20,$17,7
+	xor	$22,$21
+	sll	$21,11
+	xor	$22,$20
+	srl	$20,$17,18
+	xor	$22,$21
+
+	srl	$23,$14,10
+	xor	$22,$20			# sigma0(X[i+1])
+	sll	$21,$14,13
+	addu	$16,$22
+	srl	$20,$14,17
+	xor	$23,$21
+	sll	$21,2
+	xor	$23,$20
+	srl	$20,$14,19
+	xor	$23,$21
+#endif
+	xor	$23,$20			# sigma1(X[i+14])
+	addu	$16,$23
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$23,$25,$30			# 24
+	rotr	$21,$24,6
+	addu	$20,$16,$31
+	rotr	$22,$24,11
+	and	$23,$24
+	rotr	$31,$24,25
+	xor	$21,$22
+	rotr	$22,$1,2
+	xor	$23,$30			# Ch(e,f,g)
+	xor	$21,$31			# Sigma1(e)
+
+	rotr	$31,$1,13
+	addu	$20,$23
+	lw	$23,96($6)		# K[24]
+	xor	$31,$22
+	rotr	$22,$1,22
+	addu	$20,$21
+	and	$21,$2,$3
+	xor	$31,$22			# Sigma0(a)
+	xor	$22,$2,$3
+#else
+	addu	$20,$16,$31			# 24
+	srl	$31,$24,6
+	xor	$23,$25,$30
+	sll	$22,$24,7
+	and	$23,$24
+	srl	$21,$24,11
+	xor	$31,$22
+	sll	$22,$24,21
+	xor	$31,$21
+	srl	$21,$24,25
+	xor	$31,$22
+	sll	$22,$24,26
+	xor	$31,$21
+	xor	$23,$30			# Ch(e,f,g)
+	xor	$21,$22,$31			# Sigma1(e)
+
+	srl	$31,$1,2
+	addu	$20,$23
+	lw	$23,96($6)		# K[24]
+	sll	$22,$1,10
+	addu	$20,$21
+	srl	$21,$1,13
+	xor	$31,$22
+	sll	$22,$1,19
+	xor	$31,$21
+	srl	$21,$1,22
+	xor	$31,$22
+	sll	$22,$1,30
+	xor	$31,$21
+	and	$21,$2,$3
+	xor	$31,$22			# Sigma0(a)
+	xor	$22,$2,$3
+#endif
+	sw	$16,32($29)	# offload to ring buffer
+	addu	$31,$21
+	and	$22,$1
+	addu	$20,$23			# +=K[24]
+	addu	$31,$22			# +=Maj(a,b,c)
+	addu	$7,$20
+	addu	$31,$20
+	lw	$19,44($29)	# prefetch from ring buffer
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	srl	$23,$18,3		# Xupdate(25)
+	rotr	$21,$18,7
+	addu	$17,$10			# +=X[i+9]
+	xor	$23,$21
+	rotr	$21,$18,18
+
+	srl	$8,$15,10
+	rotr	$22,$15,17
+	xor	$23,$21			# sigma0(X[i+1])
+	rotr	$21,$15,19
+	xor	$8,$22
+	addu	$17,$23
+#else
+	srl	$23,$18,3		# Xupdate(25)
+	addu	$17,$10			# +=X[i+9]
+	sll	$22,$18,14
+	srl	$21,$18,7
+	xor	$23,$22
+	sll	$22,11
+	xor	$23,$21
+	srl	$21,$18,18
+	xor	$23,$22
+
+	srl	$8,$15,10
+	xor	$23,$21			# sigma0(X[i+1])
+	sll	$22,$15,13
+	addu	$17,$23
+	srl	$21,$15,17
+	xor	$8,$22
+	sll	$22,2
+	xor	$8,$21
+	srl	$21,$15,19
+	xor	$8,$22
+#endif
+	xor	$8,$21			# sigma1(X[i+14])
+	addu	$17,$8
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$8,$24,$25			# 25
+	rotr	$22,$7,6
+	addu	$21,$17,$30
+	rotr	$23,$7,11
+	and	$8,$7
+	rotr	$30,$7,25
+	xor	$22,$23
+	rotr	$23,$31,2
+	xor	$8,$25			# Ch(e,f,g)
+	xor	$22,$30			# Sigma1(e)
+
+	rotr	$30,$31,13
+	addu	$21,$8
+	lw	$8,100($6)		# K[25]
+	xor	$30,$23
+	rotr	$23,$31,22
+	addu	$21,$22
+	and	$22,$1,$2
+	xor	$30,$23			# Sigma0(a)
+	xor	$23,$1,$2
+#else
+	addu	$21,$17,$30			# 25
+	srl	$30,$7,6
+	xor	$8,$24,$25
+	sll	$23,$7,7
+	and	$8,$7
+	srl	$22,$7,11
+	xor	$30,$23
+	sll	$23,$7,21
+	xor	$30,$22
+	srl	$22,$7,25
+	xor	$30,$23
+	sll	$23,$7,26
+	xor	$30,$22
+	xor	$8,$25			# Ch(e,f,g)
+	xor	$22,$23,$30			# Sigma1(e)
+
+	srl	$30,$31,2
+	addu	$21,$8
+	lw	$8,100($6)		# K[25]
+	sll	$23,$31,10
+	addu	$21,$22
+	srl	$22,$31,13
+	xor	$30,$23
+	sll	$23,$31,19
+	xor	$30,$22
+	srl	$22,$31,22
+	xor	$30,$23
+	sll	$23,$31,30
+	xor	$30,$22
+	and	$22,$1,$2
+	xor	$30,$23			# Sigma0(a)
+	xor	$23,$1,$2
+#endif
+	sw	$17,36($29)	# offload to ring buffer
+	addu	$30,$22
+	and	$23,$31
+	addu	$21,$8			# +=K[25]
+	addu	$30,$23			# +=Maj(a,b,c)
+	addu	$3,$21
+	addu	$30,$21
+	lw	$20,48($29)	# prefetch from ring buffer
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	srl	$8,$19,3		# Xupdate(26)
+	rotr	$22,$19,7
+	addu	$18,$11			# +=X[i+9]
+	xor	$8,$22
+	rotr	$22,$19,18
+
+	srl	$9,$16,10
+	rotr	$23,$16,17
+	xor	$8,$22			# sigma0(X[i+1])
+	rotr	$22,$16,19
+	xor	$9,$23
+	addu	$18,$8
+#else
+	srl	$8,$19,3		# Xupdate(26)
+	addu	$18,$11			# +=X[i+9]
+	sll	$23,$19,14
+	srl	$22,$19,7
+	xor	$8,$23
+	sll	$23,11
+	xor	$8,$22
+	srl	$22,$19,18
+	xor	$8,$23
+
+	srl	$9,$16,10
+	xor	$8,$22			# sigma0(X[i+1])
+	sll	$23,$16,13
+	addu	$18,$8
+	srl	$22,$16,17
+	xor	$9,$23
+	sll	$23,2
+	xor	$9,$22
+	srl	$22,$16,19
+	xor	$9,$23
+#endif
+	xor	$9,$22			# sigma1(X[i+14])
+	addu	$18,$9
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$9,$7,$24			# 26
+	rotr	$23,$3,6
+	addu	$22,$18,$25
+	rotr	$8,$3,11
+	and	$9,$3
+	rotr	$25,$3,25
+	xor	$23,$8
+	rotr	$8,$30,2
+	xor	$9,$24			# Ch(e,f,g)
+	xor	$23,$25			# Sigma1(e)
+
+	rotr	$25,$30,13
+	addu	$22,$9
+	lw	$9,104($6)		# K[26]
+	xor	$25,$8
+	rotr	$8,$30,22
+	addu	$22,$23
+	and	$23,$31,$1
+	xor	$25,$8			# Sigma0(a)
+	xor	$8,$31,$1
+#else
+	addu	$22,$18,$25			# 26
+	srl	$25,$3,6
+	xor	$9,$7,$24
+	sll	$8,$3,7
+	and	$9,$3
+	srl	$23,$3,11
+	xor	$25,$8
+	sll	$8,$3,21
+	xor	$25,$23
+	srl	$23,$3,25
+	xor	$25,$8
+	sll	$8,$3,26
+	xor	$25,$23
+	xor	$9,$24			# Ch(e,f,g)
+	xor	$23,$8,$25			# Sigma1(e)
+
+	srl	$25,$30,2
+	addu	$22,$9
+	lw	$9,104($6)		# K[26]
+	sll	$8,$30,10
+	addu	$22,$23
+	srl	$23,$30,13
+	xor	$25,$8
+	sll	$8,$30,19
+	xor	$25,$23
+	srl	$23,$30,22
+	xor	$25,$8
+	sll	$8,$30,30
+	xor	$25,$23
+	and	$23,$31,$1
+	xor	$25,$8			# Sigma0(a)
+	xor	$8,$31,$1
+#endif
+	sw	$18,40($29)	# offload to ring buffer
+	addu	$25,$23
+	and	$8,$30
+	addu	$22,$9			# +=K[26]
+	addu	$25,$8			# +=Maj(a,b,c)
+	addu	$2,$22
+	addu	$25,$22
+	lw	$21,52($29)	# prefetch from ring buffer
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	srl	$9,$20,3		# Xupdate(27)
+	rotr	$23,$20,7
+	addu	$19,$12			# +=X[i+9]
+	xor	$9,$23
+	rotr	$23,$20,18
+
+	srl	$10,$17,10
+	rotr	$8,$17,17
+	xor	$9,$23			# sigma0(X[i+1])
+	rotr	$23,$17,19
+	xor	$10,$8
+	addu	$19,$9
+#else
+	srl	$9,$20,3		# Xupdate(27)
+	addu	$19,$12			# +=X[i+9]
+	sll	$8,$20,14
+	srl	$23,$20,7
+	xor	$9,$8
+	sll	$8,11
+	xor	$9,$23
+	srl	$23,$20,18
+	xor	$9,$8
+
+	srl	$10,$17,10
+	xor	$9,$23			# sigma0(X[i+1])
+	sll	$8,$17,13
+	addu	$19,$9
+	srl	$23,$17,17
+	xor	$10,$8
+	sll	$8,2
+	xor	$10,$23
+	srl	$23,$17,19
+	xor	$10,$8
+#endif
+	xor	$10,$23			# sigma1(X[i+14])
+	addu	$19,$10
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$10,$3,$7			# 27
+	rotr	$8,$2,6
+	addu	$23,$19,$24
+	rotr	$9,$2,11
+	and	$10,$2
+	rotr	$24,$2,25
+	xor	$8,$9
+	rotr	$9,$25,2
+	xor	$10,$7			# Ch(e,f,g)
+	xor	$8,$24			# Sigma1(e)
+
+	rotr	$24,$25,13
+	addu	$23,$10
+	lw	$10,108($6)		# K[27]
+	xor	$24,$9
+	rotr	$9,$25,22
+	addu	$23,$8
+	and	$8,$30,$31
+	xor	$24,$9			# Sigma0(a)
+	xor	$9,$30,$31
+#else
+	addu	$23,$19,$24			# 27
+	srl	$24,$2,6
+	xor	$10,$3,$7
+	sll	$9,$2,7
+	and	$10,$2
+	srl	$8,$2,11
+	xor	$24,$9
+	sll	$9,$2,21
+	xor	$24,$8
+	srl	$8,$2,25
+	xor	$24,$9
+	sll	$9,$2,26
+	xor	$24,$8
+	xor	$10,$7			# Ch(e,f,g)
+	xor	$8,$9,$24			# Sigma1(e)
+
+	srl	$24,$25,2
+	addu	$23,$10
+	lw	$10,108($6)		# K[27]
+	sll	$9,$25,10
+	addu	$23,$8
+	srl	$8,$25,13
+	xor	$24,$9
+	sll	$9,$25,19
+	xor	$24,$8
+	srl	$8,$25,22
+	xor	$24,$9
+	sll	$9,$25,30
+	xor	$24,$8
+	and	$8,$30,$31
+	xor	$24,$9			# Sigma0(a)
+	xor	$9,$30,$31
+#endif
+	sw	$19,44($29)	# offload to ring buffer
+	addu	$24,$8
+	and	$9,$25
+	addu	$23,$10			# +=K[27]
+	addu	$24,$9			# +=Maj(a,b,c)
+	addu	$1,$23
+	addu	$24,$23
+	lw	$22,56($29)	# prefetch from ring buffer
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	srl	$10,$21,3		# Xupdate(28)
+	rotr	$8,$21,7
+	addu	$20,$13			# +=X[i+9]
+	xor	$10,$8
+	rotr	$8,$21,18
+
+	srl	$11,$18,10
+	rotr	$9,$18,17
+	xor	$10,$8			# sigma0(X[i+1])
+	rotr	$8,$18,19
+	xor	$11,$9
+	addu	$20,$10
+#else
+	srl	$10,$21,3		# Xupdate(28)
+	addu	$20,$13			# +=X[i+9]
+	sll	$9,$21,14
+	srl	$8,$21,7
+	xor	$10,$9
+	sll	$9,11
+	xor	$10,$8
+	srl	$8,$21,18
+	xor	$10,$9
+
+	srl	$11,$18,10
+	xor	$10,$8			# sigma0(X[i+1])
+	sll	$9,$18,13
+	addu	$20,$10
+	srl	$8,$18,17
+	xor	$11,$9
+	sll	$9,2
+	xor	$11,$8
+	srl	$8,$18,19
+	xor	$11,$9
+#endif
+	xor	$11,$8			# sigma1(X[i+14])
+	addu	$20,$11
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$11,$2,$3			# 28
+	rotr	$9,$1,6
+	addu	$8,$20,$7
+	rotr	$10,$1,11
+	and	$11,$1
+	rotr	$7,$1,25
+	xor	$9,$10
+	rotr	$10,$24,2
+	xor	$11,$3			# Ch(e,f,g)
+	xor	$9,$7			# Sigma1(e)
+
+	rotr	$7,$24,13
+	addu	$8,$11
+	lw	$11,112($6)		# K[28]
+	xor	$7,$10
+	rotr	$10,$24,22
+	addu	$8,$9
+	and	$9,$25,$30
+	xor	$7,$10			# Sigma0(a)
+	xor	$10,$25,$30
+#else
+	addu	$8,$20,$7			# 28
+	srl	$7,$1,6
+	xor	$11,$2,$3
+	sll	$10,$1,7
+	and	$11,$1
+	srl	$9,$1,11
+	xor	$7,$10
+	sll	$10,$1,21
+	xor	$7,$9
+	srl	$9,$1,25
+	xor	$7,$10
+	sll	$10,$1,26
+	xor	$7,$9
+	xor	$11,$3			# Ch(e,f,g)
+	xor	$9,$10,$7			# Sigma1(e)
+
+	srl	$7,$24,2
+	addu	$8,$11
+	lw	$11,112($6)		# K[28]
+	sll	$10,$24,10
+	addu	$8,$9
+	srl	$9,$24,13
+	xor	$7,$10
+	sll	$10,$24,19
+	xor	$7,$9
+	srl	$9,$24,22
+	xor	$7,$10
+	sll	$10,$24,30
+	xor	$7,$9
+	and	$9,$25,$30
+	xor	$7,$10			# Sigma0(a)
+	xor	$10,$25,$30
+#endif
+	sw	$20,48($29)	# offload to ring buffer
+	addu	$7,$9
+	and	$10,$24
+	addu	$8,$11			# +=K[28]
+	addu	$7,$10			# +=Maj(a,b,c)
+	addu	$31,$8
+	addu	$7,$8
+	lw	$23,60($29)	# prefetch from ring buffer
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	srl	$11,$22,3		# Xupdate(29)
+	rotr	$9,$22,7
+	addu	$21,$14			# +=X[i+9]
+	xor	$11,$9
+	rotr	$9,$22,18
+
+	srl	$12,$19,10
+	rotr	$10,$19,17
+	xor	$11,$9			# sigma0(X[i+1])
+	rotr	$9,$19,19
+	xor	$12,$10
+	addu	$21,$11
+#else
+	srl	$11,$22,3		# Xupdate(29)
+	addu	$21,$14			# +=X[i+9]
+	sll	$10,$22,14
+	srl	$9,$22,7
+	xor	$11,$10
+	sll	$10,11
+	xor	$11,$9
+	srl	$9,$22,18
+	xor	$11,$10
+
+	srl	$12,$19,10
+	xor	$11,$9			# sigma0(X[i+1])
+	sll	$10,$19,13
+	addu	$21,$11
+	srl	$9,$19,17
+	xor	$12,$10
+	sll	$10,2
+	xor	$12,$9
+	srl	$9,$19,19
+	xor	$12,$10
+#endif
+	xor	$12,$9			# sigma1(X[i+14])
+	addu	$21,$12
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$12,$1,$2			# 29
+	rotr	$10,$31,6
+	addu	$9,$21,$3
+	rotr	$11,$31,11
+	and	$12,$31
+	rotr	$3,$31,25
+	xor	$10,$11
+	rotr	$11,$7,2
+	xor	$12,$2			# Ch(e,f,g)
+	xor	$10,$3			# Sigma1(e)
+
+	rotr	$3,$7,13
+	addu	$9,$12
+	lw	$12,116($6)		# K[29]
+	xor	$3,$11
+	rotr	$11,$7,22
+	addu	$9,$10
+	and	$10,$24,$25
+	xor	$3,$11			# Sigma0(a)
+	xor	$11,$24,$25
+#else
+	addu	$9,$21,$3			# 29
+	srl	$3,$31,6
+	xor	$12,$1,$2
+	sll	$11,$31,7
+	and	$12,$31
+	srl	$10,$31,11
+	xor	$3,$11
+	sll	$11,$31,21
+	xor	$3,$10
+	srl	$10,$31,25
+	xor	$3,$11
+	sll	$11,$31,26
+	xor	$3,$10
+	xor	$12,$2			# Ch(e,f,g)
+	xor	$10,$11,$3			# Sigma1(e)
+
+	srl	$3,$7,2
+	addu	$9,$12
+	lw	$12,116($6)		# K[29]
+	sll	$11,$7,10
+	addu	$9,$10
+	srl	$10,$7,13
+	xor	$3,$11
+	sll	$11,$7,19
+	xor	$3,$10
+	srl	$10,$7,22
+	xor	$3,$11
+	sll	$11,$7,30
+	xor	$3,$10
+	and	$10,$24,$25
+	xor	$3,$11			# Sigma0(a)
+	xor	$11,$24,$25
+#endif
+	sw	$21,52($29)	# offload to ring buffer
+	addu	$3,$10
+	and	$11,$7
+	addu	$9,$12			# +=K[29]
+	addu	$3,$11			# +=Maj(a,b,c)
+	addu	$30,$9
+	addu	$3,$9
+	lw	$8,0($29)	# prefetch from ring buffer
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	srl	$12,$23,3		# Xupdate(30)
+	rotr	$10,$23,7
+	addu	$22,$15			# +=X[i+9]
+	xor	$12,$10
+	rotr	$10,$23,18
+
+	srl	$13,$20,10
+	rotr	$11,$20,17
+	xor	$12,$10			# sigma0(X[i+1])
+	rotr	$10,$20,19
+	xor	$13,$11
+	addu	$22,$12
+#else
+	srl	$12,$23,3		# Xupdate(30)
+	addu	$22,$15			# +=X[i+9]
+	sll	$11,$23,14
+	srl	$10,$23,7
+	xor	$12,$11
+	sll	$11,11
+	xor	$12,$10
+	srl	$10,$23,18
+	xor	$12,$11
+
+	srl	$13,$20,10
+	xor	$12,$10			# sigma0(X[i+1])
+	sll	$11,$20,13
+	addu	$22,$12
+	srl	$10,$20,17
+	xor	$13,$11
+	sll	$11,2
+	xor	$13,$10
+	srl	$10,$20,19
+	xor	$13,$11
+#endif
+	xor	$13,$10			# sigma1(X[i+14])
+	addu	$22,$13
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$13,$31,$1			# 30
+	rotr	$11,$30,6
+	addu	$10,$22,$2
+	rotr	$12,$30,11
+	and	$13,$30
+	rotr	$2,$30,25
+	xor	$11,$12
+	rotr	$12,$3,2
+	xor	$13,$1			# Ch(e,f,g)
+	xor	$11,$2			# Sigma1(e)
+
+	rotr	$2,$3,13
+	addu	$10,$13
+	lw	$13,120($6)		# K[30]
+	xor	$2,$12
+	rotr	$12,$3,22
+	addu	$10,$11
+	and	$11,$7,$24
+	xor	$2,$12			# Sigma0(a)
+	xor	$12,$7,$24
+#else
+	addu	$10,$22,$2			# 30
+	srl	$2,$30,6
+	xor	$13,$31,$1
+	sll	$12,$30,7
+	and	$13,$30
+	srl	$11,$30,11
+	xor	$2,$12
+	sll	$12,$30,21
+	xor	$2,$11
+	srl	$11,$30,25
+	xor	$2,$12
+	sll	$12,$30,26
+	xor	$2,$11
+	xor	$13,$1			# Ch(e,f,g)
+	xor	$11,$12,$2			# Sigma1(e)
+
+	srl	$2,$3,2
+	addu	$10,$13
+	lw	$13,120($6)		# K[30]
+	sll	$12,$3,10
+	addu	$10,$11
+	srl	$11,$3,13
+	xor	$2,$12
+	sll	$12,$3,19
+	xor	$2,$11
+	srl	$11,$3,22
+	xor	$2,$12
+	sll	$12,$3,30
+	xor	$2,$11
+	and	$11,$7,$24
+	xor	$2,$12			# Sigma0(a)
+	xor	$12,$7,$24
+#endif
+	sw	$22,56($29)	# offload to ring buffer
+	addu	$2,$11
+	and	$12,$3
+	addu	$10,$13			# +=K[30]
+	addu	$2,$12			# +=Maj(a,b,c)
+	addu	$25,$10
+	addu	$2,$10
+	lw	$9,4($29)	# prefetch from ring buffer
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	srl	$13,$8,3		# Xupdate(31)
+	rotr	$11,$8,7
+	addu	$23,$16			# +=X[i+9]
+	xor	$13,$11
+	rotr	$11,$8,18
+
+	srl	$14,$21,10
+	rotr	$12,$21,17
+	xor	$13,$11			# sigma0(X[i+1])
+	rotr	$11,$21,19
+	xor	$14,$12
+	addu	$23,$13
+#else
+	srl	$13,$8,3		# Xupdate(31)
+	addu	$23,$16			# +=X[i+9]
+	sll	$12,$8,14
+	srl	$11,$8,7
+	xor	$13,$12
+	sll	$12,11
+	xor	$13,$11
+	srl	$11,$8,18
+	xor	$13,$12
+
+	srl	$14,$21,10
+	xor	$13,$11			# sigma0(X[i+1])
+	sll	$12,$21,13
+	addu	$23,$13
+	srl	$11,$21,17
+	xor	$14,$12
+	sll	$12,2
+	xor	$14,$11
+	srl	$11,$21,19
+	xor	$14,$12
+#endif
+	xor	$14,$11			# sigma1(X[i+14])
+	addu	$23,$14
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$14,$30,$31			# 31
+	rotr	$12,$25,6
+	addu	$11,$23,$1
+	rotr	$13,$25,11
+	and	$14,$25
+	rotr	$1,$25,25
+	xor	$12,$13
+	rotr	$13,$2,2
+	xor	$14,$31			# Ch(e,f,g)
+	xor	$12,$1			# Sigma1(e)
+
+	rotr	$1,$2,13
+	addu	$11,$14
+	lw	$14,124($6)		# K[31]
+	xor	$1,$13
+	rotr	$13,$2,22
+	addu	$11,$12
+	and	$12,$3,$7
+	xor	$1,$13			# Sigma0(a)
+	xor	$13,$3,$7
+#else
+	addu	$11,$23,$1			# 31
+	srl	$1,$25,6
+	xor	$14,$30,$31
+	sll	$13,$25,7
+	and	$14,$25
+	srl	$12,$25,11
+	xor	$1,$13
+	sll	$13,$25,21
+	xor	$1,$12
+	srl	$12,$25,25
+	xor	$1,$13
+	sll	$13,$25,26
+	xor	$1,$12
+	xor	$14,$31			# Ch(e,f,g)
+	xor	$12,$13,$1			# Sigma1(e)
+
+	srl	$1,$2,2
+	addu	$11,$14
+	lw	$14,124($6)		# K[31]
+	sll	$13,$2,10
+	addu	$11,$12
+	srl	$12,$2,13
+	xor	$1,$13
+	sll	$13,$2,19
+	xor	$1,$12
+	srl	$12,$2,22
+	xor	$1,$13
+	sll	$13,$2,30
+	xor	$1,$12
+	and	$12,$3,$7
+	xor	$1,$13			# Sigma0(a)
+	xor	$13,$3,$7
+#endif
+	sw	$23,60($29)	# offload to ring buffer
+	addu	$1,$12
+	and	$13,$2
+	addu	$11,$14			# +=K[31]
+	addu	$1,$13			# +=Maj(a,b,c)
+	addu	$24,$11
+	addu	$1,$11
+	lw	$10,8($29)	# prefetch from ring buffer
+	and	$14,0xfff
+	li	$15,2290
+	.set	noreorder
+	bne	$14,$15,.L16_xx
+	daddu $6,16*4		# Ktbl+=16
+
+	ld	$23,16*4($29)	# restore pointer to the end of input
+	lw	$8,0*4($4)
+	lw	$9,1*4($4)
+	lw	$10,2*4($4)
+	daddu $5,16*4
+	lw	$11,3*4($4)
+	addu	$1,$8
+	lw	$12,4*4($4)
+	addu	$2,$9
+	lw	$13,5*4($4)
+	addu	$3,$10
+	lw	$14,6*4($4)
+	addu	$7,$11
+	lw	$15,7*4($4)
+	addu	$24,$12
+	sw	$1,0*4($4)
+	addu	$25,$13
+	sw	$2,1*4($4)
+	addu	$30,$14
+	sw	$3,2*4($4)
+	addu	$31,$15
+	sw	$7,3*4($4)
+	sw	$24,4*4($4)
+	sw	$25,5*4($4)
+	sw	$30,6*4($4)
+	sw	$31,7*4($4)
+
+	bne	$5,$23,.Loop
+	dsubu $6,192	# rewind $6
+
+	ld	$31,192-1*8($29)
+	ld	$30,192-2*8($29)
+	ld	$23,192-3*8($29)
+	ld	$22,192-4*8($29)
+	ld	$21,192-5*8($29)
+	ld	$20,192-6*8($29)
+	ld	$19,192-7*8($29)
+	ld	$18,192-8*8($29)
+	ld	$17,192-9*8($29)
+	ld	$16,192-10*8($29)
+	jr	$31
+	daddu $29,192
+.end	sha256_block_data_order
+
+.rdata
+.align	5
+K256:
+	.word	0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5
+	.word	0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5
+	.word	0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3
+	.word	0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174
+	.word	0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc
+	.word	0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da
+	.word	0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7
+	.word	0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967
+	.word	0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13
+	.word	0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85
+	.word	0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3
+	.word	0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070
+	.word	0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5
+	.word	0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3
+	.word	0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208
+	.word	0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
+.asciiz	"SHA256 for MIPS, CRYPTOGAMS by <appro@openssl.org>"
+.align	5
diff --git a/deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/sha/sha512-mips.S b/deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/sha/sha512-mips.S
new file mode 100644
index 00000000000000..538bd9e459332d
--- /dev/null
+++ b/deps/openssl/config/archs/linux64-mips64/asm_avx2/crypto/sha/sha512-mips.S
@@ -0,0 +1,3204 @@
+#include "mips_arch.h"
+
+.text
+.set	noat
+#if !defined(__mips_eabi) && (!defined(__vxworks) || defined(__pic__))
+.option	pic2
+#endif
+
+.align	5
+.globl	sha512_block_data_order
+.ent	sha512_block_data_order
+sha512_block_data_order:
+	.frame	$29,256,$31
+	.mask	0xc0ff0000,-8
+	.set	noreorder
+	dsubu $29,256
+	sd	$31,256-1*8($29)
+	sd	$30,256-2*8($29)
+	sd	$23,256-3*8($29)
+	sd	$22,256-4*8($29)
+	sd	$21,256-5*8($29)
+	sd	$20,256-6*8($29)
+	sd	$19,256-7*8($29)
+	sd	$18,256-8*8($29)
+	sd	$17,256-9*8($29)
+	sd	$16,256-10*8($29)
+	dsll $23,$6,7
+	.cplocal	$6
+	.cpsetup	$25,$0,sha512_block_data_order
+	.set	reorder
+	dla	$6,K512		# PIC-ified 'load address'
+
+	ld	$1,0*8($4)		# load context
+	ld	$2,1*8($4)
+	ld	$3,2*8($4)
+	ld	$7,3*8($4)
+	ld	$24,4*8($4)
+	ld	$25,5*8($4)
+	ld	$30,6*8($4)
+	ld	$31,7*8($4)
+
+	daddu $23,$5		# pointer to the end of input
+	sd	$23,16*8($29)
+	b	.Loop
+
+.align	5
+.Loop:
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	ld	$8,($5)
+#else
+	ldl	$8,7($5)
+	ldr	$8,0($5)
+#endif
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	ld	$9,8($5)
+#else
+	ldl	$9,15($5)
+	ldr	$9,8($5)
+#endif
+#if defined(_MIPS_ARCH_MIPS64R2)
+	dsbh	$8,$8		# byte swap(0)
+	dshd	$8,$8
+#else
+	ori	$13,$0,0xFF
+	dsll	$15,$13,32
+	or	$13,$15		# 0x000000FF000000FF
+	and	$14,$8,$13	# byte swap(0)
+	dsrl	$15,$8,24
+	dsll	$14,24
+	and	$15,$13
+	dsll	$13,8			# 0x0000FF000000FF00
+	or	$14,$15
+	and	$15,$8,$13
+	dsrl	$8,8
+	dsll	$15,8
+	and	$8,$13
+	or	$14,$15
+	or	$8,$14
+	dsrl	$14,$8,32
+	dsll	$8,32
+	or	$8,$14
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$15,$25,$30			# 0
+	drotr	$13,$24,14
+	daddu	$12,$8,$31
+	drotr	$14,$24,18
+	and	$15,$24
+	drotr	$31,$24,41
+	xor	$13,$14
+	drotr	$14,$1,28
+	xor	$15,$30			# Ch(e,f,g)
+	xor	$13,$31			# Sigma1(e)
+
+	drotr	$31,$1,34
+	daddu	$12,$15
+	ld	$15,0($6)		# K[0]
+	xor	$31,$14
+	drotr	$14,$1,39
+	daddu	$12,$13
+	and	$13,$2,$3
+	xor	$31,$14			# Sigma0(a)
+	xor	$14,$2,$3
+#else
+	daddu	$12,$8,$31			# 0
+	dsrl	$31,$24,14
+	xor	$15,$25,$30
+	dsll	$14,$24,23
+	and	$15,$24
+	dsrl	$13,$24,18
+	xor	$31,$14
+	dsll	$14,$24,46
+	xor	$31,$13
+	dsrl	$13,$24,41
+	xor	$31,$14
+	dsll	$14,$24,50
+	xor	$31,$13
+	xor	$15,$30			# Ch(e,f,g)
+	xor	$13,$14,$31			# Sigma1(e)
+
+	dsrl	$31,$1,28
+	daddu	$12,$15
+	ld	$15,0($6)		# K[0]
+	dsll	$14,$1,25
+	daddu	$12,$13
+	dsrl	$13,$1,34
+	xor	$31,$14
+	dsll	$14,$1,30
+	xor	$31,$13
+	dsrl	$13,$1,39
+	xor	$31,$14
+	dsll	$14,$1,36
+	xor	$31,$13
+	and	$13,$2,$3
+	xor	$31,$14			# Sigma0(a)
+	xor	$14,$2,$3
+#endif
+	sd	$8,0($29)	# offload to ring buffer
+	daddu	$31,$13
+	and	$14,$1
+	daddu	$12,$15			# +=K[0]
+	daddu	$31,$14			# +=Maj(a,b,c)
+	daddu	$7,$12
+	daddu	$31,$12
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	ld	$10,16($5)
+#else
+	ldl	$10,23($5)
+	ldr	$10,16($5)
+#endif
+#if defined(_MIPS_ARCH_MIPS64R2)
+	dsbh	$9,$9		# byte swap(1)
+	dshd	$9,$9
+#else
+	ori	$14,$0,0xFF
+	dsll	$16,$14,32
+	or	$14,$16		# 0x000000FF000000FF
+	and	$15,$9,$14	# byte swap(1)
+	dsrl	$16,$9,24
+	dsll	$15,24
+	and	$16,$14
+	dsll	$14,8			# 0x0000FF000000FF00
+	or	$15,$16
+	and	$16,$9,$14
+	dsrl	$9,8
+	dsll	$16,8
+	and	$9,$14
+	or	$15,$16
+	or	$9,$15
+	dsrl	$15,$9,32
+	dsll	$9,32
+	or	$9,$15
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$16,$24,$25			# 1
+	drotr	$14,$7,14
+	daddu	$13,$9,$30
+	drotr	$15,$7,18
+	and	$16,$7
+	drotr	$30,$7,41
+	xor	$14,$15
+	drotr	$15,$31,28
+	xor	$16,$25			# Ch(e,f,g)
+	xor	$14,$30			# Sigma1(e)
+
+	drotr	$30,$31,34
+	daddu	$13,$16
+	ld	$16,8($6)		# K[1]
+	xor	$30,$15
+	drotr	$15,$31,39
+	daddu	$13,$14
+	and	$14,$1,$2
+	xor	$30,$15			# Sigma0(a)
+	xor	$15,$1,$2
+#else
+	daddu	$13,$9,$30			# 1
+	dsrl	$30,$7,14
+	xor	$16,$24,$25
+	dsll	$15,$7,23
+	and	$16,$7
+	dsrl	$14,$7,18
+	xor	$30,$15
+	dsll	$15,$7,46
+	xor	$30,$14
+	dsrl	$14,$7,41
+	xor	$30,$15
+	dsll	$15,$7,50
+	xor	$30,$14
+	xor	$16,$25			# Ch(e,f,g)
+	xor	$14,$15,$30			# Sigma1(e)
+
+	dsrl	$30,$31,28
+	daddu	$13,$16
+	ld	$16,8($6)		# K[1]
+	dsll	$15,$31,25
+	daddu	$13,$14
+	dsrl	$14,$31,34
+	xor	$30,$15
+	dsll	$15,$31,30
+	xor	$30,$14
+	dsrl	$14,$31,39
+	xor	$30,$15
+	dsll	$15,$31,36
+	xor	$30,$14
+	and	$14,$1,$2
+	xor	$30,$15			# Sigma0(a)
+	xor	$15,$1,$2
+#endif
+	sd	$9,8($29)	# offload to ring buffer
+	daddu	$30,$14
+	and	$15,$31
+	daddu	$13,$16			# +=K[1]
+	daddu	$30,$15			# +=Maj(a,b,c)
+	daddu	$3,$13
+	daddu	$30,$13
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	ld	$11,24($5)
+#else
+	ldl	$11,31($5)
+	ldr	$11,24($5)
+#endif
+#if defined(_MIPS_ARCH_MIPS64R2)
+	dsbh	$10,$10		# byte swap(2)
+	dshd	$10,$10
+#else
+	ori	$15,$0,0xFF
+	dsll	$17,$15,32
+	or	$15,$17		# 0x000000FF000000FF
+	and	$16,$10,$15	# byte swap(2)
+	dsrl	$17,$10,24
+	dsll	$16,24
+	and	$17,$15
+	dsll	$15,8			# 0x0000FF000000FF00
+	or	$16,$17
+	and	$17,$10,$15
+	dsrl	$10,8
+	dsll	$17,8
+	and	$10,$15
+	or	$16,$17
+	or	$10,$16
+	dsrl	$16,$10,32
+	dsll	$10,32
+	or	$10,$16
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$17,$7,$24			# 2
+	drotr	$15,$3,14
+	daddu	$14,$10,$25
+	drotr	$16,$3,18
+	and	$17,$3
+	drotr	$25,$3,41
+	xor	$15,$16
+	drotr	$16,$30,28
+	xor	$17,$24			# Ch(e,f,g)
+	xor	$15,$25			# Sigma1(e)
+
+	drotr	$25,$30,34
+	daddu	$14,$17
+	ld	$17,16($6)		# K[2]
+	xor	$25,$16
+	drotr	$16,$30,39
+	daddu	$14,$15
+	and	$15,$31,$1
+	xor	$25,$16			# Sigma0(a)
+	xor	$16,$31,$1
+#else
+	daddu	$14,$10,$25			# 2
+	dsrl	$25,$3,14
+	xor	$17,$7,$24
+	dsll	$16,$3,23
+	and	$17,$3
+	dsrl	$15,$3,18
+	xor	$25,$16
+	dsll	$16,$3,46
+	xor	$25,$15
+	dsrl	$15,$3,41
+	xor	$25,$16
+	dsll	$16,$3,50
+	xor	$25,$15
+	xor	$17,$24			# Ch(e,f,g)
+	xor	$15,$16,$25			# Sigma1(e)
+
+	dsrl	$25,$30,28
+	daddu	$14,$17
+	ld	$17,16($6)		# K[2]
+	dsll	$16,$30,25
+	daddu	$14,$15
+	dsrl	$15,$30,34
+	xor	$25,$16
+	dsll	$16,$30,30
+	xor	$25,$15
+	dsrl	$15,$30,39
+	xor	$25,$16
+	dsll	$16,$30,36
+	xor	$25,$15
+	and	$15,$31,$1
+	xor	$25,$16			# Sigma0(a)
+	xor	$16,$31,$1
+#endif
+	sd	$10,16($29)	# offload to ring buffer
+	daddu	$25,$15
+	and	$16,$30
+	daddu	$14,$17			# +=K[2]
+	daddu	$25,$16			# +=Maj(a,b,c)
+	daddu	$2,$14
+	daddu	$25,$14
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	ld	$12,32($5)
+#else
+	ldl	$12,39($5)
+	ldr	$12,32($5)
+#endif
+#if defined(_MIPS_ARCH_MIPS64R2)
+	dsbh	$11,$11		# byte swap(3)
+	dshd	$11,$11
+#else
+	ori	$16,$0,0xFF
+	dsll	$18,$16,32
+	or	$16,$18		# 0x000000FF000000FF
+	and	$17,$11,$16	# byte swap(3)
+	dsrl	$18,$11,24
+	dsll	$17,24
+	and	$18,$16
+	dsll	$16,8			# 0x0000FF000000FF00
+	or	$17,$18
+	and	$18,$11,$16
+	dsrl	$11,8
+	dsll	$18,8
+	and	$11,$16
+	or	$17,$18
+	or	$11,$17
+	dsrl	$17,$11,32
+	dsll	$11,32
+	or	$11,$17
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$18,$3,$7			# 3
+	drotr	$16,$2,14
+	daddu	$15,$11,$24
+	drotr	$17,$2,18
+	and	$18,$2
+	drotr	$24,$2,41
+	xor	$16,$17
+	drotr	$17,$25,28
+	xor	$18,$7			# Ch(e,f,g)
+	xor	$16,$24			# Sigma1(e)
+
+	drotr	$24,$25,34
+	daddu	$15,$18
+	ld	$18,24($6)		# K[3]
+	xor	$24,$17
+	drotr	$17,$25,39
+	daddu	$15,$16
+	and	$16,$30,$31
+	xor	$24,$17			# Sigma0(a)
+	xor	$17,$30,$31
+#else
+	daddu	$15,$11,$24			# 3
+	dsrl	$24,$2,14
+	xor	$18,$3,$7
+	dsll	$17,$2,23
+	and	$18,$2
+	dsrl	$16,$2,18
+	xor	$24,$17
+	dsll	$17,$2,46
+	xor	$24,$16
+	dsrl	$16,$2,41
+	xor	$24,$17
+	dsll	$17,$2,50
+	xor	$24,$16
+	xor	$18,$7			# Ch(e,f,g)
+	xor	$16,$17,$24			# Sigma1(e)
+
+	dsrl	$24,$25,28
+	daddu	$15,$18
+	ld	$18,24($6)		# K[3]
+	dsll	$17,$25,25
+	daddu	$15,$16
+	dsrl	$16,$25,34
+	xor	$24,$17
+	dsll	$17,$25,30
+	xor	$24,$16
+	dsrl	$16,$25,39
+	xor	$24,$17
+	dsll	$17,$25,36
+	xor	$24,$16
+	and	$16,$30,$31
+	xor	$24,$17			# Sigma0(a)
+	xor	$17,$30,$31
+#endif
+	sd	$11,24($29)	# offload to ring buffer
+	daddu	$24,$16
+	and	$17,$25
+	daddu	$15,$18			# +=K[3]
+	daddu	$24,$17			# +=Maj(a,b,c)
+	daddu	$1,$15
+	daddu	$24,$15
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	ld	$13,40($5)
+#else
+	ldl	$13,47($5)
+	ldr	$13,40($5)
+#endif
+#if defined(_MIPS_ARCH_MIPS64R2)
+	dsbh	$12,$12		# byte swap(4)
+	dshd	$12,$12
+#else
+	ori	$17,$0,0xFF
+	dsll	$19,$17,32
+	or	$17,$19		# 0x000000FF000000FF
+	and	$18,$12,$17	# byte swap(4)
+	dsrl	$19,$12,24
+	dsll	$18,24
+	and	$19,$17
+	dsll	$17,8			# 0x0000FF000000FF00
+	or	$18,$19
+	and	$19,$12,$17
+	dsrl	$12,8
+	dsll	$19,8
+	and	$12,$17
+	or	$18,$19
+	or	$12,$18
+	dsrl	$18,$12,32
+	dsll	$12,32
+	or	$12,$18
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$19,$2,$3			# 4
+	drotr	$17,$1,14
+	daddu	$16,$12,$7
+	drotr	$18,$1,18
+	and	$19,$1
+	drotr	$7,$1,41
+	xor	$17,$18
+	drotr	$18,$24,28
+	xor	$19,$3			# Ch(e,f,g)
+	xor	$17,$7			# Sigma1(e)
+
+	drotr	$7,$24,34
+	daddu	$16,$19
+	ld	$19,32($6)		# K[4]
+	xor	$7,$18
+	drotr	$18,$24,39
+	daddu	$16,$17
+	and	$17,$25,$30
+	xor	$7,$18			# Sigma0(a)
+	xor	$18,$25,$30
+#else
+	daddu	$16,$12,$7			# 4
+	dsrl	$7,$1,14
+	xor	$19,$2,$3
+	dsll	$18,$1,23
+	and	$19,$1
+	dsrl	$17,$1,18
+	xor	$7,$18
+	dsll	$18,$1,46
+	xor	$7,$17
+	dsrl	$17,$1,41
+	xor	$7,$18
+	dsll	$18,$1,50
+	xor	$7,$17
+	xor	$19,$3			# Ch(e,f,g)
+	xor	$17,$18,$7			# Sigma1(e)
+
+	dsrl	$7,$24,28
+	daddu	$16,$19
+	ld	$19,32($6)		# K[4]
+	dsll	$18,$24,25
+	daddu	$16,$17
+	dsrl	$17,$24,34
+	xor	$7,$18
+	dsll	$18,$24,30
+	xor	$7,$17
+	dsrl	$17,$24,39
+	xor	$7,$18
+	dsll	$18,$24,36
+	xor	$7,$17
+	and	$17,$25,$30
+	xor	$7,$18			# Sigma0(a)
+	xor	$18,$25,$30
+#endif
+	sd	$12,32($29)	# offload to ring buffer
+	daddu	$7,$17
+	and	$18,$24
+	daddu	$16,$19			# +=K[4]
+	daddu	$7,$18			# +=Maj(a,b,c)
+	daddu	$31,$16
+	daddu	$7,$16
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	ld	$14,48($5)
+#else
+	ldl	$14,55($5)
+	ldr	$14,48($5)
+#endif
+#if defined(_MIPS_ARCH_MIPS64R2)
+	dsbh	$13,$13		# byte swap(5)
+	dshd	$13,$13
+#else
+	ori	$18,$0,0xFF
+	dsll	$20,$18,32
+	or	$18,$20		# 0x000000FF000000FF
+	and	$19,$13,$18	# byte swap(5)
+	dsrl	$20,$13,24
+	dsll	$19,24
+	and	$20,$18
+	dsll	$18,8			# 0x0000FF000000FF00
+	or	$19,$20
+	and	$20,$13,$18
+	dsrl	$13,8
+	dsll	$20,8
+	and	$13,$18
+	or	$19,$20
+	or	$13,$19
+	dsrl	$19,$13,32
+	dsll	$13,32
+	or	$13,$19
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$20,$1,$2			# 5
+	drotr	$18,$31,14
+	daddu	$17,$13,$3
+	drotr	$19,$31,18
+	and	$20,$31
+	drotr	$3,$31,41
+	xor	$18,$19
+	drotr	$19,$7,28
+	xor	$20,$2			# Ch(e,f,g)
+	xor	$18,$3			# Sigma1(e)
+
+	drotr	$3,$7,34
+	daddu	$17,$20
+	ld	$20,40($6)		# K[5]
+	xor	$3,$19
+	drotr	$19,$7,39
+	daddu	$17,$18
+	and	$18,$24,$25
+	xor	$3,$19			# Sigma0(a)
+	xor	$19,$24,$25
+#else
+	daddu	$17,$13,$3			# 5
+	dsrl	$3,$31,14
+	xor	$20,$1,$2
+	dsll	$19,$31,23
+	and	$20,$31
+	dsrl	$18,$31,18
+	xor	$3,$19
+	dsll	$19,$31,46
+	xor	$3,$18
+	dsrl	$18,$31,41
+	xor	$3,$19
+	dsll	$19,$31,50
+	xor	$3,$18
+	xor	$20,$2			# Ch(e,f,g)
+	xor	$18,$19,$3			# Sigma1(e)
+
+	dsrl	$3,$7,28
+	daddu	$17,$20
+	ld	$20,40($6)		# K[5]
+	dsll	$19,$7,25
+	daddu	$17,$18
+	dsrl	$18,$7,34
+	xor	$3,$19
+	dsll	$19,$7,30
+	xor	$3,$18
+	dsrl	$18,$7,39
+	xor	$3,$19
+	dsll	$19,$7,36
+	xor	$3,$18
+	and	$18,$24,$25
+	xor	$3,$19			# Sigma0(a)
+	xor	$19,$24,$25
+#endif
+	sd	$13,40($29)	# offload to ring buffer
+	daddu	$3,$18
+	and	$19,$7
+	daddu	$17,$20			# +=K[5]
+	daddu	$3,$19			# +=Maj(a,b,c)
+	daddu	$30,$17
+	daddu	$3,$17
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	ld	$15,56($5)
+#else
+	ldl	$15,63($5)
+	ldr	$15,56($5)
+#endif
+#if defined(_MIPS_ARCH_MIPS64R2)
+	dsbh	$14,$14		# byte swap(6)
+	dshd	$14,$14
+#else
+	ori	$19,$0,0xFF
+	dsll	$21,$19,32
+	or	$19,$21		# 0x000000FF000000FF
+	and	$20,$14,$19	# byte swap(6)
+	dsrl	$21,$14,24
+	dsll	$20,24
+	and	$21,$19
+	dsll	$19,8			# 0x0000FF000000FF00
+	or	$20,$21
+	and	$21,$14,$19
+	dsrl	$14,8
+	dsll	$21,8
+	and	$14,$19
+	or	$20,$21
+	or	$14,$20
+	dsrl	$20,$14,32
+	dsll	$14,32
+	or	$14,$20
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$21,$31,$1			# 6
+	drotr	$19,$30,14
+	daddu	$18,$14,$2
+	drotr	$20,$30,18
+	and	$21,$30
+	drotr	$2,$30,41
+	xor	$19,$20
+	drotr	$20,$3,28
+	xor	$21,$1			# Ch(e,f,g)
+	xor	$19,$2			# Sigma1(e)
+
+	drotr	$2,$3,34
+	daddu	$18,$21
+	ld	$21,48($6)		# K[6]
+	xor	$2,$20
+	drotr	$20,$3,39
+	daddu	$18,$19
+	and	$19,$7,$24
+	xor	$2,$20			# Sigma0(a)
+	xor	$20,$7,$24
+#else
+	daddu	$18,$14,$2			# 6
+	dsrl	$2,$30,14
+	xor	$21,$31,$1
+	dsll	$20,$30,23
+	and	$21,$30
+	dsrl	$19,$30,18
+	xor	$2,$20
+	dsll	$20,$30,46
+	xor	$2,$19
+	dsrl	$19,$30,41
+	xor	$2,$20
+	dsll	$20,$30,50
+	xor	$2,$19
+	xor	$21,$1			# Ch(e,f,g)
+	xor	$19,$20,$2			# Sigma1(e)
+
+	dsrl	$2,$3,28
+	daddu	$18,$21
+	ld	$21,48($6)		# K[6]
+	dsll	$20,$3,25
+	daddu	$18,$19
+	dsrl	$19,$3,34
+	xor	$2,$20
+	dsll	$20,$3,30
+	xor	$2,$19
+	dsrl	$19,$3,39
+	xor	$2,$20
+	dsll	$20,$3,36
+	xor	$2,$19
+	and	$19,$7,$24
+	xor	$2,$20			# Sigma0(a)
+	xor	$20,$7,$24
+#endif
+	sd	$14,48($29)	# offload to ring buffer
+	daddu	$2,$19
+	and	$20,$3
+	daddu	$18,$21			# +=K[6]
+	daddu	$2,$20			# +=Maj(a,b,c)
+	daddu	$25,$18
+	daddu	$2,$18
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	ld	$16,64($5)
+#else
+	ldl	$16,71($5)
+	ldr	$16,64($5)
+#endif
+#if defined(_MIPS_ARCH_MIPS64R2)
+	dsbh	$15,$15		# byte swap(7)
+	dshd	$15,$15
+#else
+	ori	$20,$0,0xFF
+	dsll	$22,$20,32
+	or	$20,$22		# 0x000000FF000000FF
+	and	$21,$15,$20	# byte swap(7)
+	dsrl	$22,$15,24
+	dsll	$21,24
+	and	$22,$20
+	dsll	$20,8			# 0x0000FF000000FF00
+	or	$21,$22
+	and	$22,$15,$20
+	dsrl	$15,8
+	dsll	$22,8
+	and	$15,$20
+	or	$21,$22
+	or	$15,$21
+	dsrl	$21,$15,32
+	dsll	$15,32
+	or	$15,$21
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$22,$30,$31			# 7
+	drotr	$20,$25,14
+	daddu	$19,$15,$1
+	drotr	$21,$25,18
+	and	$22,$25
+	drotr	$1,$25,41
+	xor	$20,$21
+	drotr	$21,$2,28
+	xor	$22,$31			# Ch(e,f,g)
+	xor	$20,$1			# Sigma1(e)
+
+	drotr	$1,$2,34
+	daddu	$19,$22
+	ld	$22,56($6)		# K[7]
+	xor	$1,$21
+	drotr	$21,$2,39
+	daddu	$19,$20
+	and	$20,$3,$7
+	xor	$1,$21			# Sigma0(a)
+	xor	$21,$3,$7
+#else
+	daddu	$19,$15,$1			# 7
+	dsrl	$1,$25,14
+	xor	$22,$30,$31
+	dsll	$21,$25,23
+	and	$22,$25
+	dsrl	$20,$25,18
+	xor	$1,$21
+	dsll	$21,$25,46
+	xor	$1,$20
+	dsrl	$20,$25,41
+	xor	$1,$21
+	dsll	$21,$25,50
+	xor	$1,$20
+	xor	$22,$31			# Ch(e,f,g)
+	xor	$20,$21,$1			# Sigma1(e)
+
+	dsrl	$1,$2,28
+	daddu	$19,$22
+	ld	$22,56($6)		# K[7]
+	dsll	$21,$2,25
+	daddu	$19,$20
+	dsrl	$20,$2,34
+	xor	$1,$21
+	dsll	$21,$2,30
+	xor	$1,$20
+	dsrl	$20,$2,39
+	xor	$1,$21
+	dsll	$21,$2,36
+	xor	$1,$20
+	and	$20,$3,$7
+	xor	$1,$21			# Sigma0(a)
+	xor	$21,$3,$7
+#endif
+	sd	$15,56($29)	# offload to ring buffer
+	daddu	$1,$20
+	and	$21,$2
+	daddu	$19,$22			# +=K[7]
+	daddu	$1,$21			# +=Maj(a,b,c)
+	daddu	$24,$19
+	daddu	$1,$19
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	ld	$17,72($5)
+#else
+	ldl	$17,79($5)
+	ldr	$17,72($5)
+#endif
+#if defined(_MIPS_ARCH_MIPS64R2)
+	dsbh	$16,$16		# byte swap(8)
+	dshd	$16,$16
+#else
+	ori	$21,$0,0xFF
+	dsll	$23,$21,32
+	or	$21,$23		# 0x000000FF000000FF
+	and	$22,$16,$21	# byte swap(8)
+	dsrl	$23,$16,24
+	dsll	$22,24
+	and	$23,$21
+	dsll	$21,8			# 0x0000FF000000FF00
+	or	$22,$23
+	and	$23,$16,$21
+	dsrl	$16,8
+	dsll	$23,8
+	and	$16,$21
+	or	$22,$23
+	or	$16,$22
+	dsrl	$22,$16,32
+	dsll	$16,32
+	or	$16,$22
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$23,$25,$30			# 8
+	drotr	$21,$24,14
+	daddu	$20,$16,$31
+	drotr	$22,$24,18
+	and	$23,$24
+	drotr	$31,$24,41
+	xor	$21,$22
+	drotr	$22,$1,28
+	xor	$23,$30			# Ch(e,f,g)
+	xor	$21,$31			# Sigma1(e)
+
+	drotr	$31,$1,34
+	daddu	$20,$23
+	ld	$23,64($6)		# K[8]
+	xor	$31,$22
+	drotr	$22,$1,39
+	daddu	$20,$21
+	and	$21,$2,$3
+	xor	$31,$22			# Sigma0(a)
+	xor	$22,$2,$3
+#else
+	daddu	$20,$16,$31			# 8
+	dsrl	$31,$24,14
+	xor	$23,$25,$30
+	dsll	$22,$24,23
+	and	$23,$24
+	dsrl	$21,$24,18
+	xor	$31,$22
+	dsll	$22,$24,46
+	xor	$31,$21
+	dsrl	$21,$24,41
+	xor	$31,$22
+	dsll	$22,$24,50
+	xor	$31,$21
+	xor	$23,$30			# Ch(e,f,g)
+	xor	$21,$22,$31			# Sigma1(e)
+
+	dsrl	$31,$1,28
+	daddu	$20,$23
+	ld	$23,64($6)		# K[8]
+	dsll	$22,$1,25
+	daddu	$20,$21
+	dsrl	$21,$1,34
+	xor	$31,$22
+	dsll	$22,$1,30
+	xor	$31,$21
+	dsrl	$21,$1,39
+	xor	$31,$22
+	dsll	$22,$1,36
+	xor	$31,$21
+	and	$21,$2,$3
+	xor	$31,$22			# Sigma0(a)
+	xor	$22,$2,$3
+#endif
+	sd	$16,64($29)	# offload to ring buffer
+	daddu	$31,$21
+	and	$22,$1
+	daddu	$20,$23			# +=K[8]
+	daddu	$31,$22			# +=Maj(a,b,c)
+	daddu	$7,$20
+	daddu	$31,$20
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	ld	$18,80($5)
+#else
+	ldl	$18,87($5)
+	ldr	$18,80($5)
+#endif
+#if defined(_MIPS_ARCH_MIPS64R2)
+	dsbh	$17,$17		# byte swap(9)
+	dshd	$17,$17
+#else
+	ori	$22,$0,0xFF
+	dsll	$8,$22,32
+	or	$22,$8		# 0x000000FF000000FF
+	and	$23,$17,$22	# byte swap(9)
+	dsrl	$8,$17,24
+	dsll	$23,24
+	and	$8,$22
+	dsll	$22,8			# 0x0000FF000000FF00
+	or	$23,$8
+	and	$8,$17,$22
+	dsrl	$17,8
+	dsll	$8,8
+	and	$17,$22
+	or	$23,$8
+	or	$17,$23
+	dsrl	$23,$17,32
+	dsll	$17,32
+	or	$17,$23
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$8,$24,$25			# 9
+	drotr	$22,$7,14
+	daddu	$21,$17,$30
+	drotr	$23,$7,18
+	and	$8,$7
+	drotr	$30,$7,41
+	xor	$22,$23
+	drotr	$23,$31,28
+	xor	$8,$25			# Ch(e,f,g)
+	xor	$22,$30			# Sigma1(e)
+
+	drotr	$30,$31,34
+	daddu	$21,$8
+	ld	$8,72($6)		# K[9]
+	xor	$30,$23
+	drotr	$23,$31,39
+	daddu	$21,$22
+	and	$22,$1,$2
+	xor	$30,$23			# Sigma0(a)
+	xor	$23,$1,$2
+#else
+	daddu	$21,$17,$30			# 9
+	dsrl	$30,$7,14
+	xor	$8,$24,$25
+	dsll	$23,$7,23
+	and	$8,$7
+	dsrl	$22,$7,18
+	xor	$30,$23
+	dsll	$23,$7,46
+	xor	$30,$22
+	dsrl	$22,$7,41
+	xor	$30,$23
+	dsll	$23,$7,50
+	xor	$30,$22
+	xor	$8,$25			# Ch(e,f,g)
+	xor	$22,$23,$30			# Sigma1(e)
+
+	dsrl	$30,$31,28
+	daddu	$21,$8
+	ld	$8,72($6)		# K[9]
+	dsll	$23,$31,25
+	daddu	$21,$22
+	dsrl	$22,$31,34
+	xor	$30,$23
+	dsll	$23,$31,30
+	xor	$30,$22
+	dsrl	$22,$31,39
+	xor	$30,$23
+	dsll	$23,$31,36
+	xor	$30,$22
+	and	$22,$1,$2
+	xor	$30,$23			# Sigma0(a)
+	xor	$23,$1,$2
+#endif
+	sd	$17,72($29)	# offload to ring buffer
+	daddu	$30,$22
+	and	$23,$31
+	daddu	$21,$8			# +=K[9]
+	daddu	$30,$23			# +=Maj(a,b,c)
+	daddu	$3,$21
+	daddu	$30,$21
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	ld	$19,88($5)
+#else
+	ldl	$19,95($5)
+	ldr	$19,88($5)
+#endif
+#if defined(_MIPS_ARCH_MIPS64R2)
+	dsbh	$18,$18		# byte swap(10)
+	dshd	$18,$18
+#else
+	ori	$23,$0,0xFF
+	dsll	$9,$23,32
+	or	$23,$9		# 0x000000FF000000FF
+	and	$8,$18,$23	# byte swap(10)
+	dsrl	$9,$18,24
+	dsll	$8,24
+	and	$9,$23
+	dsll	$23,8			# 0x0000FF000000FF00
+	or	$8,$9
+	and	$9,$18,$23
+	dsrl	$18,8
+	dsll	$9,8
+	and	$18,$23
+	or	$8,$9
+	or	$18,$8
+	dsrl	$8,$18,32
+	dsll	$18,32
+	or	$18,$8
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$9,$7,$24			# 10
+	drotr	$23,$3,14
+	daddu	$22,$18,$25
+	drotr	$8,$3,18
+	and	$9,$3
+	drotr	$25,$3,41
+	xor	$23,$8
+	drotr	$8,$30,28
+	xor	$9,$24			# Ch(e,f,g)
+	xor	$23,$25			# Sigma1(e)
+
+	drotr	$25,$30,34
+	daddu	$22,$9
+	ld	$9,80($6)		# K[10]
+	xor	$25,$8
+	drotr	$8,$30,39
+	daddu	$22,$23
+	and	$23,$31,$1
+	xor	$25,$8			# Sigma0(a)
+	xor	$8,$31,$1
+#else
+	daddu	$22,$18,$25			# 10
+	dsrl	$25,$3,14
+	xor	$9,$7,$24
+	dsll	$8,$3,23
+	and	$9,$3
+	dsrl	$23,$3,18
+	xor	$25,$8
+	dsll	$8,$3,46
+	xor	$25,$23
+	dsrl	$23,$3,41
+	xor	$25,$8
+	dsll	$8,$3,50
+	xor	$25,$23
+	xor	$9,$24			# Ch(e,f,g)
+	xor	$23,$8,$25			# Sigma1(e)
+
+	dsrl	$25,$30,28
+	daddu	$22,$9
+	ld	$9,80($6)		# K[10]
+	dsll	$8,$30,25
+	daddu	$22,$23
+	dsrl	$23,$30,34
+	xor	$25,$8
+	dsll	$8,$30,30
+	xor	$25,$23
+	dsrl	$23,$30,39
+	xor	$25,$8
+	dsll	$8,$30,36
+	xor	$25,$23
+	and	$23,$31,$1
+	xor	$25,$8			# Sigma0(a)
+	xor	$8,$31,$1
+#endif
+	sd	$18,80($29)	# offload to ring buffer
+	daddu	$25,$23
+	and	$8,$30
+	daddu	$22,$9			# +=K[10]
+	daddu	$25,$8			# +=Maj(a,b,c)
+	daddu	$2,$22
+	daddu	$25,$22
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	ld	$20,96($5)
+#else
+	ldl	$20,103($5)
+	ldr	$20,96($5)
+#endif
+#if defined(_MIPS_ARCH_MIPS64R2)
+	dsbh	$19,$19		# byte swap(11)
+	dshd	$19,$19
+#else
+	ori	$8,$0,0xFF
+	dsll	$10,$8,32
+	or	$8,$10		# 0x000000FF000000FF
+	and	$9,$19,$8	# byte swap(11)
+	dsrl	$10,$19,24
+	dsll	$9,24
+	and	$10,$8
+	dsll	$8,8			# 0x0000FF000000FF00
+	or	$9,$10
+	and	$10,$19,$8
+	dsrl	$19,8
+	dsll	$10,8
+	and	$19,$8
+	or	$9,$10
+	or	$19,$9
+	dsrl	$9,$19,32
+	dsll	$19,32
+	or	$19,$9
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$10,$3,$7			# 11
+	drotr	$8,$2,14
+	daddu	$23,$19,$24
+	drotr	$9,$2,18
+	and	$10,$2
+	drotr	$24,$2,41
+	xor	$8,$9
+	drotr	$9,$25,28
+	xor	$10,$7			# Ch(e,f,g)
+	xor	$8,$24			# Sigma1(e)
+
+	drotr	$24,$25,34
+	daddu	$23,$10
+	ld	$10,88($6)		# K[11]
+	xor	$24,$9
+	drotr	$9,$25,39
+	daddu	$23,$8
+	and	$8,$30,$31
+	xor	$24,$9			# Sigma0(a)
+	xor	$9,$30,$31
+#else
+	daddu	$23,$19,$24			# 11
+	dsrl	$24,$2,14
+	xor	$10,$3,$7
+	dsll	$9,$2,23
+	and	$10,$2
+	dsrl	$8,$2,18
+	xor	$24,$9
+	dsll	$9,$2,46
+	xor	$24,$8
+	dsrl	$8,$2,41
+	xor	$24,$9
+	dsll	$9,$2,50
+	xor	$24,$8
+	xor	$10,$7			# Ch(e,f,g)
+	xor	$8,$9,$24			# Sigma1(e)
+
+	dsrl	$24,$25,28
+	daddu	$23,$10
+	ld	$10,88($6)		# K[11]
+	dsll	$9,$25,25
+	daddu	$23,$8
+	dsrl	$8,$25,34
+	xor	$24,$9
+	dsll	$9,$25,30
+	xor	$24,$8
+	dsrl	$8,$25,39
+	xor	$24,$9
+	dsll	$9,$25,36
+	xor	$24,$8
+	and	$8,$30,$31
+	xor	$24,$9			# Sigma0(a)
+	xor	$9,$30,$31
+#endif
+	sd	$19,88($29)	# offload to ring buffer
+	daddu	$24,$8
+	and	$9,$25
+	daddu	$23,$10			# +=K[11]
+	daddu	$24,$9			# +=Maj(a,b,c)
+	daddu	$1,$23
+	daddu	$24,$23
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	ld	$21,104($5)
+#else
+	ldl	$21,111($5)
+	ldr	$21,104($5)
+#endif
+#if defined(_MIPS_ARCH_MIPS64R2)
+	dsbh	$20,$20		# byte swap(12)
+	dshd	$20,$20
+#else
+	ori	$9,$0,0xFF
+	dsll	$11,$9,32
+	or	$9,$11		# 0x000000FF000000FF
+	and	$10,$20,$9	# byte swap(12)
+	dsrl	$11,$20,24
+	dsll	$10,24
+	and	$11,$9
+	dsll	$9,8			# 0x0000FF000000FF00
+	or	$10,$11
+	and	$11,$20,$9
+	dsrl	$20,8
+	dsll	$11,8
+	and	$20,$9
+	or	$10,$11
+	or	$20,$10
+	dsrl	$10,$20,32
+	dsll	$20,32
+	or	$20,$10
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$11,$2,$3			# 12
+	drotr	$9,$1,14
+	daddu	$8,$20,$7
+	drotr	$10,$1,18
+	and	$11,$1
+	drotr	$7,$1,41
+	xor	$9,$10
+	drotr	$10,$24,28
+	xor	$11,$3			# Ch(e,f,g)
+	xor	$9,$7			# Sigma1(e)
+
+	drotr	$7,$24,34
+	daddu	$8,$11
+	ld	$11,96($6)		# K[12]
+	xor	$7,$10
+	drotr	$10,$24,39
+	daddu	$8,$9
+	and	$9,$25,$30
+	xor	$7,$10			# Sigma0(a)
+	xor	$10,$25,$30
+#else
+	daddu	$8,$20,$7			# 12
+	dsrl	$7,$1,14
+	xor	$11,$2,$3
+	dsll	$10,$1,23
+	and	$11,$1
+	dsrl	$9,$1,18
+	xor	$7,$10
+	dsll	$10,$1,46
+	xor	$7,$9
+	dsrl	$9,$1,41
+	xor	$7,$10
+	dsll	$10,$1,50
+	xor	$7,$9
+	xor	$11,$3			# Ch(e,f,g)
+	xor	$9,$10,$7			# Sigma1(e)
+
+	dsrl	$7,$24,28
+	daddu	$8,$11
+	ld	$11,96($6)		# K[12]
+	dsll	$10,$24,25
+	daddu	$8,$9
+	dsrl	$9,$24,34
+	xor	$7,$10
+	dsll	$10,$24,30
+	xor	$7,$9
+	dsrl	$9,$24,39
+	xor	$7,$10
+	dsll	$10,$24,36
+	xor	$7,$9
+	and	$9,$25,$30
+	xor	$7,$10			# Sigma0(a)
+	xor	$10,$25,$30
+#endif
+	sd	$20,96($29)	# offload to ring buffer
+	daddu	$7,$9
+	and	$10,$24
+	daddu	$8,$11			# +=K[12]
+	daddu	$7,$10			# +=Maj(a,b,c)
+	daddu	$31,$8
+	daddu	$7,$8
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	ld	$22,112($5)
+#else
+	ldl	$22,119($5)
+	ldr	$22,112($5)
+#endif
+#if defined(_MIPS_ARCH_MIPS64R2)
+	dsbh	$21,$21		# byte swap(13)
+	dshd	$21,$21
+#else
+	ori	$10,$0,0xFF
+	dsll	$12,$10,32
+	or	$10,$12		# 0x000000FF000000FF
+	and	$11,$21,$10	# byte swap(13)
+	dsrl	$12,$21,24
+	dsll	$11,24
+	and	$12,$10
+	dsll	$10,8			# 0x0000FF000000FF00
+	or	$11,$12
+	and	$12,$21,$10
+	dsrl	$21,8
+	dsll	$12,8
+	and	$21,$10
+	or	$11,$12
+	or	$21,$11
+	dsrl	$11,$21,32
+	dsll	$21,32
+	or	$21,$11
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$12,$1,$2			# 13
+	drotr	$10,$31,14
+	daddu	$9,$21,$3
+	drotr	$11,$31,18
+	and	$12,$31
+	drotr	$3,$31,41
+	xor	$10,$11
+	drotr	$11,$7,28
+	xor	$12,$2			# Ch(e,f,g)
+	xor	$10,$3			# Sigma1(e)
+
+	drotr	$3,$7,34
+	daddu	$9,$12
+	ld	$12,104($6)		# K[13]
+	xor	$3,$11
+	drotr	$11,$7,39
+	daddu	$9,$10
+	and	$10,$24,$25
+	xor	$3,$11			# Sigma0(a)
+	xor	$11,$24,$25
+#else
+	daddu	$9,$21,$3			# 13
+	dsrl	$3,$31,14
+	xor	$12,$1,$2
+	dsll	$11,$31,23
+	and	$12,$31
+	dsrl	$10,$31,18
+	xor	$3,$11
+	dsll	$11,$31,46
+	xor	$3,$10
+	dsrl	$10,$31,41
+	xor	$3,$11
+	dsll	$11,$31,50
+	xor	$3,$10
+	xor	$12,$2			# Ch(e,f,g)
+	xor	$10,$11,$3			# Sigma1(e)
+
+	dsrl	$3,$7,28
+	daddu	$9,$12
+	ld	$12,104($6)		# K[13]
+	dsll	$11,$7,25
+	daddu	$9,$10
+	dsrl	$10,$7,34
+	xor	$3,$11
+	dsll	$11,$7,30
+	xor	$3,$10
+	dsrl	$10,$7,39
+	xor	$3,$11
+	dsll	$11,$7,36
+	xor	$3,$10
+	and	$10,$24,$25
+	xor	$3,$11			# Sigma0(a)
+	xor	$11,$24,$25
+#endif
+	sd	$21,104($29)	# offload to ring buffer
+	daddu	$3,$10
+	and	$11,$7
+	daddu	$9,$12			# +=K[13]
+	daddu	$3,$11			# +=Maj(a,b,c)
+	daddu	$30,$9
+	daddu	$3,$9
+	ld	$8,0($29)	# prefetch from ring buffer
+#if defined(_MIPS_ARCH_MIPS32R6) || defined(_MIPS_ARCH_MIPS64R6)
+	ld	$23,120($5)
+#else
+	ldl	$23,127($5)
+	ldr	$23,120($5)
+#endif
+#if defined(_MIPS_ARCH_MIPS64R2)
+	dsbh	$22,$22		# byte swap(14)
+	dshd	$22,$22
+#else
+	ori	$11,$0,0xFF
+	dsll	$13,$11,32
+	or	$11,$13		# 0x000000FF000000FF
+	and	$12,$22,$11	# byte swap(14)
+	dsrl	$13,$22,24
+	dsll	$12,24
+	and	$13,$11
+	dsll	$11,8			# 0x0000FF000000FF00
+	or	$12,$13
+	and	$13,$22,$11
+	dsrl	$22,8
+	dsll	$13,8
+	and	$22,$11
+	or	$12,$13
+	or	$22,$12
+	dsrl	$12,$22,32
+	dsll	$22,32
+	or	$22,$12
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$13,$31,$1			# 14
+	drotr	$11,$30,14
+	daddu	$10,$22,$2
+	drotr	$12,$30,18
+	and	$13,$30
+	drotr	$2,$30,41
+	xor	$11,$12
+	drotr	$12,$3,28
+	xor	$13,$1			# Ch(e,f,g)
+	xor	$11,$2			# Sigma1(e)
+
+	drotr	$2,$3,34
+	daddu	$10,$13
+	ld	$13,112($6)		# K[14]
+	xor	$2,$12
+	drotr	$12,$3,39
+	daddu	$10,$11
+	and	$11,$7,$24
+	xor	$2,$12			# Sigma0(a)
+	xor	$12,$7,$24
+#else
+	daddu	$10,$22,$2			# 14
+	dsrl	$2,$30,14
+	xor	$13,$31,$1
+	dsll	$12,$30,23
+	and	$13,$30
+	dsrl	$11,$30,18
+	xor	$2,$12
+	dsll	$12,$30,46
+	xor	$2,$11
+	dsrl	$11,$30,41
+	xor	$2,$12
+	dsll	$12,$30,50
+	xor	$2,$11
+	xor	$13,$1			# Ch(e,f,g)
+	xor	$11,$12,$2			# Sigma1(e)
+
+	dsrl	$2,$3,28
+	daddu	$10,$13
+	ld	$13,112($6)		# K[14]
+	dsll	$12,$3,25
+	daddu	$10,$11
+	dsrl	$11,$3,34
+	xor	$2,$12
+	dsll	$12,$3,30
+	xor	$2,$11
+	dsrl	$11,$3,39
+	xor	$2,$12
+	dsll	$12,$3,36
+	xor	$2,$11
+	and	$11,$7,$24
+	xor	$2,$12			# Sigma0(a)
+	xor	$12,$7,$24
+#endif
+	sd	$22,112($29)	# offload to ring buffer
+	daddu	$2,$11
+	and	$12,$3
+	daddu	$10,$13			# +=K[14]
+	daddu	$2,$12			# +=Maj(a,b,c)
+	daddu	$25,$10
+	daddu	$2,$10
+	ld	$9,8($29)	# prefetch from ring buffer
+#if defined(_MIPS_ARCH_MIPS64R2)
+	dsbh	$23,$23		# byte swap(15)
+	dshd	$23,$23
+#else
+	ori	$12,$0,0xFF
+	dsll	$14,$12,32
+	or	$12,$14		# 0x000000FF000000FF
+	and	$13,$23,$12	# byte swap(15)
+	dsrl	$14,$23,24
+	dsll	$13,24
+	and	$14,$12
+	dsll	$12,8			# 0x0000FF000000FF00
+	or	$13,$14
+	and	$14,$23,$12
+	dsrl	$23,8
+	dsll	$14,8
+	and	$23,$12
+	or	$13,$14
+	or	$23,$13
+	dsrl	$13,$23,32
+	dsll	$23,32
+	or	$23,$13
+#endif
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$14,$30,$31			# 15
+	drotr	$12,$25,14
+	daddu	$11,$23,$1
+	drotr	$13,$25,18
+	and	$14,$25
+	drotr	$1,$25,41
+	xor	$12,$13
+	drotr	$13,$2,28
+	xor	$14,$31			# Ch(e,f,g)
+	xor	$12,$1			# Sigma1(e)
+
+	drotr	$1,$2,34
+	daddu	$11,$14
+	ld	$14,120($6)		# K[15]
+	xor	$1,$13
+	drotr	$13,$2,39
+	daddu	$11,$12
+	and	$12,$3,$7
+	xor	$1,$13			# Sigma0(a)
+	xor	$13,$3,$7
+#else
+	daddu	$11,$23,$1			# 15
+	dsrl	$1,$25,14
+	xor	$14,$30,$31
+	dsll	$13,$25,23
+	and	$14,$25
+	dsrl	$12,$25,18
+	xor	$1,$13
+	dsll	$13,$25,46
+	xor	$1,$12
+	dsrl	$12,$25,41
+	xor	$1,$13
+	dsll	$13,$25,50
+	xor	$1,$12
+	xor	$14,$31			# Ch(e,f,g)
+	xor	$12,$13,$1			# Sigma1(e)
+
+	dsrl	$1,$2,28
+	daddu	$11,$14
+	ld	$14,120($6)		# K[15]
+	dsll	$13,$2,25
+	daddu	$11,$12
+	dsrl	$12,$2,34
+	xor	$1,$13
+	dsll	$13,$2,30
+	xor	$1,$12
+	dsrl	$12,$2,39
+	xor	$1,$13
+	dsll	$13,$2,36
+	xor	$1,$12
+	and	$12,$3,$7
+	xor	$1,$13			# Sigma0(a)
+	xor	$13,$3,$7
+#endif
+	sd	$23,120($29)	# offload to ring buffer
+	daddu	$1,$12
+	and	$13,$2
+	daddu	$11,$14			# +=K[15]
+	daddu	$1,$13			# +=Maj(a,b,c)
+	daddu	$24,$11
+	daddu	$1,$11
+	ld	$10,16($29)	# prefetch from ring buffer
+	b	.L16_xx
+.align	4
+.L16_xx:
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	dsrl	$14,$9,7		# Xupdate(16)
+	drotr	$12,$9,1
+	daddu	$8,$17			# +=X[i+9]
+	xor	$14,$12
+	drotr	$12,$9,8
+
+	dsrl	$15,$22,6
+	drotr	$13,$22,19
+	xor	$14,$12			# sigma0(X[i+1])
+	drotr	$12,$22,61
+	xor	$15,$13
+	daddu	$8,$14
+#else
+	dsrl	$14,$9,7		# Xupdate(16)
+	daddu	$8,$17			# +=X[i+9]
+	dsll	$13,$9,56
+	dsrl	$12,$9,1
+	xor	$14,$13
+	dsll	$13,7
+	xor	$14,$12
+	dsrl	$12,$9,8
+	xor	$14,$13
+
+	dsrl	$15,$22,6
+	xor	$14,$12			# sigma0(X[i+1])
+	dsll	$13,$22,3
+	daddu	$8,$14
+	dsrl	$12,$22,19
+	xor	$15,$13
+	dsll	$13,42
+	xor	$15,$12
+	dsrl	$12,$22,61
+	xor	$15,$13
+#endif
+	xor	$15,$12			# sigma1(X[i+14])
+	daddu	$8,$15
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$15,$25,$30			# 16
+	drotr	$13,$24,14
+	daddu	$12,$8,$31
+	drotr	$14,$24,18
+	and	$15,$24
+	drotr	$31,$24,41
+	xor	$13,$14
+	drotr	$14,$1,28
+	xor	$15,$30			# Ch(e,f,g)
+	xor	$13,$31			# Sigma1(e)
+
+	drotr	$31,$1,34
+	daddu	$12,$15
+	ld	$15,128($6)		# K[16]
+	xor	$31,$14
+	drotr	$14,$1,39
+	daddu	$12,$13
+	and	$13,$2,$3
+	xor	$31,$14			# Sigma0(a)
+	xor	$14,$2,$3
+#else
+	daddu	$12,$8,$31			# 16
+	dsrl	$31,$24,14
+	xor	$15,$25,$30
+	dsll	$14,$24,23
+	and	$15,$24
+	dsrl	$13,$24,18
+	xor	$31,$14
+	dsll	$14,$24,46
+	xor	$31,$13
+	dsrl	$13,$24,41
+	xor	$31,$14
+	dsll	$14,$24,50
+	xor	$31,$13
+	xor	$15,$30			# Ch(e,f,g)
+	xor	$13,$14,$31			# Sigma1(e)
+
+	dsrl	$31,$1,28
+	daddu	$12,$15
+	ld	$15,128($6)		# K[16]
+	dsll	$14,$1,25
+	daddu	$12,$13
+	dsrl	$13,$1,34
+	xor	$31,$14
+	dsll	$14,$1,30
+	xor	$31,$13
+	dsrl	$13,$1,39
+	xor	$31,$14
+	dsll	$14,$1,36
+	xor	$31,$13
+	and	$13,$2,$3
+	xor	$31,$14			# Sigma0(a)
+	xor	$14,$2,$3
+#endif
+	sd	$8,0($29)	# offload to ring buffer
+	daddu	$31,$13
+	and	$14,$1
+	daddu	$12,$15			# +=K[16]
+	daddu	$31,$14			# +=Maj(a,b,c)
+	daddu	$7,$12
+	daddu	$31,$12
+	ld	$11,24($29)	# prefetch from ring buffer
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	dsrl	$15,$10,7		# Xupdate(17)
+	drotr	$13,$10,1
+	daddu	$9,$18			# +=X[i+9]
+	xor	$15,$13
+	drotr	$13,$10,8
+
+	dsrl	$16,$23,6
+	drotr	$14,$23,19
+	xor	$15,$13			# sigma0(X[i+1])
+	drotr	$13,$23,61
+	xor	$16,$14
+	daddu	$9,$15
+#else
+	dsrl	$15,$10,7		# Xupdate(17)
+	daddu	$9,$18			# +=X[i+9]
+	dsll	$14,$10,56
+	dsrl	$13,$10,1
+	xor	$15,$14
+	dsll	$14,7
+	xor	$15,$13
+	dsrl	$13,$10,8
+	xor	$15,$14
+
+	dsrl	$16,$23,6
+	xor	$15,$13			# sigma0(X[i+1])
+	dsll	$14,$23,3
+	daddu	$9,$15
+	dsrl	$13,$23,19
+	xor	$16,$14
+	dsll	$14,42
+	xor	$16,$13
+	dsrl	$13,$23,61
+	xor	$16,$14
+#endif
+	xor	$16,$13			# sigma1(X[i+14])
+	daddu	$9,$16
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$16,$24,$25			# 17
+	drotr	$14,$7,14
+	daddu	$13,$9,$30
+	drotr	$15,$7,18
+	and	$16,$7
+	drotr	$30,$7,41
+	xor	$14,$15
+	drotr	$15,$31,28
+	xor	$16,$25			# Ch(e,f,g)
+	xor	$14,$30			# Sigma1(e)
+
+	drotr	$30,$31,34
+	daddu	$13,$16
+	ld	$16,136($6)		# K[17]
+	xor	$30,$15
+	drotr	$15,$31,39
+	daddu	$13,$14
+	and	$14,$1,$2
+	xor	$30,$15			# Sigma0(a)
+	xor	$15,$1,$2
+#else
+	daddu	$13,$9,$30			# 17
+	dsrl	$30,$7,14
+	xor	$16,$24,$25
+	dsll	$15,$7,23
+	and	$16,$7
+	dsrl	$14,$7,18
+	xor	$30,$15
+	dsll	$15,$7,46
+	xor	$30,$14
+	dsrl	$14,$7,41
+	xor	$30,$15
+	dsll	$15,$7,50
+	xor	$30,$14
+	xor	$16,$25			# Ch(e,f,g)
+	xor	$14,$15,$30			# Sigma1(e)
+
+	dsrl	$30,$31,28
+	daddu	$13,$16
+	ld	$16,136($6)		# K[17]
+	dsll	$15,$31,25
+	daddu	$13,$14
+	dsrl	$14,$31,34
+	xor	$30,$15
+	dsll	$15,$31,30
+	xor	$30,$14
+	dsrl	$14,$31,39
+	xor	$30,$15
+	dsll	$15,$31,36
+	xor	$30,$14
+	and	$14,$1,$2
+	xor	$30,$15			# Sigma0(a)
+	xor	$15,$1,$2
+#endif
+	sd	$9,8($29)	# offload to ring buffer
+	daddu	$30,$14
+	and	$15,$31
+	daddu	$13,$16			# +=K[17]
+	daddu	$30,$15			# +=Maj(a,b,c)
+	daddu	$3,$13
+	daddu	$30,$13
+	ld	$12,32($29)	# prefetch from ring buffer
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	dsrl	$16,$11,7		# Xupdate(18)
+	drotr	$14,$11,1
+	daddu	$10,$19			# +=X[i+9]
+	xor	$16,$14
+	drotr	$14,$11,8
+
+	dsrl	$17,$8,6
+	drotr	$15,$8,19
+	xor	$16,$14			# sigma0(X[i+1])
+	drotr	$14,$8,61
+	xor	$17,$15
+	daddu	$10,$16
+#else
+	dsrl	$16,$11,7		# Xupdate(18)
+	daddu	$10,$19			# +=X[i+9]
+	dsll	$15,$11,56
+	dsrl	$14,$11,1
+	xor	$16,$15
+	dsll	$15,7
+	xor	$16,$14
+	dsrl	$14,$11,8
+	xor	$16,$15
+
+	dsrl	$17,$8,6
+	xor	$16,$14			# sigma0(X[i+1])
+	dsll	$15,$8,3
+	daddu	$10,$16
+	dsrl	$14,$8,19
+	xor	$17,$15
+	dsll	$15,42
+	xor	$17,$14
+	dsrl	$14,$8,61
+	xor	$17,$15
+#endif
+	xor	$17,$14			# sigma1(X[i+14])
+	daddu	$10,$17
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$17,$7,$24			# 18
+	drotr	$15,$3,14
+	daddu	$14,$10,$25
+	drotr	$16,$3,18
+	and	$17,$3
+	drotr	$25,$3,41
+	xor	$15,$16
+	drotr	$16,$30,28
+	xor	$17,$24			# Ch(e,f,g)
+	xor	$15,$25			# Sigma1(e)
+
+	drotr	$25,$30,34
+	daddu	$14,$17
+	ld	$17,144($6)		# K[18]
+	xor	$25,$16
+	drotr	$16,$30,39
+	daddu	$14,$15
+	and	$15,$31,$1
+	xor	$25,$16			# Sigma0(a)
+	xor	$16,$31,$1
+#else
+	daddu	$14,$10,$25			# 18
+	dsrl	$25,$3,14
+	xor	$17,$7,$24
+	dsll	$16,$3,23
+	and	$17,$3
+	dsrl	$15,$3,18
+	xor	$25,$16
+	dsll	$16,$3,46
+	xor	$25,$15
+	dsrl	$15,$3,41
+	xor	$25,$16
+	dsll	$16,$3,50
+	xor	$25,$15
+	xor	$17,$24			# Ch(e,f,g)
+	xor	$15,$16,$25			# Sigma1(e)
+
+	dsrl	$25,$30,28
+	daddu	$14,$17
+	ld	$17,144($6)		# K[18]
+	dsll	$16,$30,25
+	daddu	$14,$15
+	dsrl	$15,$30,34
+	xor	$25,$16
+	dsll	$16,$30,30
+	xor	$25,$15
+	dsrl	$15,$30,39
+	xor	$25,$16
+	dsll	$16,$30,36
+	xor	$25,$15
+	and	$15,$31,$1
+	xor	$25,$16			# Sigma0(a)
+	xor	$16,$31,$1
+#endif
+	sd	$10,16($29)	# offload to ring buffer
+	daddu	$25,$15
+	and	$16,$30
+	daddu	$14,$17			# +=K[18]
+	daddu	$25,$16			# +=Maj(a,b,c)
+	daddu	$2,$14
+	daddu	$25,$14
+	ld	$13,40($29)	# prefetch from ring buffer
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	dsrl	$17,$12,7		# Xupdate(19)
+	drotr	$15,$12,1
+	daddu	$11,$20			# +=X[i+9]
+	xor	$17,$15
+	drotr	$15,$12,8
+
+	dsrl	$18,$9,6
+	drotr	$16,$9,19
+	xor	$17,$15			# sigma0(X[i+1])
+	drotr	$15,$9,61
+	xor	$18,$16
+	daddu	$11,$17
+#else
+	dsrl	$17,$12,7		# Xupdate(19)
+	daddu	$11,$20			# +=X[i+9]
+	dsll	$16,$12,56
+	dsrl	$15,$12,1
+	xor	$17,$16
+	dsll	$16,7
+	xor	$17,$15
+	dsrl	$15,$12,8
+	xor	$17,$16
+
+	dsrl	$18,$9,6
+	xor	$17,$15			# sigma0(X[i+1])
+	dsll	$16,$9,3
+	daddu	$11,$17
+	dsrl	$15,$9,19
+	xor	$18,$16
+	dsll	$16,42
+	xor	$18,$15
+	dsrl	$15,$9,61
+	xor	$18,$16
+#endif
+	xor	$18,$15			# sigma1(X[i+14])
+	daddu	$11,$18
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$18,$3,$7			# 19
+	drotr	$16,$2,14
+	daddu	$15,$11,$24
+	drotr	$17,$2,18
+	and	$18,$2
+	drotr	$24,$2,41
+	xor	$16,$17
+	drotr	$17,$25,28
+	xor	$18,$7			# Ch(e,f,g)
+	xor	$16,$24			# Sigma1(e)
+
+	drotr	$24,$25,34
+	daddu	$15,$18
+	ld	$18,152($6)		# K[19]
+	xor	$24,$17
+	drotr	$17,$25,39
+	daddu	$15,$16
+	and	$16,$30,$31
+	xor	$24,$17			# Sigma0(a)
+	xor	$17,$30,$31
+#else
+	daddu	$15,$11,$24			# 19
+	dsrl	$24,$2,14
+	xor	$18,$3,$7
+	dsll	$17,$2,23
+	and	$18,$2
+	dsrl	$16,$2,18
+	xor	$24,$17
+	dsll	$17,$2,46
+	xor	$24,$16
+	dsrl	$16,$2,41
+	xor	$24,$17
+	dsll	$17,$2,50
+	xor	$24,$16
+	xor	$18,$7			# Ch(e,f,g)
+	xor	$16,$17,$24			# Sigma1(e)
+
+	dsrl	$24,$25,28
+	daddu	$15,$18
+	ld	$18,152($6)		# K[19]
+	dsll	$17,$25,25
+	daddu	$15,$16
+	dsrl	$16,$25,34
+	xor	$24,$17
+	dsll	$17,$25,30
+	xor	$24,$16
+	dsrl	$16,$25,39
+	xor	$24,$17
+	dsll	$17,$25,36
+	xor	$24,$16
+	and	$16,$30,$31
+	xor	$24,$17			# Sigma0(a)
+	xor	$17,$30,$31
+#endif
+	sd	$11,24($29)	# offload to ring buffer
+	daddu	$24,$16
+	and	$17,$25
+	daddu	$15,$18			# +=K[19]
+	daddu	$24,$17			# +=Maj(a,b,c)
+	daddu	$1,$15
+	daddu	$24,$15
+	ld	$14,48($29)	# prefetch from ring buffer
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	dsrl	$18,$13,7		# Xupdate(20)
+	drotr	$16,$13,1
+	daddu	$12,$21			# +=X[i+9]
+	xor	$18,$16
+	drotr	$16,$13,8
+
+	dsrl	$19,$10,6
+	drotr	$17,$10,19
+	xor	$18,$16			# sigma0(X[i+1])
+	drotr	$16,$10,61
+	xor	$19,$17
+	daddu	$12,$18
+#else
+	dsrl	$18,$13,7		# Xupdate(20)
+	daddu	$12,$21			# +=X[i+9]
+	dsll	$17,$13,56
+	dsrl	$16,$13,1
+	xor	$18,$17
+	dsll	$17,7
+	xor	$18,$16
+	dsrl	$16,$13,8
+	xor	$18,$17
+
+	dsrl	$19,$10,6
+	xor	$18,$16			# sigma0(X[i+1])
+	dsll	$17,$10,3
+	daddu	$12,$18
+	dsrl	$16,$10,19
+	xor	$19,$17
+	dsll	$17,42
+	xor	$19,$16
+	dsrl	$16,$10,61
+	xor	$19,$17
+#endif
+	xor	$19,$16			# sigma1(X[i+14])
+	daddu	$12,$19
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$19,$2,$3			# 20
+	drotr	$17,$1,14
+	daddu	$16,$12,$7
+	drotr	$18,$1,18
+	and	$19,$1
+	drotr	$7,$1,41
+	xor	$17,$18
+	drotr	$18,$24,28
+	xor	$19,$3			# Ch(e,f,g)
+	xor	$17,$7			# Sigma1(e)
+
+	drotr	$7,$24,34
+	daddu	$16,$19
+	ld	$19,160($6)		# K[20]
+	xor	$7,$18
+	drotr	$18,$24,39
+	daddu	$16,$17
+	and	$17,$25,$30
+	xor	$7,$18			# Sigma0(a)
+	xor	$18,$25,$30
+#else
+	daddu	$16,$12,$7			# 20
+	dsrl	$7,$1,14
+	xor	$19,$2,$3
+	dsll	$18,$1,23
+	and	$19,$1
+	dsrl	$17,$1,18
+	xor	$7,$18
+	dsll	$18,$1,46
+	xor	$7,$17
+	dsrl	$17,$1,41
+	xor	$7,$18
+	dsll	$18,$1,50
+	xor	$7,$17
+	xor	$19,$3			# Ch(e,f,g)
+	xor	$17,$18,$7			# Sigma1(e)
+
+	dsrl	$7,$24,28
+	daddu	$16,$19
+	ld	$19,160($6)		# K[20]
+	dsll	$18,$24,25
+	daddu	$16,$17
+	dsrl	$17,$24,34
+	xor	$7,$18
+	dsll	$18,$24,30
+	xor	$7,$17
+	dsrl	$17,$24,39
+	xor	$7,$18
+	dsll	$18,$24,36
+	xor	$7,$17
+	and	$17,$25,$30
+	xor	$7,$18			# Sigma0(a)
+	xor	$18,$25,$30
+#endif
+	sd	$12,32($29)	# offload to ring buffer
+	daddu	$7,$17
+	and	$18,$24
+	daddu	$16,$19			# +=K[20]
+	daddu	$7,$18			# +=Maj(a,b,c)
+	daddu	$31,$16
+	daddu	$7,$16
+	ld	$15,56($29)	# prefetch from ring buffer
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	dsrl	$19,$14,7		# Xupdate(21)
+	drotr	$17,$14,1
+	daddu	$13,$22			# +=X[i+9]
+	xor	$19,$17
+	drotr	$17,$14,8
+
+	dsrl	$20,$11,6
+	drotr	$18,$11,19
+	xor	$19,$17			# sigma0(X[i+1])
+	drotr	$17,$11,61
+	xor	$20,$18
+	daddu	$13,$19
+#else
+	dsrl	$19,$14,7		# Xupdate(21)
+	daddu	$13,$22			# +=X[i+9]
+	dsll	$18,$14,56
+	dsrl	$17,$14,1
+	xor	$19,$18
+	dsll	$18,7
+	xor	$19,$17
+	dsrl	$17,$14,8
+	xor	$19,$18
+
+	dsrl	$20,$11,6
+	xor	$19,$17			# sigma0(X[i+1])
+	dsll	$18,$11,3
+	daddu	$13,$19
+	dsrl	$17,$11,19
+	xor	$20,$18
+	dsll	$18,42
+	xor	$20,$17
+	dsrl	$17,$11,61
+	xor	$20,$18
+#endif
+	xor	$20,$17			# sigma1(X[i+14])
+	daddu	$13,$20
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$20,$1,$2			# 21
+	drotr	$18,$31,14
+	daddu	$17,$13,$3
+	drotr	$19,$31,18
+	and	$20,$31
+	drotr	$3,$31,41
+	xor	$18,$19
+	drotr	$19,$7,28
+	xor	$20,$2			# Ch(e,f,g)
+	xor	$18,$3			# Sigma1(e)
+
+	drotr	$3,$7,34
+	daddu	$17,$20
+	ld	$20,168($6)		# K[21]
+	xor	$3,$19
+	drotr	$19,$7,39
+	daddu	$17,$18
+	and	$18,$24,$25
+	xor	$3,$19			# Sigma0(a)
+	xor	$19,$24,$25
+#else
+	daddu	$17,$13,$3			# 21
+	dsrl	$3,$31,14
+	xor	$20,$1,$2
+	dsll	$19,$31,23
+	and	$20,$31
+	dsrl	$18,$31,18
+	xor	$3,$19
+	dsll	$19,$31,46
+	xor	$3,$18
+	dsrl	$18,$31,41
+	xor	$3,$19
+	dsll	$19,$31,50
+	xor	$3,$18
+	xor	$20,$2			# Ch(e,f,g)
+	xor	$18,$19,$3			# Sigma1(e)
+
+	dsrl	$3,$7,28
+	daddu	$17,$20
+	ld	$20,168($6)		# K[21]
+	dsll	$19,$7,25
+	daddu	$17,$18
+	dsrl	$18,$7,34
+	xor	$3,$19
+	dsll	$19,$7,30
+	xor	$3,$18
+	dsrl	$18,$7,39
+	xor	$3,$19
+	dsll	$19,$7,36
+	xor	$3,$18
+	and	$18,$24,$25
+	xor	$3,$19			# Sigma0(a)
+	xor	$19,$24,$25
+#endif
+	sd	$13,40($29)	# offload to ring buffer
+	daddu	$3,$18
+	and	$19,$7
+	daddu	$17,$20			# +=K[21]
+	daddu	$3,$19			# +=Maj(a,b,c)
+	daddu	$30,$17
+	daddu	$3,$17
+	ld	$16,64($29)	# prefetch from ring buffer
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	dsrl	$20,$15,7		# Xupdate(22)
+	drotr	$18,$15,1
+	daddu	$14,$23			# +=X[i+9]
+	xor	$20,$18
+	drotr	$18,$15,8
+
+	dsrl	$21,$12,6
+	drotr	$19,$12,19
+	xor	$20,$18			# sigma0(X[i+1])
+	drotr	$18,$12,61
+	xor	$21,$19
+	daddu	$14,$20
+#else
+	dsrl	$20,$15,7		# Xupdate(22)
+	daddu	$14,$23			# +=X[i+9]
+	dsll	$19,$15,56
+	dsrl	$18,$15,1
+	xor	$20,$19
+	dsll	$19,7
+	xor	$20,$18
+	dsrl	$18,$15,8
+	xor	$20,$19
+
+	dsrl	$21,$12,6
+	xor	$20,$18			# sigma0(X[i+1])
+	dsll	$19,$12,3
+	daddu	$14,$20
+	dsrl	$18,$12,19
+	xor	$21,$19
+	dsll	$19,42
+	xor	$21,$18
+	dsrl	$18,$12,61
+	xor	$21,$19
+#endif
+	xor	$21,$18			# sigma1(X[i+14])
+	daddu	$14,$21
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$21,$31,$1			# 22
+	drotr	$19,$30,14
+	daddu	$18,$14,$2
+	drotr	$20,$30,18
+	and	$21,$30
+	drotr	$2,$30,41
+	xor	$19,$20
+	drotr	$20,$3,28
+	xor	$21,$1			# Ch(e,f,g)
+	xor	$19,$2			# Sigma1(e)
+
+	drotr	$2,$3,34
+	daddu	$18,$21
+	ld	$21,176($6)		# K[22]
+	xor	$2,$20
+	drotr	$20,$3,39
+	daddu	$18,$19
+	and	$19,$7,$24
+	xor	$2,$20			# Sigma0(a)
+	xor	$20,$7,$24
+#else
+	daddu	$18,$14,$2			# 22
+	dsrl	$2,$30,14
+	xor	$21,$31,$1
+	dsll	$20,$30,23
+	and	$21,$30
+	dsrl	$19,$30,18
+	xor	$2,$20
+	dsll	$20,$30,46
+	xor	$2,$19
+	dsrl	$19,$30,41
+	xor	$2,$20
+	dsll	$20,$30,50
+	xor	$2,$19
+	xor	$21,$1			# Ch(e,f,g)
+	xor	$19,$20,$2			# Sigma1(e)
+
+	dsrl	$2,$3,28
+	daddu	$18,$21
+	ld	$21,176($6)		# K[22]
+	dsll	$20,$3,25
+	daddu	$18,$19
+	dsrl	$19,$3,34
+	xor	$2,$20
+	dsll	$20,$3,30
+	xor	$2,$19
+	dsrl	$19,$3,39
+	xor	$2,$20
+	dsll	$20,$3,36
+	xor	$2,$19
+	and	$19,$7,$24
+	xor	$2,$20			# Sigma0(a)
+	xor	$20,$7,$24
+#endif
+	sd	$14,48($29)	# offload to ring buffer
+	daddu	$2,$19
+	and	$20,$3
+	daddu	$18,$21			# +=K[22]
+	daddu	$2,$20			# +=Maj(a,b,c)
+	daddu	$25,$18
+	daddu	$2,$18
+	ld	$17,72($29)	# prefetch from ring buffer
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	dsrl	$21,$16,7		# Xupdate(23)
+	drotr	$19,$16,1
+	daddu	$15,$8			# +=X[i+9]
+	xor	$21,$19
+	drotr	$19,$16,8
+
+	dsrl	$22,$13,6
+	drotr	$20,$13,19
+	xor	$21,$19			# sigma0(X[i+1])
+	drotr	$19,$13,61
+	xor	$22,$20
+	daddu	$15,$21
+#else
+	dsrl	$21,$16,7		# Xupdate(23)
+	daddu	$15,$8			# +=X[i+9]
+	dsll	$20,$16,56
+	dsrl	$19,$16,1
+	xor	$21,$20
+	dsll	$20,7
+	xor	$21,$19
+	dsrl	$19,$16,8
+	xor	$21,$20
+
+	dsrl	$22,$13,6
+	xor	$21,$19			# sigma0(X[i+1])
+	dsll	$20,$13,3
+	daddu	$15,$21
+	dsrl	$19,$13,19
+	xor	$22,$20
+	dsll	$20,42
+	xor	$22,$19
+	dsrl	$19,$13,61
+	xor	$22,$20
+#endif
+	xor	$22,$19			# sigma1(X[i+14])
+	daddu	$15,$22
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$22,$30,$31			# 23
+	drotr	$20,$25,14
+	daddu	$19,$15,$1
+	drotr	$21,$25,18
+	and	$22,$25
+	drotr	$1,$25,41
+	xor	$20,$21
+	drotr	$21,$2,28
+	xor	$22,$31			# Ch(e,f,g)
+	xor	$20,$1			# Sigma1(e)
+
+	drotr	$1,$2,34
+	daddu	$19,$22
+	ld	$22,184($6)		# K[23]
+	xor	$1,$21
+	drotr	$21,$2,39
+	daddu	$19,$20
+	and	$20,$3,$7
+	xor	$1,$21			# Sigma0(a)
+	xor	$21,$3,$7
+#else
+	daddu	$19,$15,$1			# 23
+	dsrl	$1,$25,14
+	xor	$22,$30,$31
+	dsll	$21,$25,23
+	and	$22,$25
+	dsrl	$20,$25,18
+	xor	$1,$21
+	dsll	$21,$25,46
+	xor	$1,$20
+	dsrl	$20,$25,41
+	xor	$1,$21
+	dsll	$21,$25,50
+	xor	$1,$20
+	xor	$22,$31			# Ch(e,f,g)
+	xor	$20,$21,$1			# Sigma1(e)
+
+	dsrl	$1,$2,28
+	daddu	$19,$22
+	ld	$22,184($6)		# K[23]
+	dsll	$21,$2,25
+	daddu	$19,$20
+	dsrl	$20,$2,34
+	xor	$1,$21
+	dsll	$21,$2,30
+	xor	$1,$20
+	dsrl	$20,$2,39
+	xor	$1,$21
+	dsll	$21,$2,36
+	xor	$1,$20
+	and	$20,$3,$7
+	xor	$1,$21			# Sigma0(a)
+	xor	$21,$3,$7
+#endif
+	sd	$15,56($29)	# offload to ring buffer
+	daddu	$1,$20
+	and	$21,$2
+	daddu	$19,$22			# +=K[23]
+	daddu	$1,$21			# +=Maj(a,b,c)
+	daddu	$24,$19
+	daddu	$1,$19
+	ld	$18,80($29)	# prefetch from ring buffer
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	dsrl	$22,$17,7		# Xupdate(24)
+	drotr	$20,$17,1
+	daddu	$16,$9			# +=X[i+9]
+	xor	$22,$20
+	drotr	$20,$17,8
+
+	dsrl	$23,$14,6
+	drotr	$21,$14,19
+	xor	$22,$20			# sigma0(X[i+1])
+	drotr	$20,$14,61
+	xor	$23,$21
+	daddu	$16,$22
+#else
+	dsrl	$22,$17,7		# Xupdate(24)
+	daddu	$16,$9			# +=X[i+9]
+	dsll	$21,$17,56
+	dsrl	$20,$17,1
+	xor	$22,$21
+	dsll	$21,7
+	xor	$22,$20
+	dsrl	$20,$17,8
+	xor	$22,$21
+
+	dsrl	$23,$14,6
+	xor	$22,$20			# sigma0(X[i+1])
+	dsll	$21,$14,3
+	daddu	$16,$22
+	dsrl	$20,$14,19
+	xor	$23,$21
+	dsll	$21,42
+	xor	$23,$20
+	dsrl	$20,$14,61
+	xor	$23,$21
+#endif
+	xor	$23,$20			# sigma1(X[i+14])
+	daddu	$16,$23
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$23,$25,$30			# 24
+	drotr	$21,$24,14
+	daddu	$20,$16,$31
+	drotr	$22,$24,18
+	and	$23,$24
+	drotr	$31,$24,41
+	xor	$21,$22
+	drotr	$22,$1,28
+	xor	$23,$30			# Ch(e,f,g)
+	xor	$21,$31			# Sigma1(e)
+
+	drotr	$31,$1,34
+	daddu	$20,$23
+	ld	$23,192($6)		# K[24]
+	xor	$31,$22
+	drotr	$22,$1,39
+	daddu	$20,$21
+	and	$21,$2,$3
+	xor	$31,$22			# Sigma0(a)
+	xor	$22,$2,$3
+#else
+	daddu	$20,$16,$31			# 24
+	dsrl	$31,$24,14
+	xor	$23,$25,$30
+	dsll	$22,$24,23
+	and	$23,$24
+	dsrl	$21,$24,18
+	xor	$31,$22
+	dsll	$22,$24,46
+	xor	$31,$21
+	dsrl	$21,$24,41
+	xor	$31,$22
+	dsll	$22,$24,50
+	xor	$31,$21
+	xor	$23,$30			# Ch(e,f,g)
+	xor	$21,$22,$31			# Sigma1(e)
+
+	dsrl	$31,$1,28
+	daddu	$20,$23
+	ld	$23,192($6)		# K[24]
+	dsll	$22,$1,25
+	daddu	$20,$21
+	dsrl	$21,$1,34
+	xor	$31,$22
+	dsll	$22,$1,30
+	xor	$31,$21
+	dsrl	$21,$1,39
+	xor	$31,$22
+	dsll	$22,$1,36
+	xor	$31,$21
+	and	$21,$2,$3
+	xor	$31,$22			# Sigma0(a)
+	xor	$22,$2,$3
+#endif
+	sd	$16,64($29)	# offload to ring buffer
+	daddu	$31,$21
+	and	$22,$1
+	daddu	$20,$23			# +=K[24]
+	daddu	$31,$22			# +=Maj(a,b,c)
+	daddu	$7,$20
+	daddu	$31,$20
+	ld	$19,88($29)	# prefetch from ring buffer
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	dsrl	$23,$18,7		# Xupdate(25)
+	drotr	$21,$18,1
+	daddu	$17,$10			# +=X[i+9]
+	xor	$23,$21
+	drotr	$21,$18,8
+
+	dsrl	$8,$15,6
+	drotr	$22,$15,19
+	xor	$23,$21			# sigma0(X[i+1])
+	drotr	$21,$15,61
+	xor	$8,$22
+	daddu	$17,$23
+#else
+	dsrl	$23,$18,7		# Xupdate(25)
+	daddu	$17,$10			# +=X[i+9]
+	dsll	$22,$18,56
+	dsrl	$21,$18,1
+	xor	$23,$22
+	dsll	$22,7
+	xor	$23,$21
+	dsrl	$21,$18,8
+	xor	$23,$22
+
+	dsrl	$8,$15,6
+	xor	$23,$21			# sigma0(X[i+1])
+	dsll	$22,$15,3
+	daddu	$17,$23
+	dsrl	$21,$15,19
+	xor	$8,$22
+	dsll	$22,42
+	xor	$8,$21
+	dsrl	$21,$15,61
+	xor	$8,$22
+#endif
+	xor	$8,$21			# sigma1(X[i+14])
+	daddu	$17,$8
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$8,$24,$25			# 25
+	drotr	$22,$7,14
+	daddu	$21,$17,$30
+	drotr	$23,$7,18
+	and	$8,$7
+	drotr	$30,$7,41
+	xor	$22,$23
+	drotr	$23,$31,28
+	xor	$8,$25			# Ch(e,f,g)
+	xor	$22,$30			# Sigma1(e)
+
+	drotr	$30,$31,34
+	daddu	$21,$8
+	ld	$8,200($6)		# K[25]
+	xor	$30,$23
+	drotr	$23,$31,39
+	daddu	$21,$22
+	and	$22,$1,$2
+	xor	$30,$23			# Sigma0(a)
+	xor	$23,$1,$2
+#else
+	daddu	$21,$17,$30			# 25
+	dsrl	$30,$7,14
+	xor	$8,$24,$25
+	dsll	$23,$7,23
+	and	$8,$7
+	dsrl	$22,$7,18
+	xor	$30,$23
+	dsll	$23,$7,46
+	xor	$30,$22
+	dsrl	$22,$7,41
+	xor	$30,$23
+	dsll	$23,$7,50
+	xor	$30,$22
+	xor	$8,$25			# Ch(e,f,g)
+	xor	$22,$23,$30			# Sigma1(e)
+
+	dsrl	$30,$31,28
+	daddu	$21,$8
+	ld	$8,200($6)		# K[25]
+	dsll	$23,$31,25
+	daddu	$21,$22
+	dsrl	$22,$31,34
+	xor	$30,$23
+	dsll	$23,$31,30
+	xor	$30,$22
+	dsrl	$22,$31,39
+	xor	$30,$23
+	dsll	$23,$31,36
+	xor	$30,$22
+	and	$22,$1,$2
+	xor	$30,$23			# Sigma0(a)
+	xor	$23,$1,$2
+#endif
+	sd	$17,72($29)	# offload to ring buffer
+	daddu	$30,$22
+	and	$23,$31
+	daddu	$21,$8			# +=K[25]
+	daddu	$30,$23			# +=Maj(a,b,c)
+	daddu	$3,$21
+	daddu	$30,$21
+	ld	$20,96($29)	# prefetch from ring buffer
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	dsrl	$8,$19,7		# Xupdate(26)
+	drotr	$22,$19,1
+	daddu	$18,$11			# +=X[i+9]
+	xor	$8,$22
+	drotr	$22,$19,8
+
+	dsrl	$9,$16,6
+	drotr	$23,$16,19
+	xor	$8,$22			# sigma0(X[i+1])
+	drotr	$22,$16,61
+	xor	$9,$23
+	daddu	$18,$8
+#else
+	dsrl	$8,$19,7		# Xupdate(26)
+	daddu	$18,$11			# +=X[i+9]
+	dsll	$23,$19,56
+	dsrl	$22,$19,1
+	xor	$8,$23
+	dsll	$23,7
+	xor	$8,$22
+	dsrl	$22,$19,8
+	xor	$8,$23
+
+	dsrl	$9,$16,6
+	xor	$8,$22			# sigma0(X[i+1])
+	dsll	$23,$16,3
+	daddu	$18,$8
+	dsrl	$22,$16,19
+	xor	$9,$23
+	dsll	$23,42
+	xor	$9,$22
+	dsrl	$22,$16,61
+	xor	$9,$23
+#endif
+	xor	$9,$22			# sigma1(X[i+14])
+	daddu	$18,$9
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$9,$7,$24			# 26
+	drotr	$23,$3,14
+	daddu	$22,$18,$25
+	drotr	$8,$3,18
+	and	$9,$3
+	drotr	$25,$3,41
+	xor	$23,$8
+	drotr	$8,$30,28
+	xor	$9,$24			# Ch(e,f,g)
+	xor	$23,$25			# Sigma1(e)
+
+	drotr	$25,$30,34
+	daddu	$22,$9
+	ld	$9,208($6)		# K[26]
+	xor	$25,$8
+	drotr	$8,$30,39
+	daddu	$22,$23
+	and	$23,$31,$1
+	xor	$25,$8			# Sigma0(a)
+	xor	$8,$31,$1
+#else
+	daddu	$22,$18,$25			# 26
+	dsrl	$25,$3,14
+	xor	$9,$7,$24
+	dsll	$8,$3,23
+	and	$9,$3
+	dsrl	$23,$3,18
+	xor	$25,$8
+	dsll	$8,$3,46
+	xor	$25,$23
+	dsrl	$23,$3,41
+	xor	$25,$8
+	dsll	$8,$3,50
+	xor	$25,$23
+	xor	$9,$24			# Ch(e,f,g)
+	xor	$23,$8,$25			# Sigma1(e)
+
+	dsrl	$25,$30,28
+	daddu	$22,$9
+	ld	$9,208($6)		# K[26]
+	dsll	$8,$30,25
+	daddu	$22,$23
+	dsrl	$23,$30,34
+	xor	$25,$8
+	dsll	$8,$30,30
+	xor	$25,$23
+	dsrl	$23,$30,39
+	xor	$25,$8
+	dsll	$8,$30,36
+	xor	$25,$23
+	and	$23,$31,$1
+	xor	$25,$8			# Sigma0(a)
+	xor	$8,$31,$1
+#endif
+	sd	$18,80($29)	# offload to ring buffer
+	daddu	$25,$23
+	and	$8,$30
+	daddu	$22,$9			# +=K[26]
+	daddu	$25,$8			# +=Maj(a,b,c)
+	daddu	$2,$22
+	daddu	$25,$22
+	ld	$21,104($29)	# prefetch from ring buffer
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	dsrl	$9,$20,7		# Xupdate(27)
+	drotr	$23,$20,1
+	daddu	$19,$12			# +=X[i+9]
+	xor	$9,$23
+	drotr	$23,$20,8
+
+	dsrl	$10,$17,6
+	drotr	$8,$17,19
+	xor	$9,$23			# sigma0(X[i+1])
+	drotr	$23,$17,61
+	xor	$10,$8
+	daddu	$19,$9
+#else
+	dsrl	$9,$20,7		# Xupdate(27)
+	daddu	$19,$12			# +=X[i+9]
+	dsll	$8,$20,56
+	dsrl	$23,$20,1
+	xor	$9,$8
+	dsll	$8,7
+	xor	$9,$23
+	dsrl	$23,$20,8
+	xor	$9,$8
+
+	dsrl	$10,$17,6
+	xor	$9,$23			# sigma0(X[i+1])
+	dsll	$8,$17,3
+	daddu	$19,$9
+	dsrl	$23,$17,19
+	xor	$10,$8
+	dsll	$8,42
+	xor	$10,$23
+	dsrl	$23,$17,61
+	xor	$10,$8
+#endif
+	xor	$10,$23			# sigma1(X[i+14])
+	daddu	$19,$10
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$10,$3,$7			# 27
+	drotr	$8,$2,14
+	daddu	$23,$19,$24
+	drotr	$9,$2,18
+	and	$10,$2
+	drotr	$24,$2,41
+	xor	$8,$9
+	drotr	$9,$25,28
+	xor	$10,$7			# Ch(e,f,g)
+	xor	$8,$24			# Sigma1(e)
+
+	drotr	$24,$25,34
+	daddu	$23,$10
+	ld	$10,216($6)		# K[27]
+	xor	$24,$9
+	drotr	$9,$25,39
+	daddu	$23,$8
+	and	$8,$30,$31
+	xor	$24,$9			# Sigma0(a)
+	xor	$9,$30,$31
+#else
+	daddu	$23,$19,$24			# 27
+	dsrl	$24,$2,14
+	xor	$10,$3,$7
+	dsll	$9,$2,23
+	and	$10,$2
+	dsrl	$8,$2,18
+	xor	$24,$9
+	dsll	$9,$2,46
+	xor	$24,$8
+	dsrl	$8,$2,41
+	xor	$24,$9
+	dsll	$9,$2,50
+	xor	$24,$8
+	xor	$10,$7			# Ch(e,f,g)
+	xor	$8,$9,$24			# Sigma1(e)
+
+	dsrl	$24,$25,28
+	daddu	$23,$10
+	ld	$10,216($6)		# K[27]
+	dsll	$9,$25,25
+	daddu	$23,$8
+	dsrl	$8,$25,34
+	xor	$24,$9
+	dsll	$9,$25,30
+	xor	$24,$8
+	dsrl	$8,$25,39
+	xor	$24,$9
+	dsll	$9,$25,36
+	xor	$24,$8
+	and	$8,$30,$31
+	xor	$24,$9			# Sigma0(a)
+	xor	$9,$30,$31
+#endif
+	sd	$19,88($29)	# offload to ring buffer
+	daddu	$24,$8
+	and	$9,$25
+	daddu	$23,$10			# +=K[27]
+	daddu	$24,$9			# +=Maj(a,b,c)
+	daddu	$1,$23
+	daddu	$24,$23
+	ld	$22,112($29)	# prefetch from ring buffer
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	dsrl	$10,$21,7		# Xupdate(28)
+	drotr	$8,$21,1
+	daddu	$20,$13			# +=X[i+9]
+	xor	$10,$8
+	drotr	$8,$21,8
+
+	dsrl	$11,$18,6
+	drotr	$9,$18,19
+	xor	$10,$8			# sigma0(X[i+1])
+	drotr	$8,$18,61
+	xor	$11,$9
+	daddu	$20,$10
+#else
+	dsrl	$10,$21,7		# Xupdate(28)
+	daddu	$20,$13			# +=X[i+9]
+	dsll	$9,$21,56
+	dsrl	$8,$21,1
+	xor	$10,$9
+	dsll	$9,7
+	xor	$10,$8
+	dsrl	$8,$21,8
+	xor	$10,$9
+
+	dsrl	$11,$18,6
+	xor	$10,$8			# sigma0(X[i+1])
+	dsll	$9,$18,3
+	daddu	$20,$10
+	dsrl	$8,$18,19
+	xor	$11,$9
+	dsll	$9,42
+	xor	$11,$8
+	dsrl	$8,$18,61
+	xor	$11,$9
+#endif
+	xor	$11,$8			# sigma1(X[i+14])
+	daddu	$20,$11
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$11,$2,$3			# 28
+	drotr	$9,$1,14
+	daddu	$8,$20,$7
+	drotr	$10,$1,18
+	and	$11,$1
+	drotr	$7,$1,41
+	xor	$9,$10
+	drotr	$10,$24,28
+	xor	$11,$3			# Ch(e,f,g)
+	xor	$9,$7			# Sigma1(e)
+
+	drotr	$7,$24,34
+	daddu	$8,$11
+	ld	$11,224($6)		# K[28]
+	xor	$7,$10
+	drotr	$10,$24,39
+	daddu	$8,$9
+	and	$9,$25,$30
+	xor	$7,$10			# Sigma0(a)
+	xor	$10,$25,$30
+#else
+	daddu	$8,$20,$7			# 28
+	dsrl	$7,$1,14
+	xor	$11,$2,$3
+	dsll	$10,$1,23
+	and	$11,$1
+	dsrl	$9,$1,18
+	xor	$7,$10
+	dsll	$10,$1,46
+	xor	$7,$9
+	dsrl	$9,$1,41
+	xor	$7,$10
+	dsll	$10,$1,50
+	xor	$7,$9
+	xor	$11,$3			# Ch(e,f,g)
+	xor	$9,$10,$7			# Sigma1(e)
+
+	dsrl	$7,$24,28
+	daddu	$8,$11
+	ld	$11,224($6)		# K[28]
+	dsll	$10,$24,25
+	daddu	$8,$9
+	dsrl	$9,$24,34
+	xor	$7,$10
+	dsll	$10,$24,30
+	xor	$7,$9
+	dsrl	$9,$24,39
+	xor	$7,$10
+	dsll	$10,$24,36
+	xor	$7,$9
+	and	$9,$25,$30
+	xor	$7,$10			# Sigma0(a)
+	xor	$10,$25,$30
+#endif
+	sd	$20,96($29)	# offload to ring buffer
+	daddu	$7,$9
+	and	$10,$24
+	daddu	$8,$11			# +=K[28]
+	daddu	$7,$10			# +=Maj(a,b,c)
+	daddu	$31,$8
+	daddu	$7,$8
+	ld	$23,120($29)	# prefetch from ring buffer
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	dsrl	$11,$22,7		# Xupdate(29)
+	drotr	$9,$22,1
+	daddu	$21,$14			# +=X[i+9]
+	xor	$11,$9
+	drotr	$9,$22,8
+
+	dsrl	$12,$19,6
+	drotr	$10,$19,19
+	xor	$11,$9			# sigma0(X[i+1])
+	drotr	$9,$19,61
+	xor	$12,$10
+	daddu	$21,$11
+#else
+	dsrl	$11,$22,7		# Xupdate(29)
+	daddu	$21,$14			# +=X[i+9]
+	dsll	$10,$22,56
+	dsrl	$9,$22,1
+	xor	$11,$10
+	dsll	$10,7
+	xor	$11,$9
+	dsrl	$9,$22,8
+	xor	$11,$10
+
+	dsrl	$12,$19,6
+	xor	$11,$9			# sigma0(X[i+1])
+	dsll	$10,$19,3
+	daddu	$21,$11
+	dsrl	$9,$19,19
+	xor	$12,$10
+	dsll	$10,42
+	xor	$12,$9
+	dsrl	$9,$19,61
+	xor	$12,$10
+#endif
+	xor	$12,$9			# sigma1(X[i+14])
+	daddu	$21,$12
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$12,$1,$2			# 29
+	drotr	$10,$31,14
+	daddu	$9,$21,$3
+	drotr	$11,$31,18
+	and	$12,$31
+	drotr	$3,$31,41
+	xor	$10,$11
+	drotr	$11,$7,28
+	xor	$12,$2			# Ch(e,f,g)
+	xor	$10,$3			# Sigma1(e)
+
+	drotr	$3,$7,34
+	daddu	$9,$12
+	ld	$12,232($6)		# K[29]
+	xor	$3,$11
+	drotr	$11,$7,39
+	daddu	$9,$10
+	and	$10,$24,$25
+	xor	$3,$11			# Sigma0(a)
+	xor	$11,$24,$25
+#else
+	daddu	$9,$21,$3			# 29
+	dsrl	$3,$31,14
+	xor	$12,$1,$2
+	dsll	$11,$31,23
+	and	$12,$31
+	dsrl	$10,$31,18
+	xor	$3,$11
+	dsll	$11,$31,46
+	xor	$3,$10
+	dsrl	$10,$31,41
+	xor	$3,$11
+	dsll	$11,$31,50
+	xor	$3,$10
+	xor	$12,$2			# Ch(e,f,g)
+	xor	$10,$11,$3			# Sigma1(e)
+
+	dsrl	$3,$7,28
+	daddu	$9,$12
+	ld	$12,232($6)		# K[29]
+	dsll	$11,$7,25
+	daddu	$9,$10
+	dsrl	$10,$7,34
+	xor	$3,$11
+	dsll	$11,$7,30
+	xor	$3,$10
+	dsrl	$10,$7,39
+	xor	$3,$11
+	dsll	$11,$7,36
+	xor	$3,$10
+	and	$10,$24,$25
+	xor	$3,$11			# Sigma0(a)
+	xor	$11,$24,$25
+#endif
+	sd	$21,104($29)	# offload to ring buffer
+	daddu	$3,$10
+	and	$11,$7
+	daddu	$9,$12			# +=K[29]
+	daddu	$3,$11			# +=Maj(a,b,c)
+	daddu	$30,$9
+	daddu	$3,$9
+	ld	$8,0($29)	# prefetch from ring buffer
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	dsrl	$12,$23,7		# Xupdate(30)
+	drotr	$10,$23,1
+	daddu	$22,$15			# +=X[i+9]
+	xor	$12,$10
+	drotr	$10,$23,8
+
+	dsrl	$13,$20,6
+	drotr	$11,$20,19
+	xor	$12,$10			# sigma0(X[i+1])
+	drotr	$10,$20,61
+	xor	$13,$11
+	daddu	$22,$12
+#else
+	dsrl	$12,$23,7		# Xupdate(30)
+	daddu	$22,$15			# +=X[i+9]
+	dsll	$11,$23,56
+	dsrl	$10,$23,1
+	xor	$12,$11
+	dsll	$11,7
+	xor	$12,$10
+	dsrl	$10,$23,8
+	xor	$12,$11
+
+	dsrl	$13,$20,6
+	xor	$12,$10			# sigma0(X[i+1])
+	dsll	$11,$20,3
+	daddu	$22,$12
+	dsrl	$10,$20,19
+	xor	$13,$11
+	dsll	$11,42
+	xor	$13,$10
+	dsrl	$10,$20,61
+	xor	$13,$11
+#endif
+	xor	$13,$10			# sigma1(X[i+14])
+	daddu	$22,$13
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$13,$31,$1			# 30
+	drotr	$11,$30,14
+	daddu	$10,$22,$2
+	drotr	$12,$30,18
+	and	$13,$30
+	drotr	$2,$30,41
+	xor	$11,$12
+	drotr	$12,$3,28
+	xor	$13,$1			# Ch(e,f,g)
+	xor	$11,$2			# Sigma1(e)
+
+	drotr	$2,$3,34
+	daddu	$10,$13
+	ld	$13,240($6)		# K[30]
+	xor	$2,$12
+	drotr	$12,$3,39
+	daddu	$10,$11
+	and	$11,$7,$24
+	xor	$2,$12			# Sigma0(a)
+	xor	$12,$7,$24
+#else
+	daddu	$10,$22,$2			# 30
+	dsrl	$2,$30,14
+	xor	$13,$31,$1
+	dsll	$12,$30,23
+	and	$13,$30
+	dsrl	$11,$30,18
+	xor	$2,$12
+	dsll	$12,$30,46
+	xor	$2,$11
+	dsrl	$11,$30,41
+	xor	$2,$12
+	dsll	$12,$30,50
+	xor	$2,$11
+	xor	$13,$1			# Ch(e,f,g)
+	xor	$11,$12,$2			# Sigma1(e)
+
+	dsrl	$2,$3,28
+	daddu	$10,$13
+	ld	$13,240($6)		# K[30]
+	dsll	$12,$3,25
+	daddu	$10,$11
+	dsrl	$11,$3,34
+	xor	$2,$12
+	dsll	$12,$3,30
+	xor	$2,$11
+	dsrl	$11,$3,39
+	xor	$2,$12
+	dsll	$12,$3,36
+	xor	$2,$11
+	and	$11,$7,$24
+	xor	$2,$12			# Sigma0(a)
+	xor	$12,$7,$24
+#endif
+	sd	$22,112($29)	# offload to ring buffer
+	daddu	$2,$11
+	and	$12,$3
+	daddu	$10,$13			# +=K[30]
+	daddu	$2,$12			# +=Maj(a,b,c)
+	daddu	$25,$10
+	daddu	$2,$10
+	ld	$9,8($29)	# prefetch from ring buffer
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	dsrl	$13,$8,7		# Xupdate(31)
+	drotr	$11,$8,1
+	daddu	$23,$16			# +=X[i+9]
+	xor	$13,$11
+	drotr	$11,$8,8
+
+	dsrl	$14,$21,6
+	drotr	$12,$21,19
+	xor	$13,$11			# sigma0(X[i+1])
+	drotr	$11,$21,61
+	xor	$14,$12
+	daddu	$23,$13
+#else
+	dsrl	$13,$8,7		# Xupdate(31)
+	daddu	$23,$16			# +=X[i+9]
+	dsll	$12,$8,56
+	dsrl	$11,$8,1
+	xor	$13,$12
+	dsll	$12,7
+	xor	$13,$11
+	dsrl	$11,$8,8
+	xor	$13,$12
+
+	dsrl	$14,$21,6
+	xor	$13,$11			# sigma0(X[i+1])
+	dsll	$12,$21,3
+	daddu	$23,$13
+	dsrl	$11,$21,19
+	xor	$14,$12
+	dsll	$12,42
+	xor	$14,$11
+	dsrl	$11,$21,61
+	xor	$14,$12
+#endif
+	xor	$14,$11			# sigma1(X[i+14])
+	daddu	$23,$14
+#if defined(_MIPS_ARCH_MIPS32R2) || defined(_MIPS_ARCH_MIPS64R2)
+	xor	$14,$30,$31			# 31
+	drotr	$12,$25,14
+	daddu	$11,$23,$1
+	drotr	$13,$25,18
+	and	$14,$25
+	drotr	$1,$25,41
+	xor	$12,$13
+	drotr	$13,$2,28
+	xor	$14,$31			# Ch(e,f,g)
+	xor	$12,$1			# Sigma1(e)
+
+	drotr	$1,$2,34
+	daddu	$11,$14
+	ld	$14,248($6)		# K[31]
+	xor	$1,$13
+	drotr	$13,$2,39
+	daddu	$11,$12
+	and	$12,$3,$7
+	xor	$1,$13			# Sigma0(a)
+	xor	$13,$3,$7
+#else
+	daddu	$11,$23,$1			# 31
+	dsrl	$1,$25,14
+	xor	$14,$30,$31
+	dsll	$13,$25,23
+	and	$14,$25
+	dsrl	$12,$25,18
+	xor	$1,$13
+	dsll	$13,$25,46
+	xor	$1,$12
+	dsrl	$12,$25,41
+	xor	$1,$13
+	dsll	$13,$25,50
+	xor	$1,$12
+	xor	$14,$31			# Ch(e,f,g)
+	xor	$12,$13,$1			# Sigma1(e)
+
+	dsrl	$1,$2,28
+	daddu	$11,$14
+	ld	$14,248($6)		# K[31]
+	dsll	$13,$2,25
+	daddu	$11,$12
+	dsrl	$12,$2,34
+	xor	$1,$13
+	dsll	$13,$2,30
+	xor	$1,$12
+	dsrl	$12,$2,39
+	xor	$1,$13
+	dsll	$13,$2,36
+	xor	$1,$12
+	and	$12,$3,$7
+	xor	$1,$13			# Sigma0(a)
+	xor	$13,$3,$7
+#endif
+	sd	$23,120($29)	# offload to ring buffer
+	daddu	$1,$12
+	and	$13,$2
+	daddu	$11,$14			# +=K[31]
+	daddu	$1,$13			# +=Maj(a,b,c)
+	daddu	$24,$11
+	daddu	$1,$11
+	ld	$10,16($29)	# prefetch from ring buffer
+	and	$14,0xfff
+	li	$15,2071
+	.set	noreorder
+	bne	$14,$15,.L16_xx
+	daddu $6,16*8		# Ktbl+=16
+
+	ld	$23,16*8($29)	# restore pointer to the end of input
+	ld	$8,0*8($4)
+	ld	$9,1*8($4)
+	ld	$10,2*8($4)
+	daddu $5,16*8
+	ld	$11,3*8($4)
+	daddu	$1,$8
+	ld	$12,4*8($4)
+	daddu	$2,$9
+	ld	$13,5*8($4)
+	daddu	$3,$10
+	ld	$14,6*8($4)
+	daddu	$7,$11
+	ld	$15,7*8($4)
+	daddu	$24,$12
+	sd	$1,0*8($4)
+	daddu	$25,$13
+	sd	$2,1*8($4)
+	daddu	$30,$14
+	sd	$3,2*8($4)
+	daddu	$31,$15
+	sd	$7,3*8($4)
+	sd	$24,4*8($4)
+	sd	$25,5*8($4)
+	sd	$30,6*8($4)
+	sd	$31,7*8($4)
+
+	bne	$5,$23,.Loop
+	dsubu $6,512	# rewind $6
+
+	ld	$31,256-1*8($29)
+	ld	$30,256-2*8($29)
+	ld	$23,256-3*8($29)
+	ld	$22,256-4*8($29)
+	ld	$21,256-5*8($29)
+	ld	$20,256-6*8($29)
+	ld	$19,256-7*8($29)
+	ld	$18,256-8*8($29)
+	ld	$17,256-9*8($29)
+	ld	$16,256-10*8($29)
+	jr	$31
+	daddu $29,256
+.end	sha512_block_data_order
+
+.rdata
+.align	5
+K512:
+	.dword	0x428a2f98d728ae22, 0x7137449123ef65cd
+	.dword	0xb5c0fbcfec4d3b2f, 0xe9b5dba58189dbbc
+	.dword	0x3956c25bf348b538, 0x59f111f1b605d019
+	.dword	0x923f82a4af194f9b, 0xab1c5ed5da6d8118
+	.dword	0xd807aa98a3030242, 0x12835b0145706fbe
+	.dword	0x243185be4ee4b28c, 0x550c7dc3d5ffb4e2
+	.dword	0x72be5d74f27b896f, 0x80deb1fe3b1696b1
+	.dword	0x9bdc06a725c71235, 0xc19bf174cf692694
+	.dword	0xe49b69c19ef14ad2, 0xefbe4786384f25e3
+	.dword	0x0fc19dc68b8cd5b5, 0x240ca1cc77ac9c65
+	.dword	0x2de92c6f592b0275, 0x4a7484aa6ea6e483
+	.dword	0x5cb0a9dcbd41fbd4, 0x76f988da831153b5
+	.dword	0x983e5152ee66dfab, 0xa831c66d2db43210
+	.dword	0xb00327c898fb213f, 0xbf597fc7beef0ee4
+	.dword	0xc6e00bf33da88fc2, 0xd5a79147930aa725
+	.dword	0x06ca6351e003826f, 0x142929670a0e6e70
+	.dword	0x27b70a8546d22ffc, 0x2e1b21385c26c926
+	.dword	0x4d2c6dfc5ac42aed, 0x53380d139d95b3df
+	.dword	0x650a73548baf63de, 0x766a0abb3c77b2a8
+	.dword	0x81c2c92e47edaee6, 0x92722c851482353b
+	.dword	0xa2bfe8a14cf10364, 0xa81a664bbc423001
+	.dword	0xc24b8b70d0f89791, 0xc76c51a30654be30
+	.dword	0xd192e819d6ef5218, 0xd69906245565a910
+	.dword	0xf40e35855771202a, 0x106aa07032bbd1b8
+	.dword	0x19a4c116b8d2d0c8, 0x1e376c085141ab53
+	.dword	0x2748774cdf8eeb99, 0x34b0bcb5e19b48a8
+	.dword	0x391c0cb3c5c95a63, 0x4ed8aa4ae3418acb
+	.dword	0x5b9cca4f7763e373, 0x682e6ff3d6b2b8a3
+	.dword	0x748f82ee5defb2fc, 0x78a5636f43172f60
+	.dword	0x84c87814a1f0ab72, 0x8cc702081a6439ec
+	.dword	0x90befffa23631e28, 0xa4506cebde82bde9
+	.dword	0xbef9a3f7b2c67915, 0xc67178f2e372532b
+	.dword	0xca273eceea26619c, 0xd186b8c721c0c207
+	.dword	0xeada7dd6cde0eb1e, 0xf57d4f7fee6ed178
+	.dword	0x06f067aa72176fba, 0x0a637dc5a2c898a6
+	.dword	0x113f9804bef90dae, 0x1b710b35131c471b
+	.dword	0x28db77f523047d84, 0x32caab7b40c72493
+	.dword	0x3c9ebe0a15c9bebc, 0x431d67c49c100d4c
+	.dword	0x4cc5d4becb3e42b6, 0x597f299cfc657e2a
+	.dword	0x5fcb6fab3ad6faec, 0x6c44198c4a475817
+.asciiz	"SHA512 for MIPS, CRYPTOGAMS by <appro@openssl.org>"
+.align	5
diff --git a/deps/openssl/config/archs/linux64-mips64/asm_avx2/include/openssl/opensslconf.h b/deps/openssl/config/archs/linux64-mips64/asm_avx2/include/openssl/opensslconf.h
new file mode 100644
index 00000000000000..30820b60518d47
--- /dev/null
+++ b/deps/openssl/config/archs/linux64-mips64/asm_avx2/include/openssl/opensslconf.h
@@ -0,0 +1,198 @@
+/*
+ * WARNING: do not edit!
+ * Generated by Makefile from include/openssl/opensslconf.h.in
+ *
+ * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include <openssl/opensslv.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+#ifdef OPENSSL_ALGORITHM_DEFINES
+# error OPENSSL_ALGORITHM_DEFINES no longer supported
+#endif
+
+/*
+ * OpenSSL was configured with the following options:
+ */
+
+#ifndef OPENSSL_NO_COMP
+# define OPENSSL_NO_COMP
+#endif
+#ifndef OPENSSL_NO_MD2
+# define OPENSSL_NO_MD2
+#endif
+#ifndef OPENSSL_NO_RC5
+# define OPENSSL_NO_RC5
+#endif
+#ifndef OPENSSL_THREADS
+# define OPENSSL_THREADS
+#endif
+#ifndef OPENSSL_RAND_SEED_OS
+# define OPENSSL_RAND_SEED_OS
+#endif
+#ifndef OPENSSL_NO_AFALGENG
+# define OPENSSL_NO_AFALGENG
+#endif
+#ifndef OPENSSL_NO_ASAN
+# define OPENSSL_NO_ASAN
+#endif
+#ifndef OPENSSL_NO_CRYPTO_MDEBUG
+# define OPENSSL_NO_CRYPTO_MDEBUG
+#endif
+#ifndef OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
+# define OPENSSL_NO_CRYPTO_MDEBUG_BACKTRACE
+#endif
+#ifndef OPENSSL_NO_DEVCRYPTOENG
+# define OPENSSL_NO_DEVCRYPTOENG
+#endif
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+# define OPENSSL_NO_EC_NISTP_64_GCC_128
+#endif
+#ifndef OPENSSL_NO_EGD
+# define OPENSSL_NO_EGD
+#endif
+#ifndef OPENSSL_NO_EXTERNAL_TESTS
+# define OPENSSL_NO_EXTERNAL_TESTS
+#endif
+#ifndef OPENSSL_NO_FUZZ_AFL
+# define OPENSSL_NO_FUZZ_AFL
+#endif
+#ifndef OPENSSL_NO_FUZZ_LIBFUZZER
+# define OPENSSL_NO_FUZZ_LIBFUZZER
+#endif
+#ifndef OPENSSL_NO_HEARTBEATS
+# define OPENSSL_NO_HEARTBEATS
+#endif
+#ifndef OPENSSL_NO_MSAN
+# define OPENSSL_NO_MSAN
+#endif
+#ifndef OPENSSL_NO_SCTP
+# define OPENSSL_NO_SCTP
+#endif
+#ifndef OPENSSL_NO_SSL3
+# define OPENSSL_NO_SSL3
+#endif
+#ifndef OPENSSL_NO_SSL3_METHOD
+# define OPENSSL_NO_SSL3_METHOD
+#endif
+#ifndef OPENSSL_NO_UBSAN
+# define OPENSSL_NO_UBSAN
+#endif
+#ifndef OPENSSL_NO_UNIT_TEST
+# define OPENSSL_NO_UNIT_TEST
+#endif
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+# define OPENSSL_NO_WEAK_SSL_CIPHERS
+#endif
+#ifndef OPENSSL_NO_DYNAMIC_ENGINE
+# define OPENSSL_NO_DYNAMIC_ENGINE
+#endif
+#ifndef OPENSSL_NO_AFALGENG
+# define OPENSSL_NO_AFALGENG
+#endif
+
+
+/*
+ * Sometimes OPENSSSL_NO_xxx ends up with an empty file and some compilers
+ * don't like that.  This will hopefully silence them.
+ */
+#define NON_EMPTY_TRANSLATION_UNIT static void *dummy = &dummy;
+
+/*
+ * Applications should use -DOPENSSL_API_COMPAT=<version> to suppress the
+ * declarations of functions deprecated in or before <version>. Otherwise, they
+ * still won't see them if the library has been built to disable deprecated
+ * functions.
+ */
+#ifndef DECLARE_DEPRECATED
+# define DECLARE_DEPRECATED(f)   f;
+# ifdef __GNUC__
+#  if __GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ > 0)
+#   undef DECLARE_DEPRECATED
+#   define DECLARE_DEPRECATED(f)    f __attribute__ ((deprecated));
+#  endif
+# endif
+#endif
+
+#ifndef OPENSSL_FILE
+# ifdef OPENSSL_NO_FILENAMES
+#  define OPENSSL_FILE ""
+#  define OPENSSL_LINE 0
+# else
+#  define OPENSSL_FILE __FILE__
+#  define OPENSSL_LINE __LINE__
+# endif
+#endif
+
+#ifndef OPENSSL_MIN_API
+# define OPENSSL_MIN_API 0
+#endif
+
+#if !defined(OPENSSL_API_COMPAT) || OPENSSL_API_COMPAT < OPENSSL_MIN_API
+# undef OPENSSL_API_COMPAT
+# define OPENSSL_API_COMPAT OPENSSL_MIN_API
+#endif
+
+/*
+ * Do not deprecate things to be deprecated in version 1.2.0 before the
+ * OpenSSL version number matches.
+ */
+#if OPENSSL_VERSION_NUMBER < 0x10200000L
+# define DEPRECATEDIN_1_2_0(f)   f;
+#elif OPENSSL_API_COMPAT < 0x10200000L
+# define DEPRECATEDIN_1_2_0(f)   DECLARE_DEPRECATED(f)
+#else
+# define DEPRECATEDIN_1_2_0(f)
+#endif
+
+#if OPENSSL_API_COMPAT < 0x10100000L
+# define DEPRECATEDIN_1_1_0(f)   DECLARE_DEPRECATED(f)
+#else
+# define DEPRECATEDIN_1_1_0(f)
+#endif
+
+#if OPENSSL_API_COMPAT < 0x10000000L
+# define DEPRECATEDIN_1_0_0(f)   DECLARE_DEPRECATED(f)
+#else
+# define DEPRECATEDIN_1_0_0(f)
+#endif
+
+#if OPENSSL_API_COMPAT < 0x00908000L
+# define DEPRECATEDIN_0_9_8(f)   DECLARE_DEPRECATED(f)
+#else
+# define DEPRECATEDIN_0_9_8(f)
+#endif
+
+/* Generate 80386 code? */
+#undef I386_ONLY
+
+#undef OPENSSL_UNISTD
+#define OPENSSL_UNISTD <unistd.h>
+
+#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
+
+/*
+ * The following are cipher-specific, but are part of the public API.
+ */
+#if !defined(OPENSSL_SYS_UEFI)
+# undef BN_LLONG
+/* Only one for the following should be defined */
+# define SIXTY_FOUR_BIT_LONG
+# undef SIXTY_FOUR_BIT
+# undef THIRTY_TWO_BIT
+#endif
+
+#define RC4_INT unsigned char
+
+#ifdef  __cplusplus
+}
+#endif
diff --git a/deps/openssl/config/archs/linux64-mips64/asm_avx2/include/progs.h b/deps/openssl/config/archs/linux64-mips64/asm_avx2/include/progs.h
new file mode 100644
index 00000000000000..9b3d270e20800e
--- /dev/null
+++ b/deps/openssl/config/archs/linux64-mips64/asm_avx2/include/progs.h
@@ -0,0 +1,507 @@
+/*
+ * WARNING: do not edit!
+ * Generated by apps/progs.pl
+ *
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+typedef enum FUNC_TYPE {
+    FT_none, FT_general, FT_md, FT_cipher, FT_pkey,
+    FT_md_alg, FT_cipher_alg
+} FUNC_TYPE;
+
+typedef struct function_st {
+    FUNC_TYPE type;
+    const char *name;
+    int (*func)(int argc, char *argv[]);
+    const OPTIONS *help;
+} FUNCTION;
+
+DEFINE_LHASH_OF(FUNCTION);
+
+extern int asn1parse_main(int argc, char *argv[]);
+extern int ca_main(int argc, char *argv[]);
+extern int ciphers_main(int argc, char *argv[]);
+extern int cms_main(int argc, char *argv[]);
+extern int crl_main(int argc, char *argv[]);
+extern int crl2pkcs7_main(int argc, char *argv[]);
+extern int dgst_main(int argc, char *argv[]);
+extern int dhparam_main(int argc, char *argv[]);
+extern int dsa_main(int argc, char *argv[]);
+extern int dsaparam_main(int argc, char *argv[]);
+extern int ec_main(int argc, char *argv[]);
+extern int ecparam_main(int argc, char *argv[]);
+extern int enc_main(int argc, char *argv[]);
+extern int engine_main(int argc, char *argv[]);
+extern int errstr_main(int argc, char *argv[]);
+extern int gendsa_main(int argc, char *argv[]);
+extern int genpkey_main(int argc, char *argv[]);
+extern int genrsa_main(int argc, char *argv[]);
+extern int help_main(int argc, char *argv[]);
+extern int list_main(int argc, char *argv[]);
+extern int nseq_main(int argc, char *argv[]);
+extern int ocsp_main(int argc, char *argv[]);
+extern int passwd_main(int argc, char *argv[]);
+extern int pkcs12_main(int argc, char *argv[]);
+extern int pkcs7_main(int argc, char *argv[]);
+extern int pkcs8_main(int argc, char *argv[]);
+extern int pkey_main(int argc, char *argv[]);
+extern int pkeyparam_main(int argc, char *argv[]);
+extern int pkeyutl_main(int argc, char *argv[]);
+extern int prime_main(int argc, char *argv[]);
+extern int rand_main(int argc, char *argv[]);
+extern int rehash_main(int argc, char *argv[]);
+extern int req_main(int argc, char *argv[]);
+extern int rsa_main(int argc, char *argv[]);
+extern int rsautl_main(int argc, char *argv[]);
+extern int s_client_main(int argc, char *argv[]);
+extern int s_server_main(int argc, char *argv[]);
+extern int s_time_main(int argc, char *argv[]);
+extern int sess_id_main(int argc, char *argv[]);
+extern int smime_main(int argc, char *argv[]);
+extern int speed_main(int argc, char *argv[]);
+extern int spkac_main(int argc, char *argv[]);
+extern int srp_main(int argc, char *argv[]);
+extern int storeutl_main(int argc, char *argv[]);
+extern int ts_main(int argc, char *argv[]);
+extern int verify_main(int argc, char *argv[]);
+extern int version_main(int argc, char *argv[]);
+extern int x509_main(int argc, char *argv[]);
+
+extern const OPTIONS asn1parse_options[];
+extern const OPTIONS ca_options[];
+extern const OPTIONS ciphers_options[];
+extern const OPTIONS cms_options[];
+extern const OPTIONS crl_options[];
+extern const OPTIONS crl2pkcs7_options[];
+extern const OPTIONS dgst_options[];
+extern const OPTIONS dhparam_options[];
+extern const OPTIONS dsa_options[];
+extern const OPTIONS dsaparam_options[];
+extern const OPTIONS ec_options[];
+extern const OPTIONS ecparam_options[];
+extern const OPTIONS enc_options[];
+extern const OPTIONS engine_options[];
+extern const OPTIONS errstr_options[];
+extern const OPTIONS gendsa_options[];
+extern const OPTIONS genpkey_options[];
+extern const OPTIONS genrsa_options[];
+extern const OPTIONS help_options[];
+extern const OPTIONS list_options[];
+extern const OPTIONS nseq_options[];
+extern const OPTIONS ocsp_options[];
+extern const OPTIONS passwd_options[];
+extern const OPTIONS pkcs12_options[];
+extern const OPTIONS pkcs7_options[];
+extern const OPTIONS pkcs8_options[];
+extern const OPTIONS pkey_options[];
+extern const OPTIONS pkeyparam_options[];
+extern const OPTIONS pkeyutl_options[];
+extern const OPTIONS prime_options[];
+extern const OPTIONS rand_options[];
+extern const OPTIONS rehash_options[];
+extern const OPTIONS req_options[];
+extern const OPTIONS rsa_options[];
+extern const OPTIONS rsautl_options[];
+extern const OPTIONS s_client_options[];
+extern const OPTIONS s_server_options[];
+extern const OPTIONS s_time_options[];
+extern const OPTIONS sess_id_options[];
+extern const OPTIONS smime_options[];
+extern const OPTIONS speed_options[];
+extern const OPTIONS spkac_options[];
+extern const OPTIONS srp_options[];
+extern const OPTIONS storeutl_options[];
+extern const OPTIONS ts_options[];
+extern const OPTIONS verify_options[];
+extern const OPTIONS version_options[];
+extern const OPTIONS x509_options[];
+
+#ifdef INCLUDE_FUNCTION_TABLE
+static FUNCTION functions[] = {
+    {FT_general, "asn1parse", asn1parse_main, asn1parse_options},
+    {FT_general, "ca", ca_main, ca_options},
+#ifndef OPENSSL_NO_SOCK
+    {FT_general, "ciphers", ciphers_main, ciphers_options},
+#endif
+#ifndef OPENSSL_NO_CMS
+    {FT_general, "cms", cms_main, cms_options},
+#endif
+    {FT_general, "crl", crl_main, crl_options},
+    {FT_general, "crl2pkcs7", crl2pkcs7_main, crl2pkcs7_options},
+    {FT_general, "dgst", dgst_main, dgst_options},
+#ifndef OPENSSL_NO_DH
+    {FT_general, "dhparam", dhparam_main, dhparam_options},
+#endif
+#ifndef OPENSSL_NO_DSA
+    {FT_general, "dsa", dsa_main, dsa_options},
+#endif
+#ifndef OPENSSL_NO_DSA
+    {FT_general, "dsaparam", dsaparam_main, dsaparam_options},
+#endif
+#ifndef OPENSSL_NO_EC
+    {FT_general, "ec", ec_main, ec_options},
+#endif
+#ifndef OPENSSL_NO_EC
+    {FT_general, "ecparam", ecparam_main, ecparam_options},
+#endif
+    {FT_general, "enc", enc_main, enc_options},
+#ifndef OPENSSL_NO_ENGINE
+    {FT_general, "engine", engine_main, engine_options},
+#endif
+    {FT_general, "errstr", errstr_main, errstr_options},
+#ifndef OPENSSL_NO_DSA
+    {FT_general, "gendsa", gendsa_main, gendsa_options},
+#endif
+    {FT_general, "genpkey", genpkey_main, genpkey_options},
+#ifndef OPENSSL_NO_RSA
+    {FT_general, "genrsa", genrsa_main, genrsa_options},
+#endif
+    {FT_general, "help", help_main, help_options},
+    {FT_general, "list", list_main, list_options},
+    {FT_general, "nseq", nseq_main, nseq_options},
+#ifndef OPENSSL_NO_OCSP
+    {FT_general, "ocsp", ocsp_main, ocsp_options},
+#endif
+    {FT_general, "passwd", passwd_main, passwd_options},
+#ifndef OPENSSL_NO_DES
+    {FT_general, "pkcs12", pkcs12_main, pkcs12_options},
+#endif
+    {FT_general, "pkcs7", pkcs7_main, pkcs7_options},
+    {FT_general, "pkcs8", pkcs8_main, pkcs8_options},
+    {FT_general, "pkey", pkey_main, pkey_options},
+    {FT_general, "pkeyparam", pkeyparam_main, pkeyparam_options},
+    {FT_general, "pkeyutl", pkeyutl_main, pkeyutl_options},
+    {FT_general, "prime", prime_main, prime_options},
+    {FT_general, "rand", rand_main, rand_options},
+    {FT_general, "rehash", rehash_main, rehash_options},
+    {FT_general, "req", req_main, req_options},
+    {FT_general, "rsa", rsa_main, rsa_options},
+#ifndef OPENSSL_NO_RSA
+    {FT_general, "rsautl", rsautl_main, rsautl_options},
+#endif
+#ifndef OPENSSL_NO_SOCK
+    {FT_general, "s_client", s_client_main, s_client_options},
+#endif
+#ifndef OPENSSL_NO_SOCK
+    {FT_general, "s_server", s_server_main, s_server_options},
+#endif
+#ifndef OPENSSL_NO_SOCK
+    {FT_general, "s_time", s_time_main, s_time_options},
+#endif
+    {FT_general, "sess_id", sess_id_main, sess_id_options},
+    {FT_general, "smime", smime_main, smime_options},
+    {FT_general, "speed", speed_main, speed_options},
+    {FT_general, "spkac", spkac_main, spkac_options},
+#ifndef OPENSSL_NO_SRP
+    {FT_general, "srp", srp_main, srp_options},
+#endif
+    {FT_general, "storeutl", storeutl_main, storeutl_options},
+#ifndef OPENSSL_NO_TS
+    {FT_general, "ts", ts_main, ts_options},
+#endif
+    {FT_general, "verify", verify_main, verify_options},
+    {FT_general, "version", version_main, version_options},
+    {FT_general, "x509", x509_main, x509_options},
+#ifndef OPENSSL_NO_MD2
+    {FT_md, "md2", dgst_main},
+#endif
+#ifndef OPENSSL_NO_MD4
+    {FT_md, "md4", dgst_main},
+#endif
+    {FT_md, "md5", dgst_main},
+#ifndef OPENSSL_NO_GOST
+    {FT_md, "gost", dgst_main},
+#endif
+    {FT_md, "sha1", dgst_main},
+    {FT_md, "sha224", dgst_main},
+    {FT_md, "sha256", dgst_main},
+    {FT_md, "sha384", dgst_main},
+    {FT_md, "sha512", dgst_main},
+    {FT_md, "sha512-224", dgst_main},
+    {FT_md, "sha512-256", dgst_main},
+    {FT_md, "sha3-224", dgst_main},
+    {FT_md, "sha3-256", dgst_main},
+    {FT_md, "sha3-384", dgst_main},
+    {FT_md, "sha3-512", dgst_main},
+    {FT_md, "shake128", dgst_main},
+    {FT_md, "shake256", dgst_main},
+#ifndef OPENSSL_NO_MDC2
+    {FT_md, "mdc2", dgst_main},
+#endif
+#ifndef OPENSSL_NO_RMD160
+    {FT_md, "rmd160", dgst_main},
+#endif
+#ifndef OPENSSL_NO_BLAKE2
+    {FT_md, "blake2b512", dgst_main},
+#endif
+#ifndef OPENSSL_NO_BLAKE2
+    {FT_md, "blake2s256", dgst_main},
+#endif
+#ifndef OPENSSL_NO_SM3
+    {FT_md, "sm3", dgst_main},
+#endif
+    {FT_cipher, "aes-128-cbc", enc_main, enc_options},
+    {FT_cipher, "aes-128-ecb", enc_main, enc_options},
+    {FT_cipher, "aes-192-cbc", enc_main, enc_options},
+    {FT_cipher, "aes-192-ecb", enc_main, enc_options},
+    {FT_cipher, "aes-256-cbc", enc_main, enc_options},
+    {FT_cipher, "aes-256-ecb", enc_main, enc_options},
+#ifndef OPENSSL_NO_ARIA
+    {FT_cipher, "aria-128-cbc", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_ARIA
+    {FT_cipher, "aria-128-cfb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_ARIA
+    {FT_cipher, "aria-128-ctr", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_ARIA
+    {FT_cipher, "aria-128-ecb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_ARIA
+    {FT_cipher, "aria-128-ofb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_ARIA
+    {FT_cipher, "aria-128-cfb1", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_ARIA
+    {FT_cipher, "aria-128-cfb8", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_ARIA
+    {FT_cipher, "aria-192-cbc", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_ARIA
+    {FT_cipher, "aria-192-cfb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_ARIA
+    {FT_cipher, "aria-192-ctr", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_ARIA
+    {FT_cipher, "aria-192-ecb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_ARIA
+    {FT_cipher, "aria-192-ofb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_ARIA
+    {FT_cipher, "aria-192-cfb1", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_ARIA
+    {FT_cipher, "aria-192-cfb8", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_ARIA
+    {FT_cipher, "aria-256-cbc", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_ARIA
+    {FT_cipher, "aria-256-cfb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_ARIA
+    {FT_cipher, "aria-256-ctr", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_ARIA
+    {FT_cipher, "aria-256-ecb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_ARIA
+    {FT_cipher, "aria-256-ofb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_ARIA
+    {FT_cipher, "aria-256-cfb1", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_ARIA
+    {FT_cipher, "aria-256-cfb8", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_CAMELLIA
+    {FT_cipher, "camellia-128-cbc", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_CAMELLIA
+    {FT_cipher, "camellia-128-ecb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_CAMELLIA
+    {FT_cipher, "camellia-192-cbc", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_CAMELLIA
+    {FT_cipher, "camellia-192-ecb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_CAMELLIA
+    {FT_cipher, "camellia-256-cbc", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_CAMELLIA
+    {FT_cipher, "camellia-256-ecb", enc_main, enc_options},
+#endif
+    {FT_cipher, "base64", enc_main, enc_options},
+#ifdef ZLIB
+    {FT_cipher, "zlib", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_DES
+    {FT_cipher, "des", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_DES
+    {FT_cipher, "des3", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_DES
+    {FT_cipher, "desx", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_IDEA
+    {FT_cipher, "idea", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_SEED
+    {FT_cipher, "seed", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_RC4
+    {FT_cipher, "rc4", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_RC4
+    {FT_cipher, "rc4-40", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_RC2
+    {FT_cipher, "rc2", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_BF
+    {FT_cipher, "bf", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_CAST
+    {FT_cipher, "cast", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_RC5
+    {FT_cipher, "rc5", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_DES
+    {FT_cipher, "des-ecb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_DES
+    {FT_cipher, "des-ede", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_DES
+    {FT_cipher, "des-ede3", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_DES
+    {FT_cipher, "des-cbc", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_DES
+    {FT_cipher, "des-ede-cbc", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_DES
+    {FT_cipher, "des-ede3-cbc", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_DES
+    {FT_cipher, "des-cfb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_DES
+    {FT_cipher, "des-ede-cfb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_DES
+    {FT_cipher, "des-ede3-cfb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_DES
+    {FT_cipher, "des-ofb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_DES
+    {FT_cipher, "des-ede-ofb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_DES
+    {FT_cipher, "des-ede3-ofb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_IDEA
+    {FT_cipher, "idea-cbc", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_IDEA
+    {FT_cipher, "idea-ecb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_IDEA
+    {FT_cipher, "idea-cfb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_IDEA
+    {FT_cipher, "idea-ofb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_SEED
+    {FT_cipher, "seed-cbc", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_SEED
+    {FT_cipher, "seed-ecb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_SEED
+    {FT_cipher, "seed-cfb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_SEED
+    {FT_cipher, "seed-ofb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_RC2
+    {FT_cipher, "rc2-cbc", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_RC2
+    {FT_cipher, "rc2-ecb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_RC2
+    {FT_cipher, "rc2-cfb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_RC2
+    {FT_cipher, "rc2-ofb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_RC2
+    {FT_cipher, "rc2-64-cbc", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_RC2
+    {FT_cipher, "rc2-40-cbc", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_BF
+    {FT_cipher, "bf-cbc", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_BF
+    {FT_cipher, "bf-ecb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_BF
+    {FT_cipher, "bf-cfb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_BF
+    {FT_cipher, "bf-ofb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_CAST
+    {FT_cipher, "cast5-cbc", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_CAST
+    {FT_cipher, "cast5-ecb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_CAST
+    {FT_cipher, "cast5-cfb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_CAST
+    {FT_cipher, "cast5-ofb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_CAST
+    {FT_cipher, "cast-cbc", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_RC5
+    {FT_cipher, "rc5-cbc", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_RC5
+    {FT_cipher, "rc5-ecb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_RC5
+    {FT_cipher, "rc5-cfb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_RC5
+    {FT_cipher, "rc5-ofb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_SM4
+    {FT_cipher, "sm4-cbc", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_SM4
+    {FT_cipher, "sm4-ecb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_SM4
+    {FT_cipher, "sm4-cfb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_SM4
+    {FT_cipher, "sm4-ofb", enc_main, enc_options},
+#endif
+#ifndef OPENSSL_NO_SM4
+    {FT_cipher, "sm4-ctr", enc_main, enc_options},
+#endif
+    {0, NULL, NULL}
+};
+#endif
diff --git a/deps/openssl/config/archs/linux64-mips64/asm_avx2/openssl-cl.gypi b/deps/openssl/config/archs/linux64-mips64/asm_avx2/openssl-cl.gypi
new file mode 100644
index 00000000000000..5c8521f57870bb
--- /dev/null
+++ b/deps/openssl/config/archs/linux64-mips64/asm_avx2/openssl-cl.gypi
@@ -0,0 +1,86 @@
+{
+  'variables': {
+    'openssl_defines_linux64-mips64': [
+      'NDEBUG',
+      'OPENSSL_USE_NODELETE',
+      'OPENSSL_PIC',
+      'OPENSSL_BN_ASM_MONT',
+      'SHA1_ASM',
+      'SHA256_ASM',
+      'SHA512_ASM',
+      'AES_ASM',
+      'POLY1305_ASM',
+    ],
+    'openssl_cflags_linux64-mips64': [
+      '-Wa,--noexecstack',
+      '-Wall -O3',
+      '-pthread -mabi=64',
+      '-Wall -O3',
+    ],
+    'openssl_ex_libs_linux64-mips64': [
+      '-ldl -pthread',
+    ],
+    'openssl_cli_srcs_linux64-mips64': [
+      'openssl/apps/asn1pars.c',
+      'openssl/apps/ca.c',
+      'openssl/apps/ciphers.c',
+      'openssl/apps/cms.c',
+      'openssl/apps/crl.c',
+      'openssl/apps/crl2p7.c',
+      'openssl/apps/dgst.c',
+      'openssl/apps/dhparam.c',
+      'openssl/apps/dsa.c',
+      'openssl/apps/dsaparam.c',
+      'openssl/apps/ec.c',
+      'openssl/apps/ecparam.c',
+      'openssl/apps/enc.c',
+      'openssl/apps/engine.c',
+      'openssl/apps/errstr.c',
+      'openssl/apps/gendsa.c',
+      'openssl/apps/genpkey.c',
+      'openssl/apps/genrsa.c',
+      'openssl/apps/nseq.c',
+      'openssl/apps/ocsp.c',
+      'openssl/apps/openssl.c',
+      'openssl/apps/passwd.c',
+      'openssl/apps/pkcs12.c',
+      'openssl/apps/pkcs7.c',
+      'openssl/apps/pkcs8.c',
+      'openssl/apps/pkey.c',
+      'openssl/apps/pkeyparam.c',
+      'openssl/apps/pkeyutl.c',
+      'openssl/apps/prime.c',
+      'openssl/apps/rand.c',
+      'openssl/apps/rehash.c',
+      'openssl/apps/req.c',
+      'openssl/apps/rsa.c',
+      'openssl/apps/rsautl.c',
+      'openssl/apps/s_client.c',
+      'openssl/apps/s_server.c',
+      'openssl/apps/s_time.c',
+      'openssl/apps/sess_id.c',
+      'openssl/apps/smime.c',
+      'openssl/apps/speed.c',
+      'openssl/apps/spkac.c',
+      'openssl/apps/srp.c',
+      'openssl/apps/storeutl.c',
+      'openssl/apps/ts.c',
+      'openssl/apps/verify.c',
+      'openssl/apps/version.c',
+      'openssl/apps/x509.c',
+      'openssl/apps/app_rand.c',
+      'openssl/apps/apps.c',
+      'openssl/apps/bf_prefix.c',
+      'openssl/apps/opt.c',
+      'openssl/apps/s_cb.c',
+      'openssl/apps/s_socket.c',
+    ],
+  },
+  'defines': ['<@(openssl_defines_linux64-mips64)'],
+  'include_dirs': [
+    './include',
+  ],
+  'cflags' : ['<@(openssl_cflags_linux64-mips64)'],
+  'libraries': ['<@(openssl_ex_libs_linux64-mips64)'],
+  'sources': ['<@(openssl_cli_srcs_linux64-mips64)'],
+}
diff --git a/deps/openssl/config/archs/linux64-mips64/asm_avx2/openssl.gypi b/deps/openssl/config/archs/linux64-mips64/asm_avx2/openssl.gypi
new file mode 100644
index 00000000000000..300c2862915e33
--- /dev/null
+++ b/deps/openssl/config/archs/linux64-mips64/asm_avx2/openssl.gypi
@@ -0,0 +1,723 @@
+{
+  'variables': {
+    'openssl_sources': [
+      'openssl/ssl/bio_ssl.c',
+      'openssl/ssl/d1_lib.c',
+      'openssl/ssl/d1_msg.c',
+      'openssl/ssl/d1_srtp.c',
+      'openssl/ssl/methods.c',
+      'openssl/ssl/packet.c',
+      'openssl/ssl/pqueue.c',
+      'openssl/ssl/record/dtls1_bitmap.c',
+      'openssl/ssl/record/rec_layer_d1.c',
+      'openssl/ssl/record/rec_layer_s3.c',
+      'openssl/ssl/record/ssl3_buffer.c',
+      'openssl/ssl/record/ssl3_record.c',
+      'openssl/ssl/record/ssl3_record_tls13.c',
+      'openssl/ssl/s3_cbc.c',
+      'openssl/ssl/s3_enc.c',
+      'openssl/ssl/s3_lib.c',
+      'openssl/ssl/s3_msg.c',
+      'openssl/ssl/ssl_asn1.c',
+      'openssl/ssl/ssl_cert.c',
+      'openssl/ssl/ssl_ciph.c',
+      'openssl/ssl/ssl_conf.c',
+      'openssl/ssl/ssl_err.c',
+      'openssl/ssl/ssl_init.c',
+      'openssl/ssl/ssl_lib.c',
+      'openssl/ssl/ssl_mcnf.c',
+      'openssl/ssl/ssl_rsa.c',
+      'openssl/ssl/ssl_sess.c',
+      'openssl/ssl/ssl_stat.c',
+      'openssl/ssl/ssl_txt.c',
+      'openssl/ssl/ssl_utst.c',
+      'openssl/ssl/statem/extensions.c',
+      'openssl/ssl/statem/extensions_clnt.c',
+      'openssl/ssl/statem/extensions_cust.c',
+      'openssl/ssl/statem/extensions_srvr.c',
+      'openssl/ssl/statem/statem.c',
+      'openssl/ssl/statem/statem_clnt.c',
+      'openssl/ssl/statem/statem_dtls.c',
+      'openssl/ssl/statem/statem_lib.c',
+      'openssl/ssl/statem/statem_srvr.c',
+      'openssl/ssl/t1_enc.c',
+      'openssl/ssl/t1_lib.c',
+      'openssl/ssl/t1_trce.c',
+      'openssl/ssl/tls13_enc.c',
+      'openssl/ssl/tls_srp.c',
+      'openssl/crypto/aes/aes_cbc.c',
+      'openssl/crypto/aes/aes_cfb.c',
+      'openssl/crypto/aes/aes_ecb.c',
+      'openssl/crypto/aes/aes_ige.c',
+      'openssl/crypto/aes/aes_misc.c',
+      'openssl/crypto/aes/aes_ofb.c',
+      'openssl/crypto/aes/aes_wrap.c',
+      'openssl/crypto/aria/aria.c',
+      'openssl/crypto/asn1/a_bitstr.c',
+      'openssl/crypto/asn1/a_d2i_fp.c',
+      'openssl/crypto/asn1/a_digest.c',
+      'openssl/crypto/asn1/a_dup.c',
+      'openssl/crypto/asn1/a_gentm.c',
+      'openssl/crypto/asn1/a_i2d_fp.c',
+      'openssl/crypto/asn1/a_int.c',
+      'openssl/crypto/asn1/a_mbstr.c',
+      'openssl/crypto/asn1/a_object.c',
+      'openssl/crypto/asn1/a_octet.c',
+      'openssl/crypto/asn1/a_print.c',
+      'openssl/crypto/asn1/a_sign.c',
+      'openssl/crypto/asn1/a_strex.c',
+      'openssl/crypto/asn1/a_strnid.c',
+      'openssl/crypto/asn1/a_time.c',
+      'openssl/crypto/asn1/a_type.c',
+      'openssl/crypto/asn1/a_utctm.c',
+      'openssl/crypto/asn1/a_utf8.c',
+      'openssl/crypto/asn1/a_verify.c',
+      'openssl/crypto/asn1/ameth_lib.c',
+      'openssl/crypto/asn1/asn1_err.c',
+      'openssl/crypto/asn1/asn1_gen.c',
+      'openssl/crypto/asn1/asn1_item_list.c',
+      'openssl/crypto/asn1/asn1_lib.c',
+      'openssl/crypto/asn1/asn1_par.c',
+      'openssl/crypto/asn1/asn_mime.c',
+      'openssl/crypto/asn1/asn_moid.c',
+      'openssl/crypto/asn1/asn_mstbl.c',
+      'openssl/crypto/asn1/asn_pack.c',
+      'openssl/crypto/asn1/bio_asn1.c',
+      'openssl/crypto/asn1/bio_ndef.c',
+      'openssl/crypto/asn1/d2i_pr.c',
+      'openssl/crypto/asn1/d2i_pu.c',
+      'openssl/crypto/asn1/evp_asn1.c',
+      'openssl/crypto/asn1/f_int.c',
+      'openssl/crypto/asn1/f_string.c',
+      'openssl/crypto/asn1/i2d_pr.c',
+      'openssl/crypto/asn1/i2d_pu.c',
+      'openssl/crypto/asn1/n_pkey.c',
+      'openssl/crypto/asn1/nsseq.c',
+      'openssl/crypto/asn1/p5_pbe.c',
+      'openssl/crypto/asn1/p5_pbev2.c',
+      'openssl/crypto/asn1/p5_scrypt.c',
+      'openssl/crypto/asn1/p8_pkey.c',
+      'openssl/crypto/asn1/t_bitst.c',
+      'openssl/crypto/asn1/t_pkey.c',
+      'openssl/crypto/asn1/t_spki.c',
+      'openssl/crypto/asn1/tasn_dec.c',
+      'openssl/crypto/asn1/tasn_enc.c',
+      'openssl/crypto/asn1/tasn_fre.c',
+      'openssl/crypto/asn1/tasn_new.c',
+      'openssl/crypto/asn1/tasn_prn.c',
+      'openssl/crypto/asn1/tasn_scn.c',
+      'openssl/crypto/asn1/tasn_typ.c',
+      'openssl/crypto/asn1/tasn_utl.c',
+      'openssl/crypto/asn1/x_algor.c',
+      'openssl/crypto/asn1/x_bignum.c',
+      'openssl/crypto/asn1/x_info.c',
+      'openssl/crypto/asn1/x_int64.c',
+      'openssl/crypto/asn1/x_long.c',
+      'openssl/crypto/asn1/x_pkey.c',
+      'openssl/crypto/asn1/x_sig.c',
+      'openssl/crypto/asn1/x_spki.c',
+      'openssl/crypto/asn1/x_val.c',
+      'openssl/crypto/async/arch/async_null.c',
+      'openssl/crypto/async/arch/async_posix.c',
+      'openssl/crypto/async/arch/async_win.c',
+      'openssl/crypto/async/async.c',
+      'openssl/crypto/async/async_err.c',
+      'openssl/crypto/async/async_wait.c',
+      'openssl/crypto/bf/bf_cfb64.c',
+      'openssl/crypto/bf/bf_ecb.c',
+      'openssl/crypto/bf/bf_enc.c',
+      'openssl/crypto/bf/bf_ofb64.c',
+      'openssl/crypto/bf/bf_skey.c',
+      'openssl/crypto/bio/b_addr.c',
+      'openssl/crypto/bio/b_dump.c',
+      'openssl/crypto/bio/b_print.c',
+      'openssl/crypto/bio/b_sock.c',
+      'openssl/crypto/bio/b_sock2.c',
+      'openssl/crypto/bio/bf_buff.c',
+      'openssl/crypto/bio/bf_lbuf.c',
+      'openssl/crypto/bio/bf_nbio.c',
+      'openssl/crypto/bio/bf_null.c',
+      'openssl/crypto/bio/bio_cb.c',
+      'openssl/crypto/bio/bio_err.c',
+      'openssl/crypto/bio/bio_lib.c',
+      'openssl/crypto/bio/bio_meth.c',
+      'openssl/crypto/bio/bss_acpt.c',
+      'openssl/crypto/bio/bss_bio.c',
+      'openssl/crypto/bio/bss_conn.c',
+      'openssl/crypto/bio/bss_dgram.c',
+      'openssl/crypto/bio/bss_fd.c',
+      'openssl/crypto/bio/bss_file.c',
+      'openssl/crypto/bio/bss_log.c',
+      'openssl/crypto/bio/bss_mem.c',
+      'openssl/crypto/bio/bss_null.c',
+      'openssl/crypto/bio/bss_sock.c',
+      'openssl/crypto/blake2/blake2b.c',
+      'openssl/crypto/blake2/blake2s.c',
+      'openssl/crypto/blake2/m_blake2b.c',
+      'openssl/crypto/blake2/m_blake2s.c',
+      'openssl/crypto/bn/bn_add.c',
+      'openssl/crypto/bn/bn_blind.c',
+      'openssl/crypto/bn/bn_const.c',
+      'openssl/crypto/bn/bn_ctx.c',
+      'openssl/crypto/bn/bn_depr.c',
+      'openssl/crypto/bn/bn_dh.c',
+      'openssl/crypto/bn/bn_div.c',
+      'openssl/crypto/bn/bn_err.c',
+      'openssl/crypto/bn/bn_exp.c',
+      'openssl/crypto/bn/bn_exp2.c',
+      'openssl/crypto/bn/bn_gcd.c',
+      'openssl/crypto/bn/bn_gf2m.c',
+      'openssl/crypto/bn/bn_intern.c',
+      'openssl/crypto/bn/bn_kron.c',
+      'openssl/crypto/bn/bn_lib.c',
+      'openssl/crypto/bn/bn_mod.c',
+      'openssl/crypto/bn/bn_mont.c',
+      'openssl/crypto/bn/bn_mpi.c',
+      'openssl/crypto/bn/bn_mul.c',
+      'openssl/crypto/bn/bn_nist.c',
+      'openssl/crypto/bn/bn_prime.c',
+      'openssl/crypto/bn/bn_print.c',
+      'openssl/crypto/bn/bn_rand.c',
+      'openssl/crypto/bn/bn_recp.c',
+      'openssl/crypto/bn/bn_shift.c',
+      'openssl/crypto/bn/bn_sqr.c',
+      'openssl/crypto/bn/bn_sqrt.c',
+      'openssl/crypto/bn/bn_srp.c',
+      'openssl/crypto/bn/bn_word.c',
+      'openssl/crypto/bn/bn_x931p.c',
+      'openssl/crypto/buffer/buf_err.c',
+      'openssl/crypto/buffer/buffer.c',
+      'openssl/crypto/camellia/camellia.c',
+      'openssl/crypto/camellia/cmll_cbc.c',
+      'openssl/crypto/camellia/cmll_cfb.c',
+      'openssl/crypto/camellia/cmll_ctr.c',
+      'openssl/crypto/camellia/cmll_ecb.c',
+      'openssl/crypto/camellia/cmll_misc.c',
+      'openssl/crypto/camellia/cmll_ofb.c',
+      'openssl/crypto/cast/c_cfb64.c',
+      'openssl/crypto/cast/c_ecb.c',
+      'openssl/crypto/cast/c_enc.c',
+      'openssl/crypto/cast/c_ofb64.c',
+      'openssl/crypto/cast/c_skey.c',
+      'openssl/crypto/chacha/chacha_enc.c',
+      'openssl/crypto/cmac/cm_ameth.c',
+      'openssl/crypto/cmac/cm_pmeth.c',
+      'openssl/crypto/cmac/cmac.c',
+      'openssl/crypto/cms/cms_asn1.c',
+      'openssl/crypto/cms/cms_att.c',
+      'openssl/crypto/cms/cms_cd.c',
+      'openssl/crypto/cms/cms_dd.c',
+      'openssl/crypto/cms/cms_enc.c',
+      'openssl/crypto/cms/cms_env.c',
+      'openssl/crypto/cms/cms_err.c',
+      'openssl/crypto/cms/cms_ess.c',
+      'openssl/crypto/cms/cms_io.c',
+      'openssl/crypto/cms/cms_kari.c',
+      'openssl/crypto/cms/cms_lib.c',
+      'openssl/crypto/cms/cms_pwri.c',
+      'openssl/crypto/cms/cms_sd.c',
+      'openssl/crypto/cms/cms_smime.c',
+      'openssl/crypto/conf/conf_api.c',
+      'openssl/crypto/conf/conf_def.c',
+      'openssl/crypto/conf/conf_err.c',
+      'openssl/crypto/conf/conf_lib.c',
+      'openssl/crypto/conf/conf_mall.c',
+      'openssl/crypto/conf/conf_mod.c',
+      'openssl/crypto/conf/conf_sap.c',
+      'openssl/crypto/conf/conf_ssl.c',
+      'openssl/crypto/cpt_err.c',
+      'openssl/crypto/cryptlib.c',
+      'openssl/crypto/ct/ct_b64.c',
+      'openssl/crypto/ct/ct_err.c',
+      'openssl/crypto/ct/ct_log.c',
+      'openssl/crypto/ct/ct_oct.c',
+      'openssl/crypto/ct/ct_policy.c',
+      'openssl/crypto/ct/ct_prn.c',
+      'openssl/crypto/ct/ct_sct.c',
+      'openssl/crypto/ct/ct_sct_ctx.c',
+      'openssl/crypto/ct/ct_vfy.c',
+      'openssl/crypto/ct/ct_x509v3.c',
+      'openssl/crypto/ctype.c',
+      'openssl/crypto/cversion.c',
+      'openssl/crypto/des/cbc_cksm.c',
+      'openssl/crypto/des/cbc_enc.c',
+      'openssl/crypto/des/cfb64ede.c',
+      'openssl/crypto/des/cfb64enc.c',
+      'openssl/crypto/des/cfb_enc.c',
+      'openssl/crypto/des/des_enc.c',
+      'openssl/crypto/des/ecb3_enc.c',
+      'openssl/crypto/des/ecb_enc.c',
+      'openssl/crypto/des/fcrypt.c',
+      'openssl/crypto/des/fcrypt_b.c',
+      'openssl/crypto/des/ofb64ede.c',
+      'openssl/crypto/des/ofb64enc.c',
+      'openssl/crypto/des/ofb_enc.c',
+      'openssl/crypto/des/pcbc_enc.c',
+      'openssl/crypto/des/qud_cksm.c',
+      'openssl/crypto/des/rand_key.c',
+      'openssl/crypto/des/set_key.c',
+      'openssl/crypto/des/str2key.c',
+      'openssl/crypto/des/xcbc_enc.c',
+      'openssl/crypto/dh/dh_ameth.c',
+      'openssl/crypto/dh/dh_asn1.c',
+      'openssl/crypto/dh/dh_check.c',
+      'openssl/crypto/dh/dh_depr.c',
+      'openssl/crypto/dh/dh_err.c',
+      'openssl/crypto/dh/dh_gen.c',
+      'openssl/crypto/dh/dh_kdf.c',
+      'openssl/crypto/dh/dh_key.c',
+      'openssl/crypto/dh/dh_lib.c',
+      'openssl/crypto/dh/dh_meth.c',
+      'openssl/crypto/dh/dh_pmeth.c',
+      'openssl/crypto/dh/dh_prn.c',
+      'openssl/crypto/dh/dh_rfc5114.c',
+      'openssl/crypto/dh/dh_rfc7919.c',
+      'openssl/crypto/dsa/dsa_ameth.c',
+      'openssl/crypto/dsa/dsa_asn1.c',
+      'openssl/crypto/dsa/dsa_depr.c',
+      'openssl/crypto/dsa/dsa_err.c',
+      'openssl/crypto/dsa/dsa_gen.c',
+      'openssl/crypto/dsa/dsa_key.c',
+      'openssl/crypto/dsa/dsa_lib.c',
+      'openssl/crypto/dsa/dsa_meth.c',
+      'openssl/crypto/dsa/dsa_ossl.c',
+      'openssl/crypto/dsa/dsa_pmeth.c',
+      'openssl/crypto/dsa/dsa_prn.c',
+      'openssl/crypto/dsa/dsa_sign.c',
+      'openssl/crypto/dsa/dsa_vrf.c',
+      'openssl/crypto/dso/dso_dl.c',
+      'openssl/crypto/dso/dso_dlfcn.c',
+      'openssl/crypto/dso/dso_err.c',
+      'openssl/crypto/dso/dso_lib.c',
+      'openssl/crypto/dso/dso_openssl.c',
+      'openssl/crypto/dso/dso_vms.c',
+      'openssl/crypto/dso/dso_win32.c',
+      'openssl/crypto/ebcdic.c',
+      'openssl/crypto/ec/curve25519.c',
+      'openssl/crypto/ec/curve448/arch_32/f_impl.c',
+      'openssl/crypto/ec/curve448/curve448.c',
+      'openssl/crypto/ec/curve448/curve448_tables.c',
+      'openssl/crypto/ec/curve448/eddsa.c',
+      'openssl/crypto/ec/curve448/f_generic.c',
+      'openssl/crypto/ec/curve448/scalar.c',
+      'openssl/crypto/ec/ec2_oct.c',
+      'openssl/crypto/ec/ec2_smpl.c',
+      'openssl/crypto/ec/ec_ameth.c',
+      'openssl/crypto/ec/ec_asn1.c',
+      'openssl/crypto/ec/ec_check.c',
+      'openssl/crypto/ec/ec_curve.c',
+      'openssl/crypto/ec/ec_cvt.c',
+      'openssl/crypto/ec/ec_err.c',
+      'openssl/crypto/ec/ec_key.c',
+      'openssl/crypto/ec/ec_kmeth.c',
+      'openssl/crypto/ec/ec_lib.c',
+      'openssl/crypto/ec/ec_mult.c',
+      'openssl/crypto/ec/ec_oct.c',
+      'openssl/crypto/ec/ec_pmeth.c',
+      'openssl/crypto/ec/ec_print.c',
+      'openssl/crypto/ec/ecdh_kdf.c',
+      'openssl/crypto/ec/ecdh_ossl.c',
+      'openssl/crypto/ec/ecdsa_ossl.c',
+      'openssl/crypto/ec/ecdsa_sign.c',
+      'openssl/crypto/ec/ecdsa_vrf.c',
+      'openssl/crypto/ec/eck_prn.c',
+      'openssl/crypto/ec/ecp_mont.c',
+      'openssl/crypto/ec/ecp_nist.c',
+      'openssl/crypto/ec/ecp_nistp224.c',
+      'openssl/crypto/ec/ecp_nistp256.c',
+      'openssl/crypto/ec/ecp_nistp521.c',
+      'openssl/crypto/ec/ecp_nistputil.c',
+      'openssl/crypto/ec/ecp_oct.c',
+      'openssl/crypto/ec/ecp_smpl.c',
+      'openssl/crypto/ec/ecx_meth.c',
+      'openssl/crypto/engine/eng_all.c',
+      'openssl/crypto/engine/eng_cnf.c',
+      'openssl/crypto/engine/eng_ctrl.c',
+      'openssl/crypto/engine/eng_dyn.c',
+      'openssl/crypto/engine/eng_err.c',
+      'openssl/crypto/engine/eng_fat.c',
+      'openssl/crypto/engine/eng_init.c',
+      'openssl/crypto/engine/eng_lib.c',
+      'openssl/crypto/engine/eng_list.c',
+      'openssl/crypto/engine/eng_openssl.c',
+      'openssl/crypto/engine/eng_pkey.c',
+      'openssl/crypto/engine/eng_rdrand.c',
+      'openssl/crypto/engine/eng_table.c',
+      'openssl/crypto/engine/tb_asnmth.c',
+      'openssl/crypto/engine/tb_cipher.c',
+      'openssl/crypto/engine/tb_dh.c',
+      'openssl/crypto/engine/tb_digest.c',
+      'openssl/crypto/engine/tb_dsa.c',
+      'openssl/crypto/engine/tb_eckey.c',
+      'openssl/crypto/engine/tb_pkmeth.c',
+      'openssl/crypto/engine/tb_rand.c',
+      'openssl/crypto/engine/tb_rsa.c',
+      'openssl/crypto/err/err.c',
+      'openssl/crypto/err/err_all.c',
+      'openssl/crypto/err/err_prn.c',
+      'openssl/crypto/evp/bio_b64.c',
+      'openssl/crypto/evp/bio_enc.c',
+      'openssl/crypto/evp/bio_md.c',
+      'openssl/crypto/evp/bio_ok.c',
+      'openssl/crypto/evp/c_allc.c',
+      'openssl/crypto/evp/c_alld.c',
+      'openssl/crypto/evp/cmeth_lib.c',
+      'openssl/crypto/evp/digest.c',
+      'openssl/crypto/evp/e_aes.c',
+      'openssl/crypto/evp/e_aes_cbc_hmac_sha1.c',
+      'openssl/crypto/evp/e_aes_cbc_hmac_sha256.c',
+      'openssl/crypto/evp/e_aria.c',
+      'openssl/crypto/evp/e_bf.c',
+      'openssl/crypto/evp/e_camellia.c',
+      'openssl/crypto/evp/e_cast.c',
+      'openssl/crypto/evp/e_chacha20_poly1305.c',
+      'openssl/crypto/evp/e_des.c',
+      'openssl/crypto/evp/e_des3.c',
+      'openssl/crypto/evp/e_idea.c',
+      'openssl/crypto/evp/e_null.c',
+      'openssl/crypto/evp/e_old.c',
+      'openssl/crypto/evp/e_rc2.c',
+      'openssl/crypto/evp/e_rc4.c',
+      'openssl/crypto/evp/e_rc4_hmac_md5.c',
+      'openssl/crypto/evp/e_rc5.c',
+      'openssl/crypto/evp/e_seed.c',
+      'openssl/crypto/evp/e_sm4.c',
+      'openssl/crypto/evp/e_xcbc_d.c',
+      'openssl/crypto/evp/encode.c',
+      'openssl/crypto/evp/evp_cnf.c',
+      'openssl/crypto/evp/evp_enc.c',
+      'openssl/crypto/evp/evp_err.c',
+      'openssl/crypto/evp/evp_key.c',
+      'openssl/crypto/evp/evp_lib.c',
+      'openssl/crypto/evp/evp_pbe.c',
+      'openssl/crypto/evp/evp_pkey.c',
+      'openssl/crypto/evp/m_md2.c',
+      'openssl/crypto/evp/m_md4.c',
+      'openssl/crypto/evp/m_md5.c',
+      'openssl/crypto/evp/m_md5_sha1.c',
+      'openssl/crypto/evp/m_mdc2.c',
+      'openssl/crypto/evp/m_null.c',
+      'openssl/crypto/evp/m_ripemd.c',
+      'openssl/crypto/evp/m_sha1.c',
+      'openssl/crypto/evp/m_sha3.c',
+      'openssl/crypto/evp/m_sigver.c',
+      'openssl/crypto/evp/m_wp.c',
+      'openssl/crypto/evp/names.c',
+      'openssl/crypto/evp/p5_crpt.c',
+      'openssl/crypto/evp/p5_crpt2.c',
+      'openssl/crypto/evp/p_dec.c',
+      'openssl/crypto/evp/p_enc.c',
+      'openssl/crypto/evp/p_lib.c',
+      'openssl/crypto/evp/p_open.c',
+      'openssl/crypto/evp/p_seal.c',
+      'openssl/crypto/evp/p_sign.c',
+      'openssl/crypto/evp/p_verify.c',
+      'openssl/crypto/evp/pbe_scrypt.c',
+      'openssl/crypto/evp/pmeth_fn.c',
+      'openssl/crypto/evp/pmeth_gn.c',
+      'openssl/crypto/evp/pmeth_lib.c',
+      'openssl/crypto/ex_data.c',
+      'openssl/crypto/getenv.c',
+      'openssl/crypto/hmac/hm_ameth.c',
+      'openssl/crypto/hmac/hm_pmeth.c',
+      'openssl/crypto/hmac/hmac.c',
+      'openssl/crypto/idea/i_cbc.c',
+      'openssl/crypto/idea/i_cfb64.c',
+      'openssl/crypto/idea/i_ecb.c',
+      'openssl/crypto/idea/i_ofb64.c',
+      'openssl/crypto/idea/i_skey.c',
+      'openssl/crypto/init.c',
+      'openssl/crypto/kdf/hkdf.c',
+      'openssl/crypto/kdf/kdf_err.c',
+      'openssl/crypto/kdf/scrypt.c',
+      'openssl/crypto/kdf/tls1_prf.c',
+      'openssl/crypto/lhash/lh_stats.c',
+      'openssl/crypto/lhash/lhash.c',
+      'openssl/crypto/md4/md4_dgst.c',
+      'openssl/crypto/md4/md4_one.c',
+      'openssl/crypto/md5/md5_dgst.c',
+      'openssl/crypto/md5/md5_one.c',
+      'openssl/crypto/mdc2/mdc2_one.c',
+      'openssl/crypto/mdc2/mdc2dgst.c',
+      'openssl/crypto/mem.c',
+      'openssl/crypto/mem_clr.c',
+      'openssl/crypto/mem_dbg.c',
+      'openssl/crypto/mem_sec.c',
+      'openssl/crypto/modes/cbc128.c',
+      'openssl/crypto/modes/ccm128.c',
+      'openssl/crypto/modes/cfb128.c',
+      'openssl/crypto/modes/ctr128.c',
+      'openssl/crypto/modes/cts128.c',
+      'openssl/crypto/modes/gcm128.c',
+      'openssl/crypto/modes/ocb128.c',
+      'openssl/crypto/modes/ofb128.c',
+      'openssl/crypto/modes/wrap128.c',
+      'openssl/crypto/modes/xts128.c',
+      'openssl/crypto/o_dir.c',
+      'openssl/crypto/o_fips.c',
+      'openssl/crypto/o_fopen.c',
+      'openssl/crypto/o_init.c',
+      'openssl/crypto/o_str.c',
+      'openssl/crypto/o_time.c',
+      'openssl/crypto/objects/o_names.c',
+      'openssl/crypto/objects/obj_dat.c',
+      'openssl/crypto/objects/obj_err.c',
+      'openssl/crypto/objects/obj_lib.c',
+      'openssl/crypto/objects/obj_xref.c',
+      'openssl/crypto/ocsp/ocsp_asn.c',
+      'openssl/crypto/ocsp/ocsp_cl.c',
+      'openssl/crypto/ocsp/ocsp_err.c',
+      'openssl/crypto/ocsp/ocsp_ext.c',
+      'openssl/crypto/ocsp/ocsp_ht.c',
+      'openssl/crypto/ocsp/ocsp_lib.c',
+      'openssl/crypto/ocsp/ocsp_prn.c',
+      'openssl/crypto/ocsp/ocsp_srv.c',
+      'openssl/crypto/ocsp/ocsp_vfy.c',
+      'openssl/crypto/ocsp/v3_ocsp.c',
+      'openssl/crypto/pem/pem_all.c',
+      'openssl/crypto/pem/pem_err.c',
+      'openssl/crypto/pem/pem_info.c',
+      'openssl/crypto/pem/pem_lib.c',
+      'openssl/crypto/pem/pem_oth.c',
+      'openssl/crypto/pem/pem_pk8.c',
+      'openssl/crypto/pem/pem_pkey.c',
+      'openssl/crypto/pem/pem_sign.c',
+      'openssl/crypto/pem/pem_x509.c',
+      'openssl/crypto/pem/pem_xaux.c',
+      'openssl/crypto/pem/pvkfmt.c',
+      'openssl/crypto/pkcs12/p12_add.c',
+      'openssl/crypto/pkcs12/p12_asn.c',
+      'openssl/crypto/pkcs12/p12_attr.c',
+      'openssl/crypto/pkcs12/p12_crpt.c',
+      'openssl/crypto/pkcs12/p12_crt.c',
+      'openssl/crypto/pkcs12/p12_decr.c',
+      'openssl/crypto/pkcs12/p12_init.c',
+      'openssl/crypto/pkcs12/p12_key.c',
+      'openssl/crypto/pkcs12/p12_kiss.c',
+      'openssl/crypto/pkcs12/p12_mutl.c',
+      'openssl/crypto/pkcs12/p12_npas.c',
+      'openssl/crypto/pkcs12/p12_p8d.c',
+      'openssl/crypto/pkcs12/p12_p8e.c',
+      'openssl/crypto/pkcs12/p12_sbag.c',
+      'openssl/crypto/pkcs12/p12_utl.c',
+      'openssl/crypto/pkcs12/pk12err.c',
+      'openssl/crypto/pkcs7/bio_pk7.c',
+      'openssl/crypto/pkcs7/pk7_asn1.c',
+      'openssl/crypto/pkcs7/pk7_attr.c',
+      'openssl/crypto/pkcs7/pk7_doit.c',
+      'openssl/crypto/pkcs7/pk7_lib.c',
+      'openssl/crypto/pkcs7/pk7_mime.c',
+      'openssl/crypto/pkcs7/pk7_smime.c',
+      'openssl/crypto/pkcs7/pkcs7err.c',
+      'openssl/crypto/poly1305/poly1305.c',
+      'openssl/crypto/poly1305/poly1305_ameth.c',
+      'openssl/crypto/poly1305/poly1305_pmeth.c',
+      'openssl/crypto/rand/drbg_ctr.c',
+      'openssl/crypto/rand/drbg_lib.c',
+      'openssl/crypto/rand/rand_egd.c',
+      'openssl/crypto/rand/rand_err.c',
+      'openssl/crypto/rand/rand_lib.c',
+      'openssl/crypto/rand/rand_unix.c',
+      'openssl/crypto/rand/rand_vms.c',
+      'openssl/crypto/rand/rand_win.c',
+      'openssl/crypto/rand/randfile.c',
+      'openssl/crypto/rc2/rc2_cbc.c',
+      'openssl/crypto/rc2/rc2_ecb.c',
+      'openssl/crypto/rc2/rc2_skey.c',
+      'openssl/crypto/rc2/rc2cfb64.c',
+      'openssl/crypto/rc2/rc2ofb64.c',
+      'openssl/crypto/rc4/rc4_enc.c',
+      'openssl/crypto/rc4/rc4_skey.c',
+      'openssl/crypto/ripemd/rmd_dgst.c',
+      'openssl/crypto/ripemd/rmd_one.c',
+      'openssl/crypto/rsa/rsa_ameth.c',
+      'openssl/crypto/rsa/rsa_asn1.c',
+      'openssl/crypto/rsa/rsa_chk.c',
+      'openssl/crypto/rsa/rsa_crpt.c',
+      'openssl/crypto/rsa/rsa_depr.c',
+      'openssl/crypto/rsa/rsa_err.c',
+      'openssl/crypto/rsa/rsa_gen.c',
+      'openssl/crypto/rsa/rsa_lib.c',
+      'openssl/crypto/rsa/rsa_meth.c',
+      'openssl/crypto/rsa/rsa_mp.c',
+      'openssl/crypto/rsa/rsa_none.c',
+      'openssl/crypto/rsa/rsa_oaep.c',
+      'openssl/crypto/rsa/rsa_ossl.c',
+      'openssl/crypto/rsa/rsa_pk1.c',
+      'openssl/crypto/rsa/rsa_pmeth.c',
+      'openssl/crypto/rsa/rsa_prn.c',
+      'openssl/crypto/rsa/rsa_pss.c',
+      'openssl/crypto/rsa/rsa_saos.c',
+      'openssl/crypto/rsa/rsa_sign.c',
+      'openssl/crypto/rsa/rsa_ssl.c',
+      'openssl/crypto/rsa/rsa_x931.c',
+      'openssl/crypto/rsa/rsa_x931g.c',
+      'openssl/crypto/seed/seed.c',
+      'openssl/crypto/seed/seed_cbc.c',
+      'openssl/crypto/seed/seed_cfb.c',
+      'openssl/crypto/seed/seed_ecb.c',
+      'openssl/crypto/seed/seed_ofb.c',
+      'openssl/crypto/sha/keccak1600.c',
+      'openssl/crypto/sha/sha1_one.c',
+      'openssl/crypto/sha/sha1dgst.c',
+      'openssl/crypto/sha/sha256.c',
+      'openssl/crypto/sha/sha512.c',
+      'openssl/crypto/siphash/siphash.c',
+      'openssl/crypto/siphash/siphash_ameth.c',
+      'openssl/crypto/siphash/siphash_pmeth.c',
+      'openssl/crypto/sm2/sm2_crypt.c',
+      'openssl/crypto/sm2/sm2_err.c',
+      'openssl/crypto/sm2/sm2_pmeth.c',
+      'openssl/crypto/sm2/sm2_sign.c',
+      'openssl/crypto/sm3/m_sm3.c',
+      'openssl/crypto/sm3/sm3.c',
+      'openssl/crypto/sm4/sm4.c',
+      'openssl/crypto/srp/srp_lib.c',
+      'openssl/crypto/srp/srp_vfy.c',
+      'openssl/crypto/stack/stack.c',
+      'openssl/crypto/store/loader_file.c',
+      'openssl/crypto/store/store_err.c',
+      'openssl/crypto/store/store_init.c',
+      'openssl/crypto/store/store_lib.c',
+      'openssl/crypto/store/store_register.c',
+      'openssl/crypto/store/store_strings.c',
+      'openssl/crypto/threads_none.c',
+      'openssl/crypto/threads_pthread.c',
+      'openssl/crypto/threads_win.c',
+      'openssl/crypto/ts/ts_asn1.c',
+      'openssl/crypto/ts/ts_conf.c',
+      'openssl/crypto/ts/ts_err.c',
+      'openssl/crypto/ts/ts_lib.c',
+      'openssl/crypto/ts/ts_req_print.c',
+      'openssl/crypto/ts/ts_req_utils.c',
+      'openssl/crypto/ts/ts_rsp_print.c',
+      'openssl/crypto/ts/ts_rsp_sign.c',
+      'openssl/crypto/ts/ts_rsp_utils.c',
+      'openssl/crypto/ts/ts_rsp_verify.c',
+      'openssl/crypto/ts/ts_verify_ctx.c',
+      'openssl/crypto/txt_db/txt_db.c',
+      'openssl/crypto/ui/ui_err.c',
+      'openssl/crypto/ui/ui_lib.c',
+      'openssl/crypto/ui/ui_null.c',
+      'openssl/crypto/ui/ui_openssl.c',
+      'openssl/crypto/ui/ui_util.c',
+      'openssl/crypto/uid.c',
+      'openssl/crypto/whrlpool/wp_block.c',
+      'openssl/crypto/whrlpool/wp_dgst.c',
+      'openssl/crypto/x509/by_dir.c',
+      'openssl/crypto/x509/by_file.c',
+      'openssl/crypto/x509/t_crl.c',
+      'openssl/crypto/x509/t_req.c',
+      'openssl/crypto/x509/t_x509.c',
+      'openssl/crypto/x509/x509_att.c',
+      'openssl/crypto/x509/x509_cmp.c',
+      'openssl/crypto/x509/x509_d2.c',
+      'openssl/crypto/x509/x509_def.c',
+      'openssl/crypto/x509/x509_err.c',
+      'openssl/crypto/x509/x509_ext.c',
+      'openssl/crypto/x509/x509_lu.c',
+      'openssl/crypto/x509/x509_meth.c',
+      'openssl/crypto/x509/x509_obj.c',
+      'openssl/crypto/x509/x509_r2x.c',
+      'openssl/crypto/x509/x509_req.c',
+      'openssl/crypto/x509/x509_set.c',
+      'openssl/crypto/x509/x509_trs.c',
+      'openssl/crypto/x509/x509_txt.c',
+      'openssl/crypto/x509/x509_v3.c',
+      'openssl/crypto/x509/x509_vfy.c',
+      'openssl/crypto/x509/x509_vpm.c',
+      'openssl/crypto/x509/x509cset.c',
+      'openssl/crypto/x509/x509name.c',
+      'openssl/crypto/x509/x509rset.c',
+      'openssl/crypto/x509/x509spki.c',
+      'openssl/crypto/x509/x509type.c',
+      'openssl/crypto/x509/x_all.c',
+      'openssl/crypto/x509/x_attrib.c',
+      'openssl/crypto/x509/x_crl.c',
+      'openssl/crypto/x509/x_exten.c',
+      'openssl/crypto/x509/x_name.c',
+      'openssl/crypto/x509/x_pubkey.c',
+      'openssl/crypto/x509/x_req.c',
+      'openssl/crypto/x509/x_x509.c',
+      'openssl/crypto/x509/x_x509a.c',
+      'openssl/crypto/x509v3/pcy_cache.c',
+      'openssl/crypto/x509v3/pcy_data.c',
+      'openssl/crypto/x509v3/pcy_lib.c',
+      'openssl/crypto/x509v3/pcy_map.c',
+      'openssl/crypto/x509v3/pcy_node.c',
+      'openssl/crypto/x509v3/pcy_tree.c',
+      'openssl/crypto/x509v3/v3_addr.c',
+      'openssl/crypto/x509v3/v3_admis.c',
+      'openssl/crypto/x509v3/v3_akey.c',
+      'openssl/crypto/x509v3/v3_akeya.c',
+      'openssl/crypto/x509v3/v3_alt.c',
+      'openssl/crypto/x509v3/v3_asid.c',
+      'openssl/crypto/x509v3/v3_bcons.c',
+      'openssl/crypto/x509v3/v3_bitst.c',
+      'openssl/crypto/x509v3/v3_conf.c',
+      'openssl/crypto/x509v3/v3_cpols.c',
+      'openssl/crypto/x509v3/v3_crld.c',
+      'openssl/crypto/x509v3/v3_enum.c',
+      'openssl/crypto/x509v3/v3_extku.c',
+      'openssl/crypto/x509v3/v3_genn.c',
+      'openssl/crypto/x509v3/v3_ia5.c',
+      'openssl/crypto/x509v3/v3_info.c',
+      'openssl/crypto/x509v3/v3_int.c',
+      'openssl/crypto/x509v3/v3_lib.c',
+      'openssl/crypto/x509v3/v3_ncons.c',
+      'openssl/crypto/x509v3/v3_pci.c',
+      'openssl/crypto/x509v3/v3_pcia.c',
+      'openssl/crypto/x509v3/v3_pcons.c',
+      'openssl/crypto/x509v3/v3_pku.c',
+      'openssl/crypto/x509v3/v3_pmaps.c',
+      'openssl/crypto/x509v3/v3_prn.c',
+      'openssl/crypto/x509v3/v3_purp.c',
+      'openssl/crypto/x509v3/v3_skey.c',
+      'openssl/crypto/x509v3/v3_sxnet.c',
+      'openssl/crypto/x509v3/v3_tlsf.c',
+      'openssl/crypto/x509v3/v3_utl.c',
+      'openssl/crypto/x509v3/v3err.c',
+      'openssl/engines/e_capi.c',
+      'openssl/engines/e_padlock.c',
+    ],
+    'openssl_sources_linux64-mips64': [
+      './config/archs/linux64-mips64/asm_avx2/crypto/aes/aes-mips.S',
+      './config/archs/linux64-mips64/asm_avx2/crypto/bn/bn-mips.S',
+      './config/archs/linux64-mips64/asm_avx2/crypto/bn/mips-mont.S',
+      './config/archs/linux64-mips64/asm_avx2/crypto/poly1305/poly1305-mips.S',
+      './config/archs/linux64-mips64/asm_avx2/crypto/sha/sha1-mips.S',
+      './config/archs/linux64-mips64/asm_avx2/crypto/sha/sha256-mips.S',
+      './config/archs/linux64-mips64/asm_avx2/crypto/sha/sha512-mips.S',
+    ],
+    'openssl_defines_linux64-mips64': [
+      'NDEBUG',
+      'OPENSSL_USE_NODELETE',
+      'OPENSSL_PIC',
+      'OPENSSL_BN_ASM_MONT',
+      'SHA1_ASM',
+      'SHA256_ASM',
+      'SHA512_ASM',
+      'AES_ASM',
+      'POLY1305_ASM',
+    ],
+    'openssl_cflags_linux64-mips64': [
+      '-Wa,--noexecstack',
+      '-Wall -O3',
+      '-pthread -mabi=64',
+      '-Wall -O3',
+    ],
+    'openssl_ex_libs_linux64-mips64': [
+      '-ldl -pthread',
+    ],
+  },
+  'include_dirs': [
+    '.',
+    './include',
+    './crypto',
+    './crypto/include/internal',
+  ],
+  'defines': ['<@(openssl_defines_linux64-mips64)'],
+  'cflags' : ['<@(openssl_cflags_linux64-mips64)'],
+  'libraries': ['<@(openssl_ex_libs_linux64-mips64)'],
+  'sources': ['<@(openssl_sources)', '<@(openssl_sources_linux64-mips64)'],
+}
diff --git a/deps/openssl/config/archs/linux64-mips64/no-asm/configdata.pm b/deps/openssl/config/archs/linux64-mips64/no-asm/configdata.pm
index e9c2140c76010c..f5b0bfea293e48 100644
--- a/deps/openssl/config/archs/linux64-mips64/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/linux64-mips64/no-asm/configdata.pm
@@ -26,6 +26,7 @@ our %config = (
   PERL => "/usr/bin/perl",
   RANLIB => "ranlib",
   RC => "windres",
+  RCFLAGS => [  ],
   b32 => "0",
   b64 => "0",
   b64l => "1",
@@ -36,7 +37,7 @@ our %config = (
   build_type => "release",
   builddir => ".",
   cflags => [  ],
-  conf_files => [ "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/shared-info.pl" ],
+  conf_files => [ "Configurations/00-base-templates.conf", "Configurations/10-main.conf" ],
   cppflags => [  ],
   cxxflags => [  ],
   defines => [ "NDEBUG" ],
@@ -58,10 +59,10 @@ our %config = (
   openssl_sys_defines => [  ],
   openssl_thread_defines => [ "OPENSSL_THREADS" ],
   openssldir => "",
-  options => "enable-ssl-trace no-afalgeng no-asan no-asm no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-heartbeats no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-ubsan no-unit-test no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
-  perl_archname => "mips64el-linux-thread-multi",
+  options => "enable-ssl-trace no-afalgeng no-asan no-asm no-buildtest-c++ no-comp no-crypto-mdebug no-crypto-mdebug-backtrace no-devcryptoeng no-dynamic-engine no-ec_nistp_64_gcc_128 no-egd no-external-tests no-fuzz-afl no-fuzz-libfuzzer no-heartbeats no-md2 no-msan no-rc5 no-sctp no-shared no-ssl3 no-ssl3-method no-ubsan no-unit-test no-weak-ssl-ciphers no-zlib no-zlib-dynamic",
+  perl_archname => "x86_64-linux-gnu-thread-multi",
   perl_cmd => "/usr/bin/perl",
-  perl_version => "5.18.4",
+  perl_version => "5.28.1",
   perlargv => [ "no-comp", "no-shared", "no-afalgeng", "enable-ssl-trace", "no-asm", "linux64-mips64" ],
   perlenv => {
       "AR" => undef,
@@ -110,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "linux64-mips64",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1b",
-  version_num => "0x1010102fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -220,6 +221,7 @@ our @disablables = (
   "autoload-config",
   "bf",
   "blake2",
+  "buildtest-c\\+\\+",
   "camellia",
   "capieng",
   "cast",
@@ -236,7 +238,6 @@ our @disablables = (
   "dgram",
   "dh",
   "dsa",
-  "dso",
   "dtls",
   "dynamic-engine",
   "ec",
@@ -321,11 +322,12 @@ our %disabled = (
   "afalgeng" => "option",
   "asan" => "default",
   "asm" => "option",
+  "buildtest-c++" => "default",
   "comp" => "option",
   "crypto-mdebug" => "default",
   "crypto-mdebug-backtrace" => "default",
   "devcryptoeng" => "default",
-  "dynamic-engine" => "forced",
+  "dynamic-engine" => "cascade",
   "ec_nistp_64_gcc_128" => "default",
   "egd" => "default",
   "external-tests" => "default",
@@ -802,342 +804,342 @@ our %unified_info = (
                     "libcrypto",
                     "test/libtestutil.a",
                 ],
-            "test/buildtest_aes" =>
+            "test/buildtest_c_aes" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_asn1" =>
+            "test/buildtest_c_asn1" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_asn1t" =>
+            "test/buildtest_c_asn1t" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_async" =>
+            "test/buildtest_c_async" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_bio" =>
+            "test/buildtest_c_bio" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_blowfish" =>
+            "test/buildtest_c_blowfish" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_bn" =>
+            "test/buildtest_c_bn" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_buffer" =>
+            "test/buildtest_c_buffer" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_camellia" =>
+            "test/buildtest_c_camellia" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_cast" =>
+            "test/buildtest_c_cast" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_cmac" =>
+            "test/buildtest_c_cmac" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_cms" =>
+            "test/buildtest_c_cms" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_conf" =>
+            "test/buildtest_c_conf" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_conf_api" =>
+            "test/buildtest_c_conf_api" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_crypto" =>
+            "test/buildtest_c_crypto" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_ct" =>
+            "test/buildtest_c_ct" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_des" =>
+            "test/buildtest_c_des" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_dh" =>
+            "test/buildtest_c_dh" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_dsa" =>
+            "test/buildtest_c_dsa" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_dtls1" =>
+            "test/buildtest_c_dtls1" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_e_os2" =>
+            "test/buildtest_c_e_os2" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_ebcdic" =>
+            "test/buildtest_c_ebcdic" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_ec" =>
+            "test/buildtest_c_ec" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_ecdh" =>
+            "test/buildtest_c_ecdh" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_ecdsa" =>
+            "test/buildtest_c_ecdsa" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_engine" =>
+            "test/buildtest_c_engine" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_evp" =>
+            "test/buildtest_c_evp" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_hmac" =>
+            "test/buildtest_c_hmac" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_idea" =>
+            "test/buildtest_c_idea" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_kdf" =>
+            "test/buildtest_c_kdf" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_lhash" =>
+            "test/buildtest_c_lhash" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_md4" =>
+            "test/buildtest_c_md4" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_md5" =>
+            "test/buildtest_c_md5" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_mdc2" =>
+            "test/buildtest_c_mdc2" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_modes" =>
+            "test/buildtest_c_modes" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_obj_mac" =>
+            "test/buildtest_c_obj_mac" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_objects" =>
+            "test/buildtest_c_objects" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_ocsp" =>
+            "test/buildtest_c_ocsp" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_opensslv" =>
+            "test/buildtest_c_opensslv" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_ossl_typ" =>
+            "test/buildtest_c_ossl_typ" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_pem" =>
+            "test/buildtest_c_pem" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_pem2" =>
+            "test/buildtest_c_pem2" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_pkcs12" =>
+            "test/buildtest_c_pkcs12" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_pkcs7" =>
+            "test/buildtest_c_pkcs7" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_rand" =>
+            "test/buildtest_c_rand" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_rand_drbg" =>
+            "test/buildtest_c_rand_drbg" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_rc2" =>
+            "test/buildtest_c_rc2" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_rc4" =>
+            "test/buildtest_c_rc4" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_ripemd" =>
+            "test/buildtest_c_ripemd" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_rsa" =>
+            "test/buildtest_c_rsa" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_safestack" =>
+            "test/buildtest_c_safestack" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_seed" =>
+            "test/buildtest_c_seed" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_sha" =>
+            "test/buildtest_c_sha" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_srp" =>
+            "test/buildtest_c_srp" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_srtp" =>
+            "test/buildtest_c_srtp" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_ssl" =>
+            "test/buildtest_c_ssl" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_ssl2" =>
+            "test/buildtest_c_ssl2" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_stack" =>
+            "test/buildtest_c_stack" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_store" =>
+            "test/buildtest_c_store" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_symhacks" =>
+            "test/buildtest_c_symhacks" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_tls1" =>
+            "test/buildtest_c_tls1" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_ts" =>
+            "test/buildtest_c_ts" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_txt_db" =>
+            "test/buildtest_c_txt_db" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_ui" =>
+            "test/buildtest_c_ui" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_whrlpool" =>
+            "test/buildtest_c_whrlpool" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_x509" =>
+            "test/buildtest_c_x509" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_x509_vfy" =>
+            "test/buildtest_c_x509_vfy" =>
                 [
                     "libcrypto",
                     "libssl",
                 ],
-            "test/buildtest_x509v3" =>
+            "test/buildtest_c_x509v3" =>
                 [
                     "libcrypto",
                     "libssl",
@@ -3224,6 +3226,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7825,10 +7828,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -9921,6 +9920,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -10063,74 +10066,74 @@ our %unified_info = (
             "test/bio_memleak_test",
             "test/bioprinttest",
             "test/bntest",
-            "test/buildtest_aes",
-            "test/buildtest_asn1",
-            "test/buildtest_asn1t",
-            "test/buildtest_async",
-            "test/buildtest_bio",
-            "test/buildtest_blowfish",
-            "test/buildtest_bn",
-            "test/buildtest_buffer",
-            "test/buildtest_camellia",
-            "test/buildtest_cast",
-            "test/buildtest_cmac",
-            "test/buildtest_cms",
-            "test/buildtest_conf",
-            "test/buildtest_conf_api",
-            "test/buildtest_crypto",
-            "test/buildtest_ct",
-            "test/buildtest_des",
-            "test/buildtest_dh",
-            "test/buildtest_dsa",
-            "test/buildtest_dtls1",
-            "test/buildtest_e_os2",
-            "test/buildtest_ebcdic",
-            "test/buildtest_ec",
-            "test/buildtest_ecdh",
-            "test/buildtest_ecdsa",
-            "test/buildtest_engine",
-            "test/buildtest_evp",
-            "test/buildtest_hmac",
-            "test/buildtest_idea",
-            "test/buildtest_kdf",
-            "test/buildtest_lhash",
-            "test/buildtest_md4",
-            "test/buildtest_md5",
-            "test/buildtest_mdc2",
-            "test/buildtest_modes",
-            "test/buildtest_obj_mac",
-            "test/buildtest_objects",
-            "test/buildtest_ocsp",
-            "test/buildtest_opensslv",
-            "test/buildtest_ossl_typ",
-            "test/buildtest_pem",
-            "test/buildtest_pem2",
-            "test/buildtest_pkcs12",
-            "test/buildtest_pkcs7",
-            "test/buildtest_rand",
-            "test/buildtest_rand_drbg",
-            "test/buildtest_rc2",
-            "test/buildtest_rc4",
-            "test/buildtest_ripemd",
-            "test/buildtest_rsa",
-            "test/buildtest_safestack",
-            "test/buildtest_seed",
-            "test/buildtest_sha",
-            "test/buildtest_srp",
-            "test/buildtest_srtp",
-            "test/buildtest_ssl",
-            "test/buildtest_ssl2",
-            "test/buildtest_stack",
-            "test/buildtest_store",
-            "test/buildtest_symhacks",
-            "test/buildtest_tls1",
-            "test/buildtest_ts",
-            "test/buildtest_txt_db",
-            "test/buildtest_ui",
-            "test/buildtest_whrlpool",
-            "test/buildtest_x509",
-            "test/buildtest_x509_vfy",
-            "test/buildtest_x509v3",
+            "test/buildtest_c_aes",
+            "test/buildtest_c_asn1",
+            "test/buildtest_c_asn1t",
+            "test/buildtest_c_async",
+            "test/buildtest_c_bio",
+            "test/buildtest_c_blowfish",
+            "test/buildtest_c_bn",
+            "test/buildtest_c_buffer",
+            "test/buildtest_c_camellia",
+            "test/buildtest_c_cast",
+            "test/buildtest_c_cmac",
+            "test/buildtest_c_cms",
+            "test/buildtest_c_conf",
+            "test/buildtest_c_conf_api",
+            "test/buildtest_c_crypto",
+            "test/buildtest_c_ct",
+            "test/buildtest_c_des",
+            "test/buildtest_c_dh",
+            "test/buildtest_c_dsa",
+            "test/buildtest_c_dtls1",
+            "test/buildtest_c_e_os2",
+            "test/buildtest_c_ebcdic",
+            "test/buildtest_c_ec",
+            "test/buildtest_c_ecdh",
+            "test/buildtest_c_ecdsa",
+            "test/buildtest_c_engine",
+            "test/buildtest_c_evp",
+            "test/buildtest_c_hmac",
+            "test/buildtest_c_idea",
+            "test/buildtest_c_kdf",
+            "test/buildtest_c_lhash",
+            "test/buildtest_c_md4",
+            "test/buildtest_c_md5",
+            "test/buildtest_c_mdc2",
+            "test/buildtest_c_modes",
+            "test/buildtest_c_obj_mac",
+            "test/buildtest_c_objects",
+            "test/buildtest_c_ocsp",
+            "test/buildtest_c_opensslv",
+            "test/buildtest_c_ossl_typ",
+            "test/buildtest_c_pem",
+            "test/buildtest_c_pem2",
+            "test/buildtest_c_pkcs12",
+            "test/buildtest_c_pkcs7",
+            "test/buildtest_c_rand",
+            "test/buildtest_c_rand_drbg",
+            "test/buildtest_c_rc2",
+            "test/buildtest_c_rc4",
+            "test/buildtest_c_ripemd",
+            "test/buildtest_c_rsa",
+            "test/buildtest_c_safestack",
+            "test/buildtest_c_seed",
+            "test/buildtest_c_sha",
+            "test/buildtest_c_srp",
+            "test/buildtest_c_srtp",
+            "test/buildtest_c_ssl",
+            "test/buildtest_c_ssl2",
+            "test/buildtest_c_stack",
+            "test/buildtest_c_store",
+            "test/buildtest_c_symhacks",
+            "test/buildtest_c_tls1",
+            "test/buildtest_c_ts",
+            "test/buildtest_c_txt_db",
+            "test/buildtest_c_ui",
+            "test/buildtest_c_whrlpool",
+            "test/buildtest_c_x509",
+            "test/buildtest_c_x509_vfy",
+            "test/buildtest_c_x509v3",
             "test/casttest",
             "test/chacha_internal_test",
             "test/cipher_overhead_test",
@@ -14192,545 +14195,545 @@ our %unified_info = (
                 [
                     "test/bntest.c",
                 ],
-            "test/buildtest_aes" =>
-                [
-                    "test/buildtest_aes.o",
-                ],
             "test/buildtest_aes.o" =>
                 [
                     "test/buildtest_aes.c",
                 ],
-            "test/buildtest_asn1" =>
-                [
-                    "test/buildtest_asn1.o",
-                ],
             "test/buildtest_asn1.o" =>
                 [
                     "test/buildtest_asn1.c",
                 ],
-            "test/buildtest_asn1t" =>
-                [
-                    "test/buildtest_asn1t.o",
-                ],
             "test/buildtest_asn1t.o" =>
                 [
                     "test/buildtest_asn1t.c",
                 ],
-            "test/buildtest_async" =>
-                [
-                    "test/buildtest_async.o",
-                ],
             "test/buildtest_async.o" =>
                 [
                     "test/buildtest_async.c",
                 ],
-            "test/buildtest_bio" =>
-                [
-                    "test/buildtest_bio.o",
-                ],
             "test/buildtest_bio.o" =>
                 [
                     "test/buildtest_bio.c",
                 ],
-            "test/buildtest_blowfish" =>
-                [
-                    "test/buildtest_blowfish.o",
-                ],
             "test/buildtest_blowfish.o" =>
                 [
                     "test/buildtest_blowfish.c",
                 ],
-            "test/buildtest_bn" =>
-                [
-                    "test/buildtest_bn.o",
-                ],
             "test/buildtest_bn.o" =>
                 [
                     "test/buildtest_bn.c",
                 ],
-            "test/buildtest_buffer" =>
-                [
-                    "test/buildtest_buffer.o",
-                ],
             "test/buildtest_buffer.o" =>
                 [
                     "test/buildtest_buffer.c",
                 ],
-            "test/buildtest_camellia" =>
+            "test/buildtest_c_aes" =>
                 [
-                    "test/buildtest_camellia.o",
+                    "test/buildtest_aes.o",
                 ],
-            "test/buildtest_camellia.o" =>
+            "test/buildtest_c_asn1" =>
                 [
-                    "test/buildtest_camellia.c",
+                    "test/buildtest_asn1.o",
                 ],
-            "test/buildtest_cast" =>
+            "test/buildtest_c_asn1t" =>
                 [
-                    "test/buildtest_cast.o",
+                    "test/buildtest_asn1t.o",
                 ],
-            "test/buildtest_cast.o" =>
+            "test/buildtest_c_async" =>
                 [
-                    "test/buildtest_cast.c",
+                    "test/buildtest_async.o",
                 ],
-            "test/buildtest_cmac" =>
+            "test/buildtest_c_bio" =>
                 [
-                    "test/buildtest_cmac.o",
+                    "test/buildtest_bio.o",
                 ],
-            "test/buildtest_cmac.o" =>
+            "test/buildtest_c_blowfish" =>
                 [
-                    "test/buildtest_cmac.c",
+                    "test/buildtest_blowfish.o",
                 ],
-            "test/buildtest_cms" =>
+            "test/buildtest_c_bn" =>
                 [
-                    "test/buildtest_cms.o",
+                    "test/buildtest_bn.o",
                 ],
-            "test/buildtest_cms.o" =>
+            "test/buildtest_c_buffer" =>
                 [
-                    "test/buildtest_cms.c",
+                    "test/buildtest_buffer.o",
                 ],
-            "test/buildtest_conf" =>
+            "test/buildtest_c_camellia" =>
                 [
-                    "test/buildtest_conf.o",
+                    "test/buildtest_camellia.o",
                 ],
-            "test/buildtest_conf.o" =>
+            "test/buildtest_c_cast" =>
                 [
-                    "test/buildtest_conf.c",
+                    "test/buildtest_cast.o",
                 ],
-            "test/buildtest_conf_api" =>
+            "test/buildtest_c_cmac" =>
                 [
-                    "test/buildtest_conf_api.o",
+                    "test/buildtest_cmac.o",
                 ],
-            "test/buildtest_conf_api.o" =>
+            "test/buildtest_c_cms" =>
                 [
-                    "test/buildtest_conf_api.c",
+                    "test/buildtest_cms.o",
                 ],
-            "test/buildtest_crypto" =>
+            "test/buildtest_c_conf" =>
                 [
-                    "test/buildtest_crypto.o",
+                    "test/buildtest_conf.o",
                 ],
-            "test/buildtest_crypto.o" =>
+            "test/buildtest_c_conf_api" =>
                 [
-                    "test/buildtest_crypto.c",
+                    "test/buildtest_conf_api.o",
                 ],
-            "test/buildtest_ct" =>
+            "test/buildtest_c_crypto" =>
                 [
-                    "test/buildtest_ct.o",
+                    "test/buildtest_crypto.o",
                 ],
-            "test/buildtest_ct.o" =>
+            "test/buildtest_c_ct" =>
                 [
-                    "test/buildtest_ct.c",
+                    "test/buildtest_ct.o",
                 ],
-            "test/buildtest_des" =>
+            "test/buildtest_c_des" =>
                 [
                     "test/buildtest_des.o",
                 ],
-            "test/buildtest_des.o" =>
+            "test/buildtest_c_dh" =>
                 [
-                    "test/buildtest_des.c",
+                    "test/buildtest_dh.o",
                 ],
-            "test/buildtest_dh" =>
+            "test/buildtest_c_dsa" =>
                 [
-                    "test/buildtest_dh.o",
+                    "test/buildtest_dsa.o",
                 ],
-            "test/buildtest_dh.o" =>
+            "test/buildtest_c_dtls1" =>
                 [
-                    "test/buildtest_dh.c",
+                    "test/buildtest_dtls1.o",
                 ],
-            "test/buildtest_dsa" =>
+            "test/buildtest_c_e_os2" =>
                 [
-                    "test/buildtest_dsa.o",
+                    "test/buildtest_e_os2.o",
                 ],
-            "test/buildtest_dsa.o" =>
+            "test/buildtest_c_ebcdic" =>
                 [
-                    "test/buildtest_dsa.c",
+                    "test/buildtest_ebcdic.o",
                 ],
-            "test/buildtest_dtls1" =>
+            "test/buildtest_c_ec" =>
                 [
-                    "test/buildtest_dtls1.o",
+                    "test/buildtest_ec.o",
                 ],
-            "test/buildtest_dtls1.o" =>
+            "test/buildtest_c_ecdh" =>
                 [
-                    "test/buildtest_dtls1.c",
+                    "test/buildtest_ecdh.o",
                 ],
-            "test/buildtest_e_os2" =>
+            "test/buildtest_c_ecdsa" =>
                 [
-                    "test/buildtest_e_os2.o",
+                    "test/buildtest_ecdsa.o",
                 ],
-            "test/buildtest_e_os2.o" =>
+            "test/buildtest_c_engine" =>
                 [
-                    "test/buildtest_e_os2.c",
+                    "test/buildtest_engine.o",
                 ],
-            "test/buildtest_ebcdic" =>
+            "test/buildtest_c_evp" =>
                 [
-                    "test/buildtest_ebcdic.o",
+                    "test/buildtest_evp.o",
                 ],
-            "test/buildtest_ebcdic.o" =>
+            "test/buildtest_c_hmac" =>
                 [
-                    "test/buildtest_ebcdic.c",
+                    "test/buildtest_hmac.o",
                 ],
-            "test/buildtest_ec" =>
+            "test/buildtest_c_idea" =>
                 [
-                    "test/buildtest_ec.o",
+                    "test/buildtest_idea.o",
                 ],
-            "test/buildtest_ec.o" =>
+            "test/buildtest_c_kdf" =>
                 [
-                    "test/buildtest_ec.c",
+                    "test/buildtest_kdf.o",
                 ],
-            "test/buildtest_ecdh" =>
+            "test/buildtest_c_lhash" =>
                 [
-                    "test/buildtest_ecdh.o",
+                    "test/buildtest_lhash.o",
                 ],
-            "test/buildtest_ecdh.o" =>
+            "test/buildtest_c_md4" =>
                 [
-                    "test/buildtest_ecdh.c",
+                    "test/buildtest_md4.o",
                 ],
-            "test/buildtest_ecdsa" =>
+            "test/buildtest_c_md5" =>
                 [
-                    "test/buildtest_ecdsa.o",
+                    "test/buildtest_md5.o",
                 ],
-            "test/buildtest_ecdsa.o" =>
+            "test/buildtest_c_mdc2" =>
                 [
-                    "test/buildtest_ecdsa.c",
+                    "test/buildtest_mdc2.o",
                 ],
-            "test/buildtest_engine" =>
+            "test/buildtest_c_modes" =>
                 [
-                    "test/buildtest_engine.o",
+                    "test/buildtest_modes.o",
                 ],
-            "test/buildtest_engine.o" =>
+            "test/buildtest_c_obj_mac" =>
                 [
-                    "test/buildtest_engine.c",
+                    "test/buildtest_obj_mac.o",
                 ],
-            "test/buildtest_evp" =>
+            "test/buildtest_c_objects" =>
                 [
-                    "test/buildtest_evp.o",
+                    "test/buildtest_objects.o",
                 ],
-            "test/buildtest_evp.o" =>
+            "test/buildtest_c_ocsp" =>
                 [
-                    "test/buildtest_evp.c",
+                    "test/buildtest_ocsp.o",
                 ],
-            "test/buildtest_hmac" =>
+            "test/buildtest_c_opensslv" =>
                 [
-                    "test/buildtest_hmac.o",
+                    "test/buildtest_opensslv.o",
                 ],
-            "test/buildtest_hmac.o" =>
+            "test/buildtest_c_ossl_typ" =>
                 [
-                    "test/buildtest_hmac.c",
+                    "test/buildtest_ossl_typ.o",
                 ],
-            "test/buildtest_idea" =>
+            "test/buildtest_c_pem" =>
                 [
-                    "test/buildtest_idea.o",
+                    "test/buildtest_pem.o",
                 ],
-            "test/buildtest_idea.o" =>
+            "test/buildtest_c_pem2" =>
                 [
-                    "test/buildtest_idea.c",
+                    "test/buildtest_pem2.o",
                 ],
-            "test/buildtest_kdf" =>
+            "test/buildtest_c_pkcs12" =>
                 [
-                    "test/buildtest_kdf.o",
+                    "test/buildtest_pkcs12.o",
                 ],
-            "test/buildtest_kdf.o" =>
+            "test/buildtest_c_pkcs7" =>
                 [
-                    "test/buildtest_kdf.c",
+                    "test/buildtest_pkcs7.o",
                 ],
-            "test/buildtest_lhash" =>
+            "test/buildtest_c_rand" =>
                 [
-                    "test/buildtest_lhash.o",
+                    "test/buildtest_rand.o",
                 ],
-            "test/buildtest_lhash.o" =>
+            "test/buildtest_c_rand_drbg" =>
                 [
-                    "test/buildtest_lhash.c",
+                    "test/buildtest_rand_drbg.o",
                 ],
-            "test/buildtest_md4" =>
+            "test/buildtest_c_rc2" =>
                 [
-                    "test/buildtest_md4.o",
+                    "test/buildtest_rc2.o",
                 ],
-            "test/buildtest_md4.o" =>
+            "test/buildtest_c_rc4" =>
                 [
-                    "test/buildtest_md4.c",
+                    "test/buildtest_rc4.o",
                 ],
-            "test/buildtest_md5" =>
+            "test/buildtest_c_ripemd" =>
                 [
-                    "test/buildtest_md5.o",
+                    "test/buildtest_ripemd.o",
                 ],
-            "test/buildtest_md5.o" =>
+            "test/buildtest_c_rsa" =>
                 [
-                    "test/buildtest_md5.c",
+                    "test/buildtest_rsa.o",
                 ],
-            "test/buildtest_mdc2" =>
+            "test/buildtest_c_safestack" =>
                 [
-                    "test/buildtest_mdc2.o",
+                    "test/buildtest_safestack.o",
                 ],
-            "test/buildtest_mdc2.o" =>
+            "test/buildtest_c_seed" =>
                 [
-                    "test/buildtest_mdc2.c",
+                    "test/buildtest_seed.o",
                 ],
-            "test/buildtest_modes" =>
+            "test/buildtest_c_sha" =>
                 [
-                    "test/buildtest_modes.o",
+                    "test/buildtest_sha.o",
                 ],
-            "test/buildtest_modes.o" =>
+            "test/buildtest_c_srp" =>
                 [
-                    "test/buildtest_modes.c",
+                    "test/buildtest_srp.o",
                 ],
-            "test/buildtest_obj_mac" =>
+            "test/buildtest_c_srtp" =>
                 [
-                    "test/buildtest_obj_mac.o",
+                    "test/buildtest_srtp.o",
                 ],
-            "test/buildtest_obj_mac.o" =>
+            "test/buildtest_c_ssl" =>
                 [
-                    "test/buildtest_obj_mac.c",
+                    "test/buildtest_ssl.o",
                 ],
-            "test/buildtest_objects" =>
+            "test/buildtest_c_ssl2" =>
                 [
-                    "test/buildtest_objects.o",
+                    "test/buildtest_ssl2.o",
                 ],
-            "test/buildtest_objects.o" =>
+            "test/buildtest_c_stack" =>
                 [
-                    "test/buildtest_objects.c",
+                    "test/buildtest_stack.o",
                 ],
-            "test/buildtest_ocsp" =>
+            "test/buildtest_c_store" =>
                 [
-                    "test/buildtest_ocsp.o",
+                    "test/buildtest_store.o",
                 ],
-            "test/buildtest_ocsp.o" =>
+            "test/buildtest_c_symhacks" =>
                 [
-                    "test/buildtest_ocsp.c",
+                    "test/buildtest_symhacks.o",
                 ],
-            "test/buildtest_opensslv" =>
+            "test/buildtest_c_tls1" =>
                 [
-                    "test/buildtest_opensslv.o",
+                    "test/buildtest_tls1.o",
                 ],
-            "test/buildtest_opensslv.o" =>
+            "test/buildtest_c_ts" =>
                 [
-                    "test/buildtest_opensslv.c",
+                    "test/buildtest_ts.o",
                 ],
-            "test/buildtest_ossl_typ" =>
+            "test/buildtest_c_txt_db" =>
                 [
-                    "test/buildtest_ossl_typ.o",
+                    "test/buildtest_txt_db.o",
                 ],
-            "test/buildtest_ossl_typ.o" =>
+            "test/buildtest_c_ui" =>
                 [
-                    "test/buildtest_ossl_typ.c",
+                    "test/buildtest_ui.o",
                 ],
-            "test/buildtest_pem" =>
+            "test/buildtest_c_whrlpool" =>
                 [
-                    "test/buildtest_pem.o",
+                    "test/buildtest_whrlpool.o",
                 ],
-            "test/buildtest_pem.o" =>
+            "test/buildtest_c_x509" =>
                 [
-                    "test/buildtest_pem.c",
+                    "test/buildtest_x509.o",
                 ],
-            "test/buildtest_pem2" =>
+            "test/buildtest_c_x509_vfy" =>
                 [
-                    "test/buildtest_pem2.o",
+                    "test/buildtest_x509_vfy.o",
                 ],
-            "test/buildtest_pem2.o" =>
+            "test/buildtest_c_x509v3" =>
                 [
-                    "test/buildtest_pem2.c",
+                    "test/buildtest_x509v3.o",
                 ],
-            "test/buildtest_pkcs12" =>
+            "test/buildtest_camellia.o" =>
                 [
-                    "test/buildtest_pkcs12.o",
+                    "test/buildtest_camellia.c",
                 ],
-            "test/buildtest_pkcs12.o" =>
+            "test/buildtest_cast.o" =>
                 [
-                    "test/buildtest_pkcs12.c",
+                    "test/buildtest_cast.c",
                 ],
-            "test/buildtest_pkcs7" =>
+            "test/buildtest_cmac.o" =>
                 [
-                    "test/buildtest_pkcs7.o",
+                    "test/buildtest_cmac.c",
                 ],
-            "test/buildtest_pkcs7.o" =>
+            "test/buildtest_cms.o" =>
                 [
-                    "test/buildtest_pkcs7.c",
+                    "test/buildtest_cms.c",
                 ],
-            "test/buildtest_rand" =>
+            "test/buildtest_conf.o" =>
                 [
-                    "test/buildtest_rand.o",
+                    "test/buildtest_conf.c",
                 ],
-            "test/buildtest_rand.o" =>
+            "test/buildtest_conf_api.o" =>
                 [
-                    "test/buildtest_rand.c",
+                    "test/buildtest_conf_api.c",
                 ],
-            "test/buildtest_rand_drbg" =>
+            "test/buildtest_crypto.o" =>
                 [
-                    "test/buildtest_rand_drbg.o",
+                    "test/buildtest_crypto.c",
                 ],
-            "test/buildtest_rand_drbg.o" =>
+            "test/buildtest_ct.o" =>
                 [
-                    "test/buildtest_rand_drbg.c",
+                    "test/buildtest_ct.c",
                 ],
-            "test/buildtest_rc2" =>
+            "test/buildtest_des.o" =>
                 [
-                    "test/buildtest_rc2.o",
+                    "test/buildtest_des.c",
                 ],
-            "test/buildtest_rc2.o" =>
+            "test/buildtest_dh.o" =>
                 [
-                    "test/buildtest_rc2.c",
+                    "test/buildtest_dh.c",
                 ],
-            "test/buildtest_rc4" =>
+            "test/buildtest_dsa.o" =>
                 [
-                    "test/buildtest_rc4.o",
+                    "test/buildtest_dsa.c",
                 ],
-            "test/buildtest_rc4.o" =>
+            "test/buildtest_dtls1.o" =>
                 [
-                    "test/buildtest_rc4.c",
+                    "test/buildtest_dtls1.c",
                 ],
-            "test/buildtest_ripemd" =>
+            "test/buildtest_e_os2.o" =>
                 [
-                    "test/buildtest_ripemd.o",
+                    "test/buildtest_e_os2.c",
                 ],
-            "test/buildtest_ripemd.o" =>
+            "test/buildtest_ebcdic.o" =>
                 [
-                    "test/buildtest_ripemd.c",
+                    "test/buildtest_ebcdic.c",
                 ],
-            "test/buildtest_rsa" =>
+            "test/buildtest_ec.o" =>
                 [
-                    "test/buildtest_rsa.o",
+                    "test/buildtest_ec.c",
                 ],
-            "test/buildtest_rsa.o" =>
+            "test/buildtest_ecdh.o" =>
                 [
-                    "test/buildtest_rsa.c",
+                    "test/buildtest_ecdh.c",
                 ],
-            "test/buildtest_safestack" =>
+            "test/buildtest_ecdsa.o" =>
                 [
-                    "test/buildtest_safestack.o",
+                    "test/buildtest_ecdsa.c",
                 ],
-            "test/buildtest_safestack.o" =>
+            "test/buildtest_engine.o" =>
                 [
-                    "test/buildtest_safestack.c",
+                    "test/buildtest_engine.c",
                 ],
-            "test/buildtest_seed" =>
+            "test/buildtest_evp.o" =>
                 [
-                    "test/buildtest_seed.o",
+                    "test/buildtest_evp.c",
                 ],
-            "test/buildtest_seed.o" =>
+            "test/buildtest_hmac.o" =>
                 [
-                    "test/buildtest_seed.c",
+                    "test/buildtest_hmac.c",
                 ],
-            "test/buildtest_sha" =>
+            "test/buildtest_idea.o" =>
                 [
-                    "test/buildtest_sha.o",
+                    "test/buildtest_idea.c",
                 ],
-            "test/buildtest_sha.o" =>
+            "test/buildtest_kdf.o" =>
                 [
-                    "test/buildtest_sha.c",
+                    "test/buildtest_kdf.c",
                 ],
-            "test/buildtest_srp" =>
+            "test/buildtest_lhash.o" =>
                 [
-                    "test/buildtest_srp.o",
+                    "test/buildtest_lhash.c",
                 ],
-            "test/buildtest_srp.o" =>
+            "test/buildtest_md4.o" =>
                 [
-                    "test/buildtest_srp.c",
+                    "test/buildtest_md4.c",
                 ],
-            "test/buildtest_srtp" =>
+            "test/buildtest_md5.o" =>
                 [
-                    "test/buildtest_srtp.o",
+                    "test/buildtest_md5.c",
                 ],
-            "test/buildtest_srtp.o" =>
+            "test/buildtest_mdc2.o" =>
                 [
-                    "test/buildtest_srtp.c",
+                    "test/buildtest_mdc2.c",
                 ],
-            "test/buildtest_ssl" =>
+            "test/buildtest_modes.o" =>
                 [
-                    "test/buildtest_ssl.o",
+                    "test/buildtest_modes.c",
                 ],
-            "test/buildtest_ssl.o" =>
+            "test/buildtest_obj_mac.o" =>
                 [
-                    "test/buildtest_ssl.c",
+                    "test/buildtest_obj_mac.c",
                 ],
-            "test/buildtest_ssl2" =>
+            "test/buildtest_objects.o" =>
                 [
-                    "test/buildtest_ssl2.o",
+                    "test/buildtest_objects.c",
                 ],
-            "test/buildtest_ssl2.o" =>
+            "test/buildtest_ocsp.o" =>
                 [
-                    "test/buildtest_ssl2.c",
+                    "test/buildtest_ocsp.c",
                 ],
-            "test/buildtest_stack" =>
+            "test/buildtest_opensslv.o" =>
                 [
-                    "test/buildtest_stack.o",
+                    "test/buildtest_opensslv.c",
                 ],
-            "test/buildtest_stack.o" =>
+            "test/buildtest_ossl_typ.o" =>
                 [
-                    "test/buildtest_stack.c",
+                    "test/buildtest_ossl_typ.c",
                 ],
-            "test/buildtest_store" =>
+            "test/buildtest_pem.o" =>
                 [
-                    "test/buildtest_store.o",
+                    "test/buildtest_pem.c",
                 ],
-            "test/buildtest_store.o" =>
+            "test/buildtest_pem2.o" =>
                 [
-                    "test/buildtest_store.c",
+                    "test/buildtest_pem2.c",
                 ],
-            "test/buildtest_symhacks" =>
+            "test/buildtest_pkcs12.o" =>
                 [
-                    "test/buildtest_symhacks.o",
+                    "test/buildtest_pkcs12.c",
                 ],
-            "test/buildtest_symhacks.o" =>
+            "test/buildtest_pkcs7.o" =>
                 [
-                    "test/buildtest_symhacks.c",
+                    "test/buildtest_pkcs7.c",
                 ],
-            "test/buildtest_tls1" =>
+            "test/buildtest_rand.o" =>
                 [
-                    "test/buildtest_tls1.o",
+                    "test/buildtest_rand.c",
                 ],
-            "test/buildtest_tls1.o" =>
+            "test/buildtest_rand_drbg.o" =>
                 [
-                    "test/buildtest_tls1.c",
+                    "test/buildtest_rand_drbg.c",
                 ],
-            "test/buildtest_ts" =>
+            "test/buildtest_rc2.o" =>
                 [
-                    "test/buildtest_ts.o",
+                    "test/buildtest_rc2.c",
                 ],
-            "test/buildtest_ts.o" =>
+            "test/buildtest_rc4.o" =>
                 [
-                    "test/buildtest_ts.c",
+                    "test/buildtest_rc4.c",
                 ],
-            "test/buildtest_txt_db" =>
+            "test/buildtest_ripemd.o" =>
                 [
-                    "test/buildtest_txt_db.o",
+                    "test/buildtest_ripemd.c",
                 ],
-            "test/buildtest_txt_db.o" =>
+            "test/buildtest_rsa.o" =>
                 [
-                    "test/buildtest_txt_db.c",
+                    "test/buildtest_rsa.c",
                 ],
-            "test/buildtest_ui" =>
+            "test/buildtest_safestack.o" =>
                 [
-                    "test/buildtest_ui.o",
+                    "test/buildtest_safestack.c",
                 ],
-            "test/buildtest_ui.o" =>
+            "test/buildtest_seed.o" =>
                 [
-                    "test/buildtest_ui.c",
+                    "test/buildtest_seed.c",
                 ],
-            "test/buildtest_whrlpool" =>
+            "test/buildtest_sha.o" =>
                 [
-                    "test/buildtest_whrlpool.o",
+                    "test/buildtest_sha.c",
                 ],
-            "test/buildtest_whrlpool.o" =>
+            "test/buildtest_srp.o" =>
                 [
-                    "test/buildtest_whrlpool.c",
+                    "test/buildtest_srp.c",
+                ],
+            "test/buildtest_srtp.o" =>
+                [
+                    "test/buildtest_srtp.c",
                 ],
-            "test/buildtest_x509" =>
+            "test/buildtest_ssl.o" =>
                 [
-                    "test/buildtest_x509.o",
+                    "test/buildtest_ssl.c",
                 ],
-            "test/buildtest_x509.o" =>
+            "test/buildtest_ssl2.o" =>
                 [
-                    "test/buildtest_x509.c",
+                    "test/buildtest_ssl2.c",
                 ],
-            "test/buildtest_x509_vfy" =>
+            "test/buildtest_stack.o" =>
                 [
-                    "test/buildtest_x509_vfy.o",
+                    "test/buildtest_stack.c",
                 ],
-            "test/buildtest_x509_vfy.o" =>
+            "test/buildtest_store.o" =>
                 [
-                    "test/buildtest_x509_vfy.c",
+                    "test/buildtest_store.c",
                 ],
-            "test/buildtest_x509v3" =>
+            "test/buildtest_symhacks.o" =>
                 [
-                    "test/buildtest_x509v3.o",
+                    "test/buildtest_symhacks.c",
+                ],
+            "test/buildtest_tls1.o" =>
+                [
+                    "test/buildtest_tls1.c",
+                ],
+            "test/buildtest_ts.o" =>
+                [
+                    "test/buildtest_ts.c",
+                ],
+            "test/buildtest_txt_db.o" =>
+                [
+                    "test/buildtest_txt_db.c",
+                ],
+            "test/buildtest_ui.o" =>
+                [
+                    "test/buildtest_ui.c",
+                ],
+            "test/buildtest_whrlpool.o" =>
+                [
+                    "test/buildtest_whrlpool.c",
+                ],
+            "test/buildtest_x509.o" =>
+                [
+                    "test/buildtest_x509.c",
+                ],
+            "test/buildtest_x509_vfy.o" =>
+                [
+                    "test/buildtest_x509_vfy.c",
                 ],
             "test/buildtest_x509v3.o" =>
                 [
@@ -15094,6 +15097,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15439,6 +15443,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
@@ -15839,9 +15847,9 @@ _____
     if ($reconf) {
         if ($verbose) {
             print 'Reconfiguring with: ', join(' ',@{$config{perlargv}}), "\n";
-	    foreach (sort keys %{$config{perlenv}}) {
-	        print '    ',$_,' = ',($config{perlenv}->{$_} || ""),"\n";
-	    }
+            foreach (sort keys %{$config{perlenv}}) {
+                print '    ',$_,' = ',($config{perlenv}->{$_} || ""),"\n";
+            }
         }
 
         chdir $here;
diff --git a/deps/openssl/config/archs/linux64-mips64/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/linux64-mips64/no-asm/crypto/buildinf.h
index 2bfaa3f4e7e85b..3c6ad34101ddd7 100644
--- a/deps/openssl/config/archs/linux64-mips64/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux64-mips64/no-asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux64-mips64"
-#define DATE "built on: Thu May 30 02:16:22 2019 UTC"
+#define DATE "built on: Fri Sep 13 16:02:04 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux64-mips64/no-asm/crypto/include/internal/dso_conf.h b/deps/openssl/config/archs/linux64-mips64/no-asm/crypto/include/internal/dso_conf.h
index 18f6ac3bffad0f..252266ec2acad6 100644
--- a/deps/openssl/config/archs/linux64-mips64/no-asm/crypto/include/internal/dso_conf.h
+++ b/deps/openssl/config/archs/linux64-mips64/no-asm/crypto/include/internal/dso_conf.h
@@ -1,7 +1,7 @@
 /* WARNING: do not edit! */
 /* Generated by Makefile from crypto/include/internal/dso_conf.h.in */
 /*
- * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -11,9 +11,7 @@
 
 #ifndef HEADER_DSO_CONF_H
 # define HEADER_DSO_CONF_H
-
 # define DSO_DLFCN
 # define HAVE_DLFCN_H
 # define DSO_EXTENSION ".so"
-
 #endif
diff --git a/deps/openssl/config/archs/linux64-s390x/asm/configdata.pm b/deps/openssl/config/archs/linux64-s390x/asm/configdata.pm
index 10ece17d8b35ba..e31688fe1aceae 100644
--- a/deps/openssl/config/archs/linux64-s390x/asm/configdata.pm
+++ b/deps/openssl/config/archs/linux64-s390x/asm/configdata.pm
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "linux64-s390x",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -3246,6 +3246,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7849,7 +7850,6 @@ our %unified_info = (
                     ".",
                     "crypto/include",
                     "include",
-                    "crypto",
                 ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
@@ -9955,6 +9955,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15158,6 +15162,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15503,6 +15508,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/linux64-s390x/asm/crypto/buildinf.h b/deps/openssl/config/archs/linux64-s390x/asm/crypto/buildinf.h
index dbffd333d87621..6d2d3ce3fd2bc9 100644
--- a/deps/openssl/config/archs/linux64-s390x/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux64-s390x/asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux64-s390x"
-#define DATE "built on: Wed Jun 12 20:56:01 2019 UTC"
+#define DATE "built on: Fri Sep 13 16:01:44 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux64-s390x/asm_avx2/configdata.pm b/deps/openssl/config/archs/linux64-s390x/asm_avx2/configdata.pm
index 164f7e9bb1249b..8aa79776f95c01 100644
--- a/deps/openssl/config/archs/linux64-s390x/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/linux64-s390x/asm_avx2/configdata.pm
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "linux64-s390x",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -3246,6 +3246,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7849,7 +7850,6 @@ our %unified_info = (
                     ".",
                     "crypto/include",
                     "include",
-                    "crypto",
                 ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
@@ -9955,6 +9955,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15158,6 +15162,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15503,6 +15508,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/linux64-s390x/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/linux64-s390x/asm_avx2/crypto/buildinf.h
index 445909d45cf40b..34799d14b191e1 100644
--- a/deps/openssl/config/archs/linux64-s390x/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux64-s390x/asm_avx2/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux64-s390x"
-#define DATE "built on: Wed Jun 12 20:56:04 2019 UTC"
+#define DATE "built on: Fri Sep 13 16:01:49 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/linux64-s390x/no-asm/configdata.pm b/deps/openssl/config/archs/linux64-s390x/no-asm/configdata.pm
index 4ae8116e24b8c0..0a65365f26b154 100644
--- a/deps/openssl/config/archs/linux64-s390x/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/linux64-s390x/no-asm/configdata.pm
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "linux64-s390x",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -3226,6 +3226,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7827,10 +7828,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -9923,6 +9920,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15096,6 +15097,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15441,6 +15443,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/linux64-s390x/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/linux64-s390x/no-asm/crypto/buildinf.h
index 683fc457ead162..e0fd887860b698 100644
--- a/deps/openssl/config/archs/linux64-s390x/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/linux64-s390x/no-asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: linux64-s390x"
-#define DATE "built on: Wed Jun 12 20:56:06 2019 UTC"
+#define DATE "built on: Fri Sep 13 16:01:53 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/solaris-x86-gcc/asm/configdata.pm b/deps/openssl/config/archs/solaris-x86-gcc/asm/configdata.pm
index 37fb216c9caab6..c14020e995aa16 100644
--- a/deps/openssl/config/archs/solaris-x86-gcc/asm/configdata.pm
+++ b/deps/openssl/config/archs/solaris-x86-gcc/asm/configdata.pm
@@ -48,7 +48,7 @@ our %config = (
   export_var_as_fn => "0",
   includes => [  ],
   lflags => [  ],
-  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_BN_ASM_PART_WORDS", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "RC4_ASM", "MD5_ASM", "RMD160_ASM", "AES_ASM", "VPAES_ASM", "WHIRLPOOL_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "POLY1305_ASM" ],
+  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_BN_ASM_PART_WORDS", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "RC4_ASM", "MD5_ASM", "RMD160_ASM", "VPAES_ASM", "WHIRLPOOL_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "POLY1305_ASM" ],
   libdir => "",
   major => "1",
   makedepprog => "\$(CROSS_COMPILE)gcc",
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "solaris-x86-gcc",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -124,8 +124,8 @@ our %target = (
   RANLIB => "ranlib",
   RC => "windres",
   _conf_fname_int => [ "Configurations/00-base-templates.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/00-base-templates.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/shared-info.pl" ],
-  aes_asm_src => "aes-586.s vpaes-x86.s aesni-x86.s",
-  aes_obj => "aes-586.o vpaes-x86.o aesni-x86.o",
+  aes_asm_src => "aes_core.c aes_cbc.c vpaes-x86.s aesni-x86.s",
+  aes_obj => "aes_core.o aes_cbc.o vpaes-x86.o aesni-x86.o",
   apps_aux_src => "",
   apps_init_src => "",
   apps_obj => "",
@@ -1693,8 +1693,9 @@ our %unified_info = (
                 {
                     "deps" =>
                         [
-                            "crypto/aes/aes-586.o",
+                            "crypto/aes/aes_cbc.o",
                             "crypto/aes/aes_cfb.o",
+                            "crypto/aes/aes_core.o",
                             "crypto/aes/aes_ecb.o",
                             "crypto/aes/aes_ige.o",
                             "crypto/aes/aes_misc.o",
@@ -3235,6 +3236,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -4860,12 +4862,6 @@ our %unified_info = (
                     "include",
                     "apps",
                 ],
-            "crypto/aes/aes-586.o" =>
-                [
-                    ".",
-                    "crypto/include",
-                    "include",
-                ],
             "crypto/aes/aes-armv4.o" =>
                 [
                     "crypto",
@@ -4882,12 +4878,24 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
+            "crypto/aes/aes_cbc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
             "crypto/aes/aes_cfb.o" =>
                 [
                     ".",
                     "crypto/include",
                     "include",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     ".",
@@ -7866,10 +7874,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -10004,6 +10008,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -10637,14 +10645,18 @@ our %unified_info = (
                 [
                     "apps/x509.c",
                 ],
-            "crypto/aes/aes-586.o" =>
+            "crypto/aes/aes_cbc.o" =>
                 [
-                    "crypto/aes/aes-586.s",
+                    "crypto/aes/aes_cbc.c",
                 ],
             "crypto/aes/aes_cfb.o" =>
                 [
                     "crypto/aes/aes_cfb.c",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    "crypto/aes/aes_core.c",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     "crypto/aes/aes_ecb.c",
@@ -13334,8 +13346,9 @@ our %unified_info = (
                 ],
             "libcrypto" =>
                 [
-                    "crypto/aes/aes-586.o",
+                    "crypto/aes/aes_cbc.o",
                     "crypto/aes/aes_cfb.o",
+                    "crypto/aes/aes_core.o",
                     "crypto/aes/aes_ecb.o",
                     "crypto/aes/aes_ige.o",
                     "crypto/aes/aes_misc.o",
@@ -15237,6 +15250,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15582,6 +15596,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/solaris-x86-gcc/asm/crypto/buildinf.h b/deps/openssl/config/archs/solaris-x86-gcc/asm/crypto/buildinf.h
index 7e5f29968f0319..15030d59077278 100644
--- a/deps/openssl/config/archs/solaris-x86-gcc/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/solaris-x86-gcc/asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: solaris-x86-gcc"
-#define DATE "built on: Wed Jun 12 20:56:08 2019 UTC"
+#define DATE "built on: Fri Sep 13 16:02:08 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
@@ -37,11 +37,10 @@ static const char compiler_flags[] = {
     'A','2','5','6','_','A','S','M',' ','-','D','S','H','A','5','1',
     '2','_','A','S','M',' ','-','D','R','C','4','_','A','S','M',' ',
     '-','D','M','D','5','_','A','S','M',' ','-','D','R','M','D','1',
-    '6','0','_','A','S','M',' ','-','D','A','E','S','_','A','S','M',
-    ' ','-','D','V','P','A','E','S','_','A','S','M',' ','-','D','W',
-    'H','I','R','L','P','O','O','L','_','A','S','M',' ','-','D','G',
-    'H','A','S','H','_','A','S','M',' ','-','D','E','C','P','_','N',
-    'I','S','T','Z','2','5','6','_','A','S','M',' ','-','D','P','O',
-    'L','Y','1','3','0','5','_','A','S','M',' ','-','D','N','D','E',
-    'B','U','G','\0'
+    '6','0','_','A','S','M',' ','-','D','V','P','A','E','S','_','A',
+    'S','M',' ','-','D','W','H','I','R','L','P','O','O','L','_','A',
+    'S','M',' ','-','D','G','H','A','S','H','_','A','S','M',' ','-',
+    'D','E','C','P','_','N','I','S','T','Z','2','5','6','_','A','S',
+    'M',' ','-','D','P','O','L','Y','1','3','0','5','_','A','S','M',
+    ' ','-','D','N','D','E','B','U','G','\0'
 };
diff --git a/deps/openssl/config/archs/solaris-x86-gcc/asm/openssl-cl.gypi b/deps/openssl/config/archs/solaris-x86-gcc/asm/openssl-cl.gypi
index fb2932b9cca64d..3f5a755eebce3f 100644
--- a/deps/openssl/config/archs/solaris-x86-gcc/asm/openssl-cl.gypi
+++ b/deps/openssl/config/archs/solaris-x86-gcc/asm/openssl-cl.gypi
@@ -16,7 +16,6 @@
       'RC4_ASM',
       'MD5_ASM',
       'RMD160_ASM',
-      'AES_ASM',
       'VPAES_ASM',
       'WHIRLPOOL_ASM',
       'GHASH_ASM',
diff --git a/deps/openssl/config/archs/solaris-x86-gcc/asm/openssl.gypi b/deps/openssl/config/archs/solaris-x86-gcc/asm/openssl.gypi
index 8a9f372caec0aa..69bded9b4f426e 100644
--- a/deps/openssl/config/archs/solaris-x86-gcc/asm/openssl.gypi
+++ b/deps/openssl/config/archs/solaris-x86-gcc/asm/openssl.gypi
@@ -45,7 +45,9 @@
       'openssl/ssl/t1_trce.c',
       'openssl/ssl/tls13_enc.c',
       'openssl/ssl/tls_srp.c',
+      'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
+      'openssl/crypto/aes/aes_core.c',
       'openssl/crypto/aes/aes_ecb.c',
       'openssl/crypto/aes/aes_ige.c',
       'openssl/crypto/aes/aes_misc.c',
@@ -671,7 +673,6 @@
       'openssl/engines/e_padlock.c',
     ],
     'openssl_sources_solaris-x86-gcc': [
-      './config/archs/solaris-x86-gcc/asm/crypto/aes/aes-586.s',
       './config/archs/solaris-x86-gcc/asm/crypto/aes/aesni-x86.s',
       './config/archs/solaris-x86-gcc/asm/crypto/aes/vpaes-x86.s',
       './config/archs/solaris-x86-gcc/asm/crypto/bf/bf-586.s',
@@ -712,7 +713,6 @@
       'RC4_ASM',
       'MD5_ASM',
       'RMD160_ASM',
-      'AES_ASM',
       'VPAES_ASM',
       'WHIRLPOOL_ASM',
       'GHASH_ASM',
diff --git a/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/configdata.pm b/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/configdata.pm
index 3adf98d2e6d32d..7663c71cf63596 100644
--- a/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/configdata.pm
@@ -48,7 +48,7 @@ our %config = (
   export_var_as_fn => "0",
   includes => [  ],
   lflags => [  ],
-  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_BN_ASM_PART_WORDS", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "RC4_ASM", "MD5_ASM", "RMD160_ASM", "AES_ASM", "VPAES_ASM", "WHIRLPOOL_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "POLY1305_ASM" ],
+  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_BN_ASM_PART_WORDS", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "RC4_ASM", "MD5_ASM", "RMD160_ASM", "VPAES_ASM", "WHIRLPOOL_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "POLY1305_ASM" ],
   libdir => "",
   major => "1",
   makedepprog => "\$(CROSS_COMPILE)../config/fake_gcc.pl",
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "solaris-x86-gcc",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -124,8 +124,8 @@ our %target = (
   RANLIB => "ranlib",
   RC => "windres",
   _conf_fname_int => [ "Configurations/00-base-templates.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/00-base-templates.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/shared-info.pl" ],
-  aes_asm_src => "aes-586.s vpaes-x86.s aesni-x86.s",
-  aes_obj => "aes-586.o vpaes-x86.o aesni-x86.o",
+  aes_asm_src => "aes_core.c aes_cbc.c vpaes-x86.s aesni-x86.s",
+  aes_obj => "aes_core.o aes_cbc.o vpaes-x86.o aesni-x86.o",
   apps_aux_src => "",
   apps_init_src => "",
   apps_obj => "",
@@ -1693,8 +1693,9 @@ our %unified_info = (
                 {
                     "deps" =>
                         [
-                            "crypto/aes/aes-586.o",
+                            "crypto/aes/aes_cbc.o",
                             "crypto/aes/aes_cfb.o",
+                            "crypto/aes/aes_core.o",
                             "crypto/aes/aes_ecb.o",
                             "crypto/aes/aes_ige.o",
                             "crypto/aes/aes_misc.o",
@@ -3235,6 +3236,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -4860,12 +4862,6 @@ our %unified_info = (
                     "include",
                     "apps",
                 ],
-            "crypto/aes/aes-586.o" =>
-                [
-                    ".",
-                    "crypto/include",
-                    "include",
-                ],
             "crypto/aes/aes-armv4.o" =>
                 [
                     "crypto",
@@ -4882,12 +4878,24 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
+            "crypto/aes/aes_cbc.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
             "crypto/aes/aes_cfb.o" =>
                 [
                     ".",
                     "crypto/include",
                     "include",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     ".",
@@ -7866,10 +7874,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -10004,6 +10008,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -10637,14 +10645,18 @@ our %unified_info = (
                 [
                     "apps/x509.c",
                 ],
-            "crypto/aes/aes-586.o" =>
+            "crypto/aes/aes_cbc.o" =>
                 [
-                    "crypto/aes/aes-586.s",
+                    "crypto/aes/aes_cbc.c",
                 ],
             "crypto/aes/aes_cfb.o" =>
                 [
                     "crypto/aes/aes_cfb.c",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    "crypto/aes/aes_core.c",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     "crypto/aes/aes_ecb.c",
@@ -13334,8 +13346,9 @@ our %unified_info = (
                 ],
             "libcrypto" =>
                 [
-                    "crypto/aes/aes-586.o",
+                    "crypto/aes/aes_cbc.o",
                     "crypto/aes/aes_cfb.o",
+                    "crypto/aes/aes_core.o",
                     "crypto/aes/aes_ecb.o",
                     "crypto/aes/aes_ige.o",
                     "crypto/aes/aes_misc.o",
@@ -15237,6 +15250,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15582,6 +15596,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/crypto/buildinf.h
index 2e89c2e52452a9..78995b8d82a7e3 100644
--- a/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: solaris-x86-gcc"
-#define DATE "built on: Wed Jun 12 20:56:12 2019 UTC"
+#define DATE "built on: Fri Sep 13 16:02:14 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
@@ -38,11 +38,10 @@ static const char compiler_flags[] = {
     'S','H','A','2','5','6','_','A','S','M',' ','-','D','S','H','A',
     '5','1','2','_','A','S','M',' ','-','D','R','C','4','_','A','S',
     'M',' ','-','D','M','D','5','_','A','S','M',' ','-','D','R','M',
-    'D','1','6','0','_','A','S','M',' ','-','D','A','E','S','_','A',
-    'S','M',' ','-','D','V','P','A','E','S','_','A','S','M',' ','-',
-    'D','W','H','I','R','L','P','O','O','L','_','A','S','M',' ','-',
-    'D','G','H','A','S','H','_','A','S','M',' ','-','D','E','C','P',
-    '_','N','I','S','T','Z','2','5','6','_','A','S','M',' ','-','D',
-    'P','O','L','Y','1','3','0','5','_','A','S','M',' ','-','D','N',
-    'D','E','B','U','G','\0'
+    'D','1','6','0','_','A','S','M',' ','-','D','V','P','A','E','S',
+    '_','A','S','M',' ','-','D','W','H','I','R','L','P','O','O','L',
+    '_','A','S','M',' ','-','D','G','H','A','S','H','_','A','S','M',
+    ' ','-','D','E','C','P','_','N','I','S','T','Z','2','5','6','_',
+    'A','S','M',' ','-','D','P','O','L','Y','1','3','0','5','_','A',
+    'S','M',' ','-','D','N','D','E','B','U','G','\0'
 };
diff --git a/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/openssl-cl.gypi b/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/openssl-cl.gypi
index fb2932b9cca64d..3f5a755eebce3f 100644
--- a/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/openssl-cl.gypi
+++ b/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/openssl-cl.gypi
@@ -16,7 +16,6 @@
       'RC4_ASM',
       'MD5_ASM',
       'RMD160_ASM',
-      'AES_ASM',
       'VPAES_ASM',
       'WHIRLPOOL_ASM',
       'GHASH_ASM',
diff --git a/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/openssl.gypi b/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/openssl.gypi
index 71532ed4abeed3..2e4804695fb92e 100644
--- a/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/openssl.gypi
+++ b/deps/openssl/config/archs/solaris-x86-gcc/asm_avx2/openssl.gypi
@@ -45,7 +45,9 @@
       'openssl/ssl/t1_trce.c',
       'openssl/ssl/tls13_enc.c',
       'openssl/ssl/tls_srp.c',
+      'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
+      'openssl/crypto/aes/aes_core.c',
       'openssl/crypto/aes/aes_ecb.c',
       'openssl/crypto/aes/aes_ige.c',
       'openssl/crypto/aes/aes_misc.c',
@@ -671,7 +673,6 @@
       'openssl/engines/e_padlock.c',
     ],
     'openssl_sources_solaris-x86-gcc': [
-      './config/archs/solaris-x86-gcc/asm_avx2/crypto/aes/aes-586.s',
       './config/archs/solaris-x86-gcc/asm_avx2/crypto/aes/aesni-x86.s',
       './config/archs/solaris-x86-gcc/asm_avx2/crypto/aes/vpaes-x86.s',
       './config/archs/solaris-x86-gcc/asm_avx2/crypto/bf/bf-586.s',
@@ -712,7 +713,6 @@
       'RC4_ASM',
       'MD5_ASM',
       'RMD160_ASM',
-      'AES_ASM',
       'VPAES_ASM',
       'WHIRLPOOL_ASM',
       'GHASH_ASM',
diff --git a/deps/openssl/config/archs/solaris-x86-gcc/no-asm/configdata.pm b/deps/openssl/config/archs/solaris-x86-gcc/no-asm/configdata.pm
index be95effc73d403..b0d7b13f2220d9 100644
--- a/deps/openssl/config/archs/solaris-x86-gcc/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/solaris-x86-gcc/no-asm/configdata.pm
@@ -110,8 +110,8 @@ our %config = (
   sourcedir => ".",
   target => "solaris-x86-gcc",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -3220,6 +3220,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7821,10 +7822,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -9917,6 +9914,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15090,6 +15091,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15435,6 +15437,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/solaris-x86-gcc/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/solaris-x86-gcc/no-asm/crypto/buildinf.h
index 378ae44c48645f..e606a3cd7599e4 100644
--- a/deps/openssl/config/archs/solaris-x86-gcc/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/solaris-x86-gcc/no-asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: solaris-x86-gcc"
-#define DATE "built on: Wed Jun 12 20:56:16 2019 UTC"
+#define DATE "built on: Fri Sep 13 16:02:21 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/configdata.pm b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/configdata.pm
index ccdee274367b2b..d651ee1e5ffe7c 100644
--- a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/configdata.pm
+++ b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/configdata.pm
@@ -48,7 +48,7 @@ our %config = (
   export_var_as_fn => "0",
   includes => [  ],
   lflags => [  ],
-  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_MONT5", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "KECCAK1600_ASM", "RC4_ASM", "MD5_ASM", "AES_ASM", "VPAES_ASM", "BSAES_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "X25519_ASM", "POLY1305_ASM" ],
+  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_MONT5", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "KECCAK1600_ASM", "RC4_ASM", "MD5_ASM", "VPAES_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "X25519_ASM", "POLY1305_ASM" ],
   libdir => "",
   major => "1",
   makedepprog => "\$(CROSS_COMPILE)gcc",
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "solaris64-x86_64-gcc",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -124,8 +124,8 @@ our %target = (
   RANLIB => "ranlib",
   RC => "windres",
   _conf_fname_int => [ "Configurations/00-base-templates.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/shared-info.pl" ],
-  aes_asm_src => "aes-x86_64.s vpaes-x86_64.s bsaes-x86_64.s aesni-x86_64.s aesni-sha1-x86_64.s aesni-sha256-x86_64.s aesni-mb-x86_64.s",
-  aes_obj => "aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o",
+  aes_asm_src => "aes_core.c aes_cbc.c vpaes-x86_64.s aesni-x86_64.s aesni-sha1-x86_64.s aesni-sha256-x86_64.s aesni-mb-x86_64.s",
+  aes_obj => "aes_core.o aes_cbc.o vpaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o",
   apps_aux_src => "",
   apps_init_src => "",
   apps_obj => "",
@@ -1694,8 +1694,9 @@ our %unified_info = (
                 {
                     "deps" =>
                         [
-                            "crypto/aes/aes-x86_64.o",
+                            "crypto/aes/aes_cbc.o",
                             "crypto/aes/aes_cfb.o",
+                            "crypto/aes/aes_core.o",
                             "crypto/aes/aes_ecb.o",
                             "crypto/aes/aes_ige.o",
                             "crypto/aes/aes_misc.o",
@@ -1705,7 +1706,6 @@ our %unified_info = (
                             "crypto/aes/aesni-sha1-x86_64.o",
                             "crypto/aes/aesni-sha256-x86_64.o",
                             "crypto/aes/aesni-x86_64.o",
-                            "crypto/aes/bsaes-x86_64.o",
                             "crypto/aes/vpaes-x86_64.o",
                         ],
                     "products" =>
@@ -3260,6 +3260,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -4901,7 +4902,7 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/aes/aes-x86_64.o" =>
+            "crypto/aes/aes_cbc.o" =>
                 [
                     ".",
                     "crypto/include",
@@ -4913,6 +4914,12 @@ our %unified_info = (
                     "crypto/include",
                     "include",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     ".",
@@ -4983,12 +4990,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/aes/bsaes-x86_64.o" =>
-                [
-                    ".",
-                    "crypto/include",
-                    "include",
-                ],
             "crypto/aes/vpaes-x86_64.o" =>
                 [
                     ".",
@@ -7951,10 +7952,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -10095,6 +10092,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -10728,14 +10729,18 @@ our %unified_info = (
                 [
                     "apps/x509.c",
                 ],
-            "crypto/aes/aes-x86_64.o" =>
+            "crypto/aes/aes_cbc.o" =>
                 [
-                    "crypto/aes/aes-x86_64.s",
+                    "crypto/aes/aes_cbc.c",
                 ],
             "crypto/aes/aes_cfb.o" =>
                 [
                     "crypto/aes/aes_cfb.c",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    "crypto/aes/aes_core.c",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     "crypto/aes/aes_ecb.c",
@@ -10772,10 +10777,6 @@ our %unified_info = (
                 [
                     "crypto/aes/aesni-x86_64.s",
                 ],
-            "crypto/aes/bsaes-x86_64.o" =>
-                [
-                    "crypto/aes/bsaes-x86_64.s",
-                ],
             "crypto/aes/vpaes-x86_64.o" =>
                 [
                     "crypto/aes/vpaes-x86_64.s",
@@ -13469,8 +13470,9 @@ our %unified_info = (
                 ],
             "libcrypto" =>
                 [
-                    "crypto/aes/aes-x86_64.o",
+                    "crypto/aes/aes_cbc.o",
                     "crypto/aes/aes_cfb.o",
+                    "crypto/aes/aes_core.o",
                     "crypto/aes/aes_ecb.o",
                     "crypto/aes/aes_ige.o",
                     "crypto/aes/aes_misc.o",
@@ -13480,7 +13482,6 @@ our %unified_info = (
                     "crypto/aes/aesni-sha1-x86_64.o",
                     "crypto/aes/aesni-sha256-x86_64.o",
                     "crypto/aes/aesni-x86_64.o",
-                    "crypto/aes/bsaes-x86_64.o",
                     "crypto/aes/vpaes-x86_64.o",
                     "crypto/aria/aria.o",
                     "crypto/asn1/a_bitstr.o",
@@ -15383,6 +15384,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15728,6 +15730,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/crypto/buildinf.h b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/crypto/buildinf.h
index 2a445527f5408d..cc89c88b1cefa1 100644
--- a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: solaris64-x86_64-gcc"
-#define DATE "built on: Wed Jun 12 20:56:18 2019 UTC"
+#define DATE "built on: Fri Sep 13 16:02:25 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
@@ -36,11 +36,10 @@ static const char compiler_flags[] = {
     'A','S','M',' ','-','D','S','H','A','5','1','2','_','A','S','M',
     ' ','-','D','K','E','C','C','A','K','1','6','0','0','_','A','S',
     'M',' ','-','D','R','C','4','_','A','S','M',' ','-','D','M','D',
-    '5','_','A','S','M',' ','-','D','A','E','S','_','A','S','M',' ',
-    '-','D','V','P','A','E','S','_','A','S','M',' ','-','D','B','S',
-    'A','E','S','_','A','S','M',' ','-','D','G','H','A','S','H','_',
-    'A','S','M',' ','-','D','E','C','P','_','N','I','S','T','Z','2',
-    '5','6','_','A','S','M',' ','-','D','X','2','5','5','1','9','_',
-    'A','S','M',' ','-','D','P','O','L','Y','1','3','0','5','_','A',
-    'S','M',' ','-','D','N','D','E','B','U','G','\0'
+    '5','_','A','S','M',' ','-','D','V','P','A','E','S','_','A','S',
+    'M',' ','-','D','G','H','A','S','H','_','A','S','M',' ','-','D',
+    'E','C','P','_','N','I','S','T','Z','2','5','6','_','A','S','M',
+    ' ','-','D','X','2','5','5','1','9','_','A','S','M',' ','-','D',
+    'P','O','L','Y','1','3','0','5','_','A','S','M',' ','-','D','N',
+    'D','E','B','U','G','\0'
 };
diff --git a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/openssl-cl.gypi b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/openssl-cl.gypi
index 3f1cc15d57f749..ca28a8cbd3dede 100644
--- a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/openssl-cl.gypi
+++ b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/openssl-cl.gypi
@@ -16,9 +16,7 @@
       'KECCAK1600_ASM',
       'RC4_ASM',
       'MD5_ASM',
-      'AES_ASM',
       'VPAES_ASM',
-      'BSAES_ASM',
       'GHASH_ASM',
       'ECP_NISTZ256_ASM',
       'X25519_ASM',
diff --git a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/openssl.gypi b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/openssl.gypi
index 6b4f25afd2fd40..0a3feb2ad53f17 100644
--- a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/openssl.gypi
+++ b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm/openssl.gypi
@@ -45,7 +45,9 @@
       'openssl/ssl/t1_trce.c',
       'openssl/ssl/tls13_enc.c',
       'openssl/ssl/tls_srp.c',
+      'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
+      'openssl/crypto/aes/aes_core.c',
       'openssl/crypto/aes/aes_ecb.c',
       'openssl/crypto/aes/aes_ige.c',
       'openssl/crypto/aes/aes_misc.c',
@@ -675,12 +677,10 @@
       'openssl/engines/e_padlock.c',
     ],
     'openssl_sources_solaris64-x86_64-gcc': [
-      './config/archs/solaris64-x86_64-gcc/asm/crypto/aes/aes-x86_64.s',
       './config/archs/solaris64-x86_64-gcc/asm/crypto/aes/aesni-mb-x86_64.s',
       './config/archs/solaris64-x86_64-gcc/asm/crypto/aes/aesni-sha1-x86_64.s',
       './config/archs/solaris64-x86_64-gcc/asm/crypto/aes/aesni-sha256-x86_64.s',
       './config/archs/solaris64-x86_64-gcc/asm/crypto/aes/aesni-x86_64.s',
-      './config/archs/solaris64-x86_64-gcc/asm/crypto/aes/bsaes-x86_64.s',
       './config/archs/solaris64-x86_64-gcc/asm/crypto/aes/vpaes-x86_64.s',
       './config/archs/solaris64-x86_64-gcc/asm/crypto/bn/rsaz-avx2.s',
       './config/archs/solaris64-x86_64-gcc/asm/crypto/bn/rsaz-x86_64.s',
@@ -723,9 +723,7 @@
       'KECCAK1600_ASM',
       'RC4_ASM',
       'MD5_ASM',
-      'AES_ASM',
       'VPAES_ASM',
-      'BSAES_ASM',
       'GHASH_ASM',
       'ECP_NISTZ256_ASM',
       'X25519_ASM',
diff --git a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/configdata.pm b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/configdata.pm
index 6671dcb01b3f31..f10bb2324203ea 100644
--- a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/configdata.pm
+++ b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/configdata.pm
@@ -48,7 +48,7 @@ our %config = (
   export_var_as_fn => "0",
   includes => [  ],
   lflags => [  ],
-  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_MONT5", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "KECCAK1600_ASM", "RC4_ASM", "MD5_ASM", "AES_ASM", "VPAES_ASM", "BSAES_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "X25519_ASM", "POLY1305_ASM" ],
+  lib_defines => [ "OPENSSL_PIC", "OPENSSL_CPUID_OBJ", "OPENSSL_IA32_SSE2", "OPENSSL_BN_ASM_MONT", "OPENSSL_BN_ASM_MONT5", "OPENSSL_BN_ASM_GF2m", "SHA1_ASM", "SHA256_ASM", "SHA512_ASM", "KECCAK1600_ASM", "RC4_ASM", "MD5_ASM", "VPAES_ASM", "GHASH_ASM", "ECP_NISTZ256_ASM", "X25519_ASM", "POLY1305_ASM" ],
   libdir => "",
   major => "1",
   makedepprog => "\$(CROSS_COMPILE)../config/fake_gcc.pl",
@@ -111,8 +111,8 @@ our %config = (
   sourcedir => ".",
   target => "solaris64-x86_64-gcc",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -124,8 +124,8 @@ our %target = (
   RANLIB => "ranlib",
   RC => "windres",
   _conf_fname_int => [ "Configurations/00-base-templates.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/00-base-templates.conf", "Configurations/10-main.conf", "Configurations/shared-info.pl" ],
-  aes_asm_src => "aes-x86_64.s vpaes-x86_64.s bsaes-x86_64.s aesni-x86_64.s aesni-sha1-x86_64.s aesni-sha256-x86_64.s aesni-mb-x86_64.s",
-  aes_obj => "aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o",
+  aes_asm_src => "aes_core.c aes_cbc.c vpaes-x86_64.s aesni-x86_64.s aesni-sha1-x86_64.s aesni-sha256-x86_64.s aesni-mb-x86_64.s",
+  aes_obj => "aes_core.o aes_cbc.o vpaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o",
   apps_aux_src => "",
   apps_init_src => "",
   apps_obj => "",
@@ -1694,8 +1694,9 @@ our %unified_info = (
                 {
                     "deps" =>
                         [
-                            "crypto/aes/aes-x86_64.o",
+                            "crypto/aes/aes_cbc.o",
                             "crypto/aes/aes_cfb.o",
+                            "crypto/aes/aes_core.o",
                             "crypto/aes/aes_ecb.o",
                             "crypto/aes/aes_ige.o",
                             "crypto/aes/aes_misc.o",
@@ -1705,7 +1706,6 @@ our %unified_info = (
                             "crypto/aes/aesni-sha1-x86_64.o",
                             "crypto/aes/aesni-sha256-x86_64.o",
                             "crypto/aes/aesni-x86_64.o",
-                            "crypto/aes/bsaes-x86_64.o",
                             "crypto/aes/vpaes-x86_64.o",
                         ],
                     "products" =>
@@ -3260,6 +3260,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -4901,7 +4902,7 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/aes/aes-x86_64.o" =>
+            "crypto/aes/aes_cbc.o" =>
                 [
                     ".",
                     "crypto/include",
@@ -4913,6 +4914,12 @@ our %unified_info = (
                     "crypto/include",
                     "include",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    ".",
+                    "crypto/include",
+                    "include",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     ".",
@@ -4983,12 +4990,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/aes/bsaes-x86_64.o" =>
-                [
-                    ".",
-                    "crypto/include",
-                    "include",
-                ],
             "crypto/aes/vpaes-x86_64.o" =>
                 [
                     ".",
@@ -7951,10 +7952,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -10095,6 +10092,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -10728,14 +10729,18 @@ our %unified_info = (
                 [
                     "apps/x509.c",
                 ],
-            "crypto/aes/aes-x86_64.o" =>
+            "crypto/aes/aes_cbc.o" =>
                 [
-                    "crypto/aes/aes-x86_64.s",
+                    "crypto/aes/aes_cbc.c",
                 ],
             "crypto/aes/aes_cfb.o" =>
                 [
                     "crypto/aes/aes_cfb.c",
                 ],
+            "crypto/aes/aes_core.o" =>
+                [
+                    "crypto/aes/aes_core.c",
+                ],
             "crypto/aes/aes_ecb.o" =>
                 [
                     "crypto/aes/aes_ecb.c",
@@ -10772,10 +10777,6 @@ our %unified_info = (
                 [
                     "crypto/aes/aesni-x86_64.s",
                 ],
-            "crypto/aes/bsaes-x86_64.o" =>
-                [
-                    "crypto/aes/bsaes-x86_64.s",
-                ],
             "crypto/aes/vpaes-x86_64.o" =>
                 [
                     "crypto/aes/vpaes-x86_64.s",
@@ -13469,8 +13470,9 @@ our %unified_info = (
                 ],
             "libcrypto" =>
                 [
-                    "crypto/aes/aes-x86_64.o",
+                    "crypto/aes/aes_cbc.o",
                     "crypto/aes/aes_cfb.o",
+                    "crypto/aes/aes_core.o",
                     "crypto/aes/aes_ecb.o",
                     "crypto/aes/aes_ige.o",
                     "crypto/aes/aes_misc.o",
@@ -13480,7 +13482,6 @@ our %unified_info = (
                     "crypto/aes/aesni-sha1-x86_64.o",
                     "crypto/aes/aesni-sha256-x86_64.o",
                     "crypto/aes/aesni-x86_64.o",
-                    "crypto/aes/bsaes-x86_64.o",
                     "crypto/aes/vpaes-x86_64.o",
                     "crypto/aria/aria.o",
                     "crypto/asn1/a_bitstr.o",
@@ -15383,6 +15384,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15728,6 +15730,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/crypto/buildinf.h b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/crypto/buildinf.h
index 520fa202d728df..c7f32e0bb8b008 100644
--- a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/crypto/buildinf.h
+++ b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: solaris64-x86_64-gcc"
-#define DATE "built on: Wed Jun 12 20:56:28 2019 UTC"
+#define DATE "built on: Fri Sep 13 16:02:40 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
@@ -37,11 +37,10 @@ static const char compiler_flags[] = {
     '6','_','A','S','M',' ','-','D','S','H','A','5','1','2','_','A',
     'S','M',' ','-','D','K','E','C','C','A','K','1','6','0','0','_',
     'A','S','M',' ','-','D','R','C','4','_','A','S','M',' ','-','D',
-    'M','D','5','_','A','S','M',' ','-','D','A','E','S','_','A','S',
-    'M',' ','-','D','V','P','A','E','S','_','A','S','M',' ','-','D',
-    'B','S','A','E','S','_','A','S','M',' ','-','D','G','H','A','S',
-    'H','_','A','S','M',' ','-','D','E','C','P','_','N','I','S','T',
-    'Z','2','5','6','_','A','S','M',' ','-','D','X','2','5','5','1',
-    '9','_','A','S','M',' ','-','D','P','O','L','Y','1','3','0','5',
-    '_','A','S','M',' ','-','D','N','D','E','B','U','G','\0'
+    'M','D','5','_','A','S','M',' ','-','D','V','P','A','E','S','_',
+    'A','S','M',' ','-','D','G','H','A','S','H','_','A','S','M',' ',
+    '-','D','E','C','P','_','N','I','S','T','Z','2','5','6','_','A',
+    'S','M',' ','-','D','X','2','5','5','1','9','_','A','S','M',' ',
+    '-','D','P','O','L','Y','1','3','0','5','_','A','S','M',' ','-',
+    'D','N','D','E','B','U','G','\0'
 };
diff --git a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/openssl-cl.gypi b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/openssl-cl.gypi
index 3f1cc15d57f749..ca28a8cbd3dede 100644
--- a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/openssl-cl.gypi
+++ b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/openssl-cl.gypi
@@ -16,9 +16,7 @@
       'KECCAK1600_ASM',
       'RC4_ASM',
       'MD5_ASM',
-      'AES_ASM',
       'VPAES_ASM',
-      'BSAES_ASM',
       'GHASH_ASM',
       'ECP_NISTZ256_ASM',
       'X25519_ASM',
diff --git a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/openssl.gypi b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/openssl.gypi
index 62c6704228678c..a634c666572987 100644
--- a/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/openssl.gypi
+++ b/deps/openssl/config/archs/solaris64-x86_64-gcc/asm_avx2/openssl.gypi
@@ -45,7 +45,9 @@
       'openssl/ssl/t1_trce.c',
       'openssl/ssl/tls13_enc.c',
       'openssl/ssl/tls_srp.c',
+      'openssl/crypto/aes/aes_cbc.c',
       'openssl/crypto/aes/aes_cfb.c',
+      'openssl/crypto/aes/aes_core.c',
       'openssl/crypto/aes/aes_ecb.c',
       'openssl/crypto/aes/aes_ige.c',
       'openssl/crypto/aes/aes_misc.c',
@@ -675,12 +677,10 @@
       'openssl/engines/e_padlock.c',
     ],
     'openssl_sources_solaris64-x86_64-gcc': [
-      './config/archs/solaris64-x86_64-gcc/asm_avx2/crypto/aes/aes-x86_64.s',
       './config/archs/solaris64-x86_64-gcc/asm_avx2/crypto/aes/aesni-mb-x86_64.s',
       './config/archs/solaris64-x86_64-gcc/asm_avx2/crypto/aes/aesni-sha1-x86_64.s',
       './config/archs/solaris64-x86_64-gcc/asm_avx2/crypto/aes/aesni-sha256-x86_64.s',
       './config/archs/solaris64-x86_64-gcc/asm_avx2/crypto/aes/aesni-x86_64.s',
-      './config/archs/solaris64-x86_64-gcc/asm_avx2/crypto/aes/bsaes-x86_64.s',
       './config/archs/solaris64-x86_64-gcc/asm_avx2/crypto/aes/vpaes-x86_64.s',
       './config/archs/solaris64-x86_64-gcc/asm_avx2/crypto/bn/rsaz-avx2.s',
       './config/archs/solaris64-x86_64-gcc/asm_avx2/crypto/bn/rsaz-x86_64.s',
@@ -723,9 +723,7 @@
       'KECCAK1600_ASM',
       'RC4_ASM',
       'MD5_ASM',
-      'AES_ASM',
       'VPAES_ASM',
-      'BSAES_ASM',
       'GHASH_ASM',
       'ECP_NISTZ256_ASM',
       'X25519_ASM',
diff --git a/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/configdata.pm b/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/configdata.pm
index 79ed1305fa5e2b..50438e79f77475 100644
--- a/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/configdata.pm
+++ b/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/configdata.pm
@@ -110,8 +110,8 @@ our %config = (
   sourcedir => ".",
   target => "solaris64-x86_64-gcc",
   tdirs => [ "ossl_shim" ],
-  version => "1.1.1c",
-  version_num => "0x1010103fL",
+  version => "1.1.1d",
+  version_num => "0x1010104fL",
 );
 
 our %target = (
@@ -3222,6 +3222,7 @@ our %unified_info = (
                             "test/testutil/init.o",
                             "test/testutil/main.o",
                             "test/testutil/output_helpers.o",
+                            "test/testutil/random.o",
                             "test/testutil/stanza.o",
                             "test/testutil/tap_bio.o",
                             "test/testutil/test_cleanup.o",
@@ -7823,10 +7824,6 @@ our %unified_info = (
                 [
                     "crypto",
                 ],
-            "crypto/poly1305/poly1305-s390x.o" =>
-                [
-                    "crypto",
-                ],
             "crypto/poly1305/poly1305-sparcv9.o" =>
                 [
                     "crypto",
@@ -9919,6 +9916,10 @@ our %unified_info = (
                 [
                     "include",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "include",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "include",
@@ -15092,6 +15093,7 @@ our %unified_info = (
                     "test/testutil/init.o",
                     "test/testutil/main.o",
                     "test/testutil/output_helpers.o",
+                    "test/testutil/random.o",
                     "test/testutil/stanza.o",
                     "test/testutil/tap_bio.o",
                     "test/testutil/test_cleanup.o",
@@ -15437,6 +15439,10 @@ our %unified_info = (
                 [
                     "test/testutil/output_helpers.c",
                 ],
+            "test/testutil/random.o" =>
+                [
+                    "test/testutil/random.c",
+                ],
             "test/testutil/stanza.o" =>
                 [
                     "test/testutil/stanza.c",
diff --git a/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/crypto/buildinf.h b/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/crypto/buildinf.h
index c2dadd29d23e56..ae3b2d62e6e569 100644
--- a/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/crypto/buildinf.h
+++ b/deps/openssl/config/archs/solaris64-x86_64-gcc/no-asm/crypto/buildinf.h
@@ -11,7 +11,7 @@
  */
 
 #define PLATFORM "platform: solaris64-x86_64-gcc"
-#define DATE "built on: Wed Jun 12 20:56:38 2019 UTC"
+#define DATE "built on: Fri Sep 13 16:02:54 2019 UTC"
 
 /*
  * Generate compiler_flags as an array of individual characters. This is a
diff --git a/deps/openssl/openssl/crypto/include/internal/bn_conf.h b/deps/openssl/openssl/crypto/include/internal/bn_conf.h
new file mode 100644
index 00000000000000..79400c6472a49c
--- /dev/null
+++ b/deps/openssl/openssl/crypto/include/internal/bn_conf.h
@@ -0,0 +1 @@
+#include "../../../config/bn_conf.h"
diff --git a/deps/openssl/openssl/crypto/include/internal/dso_conf.h b/deps/openssl/openssl/crypto/include/internal/dso_conf.h
new file mode 100644
index 00000000000000..e7f2afa9872320
--- /dev/null
+++ b/deps/openssl/openssl/crypto/include/internal/dso_conf.h
@@ -0,0 +1 @@
+#include "../../../config/dso_conf.h"
diff --git a/deps/openssl/openssl/include/openssl/opensslconf.h b/deps/openssl/openssl/include/openssl/opensslconf.h
new file mode 100644
index 00000000000000..76c99d433ab886
--- /dev/null
+++ b/deps/openssl/openssl/include/openssl/opensslconf.h
@@ -0,0 +1 @@
+#include "../../config/opensslconf.h"

From 3153dd67668d28c551f571636927613cd4f8c0c4 Mon Sep 17 00:00:00 2001
From: Sam Roberts <vieuxtech@gmail.com>
Date: Fri, 13 Sep 2019 13:19:06 -0700
Subject: [PATCH 10/65] test: well-defined DH groups now verify clean

OpenSSL 1.1.1d no longer generates warnings for some DH groups that used
to be considered unsafe. See below for discussion. This is considered a
bug fix.

See:
- https://github.com/openssl/openssl/pull/9363
- https://github.com/openssl/openssl/pull/9363#discussion_r324802618

PR-URL: https://github.com/nodejs/node/pull/29550
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
---
 test/parallel/test-crypto-binary-default.js |  4 +---
 test/parallel/test-crypto-dh.js             | 19 +++++++------------
 2 files changed, 8 insertions(+), 15 deletions(-)

diff --git a/test/parallel/test-crypto-binary-default.js b/test/parallel/test-crypto-binary-default.js
index c96253bc44d450..93ac0ef23e0afa 100644
--- a/test/parallel/test-crypto-binary-default.js
+++ b/test/parallel/test-crypto-binary-default.js
@@ -36,7 +36,6 @@ const crypto = require('crypto');
 const fs = require('fs');
 const tls = require('tls');
 const fixtures = require('../common/fixtures');
-const DH_NOT_SUITABLE_GENERATOR = crypto.constants.DH_NOT_SUITABLE_GENERATOR;
 
 require('internal/crypto/util').setDefaultEncoding('latin1');
 
@@ -615,8 +614,7 @@ common.expectsError(
             '020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' +
             '4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' +
             'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF';
-  const d = crypto.createDiffieHellman(p, 'hex');
-  assert.strictEqual(d.verifyError, DH_NOT_SUITABLE_GENERATOR);
+  crypto.createDiffieHellman(p, 'hex');
 
   // Test RSA key signing/verification
   const rsaSign = crypto.createSign('SHA1');
diff --git a/test/parallel/test-crypto-dh.js b/test/parallel/test-crypto-dh.js
index 1fc8564ca16fcd..bf991a5c34ea86 100644
--- a/test/parallel/test-crypto-dh.js
+++ b/test/parallel/test-crypto-dh.js
@@ -6,8 +6,6 @@ if (!common.hasCrypto)
 const assert = require('assert');
 const crypto = require('crypto');
 
-const DH_NOT_SUITABLE_GENERATOR = crypto.constants.DH_NOT_SUITABLE_GENERATOR;
-
 // Test Diffie-Hellman with two parties sharing a secret,
 // using various encodings as we go along
 const dh1 = crypto.createDiffieHellman(common.hasFipsCrypto ? 1024 : 256);
@@ -126,8 +124,6 @@ bob.generateKeys();
 const aSecret = alice.computeSecret(bob.getPublicKey()).toString('hex');
 const bSecret = bob.computeSecret(alice.getPublicKey()).toString('hex');
 assert.strictEqual(aSecret, bSecret);
-assert.strictEqual(alice.verifyError, DH_NOT_SUITABLE_GENERATOR);
-assert.strictEqual(bob.verifyError, DH_NOT_SUITABLE_GENERATOR);
 
 /* Ensure specific generator (buffer) works as expected.
  * The values below (modp2/modp2buf) are for a 1024 bits long prime from
@@ -158,8 +154,6 @@ const modp2buf = Buffer.from([
   const exmodp2Secret = exmodp2.computeSecret(modp2.getPublicKey())
       .toString('hex');
   assert.strictEqual(modp2Secret, exmodp2Secret);
-  assert.strictEqual(modp2.verifyError, DH_NOT_SUITABLE_GENERATOR);
-  assert.strictEqual(exmodp2.verifyError, DH_NOT_SUITABLE_GENERATOR);
 }
 
 for (const buf of [modp2buf, ...common.getArrayBufferViews(modp2buf)]) {
@@ -172,7 +166,6 @@ for (const buf of [modp2buf, ...common.getArrayBufferViews(modp2buf)]) {
   const exmodp2Secret = exmodp2.computeSecret(modp2.getPublicKey())
       .toString('hex');
   assert.strictEqual(modp2Secret, exmodp2Secret);
-  assert.strictEqual(exmodp2.verifyError, DH_NOT_SUITABLE_GENERATOR);
 }
 
 {
@@ -184,7 +177,6 @@ for (const buf of [modp2buf, ...common.getArrayBufferViews(modp2buf)]) {
   const exmodp2Secret = exmodp2.computeSecret(modp2.getPublicKey())
       .toString('hex');
   assert.strictEqual(modp2Secret, exmodp2Secret);
-  assert.strictEqual(exmodp2.verifyError, DH_NOT_SUITABLE_GENERATOR);
 }
 
 {
@@ -196,17 +188,20 @@ for (const buf of [modp2buf, ...common.getArrayBufferViews(modp2buf)]) {
   const exmodp2Secret = exmodp2.computeSecret(modp2.getPublicKey())
       .toString('hex');
   assert.strictEqual(modp2Secret, exmodp2Secret);
-  assert.strictEqual(exmodp2.verifyError, DH_NOT_SUITABLE_GENERATOR);
 }
 
-
+// Second OAKLEY group, see
+// https://github.com/nodejs/node-v0.x-archive/issues/2338 and
+// https://xml2rfc.tools.ietf.org/public/rfc/html/rfc2412.html#anchor49
 const p = 'FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74' +
           '020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F1437' +
           '4FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED' +
           'EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381FFFFFFFFFFFFFFFF';
-const bad_dh = crypto.createDiffieHellman(p, 'hex');
-assert.strictEqual(bad_dh.verifyError, DH_NOT_SUITABLE_GENERATOR);
+crypto.createDiffieHellman(p, 'hex');
 
+// Confirm DH_check() results are exposed for optional examination.
+const bad_dh = crypto.createDiffieHellman('02', 'hex');
+assert.notStrictEqual(bad_dh.verifyError, 0);
 
 const availableCurves = new Set(crypto.getCurves());
 const availableHashes = new Set(crypto.getHashes());

From 75f3b28d675d53c6bf24439878bf4ea5d76b332e Mon Sep 17 00:00:00 2001
From: Ruben Bridgewater <ruben@bridgewater.de>
Date: Mon, 23 Sep 2019 23:35:24 +0200
Subject: [PATCH 11/65] crypto: refactor array buffer view validation

This is just a refactoring to reduce code and computational overhead.

PR-URL: https://github.com/nodejs/node/pull/29683
Reviewed-By: James M Snell <jasnell@gmail.com>
---
 lib/internal/crypto/certificate.js | 29 +++++++----------------------
 lib/internal/crypto/cipher.js      | 23 +++++------------------
 lib/internal/crypto/pbkdf2.js      |  6 +++---
 lib/internal/crypto/scrypt.js      |  6 +++---
 lib/internal/crypto/sig.js         |  9 +++------
 lib/internal/crypto/util.js        | 23 +++++++++++++++--------
 lib/internal/validators.js         |  3 ---
 7 files changed, 36 insertions(+), 63 deletions(-)

diff --git a/lib/internal/crypto/certificate.js b/lib/internal/crypto/certificate.js
index d828bef0f6ae2d..b9a86b00702366 100644
--- a/lib/internal/crypto/certificate.js
+++ b/lib/internal/crypto/certificate.js
@@ -9,11 +9,8 @@ const {
   validateBuffer
 } = require('internal/validators');
 
-const { ERR_INVALID_ARG_TYPE } = require('internal/errors').codes;
-const { isArrayBufferView } = require('internal/util/types');
-
 const {
-  toBuf
+  getArrayBufferView
 } = require('internal/crypto/util');
 
 function verifySpkac(spkac) {
@@ -22,27 +19,15 @@ function verifySpkac(spkac) {
 }
 
 function exportPublicKey(spkac, encoding) {
-  spkac = toBuf(spkac, encoding);
-  if (!isArrayBufferView(spkac)) {
-    throw new ERR_INVALID_ARG_TYPE(
-      'spkac',
-      ['string', 'Buffer', 'TypedArray', 'DataView'],
-      spkac
-    );
-  }
-  return certExportPublicKey(spkac);
+  return certExportPublicKey(
+    getArrayBufferView(spkac, 'spkac', encoding)
+  );
 }
 
 function exportChallenge(spkac, encoding) {
-  spkac = toBuf(spkac, encoding);
-  if (!isArrayBufferView(spkac)) {
-    throw new ERR_INVALID_ARG_TYPE(
-      'spkac',
-      ['string', 'Buffer', 'TypedArray', 'DataView'],
-      spkac
-    );
-  }
-  return certExportChallenge(spkac);
+  return certExportChallenge(
+    getArrayBufferView(spkac, 'spkac', encoding)
+  );
 }
 
 // For backwards compatibility reasons, this cannot be converted into a
diff --git a/lib/internal/crypto/cipher.js b/lib/internal/crypto/cipher.js
index fd34b7df7ec9f5..c888d5fdaef8d9 100644
--- a/lib/internal/crypto/cipher.js
+++ b/lib/internal/crypto/cipher.js
@@ -22,7 +22,7 @@ const {
 const {
   getDefaultEncoding,
   kHandle,
-  toBuf
+  getArrayBufferView
 } = require('internal/crypto/util');
 
 const { isArrayBufferView } = require('internal/util/types');
@@ -105,20 +105,9 @@ function createCipherBase(cipher, credential, options, decipher, iv) {
   LazyTransform.call(this, options);
 }
 
-function invalidArrayBufferView(name, value) {
-  return new ERR_INVALID_ARG_TYPE(
-    name,
-    ['string', 'Buffer', 'TypedArray', 'DataView'],
-    value
-  );
-}
-
 function createCipher(cipher, password, options, decipher) {
   validateString(cipher, 'cipher');
-  password = toBuf(password);
-  if (!isArrayBufferView(password)) {
-    throw invalidArrayBufferView('password', password);
-  }
+  password = getArrayBufferView(password, 'password');
 
   createCipherBase.call(this, cipher, password, options, decipher);
 }
@@ -126,10 +115,7 @@ function createCipher(cipher, password, options, decipher) {
 function createCipherWithIV(cipher, key, options, decipher, iv) {
   validateString(cipher, 'cipher');
   key = prepareSecretKey(key);
-  iv = toBuf(iv);
-  if (iv !== null && !isArrayBufferView(iv)) {
-    throw invalidArrayBufferView('iv', iv);
-  }
+  iv = iv === null ? null : getArrayBufferView(iv, 'iv');
   createCipherBase.call(this, cipher, key, options, decipher, iv);
 }
 
@@ -164,7 +150,8 @@ Cipher.prototype.update = function update(data, inputEncoding, outputEncoding) {
   outputEncoding = outputEncoding || encoding;
 
   if (typeof data !== 'string' && !isArrayBufferView(data)) {
-    throw invalidArrayBufferView('data', data);
+    throw new ERR_INVALID_ARG_TYPE(
+      'data', ['string', 'Buffer', 'TypedArray', 'DataView'], data);
   }
 
   const ret = this[kHandle].update(data, inputEncoding);
diff --git a/lib/internal/crypto/pbkdf2.js b/lib/internal/crypto/pbkdf2.js
index d8c4bc9b518dc1..1c2288b65f1a25 100644
--- a/lib/internal/crypto/pbkdf2.js
+++ b/lib/internal/crypto/pbkdf2.js
@@ -13,7 +13,7 @@ const {
 } = require('internal/errors').codes;
 const {
   getDefaultEncoding,
-  validateArrayBufferView,
+  getArrayBufferView,
 } = require('internal/crypto/util');
 
 function pbkdf2(password, salt, iterations, keylen, digest, callback) {
@@ -64,8 +64,8 @@ function check(password, salt, iterations, keylen, digest) {
     digest = defaultDigest();
   }
 
-  password = validateArrayBufferView(password, 'password');
-  salt = validateArrayBufferView(salt, 'salt');
+  password = getArrayBufferView(password, 'password');
+  salt = getArrayBufferView(salt, 'salt');
   validateUint32(iterations, 'iterations', 0);
   validateUint32(keylen, 'keylen', 0);
 
diff --git a/lib/internal/crypto/scrypt.js b/lib/internal/crypto/scrypt.js
index e2751f8fa58261..cd18f671b18b73 100644
--- a/lib/internal/crypto/scrypt.js
+++ b/lib/internal/crypto/scrypt.js
@@ -11,7 +11,7 @@ const {
 } = require('internal/errors').codes;
 const {
   getDefaultEncoding,
-  validateArrayBufferView,
+  getArrayBufferView,
 } = require('internal/crypto/util');
 
 const defaults = {
@@ -72,8 +72,8 @@ function check(password, salt, keylen, options) {
   if (_scrypt === undefined)
     throw new ERR_CRYPTO_SCRYPT_NOT_SUPPORTED();
 
-  password = validateArrayBufferView(password, 'password');
-  salt = validateArrayBufferView(salt, 'salt');
+  password = getArrayBufferView(password, 'password');
+  salt = getArrayBufferView(salt, 'salt');
   validateUint32(keylen, 'keylen');
 
   let { N, r, p, maxmem } = defaults;
diff --git a/lib/internal/crypto/sig.js b/lib/internal/crypto/sig.js
index b6a3376e735094..9b9c32e59c8fd0 100644
--- a/lib/internal/crypto/sig.js
+++ b/lib/internal/crypto/sig.js
@@ -17,8 +17,7 @@ const {
 const {
   getDefaultEncoding,
   kHandle,
-  toBuf,
-  validateArrayBufferView,
+  getArrayBufferView,
 } = require('internal/crypto/util');
 const {
   preparePrivateKey,
@@ -47,8 +46,7 @@ Sign.prototype._write = function _write(chunk, encoding, callback) {
 
 Sign.prototype.update = function update(data, encoding) {
   encoding = encoding || getDefaultEncoding();
-  data = validateArrayBufferView(toBuf(data, encoding),
-                                 'data');
+  data = getArrayBufferView(data, 'data', encoding);
   this[kHandle].update(data);
   return this;
 };
@@ -154,8 +152,7 @@ Verify.prototype.verify = function verify(options, signature, sigEncoding) {
 
   const pssSaltLength = getSaltLength(options);
 
-  signature = validateArrayBufferView(toBuf(signature, sigEncoding),
-                                      'signature');
+  signature = getArrayBufferView(signature, 'signature', sigEncoding);
 
   return this[kHandle].verify(data, format, type, passphrase, signature,
                               rsaPadding, pssSaltLength);
diff --git a/lib/internal/crypto/util.js b/lib/internal/crypto/util.js
index 544d44669ae466..8bf66e9cdf3268 100644
--- a/lib/internal/crypto/util.js
+++ b/lib/internal/crypto/util.js
@@ -13,10 +13,13 @@ const {
 } = internalBinding('constants').crypto;
 
 const {
-  ERR_CRYPTO_ENGINE_UNKNOWN,
-  ERR_CRYPTO_TIMING_SAFE_EQUAL_LENGTH,
-  ERR_INVALID_ARG_TYPE,
-} = require('internal/errors').codes;
+  hideStackFrames,
+  codes: {
+    ERR_CRYPTO_ENGINE_UNKNOWN,
+    ERR_CRYPTO_TIMING_SAFE_EQUAL_LENGTH,
+    ERR_INVALID_ARG_TYPE,
+  }
+} = require('internal/errors');
 const { validateString } = require('internal/validators');
 const { Buffer } = require('buffer');
 const {
@@ -84,8 +87,12 @@ function timingSafeEqual(buf1, buf2) {
   return _timingSafeEqual(buf1, buf2);
 }
 
-function validateArrayBufferView(buffer, name) {
-  buffer = toBuf(buffer);
+const getArrayBufferView = hideStackFrames((buffer, name, encoding) => {
+  if (typeof buffer === 'string') {
+    if (encoding === 'buffer')
+      encoding = 'utf8';
+    return Buffer.from(buffer, encoding);
+  }
   if (!isArrayBufferView(buffer)) {
     throw new ERR_INVALID_ARG_TYPE(
       name,
@@ -94,10 +101,10 @@ function validateArrayBufferView(buffer, name) {
     );
   }
   return buffer;
-}
+});
 
 module.exports = {
-  validateArrayBufferView,
+  getArrayBufferView,
   getCiphers,
   getCurves,
   getDefaultEncoding,
diff --git a/lib/internal/validators.js b/lib/internal/validators.js
index 8f5605dad25fd1..67219479a490b6 100644
--- a/lib/internal/validators.js
+++ b/lib/internal/validators.js
@@ -131,9 +131,6 @@ function validateSignalName(signal, name = 'signal') {
   }
 }
 
-// TODO(BridgeAR): We have multiple validation functions that call
-// `require('internal/utils').toBuf()` before validating for array buffer views.
-// Those should likely also be consolidated in here.
 const validateBuffer = hideStackFrames((buffer, name = 'buffer') => {
   if (!isArrayBufferView(buffer)) {
     throw new ERR_INVALID_ARG_TYPE(name,

From bc48646206bebcdf40c2c37511a2dacdd51d5050 Mon Sep 17 00:00:00 2001
From: Thomas Watson <w@tson.dk>
Date: Sun, 29 Sep 2019 20:49:32 +0200
Subject: [PATCH 12/65] doc: improve process.ppid 'added in' info

PR-URL: https://github.com/nodejs/node/pull/29772
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
---
 doc/api/process.md | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/doc/api/process.md b/doc/api/process.md
index bf632a199000ce..ae0dd86bc00548 100644
--- a/doc/api/process.md
+++ b/doc/api/process.md
@@ -1637,7 +1637,10 @@ Android operating system. However, Android support in Node.js
 
 ## process.ppid
 <!-- YAML
-added: v9.2.0
+added:
+  - v9.2.0
+  - v8.10.0
+  - v6.13.0
 -->
 
 * {integer}

From f91778d2c72778bbe0da0f618277a6a231fc4857 Mon Sep 17 00:00:00 2001
From: Sam Roberts <vieuxtech@gmail.com>
Date: Thu, 26 Sep 2019 12:51:46 -0700
Subject: [PATCH 13/65] build: remove unused libatomic on ppc64, s390x
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The library is not necessary for ppc64 or s390x. It does no harm with
some linkers, but devtoolset-6 creates runtime dependencies on all link
libraries, even unused ones.

Fixes: https://github.com/nodejs/node/issues/27377
Fixes: https://github.com/nodejs/node/issues/29718

PR-URL: https://github.com/nodejs/node/pull/29727
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
---
 tools/v8_gypfiles/v8.gyp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tools/v8_gypfiles/v8.gyp b/tools/v8_gypfiles/v8.gyp
index 00e285ec2c2025..a506a67dba6d42 100644
--- a/tools/v8_gypfiles/v8.gyp
+++ b/tools/v8_gypfiles/v8.gyp
@@ -795,7 +795,7 @@
         }],
         # Platforms that don't have Compare-And-Swap (CAS) support need to link atomic library
         # to implement atomic memory access
-        ['v8_current_cpu in ["mips", "mipsel", "mips64", "mips64el", "ppc", "ppc64", "s390x"]', {
+        ['v8_current_cpu in ["mips", "mipsel", "mips64", "mips64el", "ppc"]', {
           'link_settings': {
             'libraries': ['-latomic', ],
           },

From 03ec4cea3091a09d9934bd21273eb9f795d61845 Mon Sep 17 00:00:00 2001
From: Sam Roberts <vieuxtech@gmail.com>
Date: Thu, 26 Sep 2019 15:17:30 -0700
Subject: [PATCH 14/65] build: do not link against librt on linux
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR-URL: https://github.com/nodejs/node/pull/29727
Fixes: https://github.com/nodejs/node/issues/27377
Fixes: https://github.com/nodejs/node/issues/29718
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
---
 node.gypi | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/node.gypi b/node.gypi
index df10c972804218..05d80e846cffd3 100644
--- a/node.gypi
+++ b/node.gypi
@@ -291,6 +291,11 @@
     [ 'OS=="sunos"', {
       'ldflags': [ '-Wl,-M,/usr/lib/ld/map.noexstk' ],
     }],
+    [ 'OS=="linux"', {
+      'libraries!': [
+        '-lrt'
+      ],
+    }],
     [ 'OS in "freebsd linux"', {
       'ldflags': [ '-Wl,-z,relro',
                    '-Wl,-z,now' ]

From 401f3e723502bfc2181c5d4cccd6444d7103fc55 Mon Sep 17 00:00:00 2001
From: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
Date: Sun, 29 Sep 2019 16:53:43 +0300
Subject: [PATCH 15/65] doc: fix nits in dgram.md

* Make a section with a history remark a YAML section
  of the relevant method.
  Refs: https://github.com/nodejs/node/pull/29761#discussion_r329354848
* Make a bold line a real heading to be included in the TOC.
* Add formal return types.
* Reduce redundancy in a description.
* Unify link format.
* Fix ASCII sorting in bottom references.

PR-URL: https://github.com/nodejs/node/pull/29761
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Minwoo Jung <minwoo@nodesource.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
---
 doc/api/dgram.md | 41 +++++++++++++----------------------------
 1 file changed, 13 insertions(+), 28 deletions(-)

diff --git a/doc/api/dgram.md b/doc/api/dgram.md
index ef8cc69b7d18e1..7d8684f7f6daa7 100644
--- a/doc/api/dgram.md
+++ b/doc/api/dgram.md
@@ -137,6 +137,11 @@ properties.
 ### socket.bind([port][, address][, callback])
 <!-- YAML
 added: v0.1.99
+changes:
+  - version: v0.10
+    description: The method was changed to an asynchronous execution model.
+                 Legacy code would need to be changed to pass a callback
+                 function to the method call.
 -->
 
 * `port` {integer}
@@ -216,7 +221,7 @@ Specifying both a `'listening'` event listener and passing a
 useful.
 
 The `options` object may contain an additional `exclusive` property that is
-used when using `dgram.Socket` objects with the [`cluster`] module. When
+used when using `dgram.Socket` objects with the [`cluster`][] module. When
 `exclusive` is set to `false` (the default), cluster workers will use the same
 underlying socket handle allowing connection handling duties to be shared.
 When `exclusive` is `true`, however, the handle is not shared and attempted
@@ -311,6 +316,8 @@ added: v8.7.0
 added: v0.9.1
 -->
 
+* Returns: {dgram.Socket}
+
 By default, binding a socket will cause it to block the Node.js process from
 exiting as long as the socket is open. The `socket.unref()` method can be used
 to exclude the socket from the reference counting that keeps the Node.js
@@ -444,7 +451,7 @@ client.connect(41234, 'localhost', (err) => {
 });
 ```
 
-**A Note about UDP datagram size**
+#### Note about UDP datagram size
 
 The maximum size of an `IPv4/v6` datagram depends on the `MTU`
 (_Maximum Transmission Unit_) and on the `Payload Length` field size.
@@ -626,6 +633,8 @@ The default on most systems is 64 but can vary.
 added: v0.9.1
 -->
 
+* Returns: {dgram.Socket}
+
 By default, binding a socket will cause it to block the Node.js process from
 exiting as long as the socket is open. The `socket.unref()` method can be used
 to exclude the socket from the reference counting that keeps the Node.js
@@ -637,27 +646,6 @@ Calling `socket.unref()` multiple times will have no addition effect.
 The `socket.unref()` method returns a reference to the socket so calls can be
 chained.
 
-### Change to asynchronous `socket.bind()` behavior
-
-As of Node.js v0.10, [`dgram.Socket#bind()`][] changed to an asynchronous
-execution model. Legacy code would use synchronous behavior:
-
-```js
-const s = dgram.createSocket('udp4');
-s.bind(1234);
-s.addMembership('224.0.0.114');
-```
-
-Such legacy code would need to be changed to pass a callback function to the
-[`dgram.Socket#bind()`][] function:
-
-```js
-const s = dgram.createSocket('udp4');
-s.bind(1234, () => {
-  s.addMembership('224.0.0.114');
-});
-```
-
 ## `dgram` module functions
 
 ### dgram.createSocket(options[, callback])
@@ -708,9 +696,7 @@ added: v0.1.99
 * `callback` {Function} - Attached as a listener to `'message'` events.
 * Returns: {dgram.Socket}
 
-Creates a `dgram.Socket` object of the specified `type`. The `type` argument
-can be either `'udp4'` or `'udp6'`. An optional `callback` function can be
-passed which is added as a listener for `'message'` events.
+Creates a `dgram.Socket` object of the specified `type`.
 
 Once the socket is created, calling [`socket.bind()`][] will instruct the
 socket to begin listening for datagram messages. When `address` and `port` are
@@ -720,14 +706,13 @@ and `udp6` sockets). The bound address and port can be retrieved using
 [`socket.address().address`][] and [`socket.address().port`][].
 
 [`'close'`]: #dgram_event_close
-[`Error`]: errors.html#errors_class_error
 [`ERR_SOCKET_DGRAM_IS_CONNECTED`]: errors.html#errors_err_socket_dgram_is_connected
 [`ERR_SOCKET_DGRAM_NOT_CONNECTED`]: errors.html#errors_err_socket_dgram_not_connected
+[`Error`]: errors.html#errors_class_error
 [`System Error`]: errors.html#errors_class_systemerror
 [`close()`]: #dgram_socket_close_callback
 [`cluster`]: cluster.html
 [`connect()`]: #dgram_socket_connect_port_address_callback
-[`dgram.Socket#bind()`]: #dgram_socket_bind_options_callback
 [`dgram.createSocket()`]: #dgram_dgram_createsocket_options_callback
 [`dns.lookup()`]: dns.html#dns_dns_lookup_hostname_options_callback
 [`socket.address().address`]: #dgram_socket_address

From 906245e1a4519678fe237b252ce4936730a2a345 Mon Sep 17 00:00:00 2001
From: Rich Trott <rtrott@gmail.com>
Date: Sun, 29 Sep 2019 19:30:44 -0700
Subject: [PATCH 16/65] doc: clarify --pending-deprecation effects on Buffer()
 usage

Refs: https://github.com/nodejs/node/pull/29725#issuecomment-535723152

PR-URL: https://github.com/nodejs/node/pull/29769
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
---
 doc/api/deprecations.md | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/doc/api/deprecations.md b/doc/api/deprecations.md
index 7c96ac1d05d2f0..35bda82f591a47 100644
--- a/doc/api/deprecations.md
+++ b/doc/api/deprecations.md
@@ -154,9 +154,10 @@ objects:
 * [`Buffer.from(string[, encoding])`][from_string_encoding] - Create a `Buffer`
   that copies `string`.
 
-As of v10.0.0, a deprecation warning is printed at runtime when
-`--pending-deprecation` is used or when the calling code is
-outside `node_modules` in order to better target developers, rather than users.
+Without `--pending-deprecation`, runtime warnings occur only for code not in
+`node_modules`. This means there will not be deprecation warnings for
+`Buffer()` usage in dependencies. With `--pending-deprecation`, a runtime
+warning results no matter where the `Buffer()` usage occurs.
 
 <a id="DEP0006"></a>
 ### DEP0006: child\_process options.customFds

From 60b1f6f303c51e88d668239898b2f414321198eb Mon Sep 17 00:00:00 2001
From: Nick Schonning <nschonni@gmail.com>
Date: Tue, 1 Oct 2019 01:17:13 -0400
Subject: [PATCH 17/65] doc: complete cut off links in old changelog

PR-URL: https://github.com/nodejs/node/pull/29558
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
---
 doc/changelogs/CHANGELOG_IOJS.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/doc/changelogs/CHANGELOG_IOJS.md b/doc/changelogs/CHANGELOG_IOJS.md
index 658a92258ef0a0..6c5f87e557443a 100644
--- a/doc/changelogs/CHANGELOG_IOJS.md
+++ b/doc/changelogs/CHANGELOG_IOJS.md
@@ -744,7 +744,7 @@ See https://github.com/nodejs/node/labels/confirmed-bug for complete and current
 * [[`5c29c0c519`](https://github.com/nodejs/node/commit/5c29c0c519)] - **openssl**: fix keypress requirement in apps on win32 (Shigeki Ohtsu) [nodejs/node#1389](https://github.com/nodejs/node/pull/1389)
 * [[`2cd7f73d9f`](https://github.com/nodejs/node/commit/2cd7f73d9f)] - **openssl**: fix keypress requirement in apps on win32 (Shigeki Ohtsu) [nodejs/node#1389](https://github.com/nodejs/node/pull/1389)
 * [[`c65484a74d`](https://github.com/nodejs/node/commit/c65484a74d)] - **tls**: make server not use DHE in less than 1024bits (Shigeki Ohtsu) [#1739](https://github.com/nodejs/node/pull/1739)
-* [[`77f518403f`](https://github.com/nodejs/node/commit/77f518403f)] - **win,node-gyp**: make delay-load hook C89 compliant (Sharat M R) [TooTallNate/node-gyp#616](https://github.com/TooTallNa
+* [[`77f518403f`](https://github.com/nodejs/node/commit/77f518403f)] - **win,node-gyp**: make delay-load hook C89 compliant (Sharat M R) [TooTallNate/node-gyp#616](https://github.com/TooTallNate/node-gyp/pull/616)
 
 <a id="2.3.2"></a>
 ## 2015-07-01, Version 2.3.2, @rvagg
@@ -1128,7 +1128,7 @@ See https://github.com/nodejs/node/labels/confirmed-bug for complete and current
 
 * **crypto**: significantly reduced memory usage for TLS (Fedor Indutny & Сковорода Никита Андреевич) [#1529](https://github.com/nodejs/node/pull/1529)
 * **npm**: Upgrade npm to 2.9.0. See the [v2.8.4](https://github.com/npm/npm/releases/tag/v2.8.4) and [v2.9.0](https://github.com/npm/npm/releases/tag/v2.9.0) release notes for details. Summary:
-  * Add support for default author field to make `npm init -y` work without user-input (@othiym23) [npm/npm/d8eee6cf9d](https://github.com/npm/npm/commit/d8eee6cf9d2ff7aca68dfaed2de76824a3e0d9
+  * Add support for default author field to make `npm init -y` work without user-input (@othiym23) [npm/npm/d8eee6cf9d](https://github.com/npm/npm/commit/d8eee6cf9d2ff7aca68dfaed2de76824a3e0d9)
   * Include local modules in `npm outdated` and `npm update` (@ArnaudRinquin) [npm/npm#7426](https://github.com/npm/npm/issues/7426)
   * The prefix used before the version number on `npm version` is now configurable via `tag-version-prefix` (@kkragenbrink) [npm/npm#8014](https://github.com/npm/npm/issues/8014)
 

From de4652f55e6cb62674ef2f317c684e005f48c8af Mon Sep 17 00:00:00 2001
From: Nick Schonning <nschonni@gmail.com>
Date: Tue, 1 Oct 2019 01:18:06 -0400
Subject: [PATCH 18/65] doc: convert old changlogs SHA links to match newer
 format

PR-URL: https://github.com/nodejs/node/pull/29558
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
---
 doc/changelogs/CHANGELOG_V010.md | 170 +++++++++----------
 doc/changelogs/CHANGELOG_V012.md | 276 +++++++++++++++----------------
 2 files changed, 223 insertions(+), 223 deletions(-)

diff --git a/doc/changelogs/CHANGELOG_V010.md b/doc/changelogs/CHANGELOG_V010.md
index d01f98d059e9ea..e91115c3ee9229 100644
--- a/doc/changelogs/CHANGELOG_V010.md
+++ b/doc/changelogs/CHANGELOG_V010.md
@@ -93,9 +93,9 @@ This is a security release. All Node.js users should consult the security releas
 
 ### Commits
 
-* [a14a6a3a11] - deps: c-ares, avoid single-byte buffer overwrite (Rod Vagg) https://github.com/nodejs/node/pull/9108
-* [b798f598af] - tls: fix minor jslint failure (Rod Vagg) https://github.com/nodejs/node/pull/9107
-* [92b232ba01] - win,build: try multiple timeservers when signing (Rod Vagg) https://github.com/nodejs/node/pull/9155
+* [[`a14a6a3a11`](https://github.com/nodejs/node/commit/a14a6a3a11)] - deps: c-ares, avoid single-byte buffer overwrite (Rod Vagg) https://github.com/nodejs/node/pull/9108
+* [[`b798f598af`](https://github.com/nodejs/node/commit/b798f598af)] - tls: fix minor jslint failure (Rod Vagg) https://github.com/nodejs/node/pull/9107
+* [[`92b232ba01`](https://github.com/nodejs/node/commit/92b232ba01)] - win,build: try multiple timeservers when signing (Rod Vagg) https://github.com/nodejs/node/pull/9155
 
 <a id="0.10.47"></a>
 ## 2016-09-27, Version 0.10.47 (Maintenance), @rvagg
@@ -113,20 +113,20 @@ This is a security release. All Node.js users should consult the security releas
 
 ### Commits:
 
-* [fc259c7dc4] - buffer: zero-fill uninitialized bytes in .concat() (Сковорода Никита Андреевич) https://github.com/nodejs/node-private/pull/67
-* [35b49ed4bb] - build: turn on -fno-delete-null-pointer-checks (Ben Noordhuis) https://github.com/nodejs/node/pull/6738
-* [03f4920d6a] - crypto: don't build hardware engines (Rod Vagg) https://github.com/nodejs/node-private/pull/68
-* [1cbdb1957d] - deps: add -no_rand_screen to openssl s_client (Shigeki Ohtsu) https://github.com/nodejs/node-v0.x-archive/pull/25368
-* [c66408cd0c] - deps: fix openssl assembly error on ia32 win32 (Fedor Indutny) https://github.com/nodejs/node-v0.x-archive/pull/25654
-* [68f88ea792] - deps: separate sha256/sha512-x86_64.pl for openssl (Shigeki Ohtsu) https://github.com/nodejs/node-v0.x-archive/pull/25654
-* [884d50b348] - deps: copy all openssl header files to include dir (Shigeki Ohtsu) https://github.com/nodejs/node/pull/8718
-* [bfd6cb5699] - deps: upgrade openssl sources to 1.0.1u (Shigeki Ohtsu) https://github.com/nodejs/node/pull/8718
-* [3614a173d0] - http: check reason chars in writeHead (Evan Lucas) https://github.com/nodejs/node-private/pull/48
-* [f2433430ca] - http: disallow sending obviously invalid status codes (Evan Lucas) https://github.com/nodejs/node-private/pull/48
-* [0d7e21ee7b] - lib: make tls.checkServerIdentity() more strict (Ben Noordhuis) https://github.com/nodejs/node-private/pull/62
-* [1f4a6f5bd1] - openssl: fix keypress requirement in apps on win32 (Shigeki Ohtsu) https://github.com/nodejs/node-v0.x-archive/pull/25654
-* [88dcc7f5bb] - v8: fix -Wsign-compare warning in Zone::New() (Ben Noordhuis) https://github.com/nodejs/node-private/pull/62
-* [fd8ac56c75] - v8: fix build errors with g++ 6.1.1 (Ben Noordhuis) https://github.com/nodejs/node-private/pull/62
+* [[`fc259c7dc4`](https://github.com/nodejs/node/commit/fc259c7dc4)] - buffer: zero-fill uninitialized bytes in .concat() (Сковорода Никита Андреевич) https://github.com/nodejs/node-private/pull/67
+* [[`35b49ed4bb`](https://github.com/nodejs/node/commit/35b49ed4bb)] - build: turn on -fno-delete-null-pointer-checks (Ben Noordhuis) https://github.com/nodejs/node/pull/6738
+* [[`03f4920d6a`](https://github.com/nodejs/node/commit/03f4920d6a)] - crypto: don't build hardware engines (Rod Vagg) https://github.com/nodejs/node-private/pull/68
+* [[`1cbdb1957d`](https://github.com/nodejs/node/commit/1cbdb1957d)] - deps: add -no_rand_screen to openssl s_client (Shigeki Ohtsu) https://github.com/nodejs/node-v0.x-archive/pull/25368
+* [[`c66408cd0c`](https://github.com/nodejs/node/commit/c66408cd0c)] - deps: fix openssl assembly error on ia32 win32 (Fedor Indutny) https://github.com/nodejs/node-v0.x-archive/pull/25654
+* [[`68f88ea792`](https://github.com/nodejs/node/commit/68f88ea792)] - deps: separate sha256/sha512-x86_64.pl for openssl (Shigeki Ohtsu) https://github.com/nodejs/node-v0.x-archive/pull/25654
+* [[`884d50b348`](https://github.com/nodejs/node/commit/884d50b348)] - deps: copy all openssl header files to include dir (Shigeki Ohtsu) https://github.com/nodejs/node/pull/8718
+* [[`bfd6cb5699`](https://github.com/nodejs/node/commit/bfd6cb5699)] - deps: upgrade openssl sources to 1.0.1u (Shigeki Ohtsu) https://github.com/nodejs/node/pull/8718
+* [[`3614a173d0`](https://github.com/nodejs/node/commit/3614a173d0)] - http: check reason chars in writeHead (Evan Lucas) https://github.com/nodejs/node-private/pull/48
+* [[`f2433430ca`](https://github.com/nodejs/node/commit/f2433430ca)] - http: disallow sending obviously invalid status codes (Evan Lucas) https://github.com/nodejs/node-private/pull/48
+* [[`0d7e21ee7b`](https://github.com/nodejs/node/commit/0d7e21ee7b)] - lib: make tls.checkServerIdentity() more strict (Ben Noordhuis) https://github.com/nodejs/node-private/pull/62
+* [[`1f4a6f5bd1`](https://github.com/nodejs/node/commit/1f4a6f5bd1)] - openssl: fix keypress requirement in apps on win32 (Shigeki Ohtsu) https://github.com/nodejs/node-v0.x-archive/pull/25654
+* [[`88dcc7f5bb`](https://github.com/nodejs/node/commit/88dcc7f5bb)] - v8: fix -Wsign-compare warning in Zone::New() (Ben Noordhuis) https://github.com/nodejs/node-private/pull/62
+* [[`fd8ac56c75`](https://github.com/nodejs/node/commit/fd8ac56c75)] - v8: fix build errors with g++ 6.1.1 (Ben Noordhuis) https://github.com/nodejs/node-private/pull/62
 
 <a id="0.10.46"></a>
 ## 2016-06-23, Version 0.10.46 (Maintenance), @rvagg
@@ -140,8 +140,8 @@ This is a security release. All Node.js users should consult the security releas
 
 ### Commits:
 
-* [3374f57973] - deps: update libuv to 0.10.37 (Saúl Ibarra Corretgé) https://github.com/nodejs/node/pull/7293
-* [fcb9145e29] - deps: backport 3a9bfec from v8 upstream (Myles Borins) https://github.com/nodejs/node-private/pull/43
+* [[`3374f57973`](https://github.com/nodejs/node/commit/3374f57973)] - deps: update libuv to 0.10.37 (Saúl Ibarra Corretgé) https://github.com/nodejs/node/pull/7293
+* [[`fcb9145e29`](https://github.com/nodejs/node/commit/fcb9145e29)] - deps: backport 3a9bfec from v8 upstream (Myles Borins) https://github.com/nodejs/node-private/pull/43
 
 <a id="0.10.45"></a>
 ## 2016-05-06, Version 0.10.45 (Maintenance), @rvagg
@@ -155,14 +155,14 @@ This is a security release. All Node.js users should consult the security releas
 
 ### Commits:
 
-* [3cff81c7d6] - deps: completely upgrade npm in LTS to 2.15.1 (Forrest L Norvell) https://github.com/nodejs/node/pull/5987
-* [7c22f19009] - deps: add -no_rand_screen to openssl s_client (Shigeki Ohtsu) https://github.com/joyent/node/pull/25368
-* [5d78366937] - deps: update openssl asm files (Shigeki Ohtsu) https://github.com/nodejs/node/pull/6553
-* [2bc2427cb7] - deps: fix openssl assembly error on ia32 win32 (Fedor Indutny) https://github.com/joyent/node/pull/25654
-* [8df4b0914c] - deps: separate sha256/sha512-x86_64.pl for openssl (Shigeki Ohtsu) https://github.com/joyent/node/pull/25654
-* [11eefefb17] - deps: copy all openssl header files to include dir (Shigeki Ohtsu) https://github.com/nodejs/node/pull/6553
-* [61ccc27b54] - deps: upgrade openssl sources to 1.0.1t (Shigeki Ohtsu) https://github.com/nodejs/node/pull/6553
-* [aa02438274] - openssl: fix keypress requirement in apps on win32 (Shigeki Ohtsu) https://github.com/joyent/node/pull/25654
+* [[`3cff81c7d6`](https://github.com/nodejs/node/commit/3cff81c7d6)] - deps: completely upgrade npm in LTS to 2.15.1 (Forrest L Norvell) https://github.com/nodejs/node/pull/5987
+* [[`7c22f19009`](https://github.com/nodejs/node/commit/7c22f19009)] - deps: add -no_rand_screen to openssl s_client (Shigeki Ohtsu) https://github.com/joyent/node/pull/25368
+* [[`5d78366937`](https://github.com/nodejs/node/commit/5d78366937)] - deps: update openssl asm files (Shigeki Ohtsu) https://github.com/nodejs/node/pull/6553
+* [[`2bc2427cb7`](https://github.com/nodejs/node/commit/2bc2427cb7)] - deps: fix openssl assembly error on ia32 win32 (Fedor Indutny) https://github.com/joyent/node/pull/25654
+* [[`8df4b0914c`](https://github.com/nodejs/node/commit/8df4b0914c)] - deps: separate sha256/sha512-x86_64.pl for openssl (Shigeki Ohtsu) https://github.com/joyent/node/pull/25654
+* [[`11eefefb17`](https://github.com/nodejs/node/commit/11eefefb17)] - deps: copy all openssl header files to include dir (Shigeki Ohtsu) https://github.com/nodejs/node/pull/6553
+* [[`61ccc27b54`](https://github.com/nodejs/node/commit/61ccc27b54)] - deps: upgrade openssl sources to 1.0.1t (Shigeki Ohtsu) https://github.com/nodejs/node/pull/6553
+* [[`aa02438274`](https://github.com/nodejs/node/commit/aa02438274)] - openssl: fix keypress requirement in apps on win32 (Shigeki Ohtsu) https://github.com/joyent/node/pull/25654
 
 <a id="0.10.44"></a>
 ## 2016-03-31, Version 0.10.44 (Maintenance), @rvagg
@@ -174,10 +174,10 @@ This is a security release. All Node.js users should consult the security releas
 
 ### Commits
 
-* [feceb77d7e] - deps: upgrade npm in LTS to 2.15.1 (Forrest L Norvell) https://github.com/nodejs/node/pull/5968
-* [0847954331] - deps: Disable EXPORT and LOW ciphers in openssl (Shigeki Ohtsu) https://github.com/nodejs/node/pull/5712
-* [6bb86e727a] - test: change tls tests not to use LOW cipher (Shigeki Ohtsu) https://github.com/nodejs/node/pull/5712
-* [905bec29ad] - win,build: support Visual C++ Build Tools 2015 (João Reis) https://github.com/nodejs/node/pull/5627
+* [[`feceb77d7e`](https://github.com/nodejs/node/commit/feceb77d7e)] - deps: upgrade npm in LTS to 2.15.1 (Forrest L Norvell) https://github.com/nodejs/node/pull/5968
+* [[`0847954331`](https://github.com/nodejs/node/commit/0847954331)] - deps: Disable EXPORT and LOW ciphers in openssl (Shigeki Ohtsu) https://github.com/nodejs/node/pull/5712
+* [[`6bb86e727a`](https://github.com/nodejs/node/commit/6bb86e727a)] - test: change tls tests not to use LOW cipher (Shigeki Ohtsu) https://github.com/nodejs/node/pull/5712
+* [[`905bec29ad`](https://github.com/nodejs/node/commit/905bec29ad)] - win,build: support Visual C++ Build Tools 2015 (João Reis) https://github.com/nodejs/node/pull/5627
 
 <a id="0.10.43"></a>
 ## 2016-03-04, Version 0.10.43 (Maintenance), @rvagg
@@ -196,13 +196,13 @@ This is a security release. All Node.js users should consult the security releas
 
 ### Commits:
 
-* [164157abbb] - build: update Node.js logo on OSX installer (Rod Vagg) https://github.com/nodejs/node/pull/5401
-* [f8cb0dcf67] - crypto,tls: remove SSLv2 support (Ben Noordhuis) https://github.com/nodejs/node/pull/5529
-* [42ded2a590] - deps: upgrade openssl to 1.0.1s (Ben Noordhuis) https://github.com/nodejs/node/pull/5508
-* [1e45a6111c] - deps: update http-parser to version 1.2 (James M Snell) https://github.com/nodejs/node/pull/5242
-* [6db377b2f4] - doc: remove SSLv2 descriptions (Shigeki Ohtsu) https://github.com/nodejs/node/pull/5541
-* [563c359f5c] - domains: fix handling of uncaught exceptions (Julien Gilli) https://github.com/nodejs/node/pull/3887
-* [e483f3fd26] - test: fix hanging http obstext test (Ben Noordhuis) https://github.com/nodejs/node/pull/5511
+* [[`164157abbb`](https://github.com/nodejs/node/commit/164157abbb)] - build: update Node.js logo on OSX installer (Rod Vagg) https://github.com/nodejs/node/pull/5401
+* [[`f8cb0dcf67`](https://github.com/nodejs/node/commit/f8cb0dcf67)] - crypto,tls: remove SSLv2 support (Ben Noordhuis) https://github.com/nodejs/node/pull/5529
+* [[`42ded2a590`](https://github.com/nodejs/node/commit/42ded2a590)] - deps: upgrade openssl to 1.0.1s (Ben Noordhuis) https://github.com/nodejs/node/pull/5508
+* [[`1e45a6111c`](https://github.com/nodejs/node/commit/1e45a6111c)] - deps: update http-parser to version 1.2 (James M Snell) https://github.com/nodejs/node/pull/5242
+* [[`6db377b2f4`](https://github.com/nodejs/node/commit/6db377b2f4)] - doc: remove SSLv2 descriptions (Shigeki Ohtsu) https://github.com/nodejs/node/pull/5541
+* [[`563c359f5c`](https://github.com/nodejs/node/commit/563c359f5c)] - domains: fix handling of uncaught exceptions (Julien Gilli) https://github.com/nodejs/node/pull/3887
+* [[`e483f3fd26`](https://github.com/nodejs/node/commit/e483f3fd26)] - test: fix hanging http obstext test (Ben Noordhuis) https://github.com/nodejs/node/pull/5511
 
 <a id="0.10.42"></a>
 ## 2016-02-09, Version 0.10.42 (Maintenance), @jasnell
@@ -223,14 +223,14 @@ This is an important security release. All Node.js users should consult the secu
 
 ### Commits
 
-* [fdc332183e] - build: enable xz compressed tarballs where possible (Rod Vagg) https://github.com/nodejs/node/pull/4894
-* [2d35b421b5] - deps: upgrade openssl sources to 1.0.1r (Shigeki Ohtsu) https://github.com/joyent/node/pull/25368
-* [b31c0f3ea4] - deps: update http-parser to version 1.1 (James M Snell)
-* [616ec1d6b0] - doc: clarify v0.10.41 openssl tls security impact (Rod Vagg) https://github.com/nodejs/node/pull/4153
-* [ccb3c2377c] - http: strictly forbid invalid characters from headers (James M Snell)
-* [f0af0d1f96] - src: avoid compiler warning in node_revert.cc (James M Snell)
-* [df80e856c6] - src: add --security-revert command line flag (James M Snell)
-* [ff58dcdd74] - tools: backport tools/install.py for headers (Richard Lau) https://github.com/nodejs/node/pull/4149
+* [[`fdc332183e`](https://github.com/nodejs/node/commit/fdc332183e)] - build: enable xz compressed tarballs where possible (Rod Vagg) https://github.com/nodejs/node/pull/4894
+* [[`2d35b421b5`](https://github.com/nodejs/node/commit/2d35b421b5)] - deps: upgrade openssl sources to 1.0.1r (Shigeki Ohtsu) https://github.com/joyent/node/pull/25368
+* [[`b31c0f3ea4`](https://github.com/nodejs/node/commit/b31c0f3ea4)] - deps: update http-parser to version 1.1 (James M Snell)
+* [[`616ec1d6b0`](https://github.com/nodejs/node/commit/616ec1d6b0)] - doc: clarify v0.10.41 openssl tls security impact (Rod Vagg) https://github.com/nodejs/node/pull/4153
+* [[`ccb3c2377c`](https://github.com/nodejs/node/commit/ccb3c2377c)] - http: strictly forbid invalid characters from headers (James M Snell)
+* [[`f0af0d1f96`](https://github.com/nodejs/node/commit/f0af0d1f96)] - src: avoid compiler warning in node_revert.cc (James M Snell)
+* [[`df80e856c6`](https://github.com/nodejs/node/commit/df80e856c6)] - src: add --security-revert command line flag (James M Snell)
+* [[`ff58dcdd74`](https://github.com/nodejs/node/commit/ff58dcdd74)] - tools: backport tools/install.py for headers (Richard Lau) https://github.com/nodejs/node/pull/4149
 
 <a id="0.10.41"></a>
 ## 2015-12-04, Version 0.10.41 (Maintenance), @rvagg
@@ -245,45 +245,45 @@ Security Update
 
 ### Commits
 
-* [16ca0779f5] - src/node.cc: fix build error without OpenSSL support (Jörg Krause) https://github.com/nodejs/node-v0.x-archive/pull/25862
-* [c559c7911d] - build: backport tools/release.sh (Rod Vagg) https://github.com/nodejs/node/pull/3965
-* [268d2b4637] - build: backport config for new CI infrastructure (Rod Vagg) https://github.com/nodejs/node/pull/3965
-* [c88a0b26da] - build: update manifest to include Windows 10 (Lucien Greathouse) https://github.com/nodejs/node/pull/2838
-* [8564a9f5f7] - build: gcc version detection on openSUSE Tumbleweed (Henrique Aparecido Lavezzo) https://github.com/nodejs/node-v0.x-archive/pull/25671
-* [9c7bd6de56] - build: run-ci makefile rule (Alexis Campailla) https://github.com/nodejs/node-v0.x-archive/pull/25686
-* [ffa1e1f31d] - build: support flaky tests in test-ci (Alexis Campailla) https://github.com/nodejs/node-v0.x-archive/pull/25686
-* [100dd19e61] - build: support Jenkins via test-ci (Alexis Campailla) https://github.com/nodejs/node-v0.x-archive/pull/25686
-* [ec861f6f90] - build: make release process easier for multi users (Julien Gilli) https://github.com/nodejs/node-v0.x-archive/pull/25638
-* [d7ae79a452] - build,win: fix node.exe resource version (João Reis) https://github.com/nodejs/node/pull/3053
-* [6ac47aa9f5] - build,win: try next MSVS version on failure (João Reis) https://github.com/nodejs/node/pull/2910
-* [e669b27740] - crypto: replace rwlocks with simple mutexes (Ben Noordhuis) https://github.com/nodejs/node/pull/2723
-* [ce0a48826e] - deps: upgrade to openssl 1.0.1q (Ben Noordhuis) https://github.com/nodejs/node/pull/4132
-* [b68781e500] - deps: upgrade npm to 1.4.29 (Forrest L Norvell) https://github.com/nodejs/node/pull/3639
-* [7cf0d9c1d9] - deps: fix openssl for MSVS 2015 (Andy Polyakov) https://github.com/nodejs/node-v0.x-archive/pull/25857
-* [9ee8a14f9e] - deps: fix gyp to work on MacOSX without XCode (Shigeki Ohtsu) https://github.com/nodejs/node-v0.x-archive/pull/25857
-* [a525c7244e] - deps: update gyp to 25ed9ac (João Reis) https://github.com/nodejs/node-v0.x-archive/pull/25857
-* [6502160294] - dns: allow v8 to optimize lookup() (Brian White) https://github.com/nodejs/node-v0.x-archive/pull/8942
-* [5d829a63ab] - doc: backport README.md (Rod Vagg) https://github.com/nodejs/node/pull/3965
-* [62c8948109] - doc: fix Folders as Modules omission of index.json (Elan Shanker) https://github.com/nodejs/node-v0.x-archive/pull/8868
-* [572663f303] - https: don't overwrite servername option (skenqbx) https://github.com/nodejs/node-v0.x-archive/pull/9368
-* [75c84b2439] - test: add test for https agent servername option (skenqbx) https://github.com/nodejs/node-v0.x-archive/pull/9368
-* [841a6dd264] - test: mark more tests as flaky (Alexis Campailla) https://github.com/nodejs/node-v0.x-archive/pull/25807
-* [a7fee30da1] - test: mark test-tls-securepair-server as flaky (Alexis Campailla) https://github.com/nodejs/node-v0.x-archive/pull/25807
-* [7df57703dd] - test: mark test-net-error-twice flaky on SmartOS (Julien Gilli) https://github.com/nodejs/node-v0.x-archive/pull/25760
-* [e10892cccc] - test: make test-abort-fatal-error non flaky (Julien Gilli) https://github.com/nodejs/node-v0.x-archive/pull/25755
-* [a2f879f197] - test: mark recently failing tests as flaky (Alexis Campailla) https://github.com/nodejs/node-v0.x-archive/pull/25686
-* [e7010bdf92] - test: runner should return 0 on flaky tests (Alexis Campailla) https://github.com/nodejs/node-v0.x-archive/pull/25686
-* [c283c9bbb3] - test: support writing test output to file (Alexis Campailla) https://github.com/nodejs/node-v0.x-archive/pull/25686
-* [eeaed586bb] - test: runner support for flaky tests (Alexis Campailla) https://github.com/nodejs/node-v0.x-archive/pull/25686
-* [3bb8174b94] - test: refactor to use common testcfg (Timothy J Fontaine) https://github.com/nodejs/node-v0.x-archive/pull/25686
-* [df59d43586] - tools: pass constant to logger instead of string (Johan Bergström) https://github.com/nodejs/node-v0.x-archive/pull/25686
-* [d103d4ed9a] - tools: fix test.py after v8 upgrade (Ben Noordhuis) https://github.com/nodejs/node-v0.x-archive/pull/25686
-* [8002192b4e] - win: manifest node.exe for Windows 8.1 (Alexis Campailla) https://github.com/nodejs/node/pull/2838
-* [66ec1dae8f] - win: add MSVS 2015 support (Rod Vagg) https://github.com/nodejs/node-v0.x-archive/pull/25857
-* [e192f61514] - win: fix custom actions for WiX older than 3.9 (João Reis) https://github.com/nodejs/node-v0.x-archive/pull/25569
-* [16bcd68dc5] - win: fix custom actions on Visual Studio != 2013 (Julien Gilli) https://github.com/nodejs/node-v0.x-archive/pull/25569
-* [517986c2f4] - win: backport bringing back xp/2k3 support (Bert Belder) https://github.com/nodejs/node-v0.x-archive/pull/25569
-* [10f251e8dd] - win: backport set env before generating projects (Alexis Campailla) https://github.com/nodejs/node-v0.x-archive/pull/25569
+* [[`16ca0779f5`](https://github.com/nodejs/node/commit/16ca0779f5)] - src/node.cc: fix build error without OpenSSL support (Jörg Krause) https://github.com/nodejs/node-v0.x-archive/pull/25862
+* [[`c559c7911d`](https://github.com/nodejs/node/commit/c559c7911d)] - build: backport tools/release.sh (Rod Vagg) https://github.com/nodejs/node/pull/3965
+* [[`268d2b4637`](https://github.com/nodejs/node/commit/268d2b4637)] - build: backport config for new CI infrastructure (Rod Vagg) https://github.com/nodejs/node/pull/3965
+* [[`c88a0b26da`](https://github.com/nodejs/node/commit/c88a0b26da)] - build: update manifest to include Windows 10 (Lucien Greathouse) https://github.com/nodejs/node/pull/2838
+* [[`8564a9f5f7`](https://github.com/nodejs/node/commit/8564a9f5f7)] - build: gcc version detection on openSUSE Tumbleweed (Henrique Aparecido Lavezzo) https://github.com/nodejs/node-v0.x-archive/pull/25671
+* [[`9c7bd6de56`](https://github.com/nodejs/node/commit/9c7bd6de56)] - build: run-ci makefile rule (Alexis Campailla) https://github.com/nodejs/node-v0.x-archive/pull/25686
+* [[`ffa1e1f31d`](https://github.com/nodejs/node/commit/ffa1e1f31d)] - build: support flaky tests in test-ci (Alexis Campailla) https://github.com/nodejs/node-v0.x-archive/pull/25686
+* [[`100dd19e61`](https://github.com/nodejs/node/commit/100dd19e61)] - build: support Jenkins via test-ci (Alexis Campailla) https://github.com/nodejs/node-v0.x-archive/pull/25686
+* [[`ec861f6f90`](https://github.com/nodejs/node/commit/ec861f6f90)] - build: make release process easier for multi users (Julien Gilli) https://github.com/nodejs/node-v0.x-archive/pull/25638
+* [[`d7ae79a452`](https://github.com/nodejs/node/commit/d7ae79a452)] - build,win: fix node.exe resource version (João Reis) https://github.com/nodejs/node/pull/3053
+* [[`6ac47aa9f5`](https://github.com/nodejs/node/commit/6ac47aa9f5)] - build,win: try next MSVS version on failure (João Reis) https://github.com/nodejs/node/pull/2910
+* [[`e669b27740`](https://github.com/nodejs/node/commit/e669b27740)] - crypto: replace rwlocks with simple mutexes (Ben Noordhuis) https://github.com/nodejs/node/pull/2723
+* [[`ce0a48826e`](https://github.com/nodejs/node/commit/ce0a48826e)] - deps: upgrade to openssl 1.0.1q (Ben Noordhuis) https://github.com/nodejs/node/pull/4132
+* [[`b68781e500`](https://github.com/nodejs/node/commit/b68781e500)] - deps: upgrade npm to 1.4.29 (Forrest L Norvell) https://github.com/nodejs/node/pull/3639
+* [[`7cf0d9c1d9`](https://github.com/nodejs/node/commit/7cf0d9c1d9)] - deps: fix openssl for MSVS 2015 (Andy Polyakov) https://github.com/nodejs/node-v0.x-archive/pull/25857
+* [[`9ee8a14f9e`](https://github.com/nodejs/node/commit/9ee8a14f9e)] - deps: fix gyp to work on MacOSX without XCode (Shigeki Ohtsu) https://github.com/nodejs/node-v0.x-archive/pull/25857
+* [[`a525c7244e`](https://github.com/nodejs/node/commit/a525c7244e)] - deps: update gyp to 25ed9ac (João Reis) https://github.com/nodejs/node-v0.x-archive/pull/25857
+* [[`6502160294`](https://github.com/nodejs/node/commit/6502160294)] - dns: allow v8 to optimize lookup() (Brian White) https://github.com/nodejs/node-v0.x-archive/pull/8942
+* [[`5d829a63ab`](https://github.com/nodejs/node/commit/5d829a63ab)] - doc: backport README.md (Rod Vagg) https://github.com/nodejs/node/pull/3965
+* [[`62c8948109`](https://github.com/nodejs/node/commit/62c8948109)] - doc: fix Folders as Modules omission of index.json (Elan Shanker) https://github.com/nodejs/node-v0.x-archive/pull/8868
+* [[`572663f303`](https://github.com/nodejs/node/commit/572663f303)] - https: don't overwrite servername option (skenqbx) https://github.com/nodejs/node-v0.x-archive/pull/9368
+* [[`75c84b2439`](https://github.com/nodejs/node/commit/75c84b2439)] - test: add test for https agent servername option (skenqbx) https://github.com/nodejs/node-v0.x-archive/pull/9368
+* [[`841a6dd264`](https://github.com/nodejs/node/commit/841a6dd264)] - test: mark more tests as flaky (Alexis Campailla) https://github.com/nodejs/node-v0.x-archive/pull/25807
+* [[`a7fee30da1`](https://github.com/nodejs/node/commit/a7fee30da1)] - test: mark test-tls-securepair-server as flaky (Alexis Campailla) https://github.com/nodejs/node-v0.x-archive/pull/25807
+* [[`7df57703dd`](https://github.com/nodejs/node/commit/7df57703dd)] - test: mark test-net-error-twice flaky on SmartOS (Julien Gilli) https://github.com/nodejs/node-v0.x-archive/pull/25760
+* [[`e10892cccc`](https://github.com/nodejs/node/commit/e10892cccc)] - test: make test-abort-fatal-error non flaky (Julien Gilli) https://github.com/nodejs/node-v0.x-archive/pull/25755
+* [[`a2f879f197`](https://github.com/nodejs/node/commit/a2f879f197)] - test: mark recently failing tests as flaky (Alexis Campailla) https://github.com/nodejs/node-v0.x-archive/pull/25686
+* [[`e7010bdf92`](https://github.com/nodejs/node/commit/e7010bdf92)] - test: runner should return 0 on flaky tests (Alexis Campailla) https://github.com/nodejs/node-v0.x-archive/pull/25686
+* [[`c283c9bbb3`](https://github.com/nodejs/node/commit/c283c9bbb3)] - test: support writing test output to file (Alexis Campailla) https://github.com/nodejs/node-v0.x-archive/pull/25686
+* [[`eeaed586bb`](https://github.com/nodejs/node/commit/eeaed586bb)] - test: runner support for flaky tests (Alexis Campailla) https://github.com/nodejs/node-v0.x-archive/pull/25686
+* [[`3bb8174b94`](https://github.com/nodejs/node/commit/3bb8174b94)] - test: refactor to use common testcfg (Timothy J Fontaine) https://github.com/nodejs/node-v0.x-archive/pull/25686
+* [[`df59d43586`](https://github.com/nodejs/node/commit/df59d43586)] - tools: pass constant to logger instead of string (Johan Bergström) https://github.com/nodejs/node-v0.x-archive/pull/25686
+* [[`d103d4ed9a`](https://github.com/nodejs/node/commit/d103d4ed9a)] - tools: fix test.py after v8 upgrade (Ben Noordhuis) https://github.com/nodejs/node-v0.x-archive/pull/25686
+* [[`8002192b4e`](https://github.com/nodejs/node/commit/8002192b4e)] - win: manifest node.exe for Windows 8.1 (Alexis Campailla) https://github.com/nodejs/node/pull/2838
+* [[`66ec1dae8f`](https://github.com/nodejs/node/commit/66ec1dae8f)] - win: add MSVS 2015 support (Rod Vagg) https://github.com/nodejs/node-v0.x-archive/pull/25857
+* [[`e192f61514`](https://github.com/nodejs/node/commit/e192f61514)] - win: fix custom actions for WiX older than 3.9 (João Reis) https://github.com/nodejs/node-v0.x-archive/pull/25569
+* [[`16bcd68dc5`](https://github.com/nodejs/node/commit/16bcd68dc5)] - win: fix custom actions on Visual Studio != 2013 (Julien Gilli) https://github.com/nodejs/node-v0.x-archive/pull/25569
+* [[`517986c2f4`](https://github.com/nodejs/node/commit/517986c2f4)] - win: backport bringing back xp/2k3 support (Bert Belder) https://github.com/nodejs/node-v0.x-archive/pull/25569
+* [[`10f251e8dd`](https://github.com/nodejs/node/commit/10f251e8dd)] - win: backport set env before generating projects (Alexis Campailla) https://github.com/nodejs/node-v0.x-archive/pull/25569
 
 <a id="0.10.40"></a>
 ## 2015-07-09, Version 0.10.40 (Maintenance)
diff --git a/doc/changelogs/CHANGELOG_V012.md b/doc/changelogs/CHANGELOG_V012.md
index c38d33bebb75e0..db88e9795cfe68 100644
--- a/doc/changelogs/CHANGELOG_V012.md
+++ b/doc/changelogs/CHANGELOG_V012.md
@@ -60,13 +60,13 @@ will be maintained until December 31st, 2016.
 
 ### Commits:
 
-* [a47fd4549d] - build: add working lint-ci make target (Rod Vagg) https://github.com/nodejs/node/pull/9151
-* [830584ca59] - deps: define missing operator delete functions (John Barboza) https://github.com/nodejs/node/pull/10356
-* [c130b31cba] - deps: upgrade npm to 2.15.11 (Jeremiah Senkpiel) https://github.com/nodejs/node/pull/9619
-* [bc6766d847] - doc: update npm license in main LICENSE file (Rod Vagg) https://github.com/nodejs/node/pull/10352
-* [0cdf344c80] - (SEMVER-MINOR) process: reintroduce ares to versions (Johan Bergström) https://github.com/nodejs/node/pull/9191
-* [d8e27ec30a] - test: mark dgram-multicast-multi-process as flaky (Rod Vagg) https://github.com/nodejs/node/pull/9150
-* [c722335ead] - tls: fix minor jslint failure (Rod Vagg) https://github.com/nodejs/node/pull/9107
+* [[`a47fd4549d`](https://github.com/nodejs/node/commit/a47fd4549d) - build: add working lint-ci make target (Rod Vagg) https://github.com/nodejs/node/pull/9151
+* [[`830584ca59`](https://github.com/nodejs/node/commit/830584ca59) - deps: define missing operator delete functions (John Barboza) https://github.com/nodejs/node/pull/10356
+* [[`c130b31cba`](https://github.com/nodejs/node/commit/c130b31cba) - deps: upgrade npm to 2.15.11 (Jeremiah Senkpiel) https://github.com/nodejs/node/pull/9619
+* [[`bc6766d847`](https://github.com/nodejs/node/commit/bc6766d847) - doc: update npm license in main LICENSE file (Rod Vagg) https://github.com/nodejs/node/pull/10352
+* [[`0cdf344c80`](https://github.com/nodejs/node/commit/0cdf344c80) - (SEMVER-MINOR) process: reintroduce ares to versions (Johan Bergström) https://github.com/nodejs/node/pull/9191
+* [[`d8e27ec30a`](https://github.com/nodejs/node/commit/d8e27ec30a) - test: mark dgram-multicast-multi-process as flaky (Rod Vagg) https://github.com/nodejs/node/pull/9150
+* [[`c722335ead`](https://github.com/nodejs/node/commit/c722335ead) - tls: fix minor jslint failure (Rod Vagg) https://github.com/nodejs/node/pull/9107
 
 <a id="0.12.17"></a>
 ## 2016-10-18, Version 0.12.17 (Maintenance), @rvagg
@@ -79,7 +79,7 @@ This is a security release. All Node.js users should consult the security releas
 
 ### Commits:
 
-* [c5b095ecf8] - deps: avoid single-byte buffer overwrite (Daniel Stenberg) https://github.com/nodejs/node/pull/8849
+* [[`c5b095ecf8`](https://github.com/nodejs/node/commit/c5b095ecf8) - deps: avoid single-byte buffer overwrite (Daniel Stenberg) https://github.com/nodejs/node/pull/8849
 
 <a id="0.12.16"></a>
 ## 2016-09-27, Version 0.12.16 (Maintenance), @rvagg
@@ -99,18 +99,18 @@ This is a security release. All Node.js users should consult the security releas
 
 ### Commits:
 
-* [38d7258d89] - buffer: zero-fill uninitialized bytes in .concat() (Сковорода Никита Андреевич) https://github.com/nodejs/node-private/pull/66
-* [1ba6d16786] - build: turn on -fno-delete-null-pointer-checks (Ben Noordhuis) https://github.com/nodejs/node/pull/6737
-* [71e4285e27] - crypto: don't build hardware engines (Rod Vagg) https://github.com/nodejs/node-private/pull/69
-* [b6e0105a66] - deps: add -no_rand_screen to openssl s_client (Shigeki Ohtsu) https://github.com/nodejs/node-v0.x-archive/pull/25368
-* [1caec97eab] - deps: fix openssl assembly error on ia32 win32 (Fedor Indutny) https://github.com/nodejs/node-v0.x-archive/pull/25654
-* [734bc6938b] - deps: separate sha256/sha512-x86_64.pl for openssl (Shigeki Ohtsu) https://github.com/nodejs/node-v0.x-archive/pull/25654
-* [7cc6d4eb5c] - deps: copy all openssl header files to include dir (Shigeki Ohtsu) https://github.com/nodejs/node/pull/8718
-* [4a9da21217] - deps: upgrade openssl sources to 1.0.1u (Shigeki Ohtsu) https://github.com/nodejs/node/pull/8718
-* [6d977902bd] - http: check reason chars in writeHead (Evan Lucas) https://github.com/nodejs/node-private/pull/47
-* [ad470e496b] - http: disallow sending obviously invalid status codes (Evan Lucas) https://github.com/nodejs/node-private/pull/47
-* [9dbde2fc88] - lib: make tls.checkServerIdentity() more strict (Ben Noordhuis) https://github.com/nodejs/node-private/pull/61
-* [db80592071] - openssl: fix keypress requirement in apps on win32 (Shigeki Ohtsu) https://github.com/nodejs/node-v0.x-archive/pull/25654
+* [[`38d7258d89`](https://github.com/nodejs/node/commit/38d7258d89) - buffer: zero-fill uninitialized bytes in .concat() (Сковорода Никита Андреевич) https://github.com/nodejs/node-private/pull/66
+* [[`1ba6d16786`](https://github.com/nodejs/node/commit/1ba6d16786) - build: turn on -fno-delete-null-pointer-checks (Ben Noordhuis) https://github.com/nodejs/node/pull/6737
+* [[`71e4285e27`](https://github.com/nodejs/node/commit/71e4285e27) - crypto: don't build hardware engines (Rod Vagg) https://github.com/nodejs/node-private/pull/69
+* [[`b6e0105a66`](https://github.com/nodejs/node/commit/b6e0105a66) - deps: add -no_rand_screen to openssl s_client (Shigeki Ohtsu) https://github.com/nodejs/node-v0.x-archive/pull/25368
+* [[`1caec97eab`](https://github.com/nodejs/node/commit/1caec97eab) - deps: fix openssl assembly error on ia32 win32 (Fedor Indutny) https://github.com/nodejs/node-v0.x-archive/pull/25654
+* [[`734bc6938b`](https://github.com/nodejs/node/commit/734bc6938b) - deps: separate sha256/sha512-x86_64.pl for openssl (Shigeki Ohtsu) https://github.com/nodejs/node-v0.x-archive/pull/25654
+* [[`7cc6d4eb5c`](https://github.com/nodejs/node/commit/7cc6d4eb5c) - deps: copy all openssl header files to include dir (Shigeki Ohtsu) https://github.com/nodejs/node/pull/8718
+* [[`4a9da21217`](https://github.com/nodejs/node/commit/4a9da21217) - deps: upgrade openssl sources to 1.0.1u (Shigeki Ohtsu) https://github.com/nodejs/node/pull/8718
+* [[`6d977902bd`](https://github.com/nodejs/node/commit/6d977902bd) - http: check reason chars in writeHead (Evan Lucas) https://github.com/nodejs/node-private/pull/47
+* [[`ad470e496b`](https://github.com/nodejs/node/commit/ad470e496b) - http: disallow sending obviously invalid status codes (Evan Lucas) https://github.com/nodejs/node-private/pull/47
+* [[`9dbde2fc88`](https://github.com/nodejs/node/commit/9dbde2fc88) - lib: make tls.checkServerIdentity() more strict (Ben Noordhuis) https://github.com/nodejs/node-private/pull/61
+* [[`db80592071`](https://github.com/nodejs/node/commit/db80592071) - openssl: fix keypress requirement in apps on win32 (Shigeki Ohtsu) https://github.com/nodejs/node-v0.x-archive/pull/25654
 
 <a id="0.12.15"></a>
 ## 2016-06-23, Version 0.12.15 (Maintenance), @rvagg
@@ -124,13 +124,13 @@ This is a security release. All Node.js users should consult the security releas
 
 ### Commits:
 
-* [da8501edf6] - deps: backport bd1777fd from libuv upstream (Rod Vagg)
-* [9207a00f8e] - deps: backport 85adf43e from libuv upstream (Rod Vagg)
-* [9627f34230] - deps: backport 98239224 from libuv upstream (Rod Vagg)
-* [5df21b2e36] - deps: backport 9a4fd268 from libuv upstream (Rod Vagg)
-* [e75de35057] - deps: backport 3eb6764a from libuv upstream (Rod Vagg)
-* [a113e02f16] - deps: backport 3a9bfec from v8 upstream (Ben Noordhuis)
-* [8138055c88] - test: fix test failure due to expired certificates (Ben Noordhuis) https://github.com/nodejs/node/pull/7195
+* [[`da8501edf6`](https://github.com/nodejs/node/commit/da8501edf6) - deps: backport bd1777fd from libuv upstream (Rod Vagg)
+* [[`9207a00f8e`](https://github.com/nodejs/node/commit/9207a00f8e) - deps: backport 85adf43e from libuv upstream (Rod Vagg)
+* [[`9627f34230`](https://github.com/nodejs/node/commit/9627f34230) - deps: backport 98239224 from libuv upstream (Rod Vagg)
+* [[`5df21b2e36`](https://github.com/nodejs/node/commit/5df21b2e36) - deps: backport 9a4fd268 from libuv upstream (Rod Vagg)
+* [[`e75de35057`](https://github.com/nodejs/node/commit/e75de35057) - deps: backport 3eb6764a from libuv upstream (Rod Vagg)
+* [[`a113e02f16`](https://github.com/nodejs/node/commit/a113e02f16) - deps: backport 3a9bfec from v8 upstream (Ben Noordhuis)
+* [[`8138055c88`](https://github.com/nodejs/node/commit/8138055c88) - test: fix test failure due to expired certificates (Ben Noordhuis) https://github.com/nodejs/node/pull/7195
 
 <a id="0.12.14"></a>
 ## 2016-05-06, Version 0.12.14 (Maintenance), @rvagg
@@ -145,15 +145,15 @@ This is a security release. All Node.js users should consult the security releas
 
 ### Commits:
 
-* [3e99ee1b47] - deps: completely upgrade npm in LTS to 2.15.1 (Forrest L Norvell) https://github.com/nodejs/node/pull/5988
-* [2b63396e1f] - deps: add -no_rand_screen to openssl s_client (Shigeki Ohtsu) https://github.com/joyent/node/pull/25368
-* [f21705df58] - deps: update openssl asm files (Shigeki Ohtsu) https://github.com/nodejs/node/pull/6553
-* [02b6a6bc27] - deps: fix openssl assembly error on ia32 win32 (Fedor Indutny) https://github.com/joyent/node/pull/25654
-* [1aecc668b0] - deps: separate sha256/sha512-x86_64.pl for openssl (Shigeki Ohtsu) https://github.com/joyent/node/pull/25654
-* [39380836a0] - deps: copy all openssl header files to include dir (Shigeki Ohtsu) https://github.com/nodejs/node/pull/6553
-* [08c8ae44a8] - deps: upgrade openssl sources to 1.0.1t (Shigeki Ohtsu) https://github.com/nodejs/node/pull/6553
-* [f5a961ab13] - openssl: fix keypress requirement in apps on win32 (Shigeki Ohtsu) https://github.com/joyent/node/pull/25654
-* [810fb211a7] - tools: remove obsolete npm test-legacy command (Kat Marchán) https://github.com/nodejs/node/pull/5988
+* [[`3e99ee1b47`](https://github.com/nodejs/node/commit/3e99ee1b47) - deps: completely upgrade npm in LTS to 2.15.1 (Forrest L Norvell) https://github.com/nodejs/node/pull/5988
+* [[`2b63396e1f`](https://github.com/nodejs/node/commit/2b63396e1f) - deps: add -no_rand_screen to openssl s_client (Shigeki Ohtsu) https://github.com/joyent/node/pull/25368
+* [[`f21705df58`](https://github.com/nodejs/node/commit/f21705df58) - deps: update openssl asm files (Shigeki Ohtsu) https://github.com/nodejs/node/pull/6553
+* [[`02b6a6bc27`](https://github.com/nodejs/node/commit/02b6a6bc27) - deps: fix openssl assembly error on ia32 win32 (Fedor Indutny) https://github.com/joyent/node/pull/25654
+* [[`1aecc668b0`](https://github.com/nodejs/node/commit/1aecc668b0) - deps: separate sha256/sha512-x86_64.pl for openssl (Shigeki Ohtsu) https://github.com/joyent/node/pull/25654
+* [[`39380836a0`](https://github.com/nodejs/node/commit/39380836a0) - deps: copy all openssl header files to include dir (Shigeki Ohtsu) https://github.com/nodejs/node/pull/6553
+* [[`08c8ae44a8`](https://github.com/nodejs/node/commit/08c8ae44a8) - deps: upgrade openssl sources to 1.0.1t (Shigeki Ohtsu) https://github.com/nodejs/node/pull/6553
+* [[`f5a961ab13`](https://github.com/nodejs/node/commit/f5a961ab13) - openssl: fix keypress requirement in apps on win32 (Shigeki Ohtsu) https://github.com/joyent/node/pull/25654
+* [[`810fb211a7`](https://github.com/nodejs/node/commit/810fb211a7) - tools: remove obsolete npm test-legacy command (Kat Marchán) https://github.com/nodejs/node/pull/5988
 
 <a id="0.12.13"></a>
 ## 2016-03-31, Version 0.12.13 (LTS), @rvagg
@@ -165,12 +165,12 @@ This is a security release. All Node.js users should consult the security releas
 
 ### Commits
 
-* [4041ea6bc5] - deps: upgrade npm in LTS to 2.15.1 (Forrest L Norvell)
-* [a115779026] - deps: Disable EXPORT and LOW ciphers in openssl (Shigeki Ohtsu) https://github.com/nodejs/node/pull/5712
-* [ab907eb5a8] - test: skip cluster-disconnect-race on Windows (Gibson Fahnestock) https://github.com/nodejs/node/pull/5621
-* [9c06db7444] - test: change tls tests not to use LOW cipher (Shigeki Ohtsu) https://github.com/nodejs/node/pull/5712
-* [154098a3dc] - test: bp fix for test-http-get-pipeline-problem.js (Michael Dawson) https://github.com/nodejs/node/pull/3013
-* [ff2bed6e86] - win,build: support Visual C++ Build Tools 2015 (João Reis) https://github.com/nodejs/node/pull/5627
+* [[`4041ea6bc5`](https://github.com/nodejs/node/commit/4041ea6bc5) - deps: upgrade npm in LTS to 2.15.1 (Forrest L Norvell)
+* [[`a115779026`](https://github.com/nodejs/node/commit/a115779026) - deps: Disable EXPORT and LOW ciphers in openssl (Shigeki Ohtsu) https://github.com/nodejs/node/pull/5712
+* [[`ab907eb5a8`](https://github.com/nodejs/node/commit/ab907eb5a8) - test: skip cluster-disconnect-race on Windows (Gibson Fahnestock) https://github.com/nodejs/node/pull/5621
+* [[`9c06db7444`](https://github.com/nodejs/node/commit/9c06db7444) - test: change tls tests not to use LOW cipher (Shigeki Ohtsu) https://github.com/nodejs/node/pull/5712
+* [[`154098a3dc`](https://github.com/nodejs/node/commit/154098a3dc) - test: bp fix for test-http-get-pipeline-problem.js (Michael Dawson) https://github.com/nodejs/node/pull/3013
+* [[`ff2bed6e86`](https://github.com/nodejs/node/commit/ff2bed6e86) - win,build: support Visual C++ Build Tools 2015 (João Reis) https://github.com/nodejs/node/pull/5627
 
 <a id="0.12.12"></a>
 ## 2016-03-08, Version 0.12.12 (LTS), @rvagg
@@ -183,7 +183,7 @@ Note that the upgrade to OpenSSL 1.0.1s in Node.js v0.12.11 removed internal SSL
 
 ### Commits:
 
-* [dbfc9d9241] - crypto,tls: remove SSLv2 support (Ben Noordhuis) https://github.com/nodejs/node/pull/5536
+* [[`dbfc9d9241`](https://github.com/nodejs/node/commit/dbfc9d9241) - crypto,tls: remove SSLv2 support (Ben Noordhuis) https://github.com/nodejs/node/pull/5536
 
 <a id="0.12.11"></a>
 ## 2016-03-03, Version 0.12.11 (LTS), @rvagg
@@ -201,20 +201,20 @@ Note that the upgrade to OpenSSL 1.0.1s in Node.js v0.12.11 removed internal SSL
 
 ### Commits:
 
-* [1ab6653db9] - build: update Node.js logo on OSX installer (Rod Vagg) https://github.com/nodejs/node/pull/5401
-* [fcc64792ae] - child_process: guard against race condition (Rich Trott) https://github.com/nodejs/node/pull/5153
-* [6c468df9af] - child_process: fix data loss with readable event (Brian White) https://github.com/nodejs/node/pull/5037
-* [61a22019c2] - deps: upgrade openssl to 1.0.1s (Ben Noordhuis) https://github.com/nodejs/node/pull/5509
-* [fa26b13df7] - deps: update to http-parser 2.3.2 (James M Snell) https://github.com/nodejs/node/pull/5241
-* [46c8e2165f] - deps: backport 1f8555 from v8's upstream (Trevor Norris) https://github.com/nodejs/node/pull/3945
-* [ce58c2c31a] - doc: remove SSLv2 descriptions (Shigeki Ohtsu) https://github.com/nodejs/node/pull/5541
-* [018e4e0b1a] - domains: fix handling of uncaught exceptions (Julien Gilli) https://github.com/nodejs/node/pull/3885
-* [d421e85dc9] - lib: fix cluster handle leak (Rich Trott) https://github.com/nodejs/node/pull/5152
-* [3a48f0022f] - node: fix leaking Context handle (Trevor Norris) https://github.com/nodejs/node/pull/3945
-* [28dddabf6a] - src: fix build error without OpenSSL support (Jörg Krause) https://github.com/nodejs/node/pull/4201
-* [a79baf03cd] - src: use global SealHandleScope (Trevor Norris) https://github.com/nodejs/node/pull/3945
-* [be39f30447] - test: add test-domain-exit-dispose-again back (Julien Gilli) https://github.com/nodejs/node/pull/4278
-* [da66166b9a] - test: fix test-domain-exit-dispose-again (Julien Gilli) https://github.com/nodejs/node/pull/3991
+* [[`1ab6653db9`](https://github.com/nodejs/node/commit/1ab6653db9) - build: update Node.js logo on OSX installer (Rod Vagg) https://github.com/nodejs/node/pull/5401
+* [[`fcc64792ae`](https://github.com/nodejs/node/commit/fcc64792ae) - child_process: guard against race condition (Rich Trott) https://github.com/nodejs/node/pull/5153
+* [[`6c468df9af`](https://github.com/nodejs/node/commit/6c468df9af) - child_process: fix data loss with readable event (Brian White) https://github.com/nodejs/node/pull/5037
+* [[`61a22019c2`](https://github.com/nodejs/node/commit/61a22019c2) - deps: upgrade openssl to 1.0.1s (Ben Noordhuis) https://github.com/nodejs/node/pull/5509
+* [[`fa26b13df7`](https://github.com/nodejs/node/commit/fa26b13df7) - deps: update to http-parser 2.3.2 (James M Snell) https://github.com/nodejs/node/pull/5241
+* [[`46c8e2165f`](https://github.com/nodejs/node/commit/46c8e2165f) - deps: backport 1f8555 from v8's upstream (Trevor Norris) https://github.com/nodejs/node/pull/3945
+* [[`ce58c2c31a`](https://github.com/nodejs/node/commit/ce58c2c31a) - doc: remove SSLv2 descriptions (Shigeki Ohtsu) https://github.com/nodejs/node/pull/5541
+* [[`018e4e0b1a`](https://github.com/nodejs/node/commit/018e4e0b1a) - domains: fix handling of uncaught exceptions (Julien Gilli) https://github.com/nodejs/node/pull/3885
+* [[`d421e85dc9`](https://github.com/nodejs/node/commit/d421e85dc9) - lib: fix cluster handle leak (Rich Trott) https://github.com/nodejs/node/pull/5152
+* [[`3a48f0022f`](https://github.com/nodejs/node/commit/3a48f0022f) - node: fix leaking Context handle (Trevor Norris) https://github.com/nodejs/node/pull/3945
+* [[`28dddabf6a`](https://github.com/nodejs/node/commit/28dddabf6a) - src: fix build error without OpenSSL support (Jörg Krause) https://github.com/nodejs/node/pull/4201
+* [[`a79baf03cd`](https://github.com/nodejs/node/commit/a79baf03cd) - src: use global SealHandleScope (Trevor Norris) https://github.com/nodejs/node/pull/3945
+* [[`be39f30447`](https://github.com/nodejs/node/commit/be39f30447) - test: add test-domain-exit-dispose-again back (Julien Gilli) https://github.com/nodejs/node/pull/4278
+* [[`da66166b9a`](https://github.com/nodejs/node/commit/da66166b9a) - test: fix test-domain-exit-dispose-again (Julien Gilli) https://github.com/nodejs/node/pull/3991
 
 <a id="0.12.10"></a>
 ## 2016-02-09, Version 0.12.10 (LTS), @jasnell
@@ -235,14 +235,14 @@ This is an important security release. All Node.js users should consult the secu
 
 ### Commits
 
-* [4312848bff] - build: enable xz compressed tarballs where possible (Rod Vagg) https://github.com/nodejs/node/pull/4894
-* [247626245c] - deps: upgrade openssl sources to 1.0.1r (Shigeki Ohtsu) https://github.com/joyent/node/pull/25368
-* [744c9749fc] - deps: update http-parser to version 2.3.1 (James M Snell)
-* [d1c56ec7d1] - doc: clarify v0.12.9 notable items (Rod Vagg) https://github.com/nodejs/node/pull/4154
-* [e128d9a5b4] - http: strictly forbid invalid characters from headers (James M Snell)
-* [bdb9f2cf89] - src: avoiding compiler warnings in node_revert.cc (James M Snell)
-* [23bced1fb3] - src: add --security-revert command line flag (James M Snell)
-* [f41a3c73e7] - tools: backport tools/install.py for headers (Richard Lau) https://github.com/nodejs/node/pull/4149
+* [[`4312848bff`](https://github.com/nodejs/node/commit/4312848bff) - build: enable xz compressed tarballs where possible (Rod Vagg) https://github.com/nodejs/node/pull/4894
+* [[`247626245c`](https://github.com/nodejs/node/commit/247626245c) - deps: upgrade openssl sources to 1.0.1r (Shigeki Ohtsu) https://github.com/joyent/node/pull/25368
+* [[`744c9749fc`](https://github.com/nodejs/node/commit/744c9749fc) - deps: update http-parser to version 2.3.1 (James M Snell)
+* [[`d1c56ec7d1`](https://github.com/nodejs/node/commit/d1c56ec7d1) - doc: clarify v0.12.9 notable items (Rod Vagg) https://github.com/nodejs/node/pull/4154
+* [[`e128d9a5b4`](https://github.com/nodejs/node/commit/e128d9a5b4) - http: strictly forbid invalid characters from headers (James M Snell)
+* [[`bdb9f2cf89`](https://github.com/nodejs/node/commit/bdb9f2cf89) - src: avoiding compiler warnings in node_revert.cc (James M Snell)
+* [[`23bced1fb3`](https://github.com/nodejs/node/commit/23bced1fb3) - src: add --security-revert command line flag (James M Snell)
+* [[`f41a3c73e7`](https://github.com/nodejs/node/commit/f41a3c73e7) - tools: backport tools/install.py for headers (Richard Lau) https://github.com/nodejs/node/pull/4149
 
 <a id="0.12.9"></a>
 ## 2015-12-04, Version 0.12.9 (LTS), @rvagg
@@ -256,83 +256,83 @@ Security Update
 
 ### Commits
 
-* [8d24a14f2c] - deps: upgrade to openssl 1.0.1q (Ben Noordhuis) https://github.com/nodejs/node/pull/4133
-* [dfc6f4a9af] - http: fix pipeline regression (Fedor Indutny)
+* [[`8d24a14f2c`](https://github.com/nodejs/node/commit/8d24a14f2c) - deps: upgrade to openssl 1.0.1q (Ben Noordhuis) https://github.com/nodejs/node/pull/4133
+* [[`dfc6f4a9af`](https://github.com/nodejs/node/commit/dfc6f4a9af) - http: fix pipeline regression (Fedor Indutny)
 
 <a id="0.12.8"></a>
 ## 2015.11.25, Version 0.12.8 (LTS), @rvagg
 
-* [d9399569bd] - build: backport tools/release.sh (Rod Vagg) https://github.com/nodejs/node/pull/3642
-* [78c5b4c8bd] - build: backport config for new CI infrastructure (Rod Vagg) https://github.com/nodejs/node/pull/3642
-* [83441616a5] - build: fix --without-ssl compile time error (Ben Noordhuis) https://github.com/nodejs/node/pull/3825
-* [8887666b0b] - build: update manifest to include Windows 10 (Lucien Greathouse) https://github.com/nodejs/node/pull/2843
-* [08afe4ec8e] - build: add MSVS 2015 support (Rod Vagg) https://github.com/nodejs/node/pull/2843
-* [4f2456369c] - build: work around VS2015 issue in ICU <56 (Steven R. Loomis) https://github.com/nodejs/node-v0.x-archive/pull/25804
-* [15030f26fd] - build: Intl: bump ICU4C from 54 to 55 (backport) (Steven R. Loomis) https://github.com/nodejs/node-v0.x-archive/pull/25856
-* [1083fa70f0] - build: run-ci makefile rule (Alexis Campailla) https://github.com/nodejs/node-v0.x-archive/pull/25653
-* [2d2494cf14] - build: support flaky tests in test-ci (Alexis Campailla) https://github.com/nodejs/node-v0.x-archive/pull/25653
-* [b25d26f2ef] - build: support Jenkins via test-ci (Alexis Campailla) https://github.com/nodejs/node-v0.x-archive/pull/25653
-* [7e4b47f38a] - build,win: fix node.exe resource version (João Reis) https://github.com/nodejs/node/pull/3053
-* [e07c86e240] - build,win: try next MSVS version on failure (João Reis) https://github.com/nodejs/node/pull/2843
-* [b5a0abcfdf] - child_process: clone spawn options argument (cjihrig) https://github.com/nodejs/node-v0.x-archive/pull/9159
-* [8b81f98c41] - configure: add --without-mdb flag (cgalibern) https://github.com/nodejs/node-v0.x-archive/pull/25707
-* [071c860c2b] - crypto: replace rwlocks with simple mutexes (Ben Noordhuis) https://github.com/nodejs/node/pull/2723
-* [ca97fb6be3] - deps: upgrade npm to 2.14.9 (Forrest L Norvell) https://github.com/nodejs/node/pull/3684
-* [583734342e] - deps: fix openssl for MSVS 2015 (Andy Polyakov) https://github.com/nodejs/node/pull/2843
-* [02c262a4c6] - deps: fix gyp to work on MacOSX without XCode (Shigeki Ohtsu) https://github.com/nodejs/node/pull/2843
-* [f0fba0bce8] - deps: update gyp to 25ed9ac (João Reis) https://github.com/nodejs/node/pull/2843
-* [f693565813] - deps: upgrade to npm 2.13.4 (Kat Marchán) https://github.com/nodejs/node-v0.x-archive/pull/25825
-* [618b142679] - deps,v8: fix compilation in VS2015 (João Reis) https://github.com/nodejs/node/pull/2843
-* [49b4f0d54e] - doc: backport README.md (Rod Vagg) https://github.com/nodejs/node/pull/3642
-* [2860c53562] - doc: fixed child_process.exec doc (Tyler Anton) https://github.com/nodejs/node-v0.x-archive/pull/14088
-* [4a91fa11a3] - doc: Update docs for os.platform() (George Kotchlamazashvili) https://github.com/nodejs/node-v0.x-archive/pull/25777
-* [b03ab02fe8] - doc: Change the link for v8 docs to v8dox.com (Chad Walker) https://github.com/nodejs/node-v0.x-archive/pull/25811
-* [1fd8f37efd] - doc: buffer, adding missing backtick (Dyana Rose) https://github.com/nodejs/node-v0.x-archive/pull/25811
-* [162d0db3bb] - doc: tls.markdown, adjust version from v0.10.39 to v0.10.x (James M Snell) https://github.com/nodejs/node-v0.x-archive/pull/25591
-* [eda2560cdc] - doc: additional refinement to readable event (James M Snell) https://github.com/nodejs/node-v0.x-archive/pull/25591
-* [881d9bea01] - doc: readable event clarification (James M Snell) https://github.com/nodejs/node-v0.x-archive/pull/25591
-* [b6378f0c75] - doc: stream.unshift does not reset reading state (James M Snell) https://github.com/nodejs/node-v0.x-archive/pull/25591
-* [4952e2b4d2] - doc: clarify Readable._read and Readable.push (fresheneesz) https://github.com/nodejs/node-v0.x-archive/pull/25591
-* [14000b97d4] - doc: two minor stream doc improvements (James M Snell) https://github.com/nodejs/node-v0.x-archive/pull/25591
-* [6b6bd21497] - doc: Clarified read method with specified size argument. (Philippe Laferriere) https://github.com/nodejs/node-v0.x-archive/pull/25591
-* [16f547600a] - doc: Document http.request protocol option (Ville Skyttä) https://github.com/nodejs/node-v0.x-archive/pull/25591
-* [618e4ecda9] - doc: add a note about readable in flowing mode (James M Snell) https://github.com/nodejs/node-v0.x-archive/pull/25591
-* [0b165be37b] - doc: fix line wrapping in buffer.markdown (James M Snell) https://github.com/nodejs/node-v0.x-archive/pull/25591
-* [70dd13f88d] - doc: add CleartextStream deprecation notice (James M Snell) https://github.com/nodejs/node-v0.x-archive/pull/25591
-* [418cde0765] - doc: mention that mode is ignored if file exists (James M Snell) https://github.com/nodejs/node-v0.x-archive/pull/25591
-* [85bcb281e4] - doc: improve http.abort description (James M Snell) https://github.com/nodejs/node-v0.x-archive/pull/25591
-* [5ccb429ee8] - doc, comments: Grammar and spelling fixes (Ville Skyttä) https://github.com/nodejs/node-v0.x-archive/pull/25591
-* [a24db43101] - docs: event emitter behavior notice (Samuel Mills (Henchman)) https://github.com/nodejs/node-v0.x-archive/pull/25467
-* [8cbf7cb021] - docs: events clarify emitter.listener() behavior (Benjamin Steephenson) https://github.com/nodejs/node-v0.x-archive/pull/25591
-* [b7229debbe] - docs: Fix default options for fs.createWriteStream() (Chris Neave) https://github.com/nodejs/node-v0.x-archive/pull/25591
-* [f0453caea2] - domains: port caeb677 from v0.10 to v0.12 (Jeremy Whitlock) https://github.com/nodejs/node-v0.x-archive/pull/25835
-* [261fa3620f] - src: fix intermittent SIGSEGV in resolveTxt (Evan Lucas) https://github.com/nodejs/node-v0.x-archive/pull/9300
-* [1f7257b02d] - test: mark test-https-aws-ssl flaky on linux (João Reis) https://github.com/nodejs/node-v0.x-archive/pull/25893
-* [cf435d55db] - test: mark test-signal-unregister as flaky (Alexis Campailla) https://github.com/nodejs/node-v0.x-archive/pull/25750
-* [ceb6a8c131] - test: fix test-debug-port-from-cmdline (João Reis) https://github.com/nodejs/node-v0.x-archive/pull/25748
-* [22997731e6] - test: add regression test for #25735 (Fedor Indutny) https://github.com/nodejs/node-v0.x-archive/pull/25739
-* [39e05639f4] - test: mark http-pipeline-flood flaky on win32 (Julien Gilli) https://github.com/nodejs/node-v0.x-archive/pull/25707
-* [78d256e7f5] - test: unmark tests that are no longer flaky (João Reis) https://github.com/nodejs/node-v0.x-archive/pull/25676
-* [a9b642cf5b] - test: runner should return 0 on flaky tests (Alexis Campailla) https://github.com/nodejs/node-v0.x-archive/pull/25653
-* [b48639befd] - test: support writing test output to file (Alexis Campailla) https://github.com/nodejs/node-v0.x-archive/pull/25653
-* [caa16b41d6] - (SEMVER-MINOR) tls: prevent server from using dhe keys < 768 (Michael Dawson) https://github.com/nodejs/node/pull/3890
-* [0363cf4a80] - tls: Closing parent socket also closes the tls sock (Devin Nakamura) https://github.com/nodejs/node-v0.x-archive/pull/25642
-* [75697112e8] - tls: do not hang without `newSession` handler (Fedor Indutny) https://github.com/nodejs/node-v0.x-archive/pull/25739
-* [d998a65058] - tools: pass constant to logger instead of string (Johan Bergström) https://github.com/nodejs/node-v0.x-archive/pull/25653
-* [1982ed6e63] - v8: port fbff705 from v0.10 to v0.12 (Jeremy Whitlock) https://github.com/nodejs/node-v0.x-archive/pull/25835
-* [44d7054252] - win: fix custom actions for WiX older than 3.9 (João Reis) https://github.com/nodejs/node/pull/2843
-* [586c4d8b8e] - win: fix custom actions on Visual Studio != 2013 (Julien Gilli) https://github.com/nodejs/node/pull/2843
-* [14db629497] - win,msi: correct installation path registry keys (João Reis) https://github.com/nodejs/node-v0.x-archive/pull/25640
-* [8e80528453] - win,msi: change InstallScope to perMachine (João Reis) https://github.com/nodejs/node-v0.x-archive/pull/25640
-* [35bbe98401] - Update addons.markdown (Max Deepfield) https://github.com/nodejs/node-v0.x-archive/pull/25885
-* [9a6f1ce416] - comma (Julien Valéry) https://github.com/nodejs/node-v0.x-archive/pull/25811
-* [d384bf8f84] - Update assert.markdown (daveboivin) https://github.com/nodejs/node-v0.x-archive/pull/25811
-* [89b22ccbe1] - Fixed typo (Andrew Murray) https://github.com/nodejs/node-v0.x-archive/pull/25811
-* [5ad05af380] - Update util.markdown (Daniel Rentz) https://github.com/nodejs/node-v0.x-archive/pull/25591
-* [cb660ab3d3] - Update child_process.markdown, spelling (Jared Fox) https://github.com/nodejs/node-v0.x-archive/pull/25591
-* [59c67fe3cd] - updated documentation for fs.createReadStream (Michele Caini) https://github.com/nodejs/node-v0.x-archive/pull/25591
-* [53b6a615a5] - Documentation update about Buffer initialization (Sarath) https://github.com/nodejs/node-v0.x-archive/pull/25591
-* [b8d47a7b6f] - fix (Fedor Indutny) https://github.com/nodejs/node-v0.x-archive/pull/25739
+* [[`d9399569bd`](https://github.com/nodejs/node/commit/d9399569bd) - build: backport tools/release.sh (Rod Vagg) https://github.com/nodejs/node/pull/3642
+* [[`78c5b4c8bd`](https://github.com/nodejs/node/commit/78c5b4c8bd) - build: backport config for new CI infrastructure (Rod Vagg) https://github.com/nodejs/node/pull/3642
+* [[`83441616a5`](https://github.com/nodejs/node/commit/83441616a5) - build: fix --without-ssl compile time error (Ben Noordhuis) https://github.com/nodejs/node/pull/3825
+* [[`8887666b0b`](https://github.com/nodejs/node/commit/8887666b0b) - build: update manifest to include Windows 10 (Lucien Greathouse) https://github.com/nodejs/node/pull/2843
+* [[`08afe4ec8e`](https://github.com/nodejs/node/commit/08afe4ec8e) - build: add MSVS 2015 support (Rod Vagg) https://github.com/nodejs/node/pull/2843
+* [[`4f2456369c`](https://github.com/nodejs/node/commit/4f2456369c) - build: work around VS2015 issue in ICU <56 (Steven R. Loomis) https://github.com/nodejs/node-v0.x-archive/pull/25804
+* [[`15030f26fd`](https://github.com/nodejs/node/commit/15030f26fd) - build: Intl: bump ICU4C from 54 to 55 (backport) (Steven R. Loomis) https://github.com/nodejs/node-v0.x-archive/pull/25856
+* [[`1083fa70f0`](https://github.com/nodejs/node/commit/1083fa70f0) - build: run-ci makefile rule (Alexis Campailla) https://github.com/nodejs/node-v0.x-archive/pull/25653
+* [[`2d2494cf14`](https://github.com/nodejs/node/commit/2d2494cf14) - build: support flaky tests in test-ci (Alexis Campailla) https://github.com/nodejs/node-v0.x-archive/pull/25653
+* [[`b25d26f2ef`](https://github.com/nodejs/node/commit/b25d26f2ef) - build: support Jenkins via test-ci (Alexis Campailla) https://github.com/nodejs/node-v0.x-archive/pull/25653
+* [[`7e4b47f38a`](https://github.com/nodejs/node/commit/7e4b47f38a) - build,win: fix node.exe resource version (João Reis) https://github.com/nodejs/node/pull/3053
+* [[`e07c86e240`](https://github.com/nodejs/node/commit/e07c86e240) - build,win: try next MSVS version on failure (João Reis) https://github.com/nodejs/node/pull/2843
+* [[`b5a0abcfdf`](https://github.com/nodejs/node/commit/b5a0abcfdf) - child_process: clone spawn options argument (cjihrig) https://github.com/nodejs/node-v0.x-archive/pull/9159
+* [[`8b81f98c41`](https://github.com/nodejs/node/commit/8b81f98c41) - configure: add --without-mdb flag (cgalibern) https://github.com/nodejs/node-v0.x-archive/pull/25707
+* [[`071c860c2b`](https://github.com/nodejs/node/commit/071c860c2b) - crypto: replace rwlocks with simple mutexes (Ben Noordhuis) https://github.com/nodejs/node/pull/2723
+* [[`ca97fb6be3`](https://github.com/nodejs/node/commit/ca97fb6be3) - deps: upgrade npm to 2.14.9 (Forrest L Norvell) https://github.com/nodejs/node/pull/3684
+* [[`583734342e`](https://github.com/nodejs/node/commit/583734342e) - deps: fix openssl for MSVS 2015 (Andy Polyakov) https://github.com/nodejs/node/pull/2843
+* [[`02c262a4c6`](https://github.com/nodejs/node/commit/02c262a4c6) - deps: fix gyp to work on MacOSX without XCode (Shigeki Ohtsu) https://github.com/nodejs/node/pull/2843
+* [[`f0fba0bce8`](https://github.com/nodejs/node/commit/f0fba0bce8) - deps: update gyp to 25ed9ac (João Reis) https://github.com/nodejs/node/pull/2843
+* [[`f693565813`](https://github.com/nodejs/node/commit/f693565813) - deps: upgrade to npm 2.13.4 (Kat Marchán) https://github.com/nodejs/node-v0.x-archive/pull/25825
+* [[`618b142679`](https://github.com/nodejs/node/commit/618b142679) - deps,v8: fix compilation in VS2015 (João Reis) https://github.com/nodejs/node/pull/2843
+* [[`49b4f0d54e`](https://github.com/nodejs/node/commit/49b4f0d54e) - doc: backport README.md (Rod Vagg) https://github.com/nodejs/node/pull/3642
+* [[`2860c53562`](https://github.com/nodejs/node/commit/2860c53562) - doc: fixed child_process.exec doc (Tyler Anton) https://github.com/nodejs/node-v0.x-archive/pull/14088
+* [[`4a91fa11a3`](https://github.com/nodejs/node/commit/4a91fa11a3) - doc: Update docs for os.platform() (George Kotchlamazashvili) https://github.com/nodejs/node-v0.x-archive/pull/25777
+* [[`b03ab02fe8`](https://github.com/nodejs/node/commit/b03ab02fe8) - doc: Change the link for v8 docs to v8dox.com (Chad Walker) https://github.com/nodejs/node-v0.x-archive/pull/25811
+* [[`1fd8f37efd`](https://github.com/nodejs/node/commit/1fd8f37efd) - doc: buffer, adding missing backtick (Dyana Rose) https://github.com/nodejs/node-v0.x-archive/pull/25811
+* [[`162d0db3bb`](https://github.com/nodejs/node/commit/162d0db3bb) - doc: tls.markdown, adjust version from v0.10.39 to v0.10.x (James M Snell) https://github.com/nodejs/node-v0.x-archive/pull/25591
+* [[`eda2560cdc`](https://github.com/nodejs/node/commit/eda2560cdc) - doc: additional refinement to readable event (James M Snell) https://github.com/nodejs/node-v0.x-archive/pull/25591
+* [[`881d9bea01`](https://github.com/nodejs/node/commit/881d9bea01) - doc: readable event clarification (James M Snell) https://github.com/nodejs/node-v0.x-archive/pull/25591
+* [[`b6378f0c75`](https://github.com/nodejs/node/commit/b6378f0c75) - doc: stream.unshift does not reset reading state (James M Snell) https://github.com/nodejs/node-v0.x-archive/pull/25591
+* [[`4952e2b4d2`](https://github.com/nodejs/node/commit/4952e2b4d2) - doc: clarify Readable._read and Readable.push (fresheneesz) https://github.com/nodejs/node-v0.x-archive/pull/25591
+* [[`14000b97d4`](https://github.com/nodejs/node/commit/14000b97d4) - doc: two minor stream doc improvements (James M Snell) https://github.com/nodejs/node-v0.x-archive/pull/25591
+* [[`6b6bd21497`](https://github.com/nodejs/node/commit/6b6bd21497) - doc: Clarified read method with specified size argument. (Philippe Laferriere) https://github.com/nodejs/node-v0.x-archive/pull/25591
+* [[`16f547600a`](https://github.com/nodejs/node/commit/16f547600a) - doc: Document http.request protocol option (Ville Skyttä) https://github.com/nodejs/node-v0.x-archive/pull/25591
+* [[`618e4ecda9`](https://github.com/nodejs/node/commit/618e4ecda9) - doc: add a note about readable in flowing mode (James M Snell) https://github.com/nodejs/node-v0.x-archive/pull/25591
+* [[`0b165be37b`](https://github.com/nodejs/node/commit/0b165be37b) - doc: fix line wrapping in buffer.markdown (James M Snell) https://github.com/nodejs/node-v0.x-archive/pull/25591
+* [[`70dd13f88d`](https://github.com/nodejs/node/commit/70dd13f88d) - doc: add CleartextStream deprecation notice (James M Snell) https://github.com/nodejs/node-v0.x-archive/pull/25591
+* [[`418cde0765`](https://github.com/nodejs/node/commit/418cde0765) - doc: mention that mode is ignored if file exists (James M Snell) https://github.com/nodejs/node-v0.x-archive/pull/25591
+* [[`85bcb281e4`](https://github.com/nodejs/node/commit/85bcb281e4) - doc: improve http.abort description (James M Snell) https://github.com/nodejs/node-v0.x-archive/pull/25591
+* [[`5ccb429ee8`](https://github.com/nodejs/node/commit/5ccb429ee8) - doc, comments: Grammar and spelling fixes (Ville Skyttä) https://github.com/nodejs/node-v0.x-archive/pull/25591
+* [[`a24db43101`](https://github.com/nodejs/node/commit/a24db43101) - docs: event emitter behavior notice (Samuel Mills (Henchman)) https://github.com/nodejs/node-v0.x-archive/pull/25467
+* [[`8cbf7cb021`](https://github.com/nodejs/node/commit/8cbf7cb021) - docs: events clarify emitter.listener() behavior (Benjamin Steephenson) https://github.com/nodejs/node-v0.x-archive/pull/25591
+* [[`b7229debbe`](https://github.com/nodejs/node/commit/b7229debbe) - docs: Fix default options for fs.createWriteStream() (Chris Neave) https://github.com/nodejs/node-v0.x-archive/pull/25591
+* [[`f0453caea2`](https://github.com/nodejs/node/commit/f0453caea2) - domains: port caeb677 from v0.10 to v0.12 (Jeremy Whitlock) https://github.com/nodejs/node-v0.x-archive/pull/25835
+* [[`261fa3620f`](https://github.com/nodejs/node/commit/261fa3620f) - src: fix intermittent SIGSEGV in resolveTxt (Evan Lucas) https://github.com/nodejs/node-v0.x-archive/pull/9300
+* [[`1f7257b02d`](https://github.com/nodejs/node/commit/1f7257b02d) - test: mark test-https-aws-ssl flaky on linux (João Reis) https://github.com/nodejs/node-v0.x-archive/pull/25893
+* [[`cf435d55db`](https://github.com/nodejs/node/commit/cf435d55db) - test: mark test-signal-unregister as flaky (Alexis Campailla) https://github.com/nodejs/node-v0.x-archive/pull/25750
+* [[`ceb6a8c131`](https://github.com/nodejs/node/commit/ceb6a8c131) - test: fix test-debug-port-from-cmdline (João Reis) https://github.com/nodejs/node-v0.x-archive/pull/25748
+* [[`22997731e6`](https://github.com/nodejs/node/commit/22997731e6) - test: add regression test for #25735 (Fedor Indutny) https://github.com/nodejs/node-v0.x-archive/pull/25739
+* [[`39e05639f4`](https://github.com/nodejs/node/commit/39e05639f4) - test: mark http-pipeline-flood flaky on win32 (Julien Gilli) https://github.com/nodejs/node-v0.x-archive/pull/25707
+* [[`78d256e7f5`](https://github.com/nodejs/node/commit/78d256e7f5) - test: unmark tests that are no longer flaky (João Reis) https://github.com/nodejs/node-v0.x-archive/pull/25676
+* [[`a9b642cf5b`](https://github.com/nodejs/node/commit/a9b642cf5b) - test: runner should return 0 on flaky tests (Alexis Campailla) https://github.com/nodejs/node-v0.x-archive/pull/25653
+* [[`b48639befd`](https://github.com/nodejs/node/commit/b48639befd) - test: support writing test output to file (Alexis Campailla) https://github.com/nodejs/node-v0.x-archive/pull/25653
+* [[`caa16b41d6`](https://github.com/nodejs/node/commit/caa16b41d6) - (SEMVER-MINOR) tls: prevent server from using dhe keys < 768 (Michael Dawson) https://github.com/nodejs/node/pull/3890
+* [[`0363cf4a80`](https://github.com/nodejs/node/commit/0363cf4a80) - tls: Closing parent socket also closes the tls sock (Devin Nakamura) https://github.com/nodejs/node-v0.x-archive/pull/25642
+* [[`75697112e8`](https://github.com/nodejs/node/commit/75697112e8) - tls: do not hang without `newSession` handler (Fedor Indutny) https://github.com/nodejs/node-v0.x-archive/pull/25739
+* [[`d998a65058`](https://github.com/nodejs/node/commit/d998a65058) - tools: pass constant to logger instead of string (Johan Bergström) https://github.com/nodejs/node-v0.x-archive/pull/25653
+* [[`1982ed6e63`](https://github.com/nodejs/node/commit/1982ed6e63) - v8: port fbff705 from v0.10 to v0.12 (Jeremy Whitlock) https://github.com/nodejs/node-v0.x-archive/pull/25835
+* [[`44d7054252`](https://github.com/nodejs/node/commit/44d7054252) - win: fix custom actions for WiX older than 3.9 (João Reis) https://github.com/nodejs/node/pull/2843
+* [[`586c4d8b8e`](https://github.com/nodejs/node/commit/586c4d8b8e) - win: fix custom actions on Visual Studio != 2013 (Julien Gilli) https://github.com/nodejs/node/pull/2843
+* [[`14db629497`](https://github.com/nodejs/node/commit/14db629497) - win,msi: correct installation path registry keys (João Reis) https://github.com/nodejs/node-v0.x-archive/pull/25640
+* [[`8e80528453`](https://github.com/nodejs/node/commit/8e80528453) - win,msi: change InstallScope to perMachine (João Reis) https://github.com/nodejs/node-v0.x-archive/pull/25640
+* [[`35bbe98401`](https://github.com/nodejs/node/commit/35bbe98401) - Update addons.markdown (Max Deepfield) https://github.com/nodejs/node-v0.x-archive/pull/25885
+* [[`9a6f1ce416`](https://github.com/nodejs/node/commit/9a6f1ce416) - comma (Julien Valéry) https://github.com/nodejs/node-v0.x-archive/pull/25811
+* [[`d384bf8f84`](https://github.com/nodejs/node/commit/d384bf8f84) - Update assert.markdown (daveboivin) https://github.com/nodejs/node-v0.x-archive/pull/25811
+* [[`89b22ccbe1`](https://github.com/nodejs/node/commit/89b22ccbe1) - Fixed typo (Andrew Murray) https://github.com/nodejs/node-v0.x-archive/pull/25811
+* [[`5ad05af380`](https://github.com/nodejs/node/commit/5ad05af380) - Update util.markdown (Daniel Rentz) https://github.com/nodejs/node-v0.x-archive/pull/25591
+* [[`cb660ab3d3`](https://github.com/nodejs/node/commit/cb660ab3d3) - Update child_process.markdown, spelling (Jared Fox) https://github.com/nodejs/node-v0.x-archive/pull/25591
+* [[`59c67fe3cd`](https://github.com/nodejs/node/commit/59c67fe3cd) - updated documentation for fs.createReadStream (Michele Caini) https://github.com/nodejs/node-v0.x-archive/pull/25591
+* [[`53b6a615a5`](https://github.com/nodejs/node/commit/53b6a615a5) - Documentation update about Buffer initialization (Sarath) https://github.com/nodejs/node-v0.x-archive/pull/25591
+* [[`b8d47a7b6f`](https://github.com/nodejs/node/commit/b8d47a7b6f) - fix (Fedor Indutny) https://github.com/nodejs/node-v0.x-archive/pull/25739
 
 <a id="0.12.7"></a>
 ## 2015-07-09, Version 0.12.7 (Stable)

From d1a4aa3ca2d0a485f1c66cb20bac6ee66996e1a1 Mon Sep 17 00:00:00 2001
From: Nick Schonning <nschonni@gmail.com>
Date: Sat, 14 Sep 2019 14:42:53 -0400
Subject: [PATCH 19/65] doc: add missing reference link values

Reference links were used in the document, but not define at the end.

PR-URL: https://github.com/nodejs/node/pull/29558
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
---
 doc/api/assert.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/doc/api/assert.md b/doc/api/assert.md
index db222580c30235..09d2aa46c26c96 100644
--- a/doc/api/assert.md
+++ b/doc/api/assert.md
@@ -1300,7 +1300,10 @@ second argument. This might lead to difficult-to-spot errors.
 [`assert.deepEqual()`]: #assert_assert_deepequal_actual_expected_message
 [`assert.deepStrictEqual()`]: #assert_assert_deepstrictequal_actual_expected_message
 [`assert.doesNotThrow()`]: #assert_assert_doesnotthrow_fn_error_message
+[`assert.equal()`]: #assert_assert_equal_actual_expected_message
+[`assert.notDeepEqual()`]: #assert_assert_notdeepequal_actual_expected_message
 [`assert.notDeepStrictEqual()`]: #assert_assert_notdeepstrictequal_actual_expected_message
+[`assert.notEqual()`]: #assert_assert_notequal_actual_expected_message
 [`assert.notStrictEqual()`]: #assert_assert_notstrictequal_actual_expected_message
 [`assert.ok()`]: #assert_assert_ok_value_message
 [`assert.strictEqual()`]: #assert_assert_strictequal_actual_expected_message

From 62370efe7ed5b15db56619b64afff597e79ab3fe Mon Sep 17 00:00:00 2001
From: Nick Schonning <nschonni@gmail.com>
Date: Sat, 14 Sep 2019 14:50:00 -0400
Subject: [PATCH 20/65] doc: add dash between SHA and PR in changelog

It gets confused as a reference link otherwis

PR-URL: https://github.com/nodejs/node/pull/29558
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
---
 doc/changelogs/CHANGELOG_V8.md | 116 ++++++++++++++++-----------------
 doc/changelogs/CHANGELOG_V9.md |  72 ++++++++++----------
 2 files changed, 94 insertions(+), 94 deletions(-)

diff --git a/doc/changelogs/CHANGELOG_V8.md b/doc/changelogs/CHANGELOG_V8.md
index 43f23e6798d409..91f22f5b18f9bc 100644
--- a/doc/changelogs/CHANGELOG_V8.md
+++ b/doc/changelogs/CHANGELOG_V8.md
@@ -3405,28 +3405,28 @@ Big thanks to @addaleax who prepared the vast majority of this release.
 * **Build**
   * The compiler version requirement to build Node with GCC has been raised to
     GCC 4.9.4.
-    [[`820b011ed6`](https://github.com/nodejs/node/commit/820b011ed6)]
+    [[`820b011ed6`](https://github.com/nodejs/node/commit/820b011ed6)] -
     [#13466](https://github.com/nodejs/node/pull/13466)
 
 * **Cluster**
   * Users now have more fine-grained control over the inspector port used by
     individual cluster workers. Previously, cluster workers were restricted to
     incrementing from the master's debug port.
-    [[`dfc46e262a`](https://github.com/nodejs/node/commit/dfc46e262a)]
+    [[`dfc46e262a`](https://github.com/nodejs/node/commit/dfc46e262a)] -
     [#14140](https://github.com/nodejs/node/pull/14140)
 
 * **DNS**
   * The server used for DNS queries can now use a custom port.
-    [[`ebe7bb29aa`](https://github.com/nodejs/node/commit/ebe7bb29aa)]
+    [[`ebe7bb29aa`](https://github.com/nodejs/node/commit/ebe7bb29aa)] -
     [#13723](https://github.com/nodejs/node/pull/13723)
   * Support for `dns.resolveAny()` has been added.
-    [[`6e30e2558e`](https://github.com/nodejs/node/commit/6e30e2558e)]
+    [[`6e30e2558e`](https://github.com/nodejs/node/commit/6e30e2558e)] -
     [#13137](https://github.com/nodejs/node/pull/13137)
 
 * **npm**
   * The `npm` CLI has been updated to version 5.3.0. In particular, it now comes
     with the `npx` binary, which is also shipped with Node.
-    [[`dc3f6b9ac1`](https://github.com/nodejs/node/commit/dc3f6b9ac1)]
+    [[`dc3f6b9ac1`](https://github.com/nodejs/node/commit/dc3f6b9ac1)] -
     [#14235](https://github.com/nodejs/node/pull/14235)
   * `npm` Changelogs:
     * [v5.0.4](https://github.com/npm/npm/releases/tag/v5.0.4)
@@ -3711,10 +3711,10 @@ This is a security release. All Node.js users should consult the security releas
   Two regressions with the `stream` module have been fixed:
   * The `finish` event will now always be emitted after the `error` event
     if one is emitted:
-    [[`0a9e96e86c`](https://github.com/nodejs/node/commit/0a9e96e86c)]
+    [[`0a9e96e86c`](https://github.com/nodejs/node/commit/0a9e96e86c)] -
     [#13850](https://github.com/nodejs/node/pull/13850)
   * In object mode, readable streams can now use `undefined` again.
-    [[`5840138e70`](https://github.com/nodejs/node/commit/5840138e70)]
+    [[`5840138e70`](https://github.com/nodejs/node/commit/5840138e70)] -
     [#13760](https://github.com/nodejs/node/pull/13760)
 
 ### Commits
@@ -3798,24 +3798,24 @@ Ref: https://github.com/nodejs/node/issues/13667
   * `stdout` and `stderr` are now available on the error output of a
     failed call to the `util.promisify()`ed version of
     `child_process.exec`.
-    [[`d66d4fc94c`](https://github.com/nodejs/node/commit/d66d4fc94c)]
+    [[`d66d4fc94c`](https://github.com/nodejs/node/commit/d66d4fc94c)] -
     [#13388](https://github.com/nodejs/node/pull/13388)
 
 * **HTTP**
   * A regression that broke certain scenarios in which HTTP is used together
     with the `cluster` module has been fixed.
-    [[`fff8a56d6f`](https://github.com/nodejs/node/commit/fff8a56d6f)]
+    [[`fff8a56d6f`](https://github.com/nodejs/node/commit/fff8a56d6f)] -
     [#13578](https://github.com/nodejs/node/pull/13578)
 
 * **HTTPS**
   * The `rejectUnauthorized` option now works properly for unix sockets.
-    [[`c4cbd99d37`](https://github.com/nodejs/node/commit/c4cbd99d37)]
+    [[`c4cbd99d37`](https://github.com/nodejs/node/commit/c4cbd99d37)] -
     [#13505](https://github.com/nodejs/node/pull/13505)
 
 * **Readline**
   * A change that broke `npm init` and other code which uses `readline`
     multiple times on the same input stream is reverted.
-    [[`0df6c0b5f0`](https://github.com/nodejs/node/commit/0df6c0b5f0)]
+    [[`0df6c0b5f0`](https://github.com/nodejs/node/commit/0df6c0b5f0)] -
     [#13560](https://github.com/nodejs/node/pull/13560)
 
 ### Commits
@@ -3878,30 +3878,30 @@ Ref: https://github.com/nodejs/node/issues/13667
 * **Async Hooks**
   * When one `Promise` leads to the creation of a new `Promise`, the parent
     `Promise` will be identified as the trigger
-    [[`135f4e6643`](https://github.com/nodejs/node/commit/135f4e6643)]
+    [[`135f4e6643`](https://github.com/nodejs/node/commit/135f4e6643)] -
     [#13367](https://github.com/nodejs/node/pull/13367).
 * **Dependencies**
   * libuv has been updated to 1.12.0
-    [[`968596ec77`](https://github.com/nodejs/node/commit/968596ec77)]
+    [[`968596ec77`](https://github.com/nodejs/node/commit/968596ec77)] -
     [#13306](https://github.com/nodejs/node/pull/13306).
   * npm has been updated to 5.0.3
-    [[`ffa7debd7a`](https://github.com/nodejs/node/commit/ffa7debd7a)]
+    [[`ffa7debd7a`](https://github.com/nodejs/node/commit/ffa7debd7a)] -
     [#13487](https://github.com/nodejs/node/pull/13487).
 * **File system**
   * The `fs.exists()` function now works correctly with `util.promisify()`
-    [[`6e0eccd7a1`](https://github.com/nodejs/node/commit/6e0eccd7a1)]
+    [[`6e0eccd7a1`](https://github.com/nodejs/node/commit/6e0eccd7a1)] -
     [#13316](https://github.com/nodejs/node/pull/13316).
   * fs.Stats times are now also available as numbers
-    [[`c756efb25a`](https://github.com/nodejs/node/commit/c756efb25a)]
+    [[`c756efb25a`](https://github.com/nodejs/node/commit/c756efb25a)] -
     [#13173](https://github.com/nodejs/node/pull/13173).
 * **Inspector**
   * It is now possible to bind to a random port using `--inspect=0`
-    [[`cc6ec2fb27`](https://github.com/nodejs/node/commit/cc6ec2fb27)]
+    [[`cc6ec2fb27`](https://github.com/nodejs/node/commit/cc6ec2fb27)] -
     [#5025](https://github.com/nodejs/node/pull/5025).
 * **Zlib**
   * A regression in the Zlib module that made it impossible to properly
     subclasses `zlib.Deflate` and other Zlib classes has been fixed.
-    [[`6aeb555cc4`](https://github.com/nodejs/node/commit/6aeb555cc4)]
+    [[`6aeb555cc4`](https://github.com/nodejs/node/commit/6aeb555cc4)] -
     [#13374](https://github.com/nodejs/node/pull/13374).
 
 ### Commits
@@ -4037,47 +4037,47 @@ LTS codename `'Carbon'`. Note that the
 
 * **Async Hooks**
   * The `async_hooks` module has landed in core
-    [[`4a7233c178`](https://github.com/nodejs/node/commit/4a7233c178)]
+    [[`4a7233c178`](https://github.com/nodejs/node/commit/4a7233c178)] -
     [#12892](https://github.com/nodejs/node/pull/12892).
 
 * **Buffer**
   * Using the `--pending-deprecation` flag will cause Node.js to emit a
     deprecation warning when using `new Buffer(num)` or `Buffer(num)`.
-    [[`d2d32ea5a2`](https://github.com/nodejs/node/commit/d2d32ea5a2)]
+    [[`d2d32ea5a2`](https://github.com/nodejs/node/commit/d2d32ea5a2)] -
     [#11968](https://github.com/nodejs/node/pull/11968).
   * `new Buffer(num)` and `Buffer(num)` will zero-fill new `Buffer` instances
-    [[`7eb1b4658e`](https://github.com/nodejs/node/commit/7eb1b4658e)]
+    [[`7eb1b4658e`](https://github.com/nodejs/node/commit/7eb1b4658e)] -
     [#12141](https://github.com/nodejs/node/pull/12141).
   * Many `Buffer` methods now accept `Uint8Array` as input
-    [[`beca3244e2`](https://github.com/nodejs/node/commit/beca3244e2)]
+    [[`beca3244e2`](https://github.com/nodejs/node/commit/beca3244e2)] -
     [#10236](https://github.com/nodejs/node/pull/10236).
 
 * **Child Process**
   * Argument and kill signal validations have been improved
-    [[`97a77288ce`](https://github.com/nodejs/node/commit/97a77288ce)]
+    [[`97a77288ce`](https://github.com/nodejs/node/commit/97a77288ce)] -
     [#12348](https://github.com/nodejs/node/pull/12348),
-    [[`d75fdd96aa`](https://github.com/nodejs/node/commit/d75fdd96aa)]
+    [[`d75fdd96aa`](https://github.com/nodejs/node/commit/d75fdd96aa)] -
     [#10423](https://github.com/nodejs/node/pull/10423).
   * Child Process methods accept `Uint8Array` as input
-    [[`627ecee9ed`](https://github.com/nodejs/node/commit/627ecee9ed)]
+    [[`627ecee9ed`](https://github.com/nodejs/node/commit/627ecee9ed)] -
     [#10653](https://github.com/nodejs/node/pull/10653).
 
 * **Console**
   * Error events emitted when using `console` methods are now supressed.
-    [[`f18e08d820`](https://github.com/nodejs/node/commit/f18e08d820)]
+    [[`f18e08d820`](https://github.com/nodejs/node/commit/f18e08d820)] -
     [#9744](https://github.com/nodejs/node/pull/9744).
 
 * **Dependencies**
   * The npm client has been updated to 5.0.0
-    [[`3c3b36af0f`](https://github.com/nodejs/node/commit/3c3b36af0f)]
+    [[`3c3b36af0f`](https://github.com/nodejs/node/commit/3c3b36af0f)] -
     [#12936](https://github.com/nodejs/node/pull/12936).
   * V8 has been updated to 5.8 with forward ABI stability to 6.0
-    [[`60d1aac8d2`](https://github.com/nodejs/node/commit/60d1aac8d2)]
+    [[`60d1aac8d2`](https://github.com/nodejs/node/commit/60d1aac8d2)] -
     [#12784](https://github.com/nodejs/node/pull/12784).
 
 * **Domains**
   * Native `Promise` instances are now `Domain` aware
-    [[`84dabe8373`](https://github.com/nodejs/node/commit/84dabe8373)]
+    [[`84dabe8373`](https://github.com/nodejs/node/commit/84dabe8373)] -
     [#12489](https://github.com/nodejs/node/pull/12489).
 
 * **Errors**
@@ -4087,118 +4087,118 @@ LTS codename `'Carbon'`. Note that the
 
 * **File System**
   * The utility class `fs.SyncWriteStream` has been deprecated
-    [[`7a55e34ef4`](https://github.com/nodejs/node/commit/7a55e34ef4)]
+    [[`7a55e34ef4`](https://github.com/nodejs/node/commit/7a55e34ef4)] -
     [#10467](https://github.com/nodejs/node/pull/10467).
   * The deprecated `fs.read()` string interface has been removed
-    [[`3c2a9361ff`](https://github.com/nodejs/node/commit/3c2a9361ff)]
+    [[`3c2a9361ff`](https://github.com/nodejs/node/commit/3c2a9361ff)] -
     [#9683](https://github.com/nodejs/node/pull/9683).
 
 * **HTTP**
   * Improved support for userland implemented Agents
-    [[`90403dd1d0`](https://github.com/nodejs/node/commit/90403dd1d0)]
+    [[`90403dd1d0`](https://github.com/nodejs/node/commit/90403dd1d0)] -
     [#11567](https://github.com/nodejs/node/pull/11567).
   * Outgoing Cookie headers are concatenated into a single string
-    [[`d3480776c7`](https://github.com/nodejs/node/commit/d3480776c7)]
+    [[`d3480776c7`](https://github.com/nodejs/node/commit/d3480776c7)] -
     [#11259](https://github.com/nodejs/node/pull/11259).
   * The `httpResponse.writeHeader()` method has been deprecated
-    [[`fb71ba4921`](https://github.com/nodejs/node/commit/fb71ba4921)]
+    [[`fb71ba4921`](https://github.com/nodejs/node/commit/fb71ba4921)] -
     [#11355](https://github.com/nodejs/node/pull/11355).
   * New methods for accessing HTTP headers have been added to `OutgoingMessage`
-    [[`3e6f1032a4`](https://github.com/nodejs/node/commit/3e6f1032a4)]
+    [[`3e6f1032a4`](https://github.com/nodejs/node/commit/3e6f1032a4)] -
     [#10805](https://github.com/nodejs/node/pull/10805).
 
 * **Lib**
   * All deprecation messages have been assigned static identifiers
-    [[`5de3cf099c`](https://github.com/nodejs/node/commit/5de3cf099c)]
+    [[`5de3cf099c`](https://github.com/nodejs/node/commit/5de3cf099c)] -
     [#10116](https://github.com/nodejs/node/pull/10116).
   * The legacy `linkedlist` module has been removed
-    [[`84a23391f6`](https://github.com/nodejs/node/commit/84a23391f6)]
+    [[`84a23391f6`](https://github.com/nodejs/node/commit/84a23391f6)] -
     [#12113](https://github.com/nodejs/node/pull/12113).
 
 * **N-API**
   * Experimental support for the new N-API API has been added
-    [[`56e881d0b0`](https://github.com/nodejs/node/commit/56e881d0b0)]
+    [[`56e881d0b0`](https://github.com/nodejs/node/commit/56e881d0b0)] -
     [#11975](https://github.com/nodejs/node/pull/11975).
 
 * **Process**
   * Process warning output can be redirected to a file using the
     `--redirect-warnings` command-line argument
-    [[`03e89b3ff2`](https://github.com/nodejs/node/commit/03e89b3ff2)]
+    [[`03e89b3ff2`](https://github.com/nodejs/node/commit/03e89b3ff2)] -
     [#10116](https://github.com/nodejs/node/pull/10116).
   * Process warnings may now include additional detail
-    [[`dd20e68b0f`](https://github.com/nodejs/node/commit/dd20e68b0f)]
+    [[`dd20e68b0f`](https://github.com/nodejs/node/commit/dd20e68b0f)] -
     [#12725](https://github.com/nodejs/node/pull/12725).
 
 * **REPL**
   * REPL magic mode has been deprecated
-    [[`3f27f02da0`](https://github.com/nodejs/node/commit/3f27f02da0)]
+    [[`3f27f02da0`](https://github.com/nodejs/node/commit/3f27f02da0)] -
     [#11599](https://github.com/nodejs/node/pull/11599).
 
 * **Src**
   * `NODE_MODULE_VERSION` has been updated to 57
-    [[`ec7cbaf266`](https://github.com/nodejs/node/commit/ec7cbaf266)]
+    [[`ec7cbaf266`](https://github.com/nodejs/node/commit/ec7cbaf266)] -
     [#12995](https://github.com/nodejs/node/pull/12995).
   * Add `--pending-deprecation` command-line argument and
     `NODE_PENDING_DEPRECATION` environment variable
-    [[`a16b570f8c`](https://github.com/nodejs/node/commit/a16b570f8c)]
+    [[`a16b570f8c`](https://github.com/nodejs/node/commit/a16b570f8c)] -
     [#11968](https://github.com/nodejs/node/pull/11968).
   * The `--debug` command-line argument has been deprecated. Note that
     using `--debug` will enable the *new* Inspector-based debug protocol
     as the legacy Debugger protocol previously used by Node.js has been
-    removed. [[`010f864426`](https://github.com/nodejs/node/commit/010f864426)]
+    removed. [[`010f864426`](https://github.com/nodejs/node/commit/010f864426)] -
     [#12949](https://github.com/nodejs/node/pull/12949).
   * Throw when the `-c` and `-e` command-line arguments are used at the same
-    time [[`a5f91ab230`](https://github.com/nodejs/node/commit/a5f91ab230)]
+    time [[`a5f91ab230`](https://github.com/nodejs/node/commit/a5f91ab230)] -
     [#11689](https://github.com/nodejs/node/pull/11689).
   * Throw when the `--use-bundled-ca` and `--use-openssl-ca` command-line
     arguments are used at the same time.
-    [[`8a7db9d4b5`](https://github.com/nodejs/node/commit/8a7db9d4b5)]
+    [[`8a7db9d4b5`](https://github.com/nodejs/node/commit/8a7db9d4b5)] -
     [#12087](https://github.com/nodejs/node/pull/12087).
 
 * **Stream**
   * `Stream` now supports `destroy()` and `_destroy()` APIs
-    [[`b6e1d22fa6`](https://github.com/nodejs/node/commit/b6e1d22fa6)]
+    [[`b6e1d22fa6`](https://github.com/nodejs/node/commit/b6e1d22fa6)] -
     [#12925](https://github.com/nodejs/node/pull/12925).
   * `Stream` now supports the `_final()` API
-    [[`07c7f198db`](https://github.com/nodejs/node/commit/07c7f198db)]
+    [[`07c7f198db`](https://github.com/nodejs/node/commit/07c7f198db)] -
     [#12828](https://github.com/nodejs/node/pull/12828).
 
 * **TLS**
   * The `rejectUnauthorized` option now defaults to `true`
-    [[`348cc80a3c`](https://github.com/nodejs/node/commit/348cc80a3c)]
+    [[`348cc80a3c`](https://github.com/nodejs/node/commit/348cc80a3c)] -
     [#5923](https://github.com/nodejs/node/pull/5923).
   * The `tls.createSecurePair()` API now emits a runtime deprecation
-    [[`a2ae08999b`](https://github.com/nodejs/node/commit/a2ae08999b)]
+    [[`a2ae08999b`](https://github.com/nodejs/node/commit/a2ae08999b)] -
     [#11349](https://github.com/nodejs/node/pull/11349).
   * A runtime deprecation will now be emitted when `dhparam` is less than
-    2048 bits [[`d523eb9c40`](https://github.com/nodejs/node/commit/d523eb9c40)]
+    2048 bits [[`d523eb9c40`](https://github.com/nodejs/node/commit/d523eb9c40)] -
     [#11447](https://github.com/nodejs/node/pull/11447).
 
 * **URL**
   * The WHATWG URL implementation is now a fully-supported Node.js API
-    [[`d080ead0f9`](https://github.com/nodejs/node/commit/d080ead0f9)]
+    [[`d080ead0f9`](https://github.com/nodejs/node/commit/d080ead0f9)] -
     [#12710](https://github.com/nodejs/node/pull/12710).
 
 * **Util**
   * `Symbol` keys are now displayed by default when using `util.inspect()`
-    [[`5bfd13b81e`](https://github.com/nodejs/node/commit/5bfd13b81e)]
+    [[`5bfd13b81e`](https://github.com/nodejs/node/commit/5bfd13b81e)] -
     [#9726](https://github.com/nodejs/node/pull/9726).
   * `toJSON` errors will be thrown when formatting `%j`
-    [[`455e6f1dd8`](https://github.com/nodejs/node/commit/455e6f1dd8)]
+    [[`455e6f1dd8`](https://github.com/nodejs/node/commit/455e6f1dd8)] -
     [#11708](https://github.com/nodejs/node/pull/11708).
   * Convert `inspect.styles` and `inspect.colors` to prototype-less objects
-    [[`aab0d202f8`](https://github.com/nodejs/node/commit/aab0d202f8)]
+    [[`aab0d202f8`](https://github.com/nodejs/node/commit/aab0d202f8)] -
     [#11624](https://github.com/nodejs/node/pull/11624).
   * The new `util.promisify()` API has been added
-    [[`99da8e8e02`](https://github.com/nodejs/node/commit/99da8e8e02)]
+    [[`99da8e8e02`](https://github.com/nodejs/node/commit/99da8e8e02)] -
     [#12442](https://github.com/nodejs/node/pull/12442).
 
 * **Zlib**
   * Support `Uint8Array` in Zlib convenience methods
-    [[`91383e47fd`](https://github.com/nodejs/node/commit/91383e47fd)]
+    [[`91383e47fd`](https://github.com/nodejs/node/commit/91383e47fd)] -
     [#12001](https://github.com/nodejs/node/pull/12001).
   * Zlib errors now use `RangeError` and `TypeError` consistently
-    [[`b514bd231e`](https://github.com/nodejs/node/commit/b514bd231e)]
+    [[`b514bd231e`](https://github.com/nodejs/node/commit/b514bd231e)] -
     [#11391](https://github.com/nodejs/node/pull/11391).
 
 ### Commits
diff --git a/doc/changelogs/CHANGELOG_V9.md b/doc/changelogs/CHANGELOG_V9.md
index cf6a3c40ecf67f..6e82d6a3cc6cdd 100644
--- a/doc/changelogs/CHANGELOG_V9.md
+++ b/doc/changelogs/CHANGELOG_V9.md
@@ -2081,59 +2081,59 @@ Fixes for the following CVEs are included in this release:
 ### Notable Changes
 
 * **Async hooks**
-  * Older experimental APIs have been removed. [[`d731369b1d`](https://github.com/nodejs/node/commit/d731369b1d)] [#14414](https://github.com/nodejs/node/pull/14414)
+  * Older experimental APIs have been removed. [[`d731369b1d`](https://github.com/nodejs/node/commit/d731369b1d)] - [#14414](https://github.com/nodejs/node/pull/14414)
 
 * **Errors**
-  * Improvements have been made to `buffer` module error messages. [[`9e0f771224`](https://github.com/nodejs/node/commit/9e0f771224)] [#14975](https://github.com/nodejs/node/pull/14975)
+  * Improvements have been made to `buffer` module error messages. [[`9e0f771224`](https://github.com/nodejs/node/commit/9e0f771224)] - [#14975](https://github.com/nodejs/node/pull/14975)
   * The assignment of static error codes to Node.js error continues:
-    * `buffer`: [[`e79a61cf80`](https://github.com/nodejs/node/commit/e79a61cf80)] [#16352](https://github.com/nodejs/node/pull/16352), [[`dbfe8c4ea2`](https://github.com/nodejs/node/commit/dbfe8c4ea2)] [#13976](https://github.com/nodejs/node/pull/13976)
-    * `child_process`: [[`fe730d34ce`](https://github.com/nodejs/node/commit/fe730d34ce)] [#14009](https://github.com/nodejs/node/pull/14009)
-    * `console`: [[`0ecdf29340`](https://github.com/nodejs/node/commit/0ecdf29340)] [#11340](https://github.com/nodejs/node/pull/11340)
-    * `crypto`: [[`ee76f3153b`](https://github.com/nodejs/node/commit/ee76f3153b)] [#16428](https://github.com/nodejs/node/pull/16428), [[`df8c6c3651`](https://github.com/nodejs/node/commit/df8c6c3651)] [#16453](https://github.com/nodejs/node/pull/16453), [[`0a03e350fb`](https://github.com/nodejs/node/commit/0a03e350fb)] [#16454](https://github.com/nodejs/node/pull/16454), [[`eeada6ca63`](https://github.com/nodejs/node/commit/eeada6ca63)] [#16448](https://github.com/nodejs/node/pull/16448), [[`a78327f48b`](https://github.com/nodejs/node/commit/a78327f48b)] [#16429](https://github.com/nodejs/node/pull/16429), [[`b8bc652869`](https://github.com/nodejs/node/commit/b8bc652869)] [#15757](https://github.com/nodejs/node/pull/15757), [[`7124b466d9`](https://github.com/nodejs/node/commit/7124b466d9)] [#15746](https://github.com/nodejs/node/pull/15746), [[`3ddc88b5c2`](https://github.com/nodejs/node/commit/3ddc88b5c2)] [#15756](https://github.com/nodejs/node/pull/15756)
-    * `dns`: [[`9cb390d899`](https://github.com/nodejs/node/commit/9cb390d899)] [#14212](https://github.com/nodejs/node/pull/14212)
-    * `events`: [[`e5ad5456a2`](https://github.com/nodejs/node/commit/e5ad5456a2)] [#15623](https://github.com/nodejs/node/pull/15623)
-    * `fs`: [[`219932a9f7`](https://github.com/nodejs/node/commit/219932a9f7)] [#15043](https://github.com/nodejs/node/pull/15043), [[`b61cab2234`](https://github.com/nodejs/node/commit/b61cab2234)] [#11317](https://github.com/nodejs/node/pull/11317)
-    * `http`: [[`11a2ca29ba`](https://github.com/nodejs/node/commit/11a2ca29ba)] [#14735](https://github.com/nodejs/node/pull/14735), [[`a9f798ebcc`](https://github.com/nodejs/node/commit/a9f798ebcc)] [#13301](https://github.com/nodejs/node/pull/13301), [[`bdfbce9241`](https://github.com/nodejs/node/commit/bdfbce9241)] [#14423](https://github.com/nodejs/node/pull/14423), [[`4843c2f415`](https://github.com/nodejs/node/commit/4843c2f415)] [#15603](https://github.com/nodejs/node/pull/15603)
-    * `inspector`: [[`4cf56ad6f2`](https://github.com/nodejs/node/commit/4cf56ad6f2)] [#15619](https://github.com/nodejs/node/pull/15619)
-    * `net`: [[`a03d8cee1f`](https://github.com/nodejs/node/commit/a03d8cee1f)] [#11356](https://github.com/nodejs/node/pull/11356), [[`7f55349079`](https://github.com/nodejs/node/commit/7f55349079)] [#14782](https://github.com/nodejs/node/pull/14782)
-    * `path`: [[`dcfbbacba8`](https://github.com/nodejs/node/commit/dcfbbacba8)] [#11319](https://github.com/nodejs/node/pull/11319)
-    * `process`: [[`a0f7284346`](https://github.com/nodejs/node/commit/a0f7284346)] [#13739](https://github.com/nodejs/node/pull/13739), [[`062071a9c3`](https://github.com/nodejs/node/commit/062071a9c3)] [#13285](https://github.com/nodejs/node/pull/13285), [[`3129b2c035`](https://github.com/nodejs/node/commit/3129b2c035)] [#13982](https://github.com/nodejs/node/pull/13982)
-    * `querystring`: [[`9788e96836`](https://github.com/nodejs/node/commit/9788e96836)] [#15565](https://github.com/nodejs/node/pull/15565)
-    * `readline`: [[`7f3f72c19b`](https://github.com/nodejs/node/commit/7f3f72c19b)] [#11390](https://github.com/nodejs/node/pull/11390)
-    * `repl`: [[`aff8d358fa`](https://github.com/nodejs/node/commit/aff8d358fa)] [#11347](https://github.com/nodejs/node/pull/11347), [[`28227963fa`](https://github.com/nodejs/node/commit/28227963fa)] [#13299](https://github.com/nodejs/node/pull/13299)
-    * `streams`: [[`d50a802feb`](https://github.com/nodejs/node/commit/d50a802feb)] [#13310](https://github.com/nodejs/node/pull/13310), [[`d2913384aa`](https://github.com/nodejs/node/commit/d2913384aa)] [#13291](https://github.com/nodejs/node/pull/13291), [[`6e86a6651c`](https://github.com/nodejs/node/commit/6e86a6651c)] [#16589](https://github.com/nodejs/node/pull/16589), [[`88fb359c57`](https://github.com/nodejs/node/commit/88fb359c57)] [#15042](https://github.com/nodejs/node/pull/15042), [[`db7d1339c3`](https://github.com/nodejs/node/commit/db7d1339c3)] [#15665](https://github.com/nodejs/node/pull/15665)
-    * `string_decoder`: [[`eb4940e2d2`](https://github.com/nodejs/node/commit/eb4940e2d2)] [#14682](https://github.com/nodejs/node/pull/14682)
-    * `timers`: [[`4d893e093a`](https://github.com/nodejs/node/commit/4d893e093a)] [#14659](https://github.com/nodejs/node/pull/14659)
-    * `tls`: [[`f67aa566a6`](https://github.com/nodejs/node/commit/f67aa566a6)] [#13476](https://github.com/nodejs/node/pull/13476), [[`3ccfeb483d`](https://github.com/nodejs/node/commit/3ccfeb483d)] [#13994](https://github.com/nodejs/node/pull/13994)
-    * `url`: [[`473f0eff29`](https://github.com/nodejs/node/commit/473f0eff29)] [#13963](https://github.com/nodejs/node/pull/13963)
-    * `util`: [[`de4a749788`](https://github.com/nodejs/node/commit/de4a749788)] [#11301](https://github.com/nodejs/node/pull/11301), [[`1609899142`](https://github.com/nodejs/node/commit/1609899142)] [#13293](https://github.com/nodejs/node/pull/13293)
-    * `v8`: [[`ef238fb485`](https://github.com/nodejs/node/commit/ef238fb485)] [#16535](https://github.com/nodejs/node/pull/16535)
-    * `zlib`: [[`896eaf6820`](https://github.com/nodejs/node/commit/896eaf6820)] [#16540](https://github.com/nodejs/node/pull/16540), [[`74891412f1`](https://github.com/nodejs/node/commit/74891412f1)] [#15618](https://github.com/nodejs/node/pull/15618)
+    * `buffer`: [[`e79a61cf80`](https://github.com/nodejs/node/commit/e79a61cf80)] - [#16352](https://github.com/nodejs/node/pull/16352), [[`dbfe8c4ea2`](https://github.com/nodejs/node/commit/dbfe8c4ea2)] - [#13976](https://github.com/nodejs/node/pull/13976)
+    * `child_process`: [[`fe730d34ce`](https://github.com/nodejs/node/commit/fe730d34ce)] - [#14009](https://github.com/nodejs/node/pull/14009)
+    * `console`: [[`0ecdf29340`](https://github.com/nodejs/node/commit/0ecdf29340)] - [#11340](https://github.com/nodejs/node/pull/11340)
+    * `crypto`: [[`ee76f3153b`](https://github.com/nodejs/node/commit/ee76f3153b)] - [#16428](https://github.com/nodejs/node/pull/16428), [[`df8c6c3651`](https://github.com/nodejs/node/commit/df8c6c3651)] - [#16453](https://github.com/nodejs/node/pull/16453), [[`0a03e350fb`](https://github.com/nodejs/node/commit/0a03e350fb)] - [#16454](https://github.com/nodejs/node/pull/16454), [[`eeada6ca63`](https://github.com/nodejs/node/commit/eeada6ca63)] - [#16448](https://github.com/nodejs/node/pull/16448), [[`a78327f48b`](https://github.com/nodejs/node/commit/a78327f48b)] - [#16429](https://github.com/nodejs/node/pull/16429), [[`b8bc652869`](https://github.com/nodejs/node/commit/b8bc652869)] - [#15757](https://github.com/nodejs/node/pull/15757), [[`7124b466d9`](https://github.com/nodejs/node/commit/7124b466d9)] - [#15746](https://github.com/nodejs/node/pull/15746), [[`3ddc88b5c2`](https://github.com/nodejs/node/commit/3ddc88b5c2)] - [#15756](https://github.com/nodejs/node/pull/15756)
+    * `dns`: [[`9cb390d899`](https://github.com/nodejs/node/commit/9cb390d899)] - [#14212](https://github.com/nodejs/node/pull/14212)
+    * `events`: [[`e5ad5456a2`](https://github.com/nodejs/node/commit/e5ad5456a2)] - [#15623](https://github.com/nodejs/node/pull/15623)
+    * `fs`: [[`219932a9f7`](https://github.com/nodejs/node/commit/219932a9f7)] - [#15043](https://github.com/nodejs/node/pull/15043), [[`b61cab2234`](https://github.com/nodejs/node/commit/b61cab2234)] - [#11317](https://github.com/nodejs/node/pull/11317)
+    * `http`: [[`11a2ca29ba`](https://github.com/nodejs/node/commit/11a2ca29ba)] - [#14735](https://github.com/nodejs/node/pull/14735), [[`a9f798ebcc`](https://github.com/nodejs/node/commit/a9f798ebcc)] - [#13301](https://github.com/nodejs/node/pull/13301), [[`bdfbce9241`](https://github.com/nodejs/node/commit/bdfbce9241)] - [#14423](https://github.com/nodejs/node/pull/14423), [[`4843c2f415`](https://github.com/nodejs/node/commit/4843c2f415)] - [#15603](https://github.com/nodejs/node/pull/15603)
+    * `inspector`: [[`4cf56ad6f2`](https://github.com/nodejs/node/commit/4cf56ad6f2)] - [#15619](https://github.com/nodejs/node/pull/15619)
+    * `net`: [[`a03d8cee1f`](https://github.com/nodejs/node/commit/a03d8cee1f)] - [#11356](https://github.com/nodejs/node/pull/11356), [[`7f55349079`](https://github.com/nodejs/node/commit/7f55349079)] - [#14782](https://github.com/nodejs/node/pull/14782)
+    * `path`: [[`dcfbbacba8`](https://github.com/nodejs/node/commit/dcfbbacba8)] - [#11319](https://github.com/nodejs/node/pull/11319)
+    * `process`: [[`a0f7284346`](https://github.com/nodejs/node/commit/a0f7284346)] - [#13739](https://github.com/nodejs/node/pull/13739), [[`062071a9c3`](https://github.com/nodejs/node/commit/062071a9c3)] - [#13285](https://github.com/nodejs/node/pull/13285), [[`3129b2c035`](https://github.com/nodejs/node/commit/3129b2c035)] - [#13982](https://github.com/nodejs/node/pull/13982)
+    * `querystring`: [[`9788e96836`](https://github.com/nodejs/node/commit/9788e96836)] - [#15565](https://github.com/nodejs/node/pull/15565)
+    * `readline`: [[`7f3f72c19b`](https://github.com/nodejs/node/commit/7f3f72c19b)] - [#11390](https://github.com/nodejs/node/pull/11390)
+    * `repl`: [[`aff8d358fa`](https://github.com/nodejs/node/commit/aff8d358fa)] - [#11347](https://github.com/nodejs/node/pull/11347), [[`28227963fa`](https://github.com/nodejs/node/commit/28227963fa)] - [#13299](https://github.com/nodejs/node/pull/13299)
+    * `streams`: [[`d50a802feb`](https://github.com/nodejs/node/commit/d50a802feb)] - [#13310](https://github.com/nodejs/node/pull/13310), [[`d2913384aa`](https://github.com/nodejs/node/commit/d2913384aa)] - [#13291](https://github.com/nodejs/node/pull/13291), [[`6e86a6651c`](https://github.com/nodejs/node/commit/6e86a6651c)] - [#16589](https://github.com/nodejs/node/pull/16589), [[`88fb359c57`](https://github.com/nodejs/node/commit/88fb359c57)] - [#15042](https://github.com/nodejs/node/pull/15042), [[`db7d1339c3`](https://github.com/nodejs/node/commit/db7d1339c3)] - [#15665](https://github.com/nodejs/node/pull/15665)
+    * `string_decoder`: [[`eb4940e2d2`](https://github.com/nodejs/node/commit/eb4940e2d2)] - [#14682](https://github.com/nodejs/node/pull/14682)
+    * `timers`: [[`4d893e093a`](https://github.com/nodejs/node/commit/4d893e093a)] - [#14659](https://github.com/nodejs/node/pull/14659)
+    * `tls`: [[`f67aa566a6`](https://github.com/nodejs/node/commit/f67aa566a6)] - [#13476](https://github.com/nodejs/node/pull/13476), [[`3ccfeb483d`](https://github.com/nodejs/node/commit/3ccfeb483d)] - [#13994](https://github.com/nodejs/node/pull/13994)
+    * `url`: [[`473f0eff29`](https://github.com/nodejs/node/commit/473f0eff29)] - [#13963](https://github.com/nodejs/node/pull/13963)
+    * `util`: [[`de4a749788`](https://github.com/nodejs/node/commit/de4a749788)] - [#11301](https://github.com/nodejs/node/pull/11301), [[`1609899142`](https://github.com/nodejs/node/commit/1609899142)] - [#13293](https://github.com/nodejs/node/pull/13293)
+    * `v8`: [[`ef238fb485`](https://github.com/nodejs/node/commit/ef238fb485)] - [#16535](https://github.com/nodejs/node/pull/16535)
+    * `zlib`: [[`896eaf6820`](https://github.com/nodejs/node/commit/896eaf6820)] - [#16540](https://github.com/nodejs/node/pull/16540), [[`74891412f1`](https://github.com/nodejs/node/commit/74891412f1)] - [#15618](https://github.com/nodejs/node/pull/15618)
 
 * **Child Processes**
-  * Errors are emitted on process nextTick. [[`f2b01cba7b`](https://github.com/nodejs/node/commit/f2b01cba7b)] [#4670](https://github.com/nodejs/node/pull/4670)
+  * Errors are emitted on process nextTick. [[`f2b01cba7b`](https://github.com/nodejs/node/commit/f2b01cba7b)] - [#4670](https://github.com/nodejs/node/pull/4670)
 
 * **Domains**
-  * The long-deprecated `.dispose()` method has been removed [[`602fd36d95`](https://github.com/nodejs/node/commit/602fd36d95)] [#15412](https://github.com/nodejs/node/pull/15412)
+  * The long-deprecated `.dispose()` method has been removed [[`602fd36d95`](https://github.com/nodejs/node/commit/602fd36d95)] - [#15412](https://github.com/nodejs/node/pull/15412)
 
 * **fs**
-  * The `fs.ReadStream` and `fs.WriteStream` classes now use `destroy()`. [[`e5c290bed9`](https://github.com/nodejs/node/commit/e5c290bed9)] [#15407](https://github.com/nodejs/node/pull/15407)
-  * `fs` module callbacks are now invoked with an undefined context. [[`2249234fee`](https://github.com/nodejs/node/commit/2249234fee)] [#14645](https://github.com/nodejs/node/pull/14645)
+  * The `fs.ReadStream` and `fs.WriteStream` classes now use `destroy()`. [[`e5c290bed9`](https://github.com/nodejs/node/commit/e5c290bed9)] - [#15407](https://github.com/nodejs/node/pull/15407)
+  * `fs` module callbacks are now invoked with an undefined context. [[`2249234fee`](https://github.com/nodejs/node/commit/2249234fee)] - [#14645](https://github.com/nodejs/node/pull/14645)
 
 * **HTTP/1**
-  * A 400 Bad Request response will now be sent when parsing fails. [[`f2f391e575`](https://github.com/nodejs/node/commit/f2f391e575)] [#15324](https://github.com/nodejs/node/pull/15324)
-  * Socket timeout will be set when the socket connects. [[`10be20a0e8`](https://github.com/nodejs/node/commit/10be20a0e8)] [#8895](https://github.com/nodejs/node/pull/8895)
-  * A bug causing the request `'error'` event to fire twice was fixed. [[`620ba41694`](https://github.com/nodejs/node/commit/620ba41694)] [#14659](https://github.com/nodejs/node/pull/14659)
-  * HTTP clients may now use generic `Duplex` streams in addition to `net.Socket`. [[`3e25e4d00f`](https://github.com/nodejs/node/commit/3e25e4d00f)] [#16267](https://github.com/nodejs/node/pull/16267)
+  * A 400 Bad Request response will now be sent when parsing fails. [[`f2f391e575`](https://github.com/nodejs/node/commit/f2f391e575)] - [#15324](https://github.com/nodejs/node/pull/15324)
+  * Socket timeout will be set when the socket connects. [[`10be20a0e8`](https://github.com/nodejs/node/commit/10be20a0e8)] - [#8895](https://github.com/nodejs/node/pull/8895)
+  * A bug causing the request `'error'` event to fire twice was fixed. [[`620ba41694`](https://github.com/nodejs/node/commit/620ba41694)] - [#14659](https://github.com/nodejs/node/pull/14659)
+  * HTTP clients may now use generic `Duplex` streams in addition to `net.Socket`. [[`3e25e4d00f`](https://github.com/nodejs/node/commit/3e25e4d00f)] - [#16267](https://github.com/nodejs/node/pull/16267)
 
 * **Intl**
-  * The deprecated `Intl.v8BreakIterator` has been removed. [[`668ad44922`](https://github.com/nodejs/node/commit/668ad44922)] [#15238](https://github.com/nodejs/node/pull/15238)
+  * The deprecated `Intl.v8BreakIterator` has been removed. [[`668ad44922`](https://github.com/nodejs/node/commit/668ad44922)] - [#15238](https://github.com/nodejs/node/pull/15238)
 
 * **OS**
-  * The `os.EOL` property is now read-only [[`f6caeb9526`](https://github.com/nodejs/node/commit/f6caeb9526)] [#14622](https://github.com/nodejs/node/pull/14622)
+  * The `os.EOL` property is now read-only [[`f6caeb9526`](https://github.com/nodejs/node/commit/f6caeb9526)] - [#14622](https://github.com/nodejs/node/pull/14622)
 
 * **Timers**
-  * `setTimeout()` will emit a warning if the timeout is larger that the maximum 32-bit unsigned integer. [[`ce3586da31`](https://github.com/nodejs/node/commit/ce3586da31)] [#15627](https://github.com/nodejs/node/pull/15627)
+  * `setTimeout()` will emit a warning if the timeout is larger that the maximum 32-bit unsigned integer. [[`ce3586da31`](https://github.com/nodejs/node/commit/ce3586da31)] - [#15627](https://github.com/nodejs/node/pull/15627)
 
 ### Commits
 

From 014eb67117fb360d97e8b0bc3fa2c57803c02184 Mon Sep 17 00:00:00 2001
From: Lucas Holmquist <lholmqui@redhat.com>
Date: Mon, 30 Sep 2019 13:56:26 -0400
Subject: [PATCH 21/65] doc: add documentation deprecation for
 process._tickCallback

This change also supports --pending-deprecation for the new deprecation.

PR-URL: https://github.com/nodejs/node/pull/29781
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
---
 doc/api/deprecations.md                 | 27 +++++++++++++++++++++++++
 lib/internal/bootstrap/pre_execution.js |  4 ++++
 2 files changed, 31 insertions(+)

diff --git a/doc/api/deprecations.md b/doc/api/deprecations.md
index 35bda82f591a47..e45130340c77ef 100644
--- a/doc/api/deprecations.md
+++ b/doc/api/deprecations.md
@@ -2494,6 +2494,33 @@ Type: Runtime
 Passing a callback to [`worker.terminate()`][] is deprecated. Use the returned
 `Promise` instead, or a listener to the worker’s `'exit'` event.
 
+<a id="DEP0133"></a>
+### DEP0133: http connection
+<!-- YAML
+changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/29015
+    description: Documentation-only deprecation.
+-->
+
+Type: Documentation-only
+
+Prefer [`response.socket`][] over [`response.connection`] and
+[`request.socket`][] over [`request.connection`].
+
+<a id="DEP0XXX"></a>
+### DEP0XXX: process._tickCallback
+<!-- YAML
+changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/29781
+    description: Documentation-only deprecation.
+-->
+Type: Documentation-only (supports [`--pending-deprecation`][])
+
+The `process._tickCallback` property was never documented as
+an officially supported API.
+
 [`--http-parser=legacy`]: cli.html#cli_http_parser_library
 [`--pending-deprecation`]: cli.html#cli_pending_deprecation
 [`--throw-deprecation`]: cli.html#cli_throw_deprecation
diff --git a/lib/internal/bootstrap/pre_execution.js b/lib/internal/bootstrap/pre_execution.js
index 79f1d97fbb306d..626791a5725773 100644
--- a/lib/internal/bootstrap/pre_execution.js
+++ b/lib/internal/bootstrap/pre_execution.js
@@ -271,6 +271,10 @@ function initializeDeprecations() {
     process.binding = deprecate(process.binding,
                                 'process.binding() is deprecated. ' +
                                 'Please use public APIs instead.', 'DEP0111');
+
+    process._tickCallback = deprecate(process._tickCallback,
+                                      'process._tickCallback() is deprecated',
+                                      'DEP0XXX');
   }
 
   // Create global.process and global.Buffer as getters so that we have a

From 6a989da6a0986c22e8c260a8f12d7c4a118be285 Mon Sep 17 00:00:00 2001
From: ZYSzys <zyszys98@gmail.com>
Date: Tue, 1 Oct 2019 23:06:44 +0800
Subject: [PATCH 22/65] http2: use the latest settings

Fixes: https://github.com/nodejs/node/issues/29764

PR-URL: https://github.com/nodejs/node/pull/29780
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Beth Griggs <Bethany.Griggs@uk.ibm.com>
Reviewed-By: Anto Aravinth <anto.aravinth.cse@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
---
 lib/internal/http2/core.js                   |  1 +
 test/parallel/test-http2-session-settings.js | 15 ++++++++++++++-
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/lib/internal/http2/core.js b/lib/internal/http2/core.js
index 6232df7f549a28..2a68376c09bcbd 100644
--- a/lib/internal/http2/core.js
+++ b/lib/internal/http2/core.js
@@ -518,6 +518,7 @@ function onSettings() {
     return;
   session[kUpdateTimer]();
   debugSessionObj(session, 'new settings received');
+  session[kRemoteSettings] = undefined;
   session.emit('remoteSettings', session.remoteSettings);
 }
 
diff --git a/test/parallel/test-http2-session-settings.js b/test/parallel/test-http2-session-settings.js
index 46ba1753e2da41..35581d5f7179b3 100644
--- a/test/parallel/test-http2-session-settings.js
+++ b/test/parallel/test-http2-session-settings.js
@@ -38,6 +38,12 @@ server.on(
   })
 );
 
+server.on('session', (session) => {
+  session.settings({
+    maxConcurrentStreams: 2
+  });
+});
+
 server.listen(
   0,
   common.mustCall(() => {
@@ -57,11 +63,18 @@ server.listen(
         assert.strictEqual(settings.maxFrameSize, 16384);
       }, 2)
     );
+
+    let calledOnce = false;
     client.on(
       'remoteSettings',
       common.mustCall((settings) => {
         assert(settings);
-      })
+        assert.strictEqual(
+          settings.maxConcurrentStreams,
+          calledOnce ? 2 : (2 ** 32) - 1
+        );
+        calledOnce = true;
+      }, 2)
     );
 
     const headers = { ':path': '/' };

From 6d88f0fef7a3953e2e528fb4ed0cb151c4ab3a69 Mon Sep 17 00:00:00 2001
From: Gus Caplan <me@gus.host>
Date: Mon, 9 Sep 2019 12:20:16 -0500
Subject: [PATCH 23/65] vm: refactor SourceTextModule
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Removes redundant `instantiate` method
- Refactors `link` to match the spec linking steps more accurately
- Removes URL validation from SourceTextModule specifiers
- DRYs some dynamic import logic

Closes: https://github.com/nodejs/node/issues/29030

Co-Authored-By: Michaël Zasso <targos@protonmail.com>

PR-URL: https://github.com/nodejs/node/pull/29776
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Minwoo Jung <minwoo@nodesource.com>
---
 doc/api/errors.md                             |  10 +-
 doc/api/vm.md                                 | 103 ++-----
 lib/internal/errors.js                        |   2 -
 lib/internal/modules/esm/loader.js            |   4 +-
 lib/internal/vm/source_text_module.js         | 284 +++++++++++-------
 lib/vm.js                                     |  20 +-
 src/module_wrap.cc                            |  12 +-
 src/module_wrap.h                             |   2 +-
 test/parallel/test-internal-module-wrap.js    |   2 +-
 test/parallel/test-util-inspect-namespace.js  |   1 -
 test/parallel/test-util-types.js              |   1 -
 test/parallel/test-vm-module-basic.js         |  29 +-
 .../parallel/test-vm-module-dynamic-import.js |   4 -
 .../test-vm-module-dynamic-namespace.js       |  17 +-
 test/parallel/test-vm-module-errors.js        |  75 +----
 test/parallel/test-vm-module-import-meta.js   |   1 -
 test/parallel/test-vm-module-link.js          |  35 +--
 test/parallel/test-vm-module-reevaluate.js    |   2 -
 18 files changed, 269 insertions(+), 335 deletions(-)

diff --git a/doc/api/errors.md b/doc/api/errors.md
index 5783724774b600..f479d06f1456fb 100644
--- a/doc/api/errors.md
+++ b/doc/api/errors.md
@@ -1976,11 +1976,6 @@ than the parent module. Linked modules must share the same context.
 
 The linker function returned a module for which linking has failed.
 
-<a id="ERR_VM_MODULE_NOT_LINKED"></a>
-### ERR_VM_MODULE_NOT_LINKED
-
-The module must be successfully linked before instantiation.
-
 <a id="ERR_VM_MODULE_NOT_MODULE"></a>
 ### ERR_VM_MODULE_NOT_MODULE
 
@@ -2267,6 +2262,11 @@ removed: v10.0.0
 
 Used when a given value is out of the accepted range.
 
+<a id="ERR_VM_MODULE_NOT_LINKED"></a>
+### ERR_VM_MODULE_NOT_LINKED
+
+The module must be successfully linked before instantiation.
+
 <a id="ERR_ZLIB_BINDING_CLOSED"></a>
 ### ERR_ZLIB_BINDING_CLOSED
 <!-- YAML
diff --git a/doc/api/vm.md b/doc/api/vm.md
index 18ebd10a63c685..601b8c3052082b 100644
--- a/doc/api/vm.md
+++ b/doc/api/vm.md
@@ -322,9 +322,9 @@ intrinsically asynchronous, in contrast with the synchronous nature of
 `vm.Script` objects. With the help of async functions, however, manipulating
 `vm.SourceTextModule` objects is fairly straightforward.
 
-Using a `vm.SourceTextModule` object requires four distinct steps:
-creation/parsing, linking, instantiation, and evaluation. These four steps are
-illustrated in the following example.
+Using a `vm.SourceTextModule` object requires three distinct steps:
+creation/parsing, linking, and evaluation. These three steps are illustrated in
+the following example.
 
 This implementation lies at a lower level than the [ECMAScript Module
 loader][]. There is also currently no way to interact with the Loader, though
@@ -391,15 +391,6 @@ const contextifiedSandbox = vm.createContext({ secret: 42 });
 
   // Step 3
   //
-  // Instantiate the top-level Module.
-  //
-  // Only the top-level Module needs to be explicitly instantiated; its
-  // dependencies will be recursively instantiated by instantiate().
-
-  bar.instantiate();
-
-  // Step 4
-  //
   // Evaluate the Module. The evaluate() method returns a Promise with a single
   // property "result" that contains the result of the very last statement
   // executed in the Module. In the case of `bar`, it is `s;`, which refers to
@@ -417,8 +408,9 @@ const contextifiedSandbox = vm.createContext({ secret: 42 });
 
 * `code` {string} JavaScript Module code to parse
 * `options`
-  * `url` {string} URL used in module resolution and stack traces. **Default:**
-    `'vm:module(i)'` where `i` is a context-specific ascending index.
+  * `identifier` {string} String used in stack traces.
+    **Default:** `'vm:module(i)'` where `i` is a context-specific ascending
+    index.
   * `context` {Object} The [contextified][] object as returned by the
     `vm.createContext()` method, to compile and evaluate this `Module` in.
   * `lineOffset` {integer} Specifies the line number offset that is displayed
@@ -465,7 +457,6 @@ const contextifiedSandbox = vm.createContext({ secret: 42 });
     });
   // Since module has no dependencies, the linker function will never be called.
   await module.link(() => {});
-  module.instantiate();
   await module.evaluate();
 
   // Now, Object.prototype.secret will be equal to 42.
@@ -516,7 +507,7 @@ in the ECMAScript specification.
 
 Evaluate the module.
 
-This must be called after the module has been instantiated; otherwise it will
+This must be called after the module has been linked; otherwise it will
 throw an error. It could be called also when the module has already been
 evaluated, in which case it will do one of the following two things:
 
@@ -531,23 +522,6 @@ This method cannot be called while the module is being evaluated
 Corresponds to the [Evaluate() concrete method][] field of [Source Text Module
 Record][]s in the ECMAScript specification.
 
-### module.instantiate()
-
-Instantiate the module. This must be called after linking has completed
-(`linkingStatus` is `'linked'`); otherwise it will throw an error. It may also
-throw an exception if one of the dependencies does not provide an export the
-parent module requires.
-
-However, if this function succeeded, further calls to this function after the
-initial instantiation will be no-ops, to be consistent with the ECMAScript
-specification.
-
-Unlike other methods operating on `Module`, this function completes
-synchronously and returns nothing.
-
-Corresponds to the [Instantiate() concrete method][] field of [Source Text
-Module Record][]s in the ECMAScript specification.
-
 ### module.link(linker)
 
 * `linker` {Function}
@@ -563,7 +537,7 @@ Module Record][]s in the ECMAScript specification.
   * Returns: {vm.SourceTextModule|Promise}
 * Returns: {Promise}
 
-Link module dependencies. This method must be called before instantiation, and
+Link module dependencies. This method must be called before evaluation, and
 can only be called once per module.
 
 The function is expected to return a `Module` object or a `Promise` that
@@ -571,9 +545,9 @@ eventually resolves to a `Module` object. The returned `Module` must satisfy the
 following two invariants:
 
 * It must belong to the same context as the parent `Module`.
-* Its `linkingStatus` must not be `'errored'`.
+* Its `status` must not be `'errored'`.
 
-If the returned `Module`'s `linkingStatus` is `'unlinked'`, this method will be
+If the returned `Module`'s `status` is `'unlinked'`, this method will be
 recursively called on the returned `Module` with the same provided `linker`
 function.
 
@@ -587,37 +561,22 @@ specification, with a few key differences:
 
 * The linker function is allowed to be asynchronous while
   [HostResolveImportedModule][] is synchronous.
-* The linker function is executed during linking, a Node.js-specific stage
-  before instantiation, while [HostResolveImportedModule][] is called during
-  instantiation.
 
 The actual [HostResolveImportedModule][] implementation used during module
-instantiation is one that returns the modules linked during linking. Since at
+linking is one that returns the modules linked during linking. Since at
 that point all modules would have been fully linked already, the
 [HostResolveImportedModule][] implementation is fully synchronous per
 specification.
 
-### module.linkingStatus
-
-* {string}
-
-The current linking status of `module`. It will be one of the following values:
-
-* `'unlinked'`: `module.link()` has not yet been called.
-* `'linking'`: `module.link()` has been called, but not all Promises returned by
-  the linker function have been resolved yet.
-* `'linked'`: `module.link()` has been called, and all its dependencies have
-  been successfully linked.
-* `'errored'`: `module.link()` has been called, but at least one of its
-  dependencies failed to link, either because the callback returned a `Promise`
-  that is rejected, or because the `Module` the callback returned is invalid.
+Corresponds to the [Link() concrete method][] field of [Source Text Module
+Record][]s in the ECMAScript specification.
 
 ### module.namespace
 
 * {Object}
 
-The namespace object of the module. This is only available after instantiation
-(`module.instantiate()`) has completed.
+The namespace object of the module. This is only available after linking
+(`module.link()`) has completed.
 
 Corresponds to the [GetModuleNamespace][] abstract operation in the ECMAScript
 specification.
@@ -628,21 +587,13 @@ specification.
 
 The current status of the module. Will be one of:
 
-* `'uninstantiated'`: The module is not instantiated. It may because of any of
-  the following reasons:
-
-  * The module was just created.
-  * `module.instantiate()` has been called on this module, but it failed for
-    some reason.
-
-  This status does not convey any information regarding if `module.link()` has
-  been called. See `module.linkingStatus` for that.
+* `'unlinked'`: `module.link()` has not yet been called.
 
-* `'instantiating'`: The module is currently being instantiated through a
-  `module.instantiate()` call on itself or a parent module.
+* `'linking'`: `module.link()` has been called, but not all Promises returned
+  by the linker function have been resolved yet.
 
-* `'instantiated'`: The module has been instantiated successfully, but
-  `module.evaluate()` has not yet been called.
+* `'linked'`: The module has been linked successfully, and all of its
+  dependencies are linked, but `module.evaluate()` has not yet been called.
 
 * `'evaluating'`: The module is being evaluated through a `module.evaluate()` on
   itself or a parent module.
@@ -656,11 +607,11 @@ Other than `'errored'`, this status string corresponds to the specification's
 `'evaluated'` in the specification, but with `[[EvaluationError]]` set to a
 value that is not `undefined`.
 
-### module.url
+### module.identifier
 
 * {string}
 
-The URL of the current module, as set in the constructor.
+The identifier of the current module, as set in the constructor.
 
 ## vm.compileFunction(code[, params[, options]])
 <!-- YAML
@@ -1127,11 +1078,11 @@ queues.
 [`vm.runInContext()`]: #vm_vm_runincontext_code_contextifiedsandbox_options
 [`vm.runInThisContext()`]: #vm_vm_runinthiscontext_code_options
 [ECMAScript Module Loader]: esm.html#esm_ecmascript_modules
-[Evaluate() concrete method]: https://tc39.github.io/ecma262/#sec-moduleevaluation
-[GetModuleNamespace]: https://tc39.github.io/ecma262/#sec-getmodulenamespace
-[HostResolveImportedModule]: https://tc39.github.io/ecma262/#sec-hostresolveimportedmodule
-[Instantiate() concrete method]: https://tc39.github.io/ecma262/#sec-moduledeclarationinstantiation
-[Source Text Module Record]: https://tc39.github.io/ecma262/#sec-source-text-module-records
+[Evaluate() concrete method]: https://tc39.es/ecma262/#sec-moduleevaluation
+[GetModuleNamespace]: https://tc39.es/ecma262/#sec-getmodulenamespace
+[HostResolveImportedModule]: https://tc39.es/ecma262/#sec-hostresolveimportedmodule
+[Link() concrete method]: https://tc39.es/ecma262/#sec-moduledeclarationlinking
+[Source Text Module Record]: https://tc39.es/ecma262/#sec-source-text-module-records
 [V8 Embedder's Guide]: https://v8.dev/docs/embed#contexts
 [contextified]: #vm_what_does_it_mean_to_contextify_an_object
 [global object]: https://es5.github.io/#x15.1
diff --git a/lib/internal/errors.js b/lib/internal/errors.js
index 8412c710c9c06c..8090b4d66cb3d7 100644
--- a/lib/internal/errors.js
+++ b/lib/internal/errors.js
@@ -1203,8 +1203,6 @@ E('ERR_VM_MODULE_DIFFERENT_CONTEXT',
   'Linked modules must use the same context', Error);
 E('ERR_VM_MODULE_LINKING_ERRORED',
   'Linking has already failed for the provided module', Error);
-E('ERR_VM_MODULE_NOT_LINKED',
-  'Module must be linked before it can be instantiated', Error);
 E('ERR_VM_MODULE_NOT_MODULE',
   'Provided module is not an instance of Module', Error);
 E('ERR_VM_MODULE_STATUS', 'Module status %s', Error);
diff --git a/lib/internal/modules/esm/loader.js b/lib/internal/modules/esm/loader.js
index 09109d3c71287f..9800e8a550c2e0 100644
--- a/lib/internal/modules/esm/loader.js
+++ b/lib/internal/modules/esm/loader.js
@@ -127,7 +127,7 @@ class Loader {
     this.moduleMap.set(url, job);
     const { module, result } = await job.run();
     return {
-      namespace: module.namespace(),
+      namespace: module.getNamespace(),
       result
     };
   }
@@ -135,7 +135,7 @@ class Loader {
   async import(specifier, parent) {
     const job = await this.getModuleJob(specifier, parent);
     const { module } = await job.run();
-    return module.namespace();
+    return module.getNamespace();
   }
 
   hook({ resolve, dynamicInstantiate }) {
diff --git a/lib/internal/vm/source_text_module.js b/lib/internal/vm/source_text_module.js
index 881c298ce52678..61af2e7a29c7e7 100644
--- a/lib/internal/vm/source_text_module.js
+++ b/lib/internal/vm/source_text_module.js
@@ -3,14 +3,12 @@
 const { Object, SafePromise } = primordials;
 
 const { isModuleNamespaceObject } = require('internal/util/types');
-const { URL } = require('internal/url');
 const { isContext } = internalBinding('contextify');
 const {
   ERR_INVALID_ARG_TYPE,
   ERR_VM_MODULE_ALREADY_LINKED,
   ERR_VM_MODULE_DIFFERENT_CONTEXT,
   ERR_VM_MODULE_LINKING_ERRORED,
-  ERR_VM_MODULE_NOT_LINKED,
   ERR_VM_MODULE_NOT_MODULE,
   ERR_VM_MODULE_STATUS,
 } = require('internal/errors').codes;
@@ -22,7 +20,7 @@ const {
 const {
   validateInt32,
   validateUint32,
-  validateString
+  validateString,
 } = require('internal/validators');
 
 const binding = internalBinding('module_wrap');
@@ -37,29 +35,33 @@ const {
 } = binding;
 
 const STATUS_MAP = {
-  [kUninstantiated]: 'uninstantiated',
-  [kInstantiating]: 'instantiating',
-  [kInstantiated]: 'instantiated',
+  [kUninstantiated]: 'unlinked',
+  [kInstantiating]: 'linking',
+  [kInstantiated]: 'linked',
   [kEvaluating]: 'evaluating',
   [kEvaluated]: 'evaluated',
   [kErrored]: 'errored',
 };
 
 let globalModuleId = 0;
+const defaultModuleName = 'vm:module';
 const perContextModuleId = new WeakMap();
-const wrapMap = new WeakMap();
-const dependencyCacheMap = new WeakMap();
-const linkingStatusMap = new WeakMap();
-// ModuleWrap -> vm.SourceTextModule
 const wrapToModuleMap = new WeakMap();
-const defaultModuleName = 'vm:module';
 
-// TODO(devsnek): figure out AbstractModule class or protocol
+const kNoError = Symbol('kNoError');
+
 class SourceTextModule {
-  constructor(src, options = {}) {
+  #wrap;
+  #identifier;
+  #context;
+  #dependencySpecifiers;
+  #statusOverride;
+  #error = kNoError;
+
+  constructor(source, options = {}) {
     emitExperimentalWarning('vm.SourceTextModule');
 
-    validateString(src, 'src');
+    validateString(source, 'source');
     if (typeof options !== 'object' || options === null)
       throw new ERR_INVALID_ARG_TYPE('options', 'Object', options);
 
@@ -81,21 +83,6 @@ class SourceTextModule {
       }
     }
 
-    let { url } = options;
-    if (url !== undefined) {
-      validateString(url, 'options.url');
-      url = new URL(url).href;
-    } else if (context === undefined) {
-      url = `${defaultModuleName}(${globalModuleId++})`;
-    } else if (perContextModuleId.has(context)) {
-      const curId = perContextModuleId.get(context);
-      url = `${defaultModuleName}(${curId})`;
-      perContextModuleId.set(context, curId + 1);
-    } else {
-      url = `${defaultModuleName}(0)`;
-      perContextModuleId.set(context, 1);
-    }
-
     validateInt32(lineOffset, 'options.lineOffset');
     validateInt32(columnOffset, 'options.columnOffset');
 
@@ -111,114 +98,167 @@ class SourceTextModule {
         'options.importModuleDynamically', 'function', importModuleDynamically);
     }
 
-    const wrap = new ModuleWrap(src, url, context, lineOffset, columnOffset);
-    wrapMap.set(this, wrap);
-    linkingStatusMap.set(this, 'unlinked');
-    wrapToModuleMap.set(wrap, this);
+    let { identifier } = options;
+    if (identifier !== undefined) {
+      validateString(identifier, 'options.identifier');
+    } else if (context === undefined) {
+      identifier = `${defaultModuleName}(${globalModuleId++})`;
+    } else if (perContextModuleId.has(context)) {
+      const curId = perContextModuleId.get(context);
+      identifier = `${defaultModuleName}(${curId})`;
+      perContextModuleId.set(context, curId + 1);
+    } else {
+      identifier = `${defaultModuleName}(0)`;
+      perContextModuleId.set(context, 1);
+    }
 
-    binding.callbackMap.set(wrap, {
+    this.#wrap = new ModuleWrap(
+      source, identifier, context,
+      lineOffset, columnOffset,
+    );
+    wrapToModuleMap.set(this.#wrap, this);
+    this.#identifier = identifier;
+    this.#context = context;
+
+    binding.callbackMap.set(this.#wrap, {
       initializeImportMeta,
-      importModuleDynamically: importModuleDynamically ? async (...args) => {
-        const m = await importModuleDynamically(...args);
-        if (isModuleNamespaceObject(m)) {
-          return m;
-        }
-        if (!m || !wrapMap.has(m))
-          throw new ERR_VM_MODULE_NOT_MODULE();
-        const childLinkingStatus = linkingStatusMap.get(m);
-        if (childLinkingStatus === 'errored')
-          throw m.error;
-        return m.namespace;
-      } : undefined,
+      importModuleDynamically: importModuleDynamically ?
+        importModuleDynamicallyWrap(importModuleDynamically) :
+        undefined,
     });
+  }
 
-    Object.defineProperties(this, {
-      url: { value: url, enumerable: true },
-      context: { value: context, enumerable: true },
-    });
+  get status() {
+    try {
+      this.#error;
+    } catch {
+      throw new ERR_VM_MODULE_NOT_MODULE();
+    }
+    if (this.#error !== kNoError) {
+      return 'errored';
+    }
+    if (this.#statusOverride) {
+      return this.#statusOverride;
+    }
+    return STATUS_MAP[this.#wrap.getStatus()];
   }
 
-  get linkingStatus() {
-    return linkingStatusMap.get(this);
+  get identifier() {
+    try {
+      return this.#identifier;
+    } catch {
+      throw new ERR_VM_MODULE_NOT_MODULE();
+    }
   }
 
-  get status() {
-    return STATUS_MAP[wrapMap.get(this).getStatus()];
+  get context() {
+    try {
+      return this.#context;
+    } catch {
+      throw new ERR_VM_MODULE_NOT_MODULE();
+    }
   }
 
   get namespace() {
-    const wrap = wrapMap.get(this);
-    if (wrap.getStatus() < kInstantiated)
-      throw new ERR_VM_MODULE_STATUS(
-        'must not be uninstantiated or instantiating'
-      );
-    return wrap.namespace();
+    try {
+      this.#wrap;
+    } catch {
+      throw new ERR_VM_MODULE_NOT_MODULE();
+    }
+    if (this.#wrap.getStatus() < kInstantiated) {
+      throw new ERR_VM_MODULE_STATUS('must not be unlinked or linking');
+    }
+    return this.#wrap.getNamespace();
   }
 
   get dependencySpecifiers() {
-    let deps = dependencyCacheMap.get(this);
-    if (deps !== undefined)
-      return deps;
-
-    deps = wrapMap.get(this).getStaticDependencySpecifiers();
-    Object.freeze(deps);
-    dependencyCacheMap.set(this, deps);
-    return deps;
+    try {
+      this.#dependencySpecifiers;
+    } catch {
+      throw new ERR_VM_MODULE_NOT_MODULE();
+    }
+    if (this.#dependencySpecifiers === undefined) {
+      this.#dependencySpecifiers = this.#wrap.getStaticDependencySpecifiers();
+    }
+    return this.#dependencySpecifiers;
   }
 
   get error() {
-    const wrap = wrapMap.get(this);
-    if (wrap.getStatus() !== kErrored)
+    try {
+      this.#error;
+    } catch {
+      throw new ERR_VM_MODULE_NOT_MODULE();
+    }
+    if (this.#error !== kNoError) {
+      return this.#error;
+    }
+    if (this.#wrap.getStatus() !== kErrored) {
       throw new ERR_VM_MODULE_STATUS('must be errored');
-    return wrap.getError();
+    }
+    return this.#wrap.getError();
   }
 
   async link(linker) {
-    if (typeof linker !== 'function')
+    try {
+      this.#link;
+    } catch {
+      throw new ERR_VM_MODULE_NOT_MODULE();
+    }
+
+    if (typeof linker !== 'function') {
       throw new ERR_INVALID_ARG_TYPE('linker', 'function', linker);
-    if (linkingStatusMap.get(this) !== 'unlinked')
+    }
+    if (this.status !== 'unlinked') {
       throw new ERR_VM_MODULE_ALREADY_LINKED();
-    const wrap = wrapMap.get(this);
-    if (wrap.getStatus() !== kUninstantiated)
-      throw new ERR_VM_MODULE_STATUS('must be uninstantiated');
+    }
 
-    linkingStatusMap.set(this, 'linking');
+    await this.#link(linker);
 
-    const promises = wrap.link(async (specifier) => {
-      const m = await linker(specifier, this);
-      if (!m || !wrapMap.has(m))
+    this.#wrap.instantiate();
+  }
+
+  #link = async function(linker) {
+    this.#statusOverride = 'linking';
+
+    const promises = this.#wrap.link(async (identifier) => {
+      const module = await linker(identifier, this);
+      try {
+        module.#wrap;
+      } catch {
         throw new ERR_VM_MODULE_NOT_MODULE();
-      if (m.context !== this.context)
+      }
+      if (module.context !== this.context) {
         throw new ERR_VM_MODULE_DIFFERENT_CONTEXT();
-      const childLinkingStatus = linkingStatusMap.get(m);
-      if (childLinkingStatus === 'errored')
+      }
+      if (module.status === 'errored') {
         throw new ERR_VM_MODULE_LINKING_ERRORED();
-      if (childLinkingStatus === 'unlinked')
-        await m.link(linker);
-      return wrapMap.get(m);
+      }
+      if (module.status === 'unlinked') {
+        await module.#link(linker);
+      }
+      return module.#wrap;
     });
 
     try {
-      if (promises !== undefined)
+      if (promises !== undefined) {
         await SafePromise.all(promises);
-      linkingStatusMap.set(this, 'linked');
-    } catch (err) {
-      linkingStatusMap.set(this, 'errored');
-      throw err;
+      }
+    } catch (e) {
+      this.#error = e;
+      throw e;
+    } finally {
+      this.#statusOverride = undefined;
     }
-  }
+  };
 
-  instantiate() {
-    const wrap = wrapMap.get(this);
-    const status = wrap.getStatus();
-    if (status === kInstantiating || status === kEvaluating)
-      throw new ERR_VM_MODULE_STATUS('must not be instantiating or evaluating');
-    if (linkingStatusMap.get(this) !== 'linked')
-      throw new ERR_VM_MODULE_NOT_LINKED();
-    wrap.instantiate();
-  }
 
   async evaluate(options = {}) {
+    try {
+      this.#wrap;
+    } catch {
+      throw new ERR_VM_MODULE_NOT_MODULE();
+    }
+
     if (typeof options !== 'object' || options === null) {
       throw new ERR_INVALID_ARG_TYPE('options', 'Object', options);
     }
@@ -229,24 +269,41 @@ class SourceTextModule {
     } else {
       validateUint32(timeout, 'options.timeout', true);
     }
-
     const { breakOnSigint = false } = options;
     if (typeof breakOnSigint !== 'boolean') {
       throw new ERR_INVALID_ARG_TYPE('options.breakOnSigint', 'boolean',
                                      breakOnSigint);
     }
-
-    const wrap = wrapMap.get(this);
-    const status = wrap.getStatus();
+    const status = this.#wrap.getStatus();
     if (status !== kInstantiated &&
         status !== kEvaluated &&
         status !== kErrored) {
       throw new ERR_VM_MODULE_STATUS(
-        'must be one of instantiated, evaluated, and errored'
+        'must be one of linked, evaluated, or errored'
       );
     }
-    const result = wrap.evaluate(timeout, breakOnSigint);
-    return { result, __proto__: null };
+    const result = this.#wrap.evaluate(timeout, breakOnSigint);
+    return { __proto__: null, result };
+  }
+
+  static importModuleDynamicallyWrap(importModuleDynamically) {
+    // Named declaration for function name
+    const importModuleDynamicallyWrapper = async (...args) => {
+      const m = await importModuleDynamically(...args);
+      if (isModuleNamespaceObject(m)) {
+        return m;
+      }
+      try {
+        m.#wrap;
+      } catch {
+        throw new ERR_VM_MODULE_NOT_MODULE();
+      }
+      if (m.status === 'errored') {
+        throw m.error;
+      }
+      return m.namespace;
+    };
+    return importModuleDynamicallyWrapper;
   }
 
   [customInspectSymbol](depth, options) {
@@ -258,16 +315,19 @@ class SourceTextModule {
 
     const o = Object.create({ constructor: ctor });
     o.status = this.status;
-    o.linkingStatus = this.linkingStatus;
-    o.url = this.url;
+    o.identifier = this.identifier;
     o.context = this.context;
     return require('internal/util/inspect').inspect(o, options);
   }
 }
 
+// Declared as static to allow access to #wrap
+const importModuleDynamicallyWrap =
+  SourceTextModule.importModuleDynamicallyWrap;
+delete SourceTextModule.importModuleDynamicallyWrap;
+
 module.exports = {
   SourceTextModule,
   wrapToModuleMap,
-  wrapMap,
-  linkingStatusMap,
+  importModuleDynamicallyWrap,
 };
diff --git a/lib/vm.js b/lib/vm.js
index ec6614e66146a7..90f332c7750810 100644
--- a/lib/vm.js
+++ b/lib/vm.js
@@ -31,10 +31,8 @@ const {
 } = internalBinding('contextify');
 const {
   ERR_INVALID_ARG_TYPE,
-  ERR_VM_MODULE_NOT_MODULE,
 } = require('internal/errors').codes;
 const {
-  isModuleNamespaceObject,
   isArrayBufferView,
 } = require('internal/util/types');
 const {
@@ -100,21 +98,13 @@ class Script extends ContextifyScript {
                                        'function',
                                        importModuleDynamically);
       }
-      const { wrapMap, linkingStatusMap } =
+      const { importModuleDynamicallyWrap } =
         require('internal/vm/source_text_module');
       const { callbackMap } = internalBinding('module_wrap');
-      callbackMap.set(this, { importModuleDynamically: async (...args) => {
-        const m = await importModuleDynamically(...args);
-        if (isModuleNamespaceObject(m)) {
-          return m;
-        }
-        if (!m || !wrapMap.has(m))
-          throw new ERR_VM_MODULE_NOT_MODULE();
-        const childLinkingStatus = linkingStatusMap.get(m);
-        if (childLinkingStatus === 'errored')
-          throw m.error;
-        return m.namespace;
-      } });
+      callbackMap.set(this, {
+        importModuleDynamically:
+          importModuleDynamicallyWrap(importModuleDynamically),
+      });
     }
   }
 
diff --git a/src/module_wrap.cc b/src/module_wrap.cc
index aeb44675f6127d..4a572c00e15086 100644
--- a/src/module_wrap.cc
+++ b/src/module_wrap.cc
@@ -331,7 +331,7 @@ void ModuleWrap::Evaluate(const FunctionCallbackInfo<Value>& args) {
   args.GetReturnValue().Set(result.ToLocalChecked());
 }
 
-void ModuleWrap::Namespace(const FunctionCallbackInfo<Value>& args) {
+void ModuleWrap::GetNamespace(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
   Isolate* isolate = args.GetIsolate();
   ModuleWrap* obj;
@@ -1328,8 +1328,12 @@ void ModuleWrap::HostInitializeImportMetaObjectCallback(
   Local<Function> callback =
       env->host_initialize_import_meta_object_callback();
   Local<Value> args[] = { wrap, meta };
-  callback->Call(context, Undefined(env->isolate()), arraysize(args), args)
-      .ToLocalChecked();
+  TryCatchScope try_catch(env);
+  USE(callback->Call(
+        context, Undefined(env->isolate()), arraysize(args), args));
+  if (try_catch.HasCaught() && !try_catch.HasTerminated()) {
+    try_catch.ReThrow();
+  }
 }
 
 void ModuleWrap::SetInitializeImportMetaObjectCallback(
@@ -1360,7 +1364,7 @@ void ModuleWrap::Initialize(Local<Object> target,
   env->SetProtoMethod(tpl, "link", Link);
   env->SetProtoMethod(tpl, "instantiate", Instantiate);
   env->SetProtoMethod(tpl, "evaluate", Evaluate);
-  env->SetProtoMethodNoSideEffect(tpl, "namespace", Namespace);
+  env->SetProtoMethodNoSideEffect(tpl, "getNamespace", GetNamespace);
   env->SetProtoMethodNoSideEffect(tpl, "getStatus", GetStatus);
   env->SetProtoMethodNoSideEffect(tpl, "getError", GetError);
   env->SetProtoMethodNoSideEffect(tpl, "getStaticDependencySpecifiers",
diff --git a/src/module_wrap.h b/src/module_wrap.h
index 6c79781a9d3a78..9e2aa3b9489dd3 100644
--- a/src/module_wrap.h
+++ b/src/module_wrap.h
@@ -57,7 +57,7 @@ class ModuleWrap : public BaseObject {
   static void Link(const v8::FunctionCallbackInfo<v8::Value>& args);
   static void Instantiate(const v8::FunctionCallbackInfo<v8::Value>& args);
   static void Evaluate(const v8::FunctionCallbackInfo<v8::Value>& args);
-  static void Namespace(const v8::FunctionCallbackInfo<v8::Value>& args);
+  static void GetNamespace(const v8::FunctionCallbackInfo<v8::Value>& args);
   static void GetStatus(const v8::FunctionCallbackInfo<v8::Value>& args);
   static void GetError(const v8::FunctionCallbackInfo<v8::Value>& args);
   static void GetStaticDependencySpecifiers(
diff --git a/test/parallel/test-internal-module-wrap.js b/test/parallel/test-internal-module-wrap.js
index ee0b722d450103..116a300543315c 100644
--- a/test/parallel/test-internal-module-wrap.js
+++ b/test/parallel/test-internal-module-wrap.js
@@ -25,5 +25,5 @@ const bar = new ModuleWrap('export const five = 5', 'bar');
   foo.instantiate();
 
   assert.strictEqual(await foo.evaluate(-1, false), 6);
-  assert.strictEqual(foo.namespace().five, 5);
+  assert.strictEqual(foo.getNamespace().five, 5);
 })();
diff --git a/test/parallel/test-util-inspect-namespace.js b/test/parallel/test-util-inspect-namespace.js
index f2b6e57178b041..89b26fcdbcf1b2 100644
--- a/test/parallel/test-util-inspect-namespace.js
+++ b/test/parallel/test-util-inspect-namespace.js
@@ -11,7 +11,6 @@ const { inspect } = require('util');
 (async () => {
   const m = new SourceTextModule('export const a = 1; export var b = 2');
   await m.link(() => 0);
-  m.instantiate();
   assert.strictEqual(
     inspect(m.namespace),
     '[Module] { a: <uninitialized>, b: undefined }');
diff --git a/test/parallel/test-util-types.js b/test/parallel/test-util-types.js
index 69ebaaba12b00f..6a9bad01699333 100644
--- a/test/parallel/test-util-types.js
+++ b/test/parallel/test-util-types.js
@@ -281,7 +281,6 @@ for (const [ value, _method ] of [
 (async () => {
   const m = new vm.SourceTextModule('');
   await m.link(() => 0);
-  m.instantiate();
   await m.evaluate();
   assert.ok(types.isModuleNamespaceObject(m.namespace));
 })();
diff --git a/test/parallel/test-vm-module-basic.js b/test/parallel/test-vm-module-basic.js
index 76a8e8a3d2893c..cbe5e29d3cb0e6 100644
--- a/test/parallel/test-vm-module-basic.js
+++ b/test/parallel/test-vm-module-basic.js
@@ -17,10 +17,9 @@ const util = require('util');
     'baz = foo; typeofProcess = typeof process; typeof Object;',
     { context }
   );
-  assert.strictEqual(m.status, 'uninstantiated');
+  assert.strictEqual(m.status, 'unlinked');
   await m.link(common.mustNotCall());
-  m.instantiate();
-  assert.strictEqual(m.status, 'instantiated');
+  assert.strictEqual(m.status, 'linked');
   const result = await m.evaluate();
   assert.strictEqual(m.status, 'evaluated');
   assert.strictEqual(Object.getPrototypeOf(result), null);
@@ -37,7 +36,6 @@ const util = require('util');
     'global.vmResult = "foo"; Object.prototype.toString.call(process);'
   );
   await m.link(common.mustNotCall());
-  m.instantiate();
   const { result } = await m.evaluate();
   assert.strictEqual(global.vmResult, 'foo');
   assert.strictEqual(result, '[object process]');
@@ -47,22 +45,21 @@ const util = require('util');
 (async () => {
   const m = new SourceTextModule('while (true) {}');
   await m.link(common.mustNotCall());
-  m.instantiate();
   await m.evaluate({ timeout: 500 })
     .then(() => assert(false), () => {});
 })();
 
-// Check the generated url for each module
+// Check the generated identifier for each module
 (async () => {
   const context1 = createContext({ });
   const context2 = createContext({ });
 
   const m1 = new SourceTextModule('1', { context: context1 });
-  assert.strictEqual(m1.url, 'vm:module(0)');
+  assert.strictEqual(m1.identifier, 'vm:module(0)');
   const m2 = new SourceTextModule('2', { context: context1 });
-  assert.strictEqual(m2.url, 'vm:module(1)');
+  assert.strictEqual(m2.identifier, 'vm:module(1)');
   const m3 = new SourceTextModule('3', { context: context2 });
-  assert.strictEqual(m3.url, 'vm:module(0)');
+  assert.strictEqual(m3.identifier, 'vm:module(0)');
 })();
 
 // Check inspection of the instance
@@ -72,13 +69,19 @@ const util = require('util');
 
   assert.strictEqual(
     util.inspect(m),
-    "SourceTextModule {\n  status: 'uninstantiated',\n  linkingStatus:" +
-    " 'unlinked',\n  url: 'vm:module(0)',\n  context: { foo: 'bar' }\n}"
+    `SourceTextModule {
+  status: 'unlinked',
+  identifier: 'vm:module(0)',
+  context: { foo: 'bar' }
+}`
   );
   assert.strictEqual(
     m[util.inspect.custom].call(Object.create(null)),
-    'SourceTextModule {\n  status: undefined,\n  linkingStatus: undefined,' +
-    '\n  url: undefined,\n  context: undefined\n}'
+    `SourceTextModule {
+  status: undefined,
+  identifier: undefined,
+  context: undefined
+}`,
   );
   assert.strictEqual(util.inspect(m, { depth: -1 }), '[SourceTextModule]');
 }
diff --git a/test/parallel/test-vm-module-dynamic-import.js b/test/parallel/test-vm-module-dynamic-import.js
index 600f455e93306e..897d9f27d73376 100644
--- a/test/parallel/test-vm-module-dynamic-import.js
+++ b/test/parallel/test-vm-module-dynamic-import.js
@@ -10,7 +10,6 @@ const { Script, SourceTextModule, createContext } = require('vm');
 async function testNoCallback() {
   const m = new SourceTextModule('import("foo")', { context: createContext() });
   await m.link(common.mustNotCall());
-  m.instantiate();
   const { result } = await m.evaluate();
   let threw = false;
   try {
@@ -25,7 +24,6 @@ async function testNoCallback() {
 async function test() {
   const foo = new SourceTextModule('export const a = 1;');
   await foo.link(common.mustNotCall());
-  foo.instantiate();
   await foo.evaluate();
 
   {
@@ -50,7 +48,6 @@ async function test() {
       }),
     });
     await m.link(common.mustNotCall());
-    m.instantiate();
     const { result } = await m.evaluate();
     assert.strictEqual(foo.namespace, await result);
   }
@@ -63,7 +60,6 @@ async function testInvalid() {
     }),
   });
   await m.link(common.mustNotCall());
-  m.instantiate();
   const { result } = await m.evaluate();
   await result.catch(common.mustCall((e) => {
     assert.strictEqual(e.code, 'ERR_VM_MODULE_NOT_MODULE');
diff --git a/test/parallel/test-vm-module-dynamic-namespace.js b/test/parallel/test-vm-module-dynamic-namespace.js
index bcd91daebd0ff6..987b21f2ec1151 100644
--- a/test/parallel/test-vm-module-dynamic-namespace.js
+++ b/test/parallel/test-vm-module-dynamic-namespace.js
@@ -1,35 +1,30 @@
 'use strict';
 
-// Flags: --experimental-vm-modules --expose-internals
-//
+// Flags: --experimental-vm-modules
+
 const common = require('../common');
 
 const assert = require('assert');
 
 const { types } = require('util');
-const { SourceTextModule, wrapMap } = require('internal/vm/source_text_module');
-
-const { importModuleDynamicallyCallback } =
-  require('internal/process/esm_loader');
+const { SourceTextModule } = require('vm');
 
 async function getNamespace() {
   const m = new SourceTextModule('');
   await m.link(() => 0);
-  m.instantiate();
   await m.evaluate();
   return m.namespace;
 }
 
 (async () => {
   const namespace = await getNamespace();
-  const m = new SourceTextModule('export const A = "A";', {
+  const m = new SourceTextModule('export const A = "A"; import("");', {
     importModuleDynamically: common.mustCall((specifier, wrap) => {
       return namespace;
     })
   });
   await m.link(() => 0);
-  m.instantiate();
-  await m.evaluate();
-  const ns = await importModuleDynamicallyCallback(wrapMap.get(m));
+  const { result } = await m.evaluate();
+  const ns = await result;
   assert.ok(types.isModuleNamespaceObject(ns));
 })().then(common.mustCall());
diff --git a/test/parallel/test-vm-module-errors.js b/test/parallel/test-vm-module-errors.js
index a92863b1251c57..e76bbbb0e1afc0 100644
--- a/test/parallel/test-vm-module-errors.js
+++ b/test/parallel/test-vm-module-errors.js
@@ -23,7 +23,7 @@ async function checkArgType() {
   });
 
   for (const invalidOptions of [
-    0, 1, null, true, 'str', () => {}, { url: 0 }, Symbol.iterator,
+    0, 1, null, true, 'str', () => {}, { identifier: 0 }, Symbol.iterator,
     { context: null }, { context: 'hucairz' }, { context: {} }
   ]) {
     common.expectsError(() => {
@@ -52,7 +52,7 @@ async function checkModuleState() {
   await assert.rejects(async () => {
     const m = new SourceTextModule('');
     await m.link(common.mustNotCall());
-    assert.strictEqual(m.linkingStatus, 'linked');
+    assert.strictEqual(m.status, 'linked');
     await m.link(common.mustNotCall());
   }, {
     code: 'ERR_VM_MODULE_ALREADY_LINKED'
@@ -61,54 +61,18 @@ async function checkModuleState() {
   await assert.rejects(async () => {
     const m = new SourceTextModule('');
     m.link(common.mustNotCall());
-    assert.strictEqual(m.linkingStatus, 'linking');
+    assert.strictEqual(m.status, 'linking');
     await m.link(common.mustNotCall());
   }, {
     code: 'ERR_VM_MODULE_ALREADY_LINKED'
   });
 
-  common.expectsError(() => {
-    const m = new SourceTextModule('');
-    m.instantiate();
-  }, {
-    code: 'ERR_VM_MODULE_NOT_LINKED'
-  });
-
-  await assert.rejects(async () => {
-    const m = new SourceTextModule('import "foo";');
-    try {
-      await m.link(common.mustCall(() => ({})));
-    } catch {
-      assert.strictEqual(m.linkingStatus, 'errored');
-      m.instantiate();
-    }
-  }, {
-    code: 'ERR_VM_MODULE_NOT_LINKED'
-  });
-
-  {
-    const m = new SourceTextModule('import "foo";');
-    await m.link(common.mustCall(async (specifier, module) => {
-      assert.strictEqual(module, m);
-      assert.strictEqual(specifier, 'foo');
-      assert.strictEqual(m.linkingStatus, 'linking');
-      common.expectsError(() => {
-        m.instantiate();
-      }, {
-        code: 'ERR_VM_MODULE_NOT_LINKED'
-      });
-      return new SourceTextModule('');
-    }));
-    m.instantiate();
-    await m.evaluate();
-  }
-
   await assert.rejects(async () => {
     const m = new SourceTextModule('');
     await m.evaluate();
   }, {
     code: 'ERR_VM_MODULE_STATUS',
-    message: 'Module status must be one of instantiated, evaluated, and errored'
+    message: 'Module status must be one of linked, evaluated, or errored'
   });
 
   await assert.rejects(async () => {
@@ -120,14 +84,6 @@ async function checkModuleState() {
              'Received type boolean'
   });
 
-  await assert.rejects(async () => {
-    const m = await createEmptyLinkedModule();
-    await m.evaluate();
-  }, {
-    code: 'ERR_VM_MODULE_STATUS',
-    message: 'Module status must be one of instantiated, evaluated, and errored'
-  });
-
   common.expectsError(() => {
     const m = new SourceTextModule('');
     m.error;
@@ -138,7 +94,6 @@ async function checkModuleState() {
 
   await assert.rejects(async () => {
     const m = await createEmptyLinkedModule();
-    m.instantiate();
     await m.evaluate();
     m.error;
   }, {
@@ -151,15 +106,7 @@ async function checkModuleState() {
     m.namespace;
   }, {
     code: 'ERR_VM_MODULE_STATUS',
-    message: 'Module status must not be uninstantiated or instantiating'
-  });
-
-  await assert.rejects(async () => {
-    const m = await createEmptyLinkedModule();
-    m.namespace;
-  }, {
-    code: 'ERR_VM_MODULE_STATUS',
-    message: 'Module status must not be uninstantiated or instantiating'
+    message: 'Module status must not be unlinked or linking'
   });
 }
 
@@ -170,7 +117,7 @@ async function checkLinking() {
     try {
       await m.link(common.mustCall(() => ({})));
     } catch (err) {
-      assert.strictEqual(m.linkingStatus, 'errored');
+      assert.strictEqual(m.status, 'errored');
       throw err;
     }
   }, {
@@ -185,7 +132,7 @@ async function checkLinking() {
     try {
       await bar.link(common.mustCall(() => foo));
     } catch (err) {
-      assert.strictEqual(bar.linkingStatus, 'errored');
+      assert.strictEqual(bar.status, 'errored');
       throw err;
     }
   }, {
@@ -199,7 +146,7 @@ async function checkLinking() {
     } catch {
       // ignored
     } finally {
-      assert.strictEqual(erroredModule.linkingStatus, 'errored');
+      assert.strictEqual(erroredModule.status, 'errored');
     }
 
     const rootModule = new SourceTextModule('import "errored";');
@@ -224,19 +171,17 @@ common.expectsError(() => {
 async function checkExecution() {
   await (async () => {
     const m = new SourceTextModule('import { nonexistent } from "module";');
-    await m.link(common.mustCall(() => new SourceTextModule('')));
 
     // There is no code for this exception since it is thrown by the JavaScript
     // engine.
-    assert.throws(() => {
-      m.instantiate();
+    await assert.rejects(() => {
+      return m.link(common.mustCall(() => new SourceTextModule('')));
     }, SyntaxError);
   })();
 
   await (async () => {
     const m = new SourceTextModule('throw new Error();');
     await m.link(common.mustNotCall());
-    m.instantiate();
     const evaluatePromise = m.evaluate();
     await evaluatePromise.catch(() => {});
     assert.strictEqual(m.status, 'errored');
diff --git a/test/parallel/test-vm-module-import-meta.js b/test/parallel/test-vm-module-import-meta.js
index 4886464f34e1ae..1db4467b085752 100644
--- a/test/parallel/test-vm-module-import-meta.js
+++ b/test/parallel/test-vm-module-import-meta.js
@@ -14,7 +14,6 @@ async function testBasic() {
     })
   });
   await m.link(common.mustNotCall());
-  m.instantiate();
   const { result } = await m.evaluate();
   assert.strictEqual(typeof result, 'object');
   assert.strictEqual(Object.getPrototypeOf(result), null);
diff --git a/test/parallel/test-vm-module-link.js b/test/parallel/test-vm-module-link.js
index 20518c40540485..9678d1373785be 100644
--- a/test/parallel/test-vm-module-link.js
+++ b/test/parallel/test-vm-module-link.js
@@ -23,8 +23,6 @@ async function simple() {
     return foo;
   }));
 
-  bar.instantiate();
-
   assert.strictEqual((await bar.evaluate()).result, 5);
 }
 
@@ -49,7 +47,6 @@ async function depth() {
   const baz = await getProxy('bar', bar);
   const barz = await getProxy('baz', baz);
 
-  barz.instantiate();
   await barz.evaluate();
 
   assert.strictEqual(barz.namespace.default, 5);
@@ -67,20 +64,19 @@ async function circular() {
       return foo;
     }
   `);
-  await foo.link(common.mustCall(async (fooSpecifier, fooModule) => {
-    assert.strictEqual(fooModule, foo);
-    assert.strictEqual(fooSpecifier, 'bar');
-    await bar.link(common.mustCall((barSpecifier, barModule) => {
-      assert.strictEqual(barModule, bar);
-      assert.strictEqual(barSpecifier, 'foo');
-      assert.strictEqual(foo.linkingStatus, 'linking');
-      return foo;
-    }));
-    assert.strictEqual(bar.linkingStatus, 'linked');
-    return bar;
-  }));
+  await foo.link(common.mustCall(async (specifier, module) => {
+    if (specifier === 'bar') {
+      assert.strictEqual(module, foo);
+      return bar;
+    }
+    assert.strictEqual(specifier, 'foo');
+    assert.strictEqual(module, bar);
+    assert.strictEqual(foo.status, 'linking');
+    return foo;
+  }, 2));
+
+  assert.strictEqual(bar.status, 'linked');
 
-  foo.instantiate();
   await foo.evaluate();
   assert.strictEqual(foo.namespace.default, 42);
 }
@@ -109,19 +105,20 @@ async function circular2() {
     `
   };
   const moduleMap = new Map();
-  const rootModule = new SourceTextModule(sourceMap.root, { url: 'vm:root' });
+  const rootModule = new SourceTextModule(sourceMap.root, {
+    identifier: 'vm:root',
+  });
   async function link(specifier, referencingModule) {
     if (moduleMap.has(specifier)) {
       return moduleMap.get(specifier);
     }
     const mod = new SourceTextModule(sourceMap[specifier], {
-      url: new URL(specifier, 'file:///').href,
+      identifier: new URL(specifier, 'file:///').href,
     });
     moduleMap.set(specifier, mod);
     return mod;
   }
   await rootModule.link(link);
-  rootModule.instantiate();
   await rootModule.evaluate();
 }
 
diff --git a/test/parallel/test-vm-module-reevaluate.js b/test/parallel/test-vm-module-reevaluate.js
index c3914f362fa814..4767541dd24c37 100644
--- a/test/parallel/test-vm-module-reevaluate.js
+++ b/test/parallel/test-vm-module-reevaluate.js
@@ -14,7 +14,6 @@ const finished = common.mustCall();
   {
     const m = new SourceTextModule('1');
     await m.link(common.mustNotCall());
-    m.instantiate();
     assert.strictEqual((await m.evaluate()).result, 1);
     assert.strictEqual((await m.evaluate()).result, undefined);
     assert.strictEqual((await m.evaluate()).result, undefined);
@@ -23,7 +22,6 @@ const finished = common.mustCall();
   {
     const m = new SourceTextModule('throw new Error()');
     await m.link(common.mustNotCall());
-    m.instantiate();
 
     let threw = false;
     try {

From bede98128fe5f673d445d6c42403ddb60edd731c Mon Sep 17 00:00:00 2001
From: Michael Dawson <michael_dawson@ca.ibm.com>
Date: Mon, 30 Sep 2019 09:18:58 -0400
Subject: [PATCH 24/65] doc: remove reference to stale CITGM job
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Remove reference to job that is out of date, has not
been run for a long time and likely does not work
properly.

Refs: https://github.com/nodejs/citgm/issues/741

PR-URL: https://github.com/nodejs/node/pull/29774
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
---
 COLLABORATOR_GUIDE.md | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/COLLABORATOR_GUIDE.md b/COLLABORATOR_GUIDE.md
index 2796565670a1ff..43bd683e800287 100644
--- a/COLLABORATOR_GUIDE.md
+++ b/COLLABORATOR_GUIDE.md
@@ -194,8 +194,7 @@ for changes that only affect comments or documentation.
 * [`citgm-smoker`](https://ci.nodejs.org/job/citgm-smoker/)
 uses [`CitGM`](https://github.com/nodejs/citgm) to allow you to run
 `npm install && npm test` on a large selection of common modules. This is
-useful to check whether a change will cause breakage in the ecosystem. To test
-Node.js ABI changes you can run [`citgm-abi-smoker`](https://ci.nodejs.org/job/citgm-abi-smoker/).
+useful to check whether a change will cause breakage in the ecosystem.
 
 * [`node-stress-single-test`](https://ci.nodejs.org/job/node-stress-single-test/)
 can run a group of tests over and over on a specific platform. Use it to check

From 74a69abd12fb6c906d8618ffd6c31293e69d2327 Mon Sep 17 00:00:00 2001
From: Gus Caplan <me@gus.host>
Date: Mon, 16 Sep 2019 15:32:15 -0500
Subject: [PATCH 25/65] lib: stop using prepareStackTrace

PR-URL: https://github.com/nodejs/node/pull/29777
Reviewed-By: Ben Coe <bencoe@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
---
 lib/assert.js          | 21 +++++++-------
 lib/internal/errors.js | 19 +++++++++++--
 lib/internal/util.js   | 13 ++++-----
 lib/repl.js            | 64 ++++++++++++++++++++----------------------
 4 files changed, 65 insertions(+), 52 deletions(-)

diff --git a/lib/assert.js b/lib/assert.js
index a1b22d3e462e59..562c9628c9dacb 100644
--- a/lib/assert.js
+++ b/lib/assert.js
@@ -23,13 +23,16 @@
 const { Object } = primordials;
 
 const { Buffer } = require('buffer');
-const { codes: {
-  ERR_AMBIGUOUS_ARGUMENT,
-  ERR_INVALID_ARG_TYPE,
-  ERR_INVALID_ARG_VALUE,
-  ERR_INVALID_RETURN_VALUE,
-  ERR_MISSING_ARGS
-} } = require('internal/errors');
+const {
+  codes: {
+    ERR_AMBIGUOUS_ARGUMENT,
+    ERR_INVALID_ARG_TYPE,
+    ERR_INVALID_ARG_VALUE,
+    ERR_INVALID_RETURN_VALUE,
+    ERR_MISSING_ARGS,
+  },
+  overrideStackTrace,
+} = require('internal/errors');
 const AssertionError = require('internal/assert/assertion_error');
 const { openSync, closeSync, readSync } = require('fs');
 const { inspect } = require('internal/util/inspect');
@@ -261,10 +264,8 @@ function getErrMessage(message, fn) {
   Error.captureStackTrace(err, fn);
   Error.stackTraceLimit = tmpLimit;
 
-  const tmpPrepare = Error.prepareStackTrace;
-  Error.prepareStackTrace = (_, stack) => stack;
+  overrideStackTrace.set(err, (_, stack) => stack);
   const call = err.stack[0];
-  Error.prepareStackTrace = tmpPrepare;
 
   const filename = call.getFileName();
   const line = call.getLineNumber() - 1;
diff --git a/lib/internal/errors.js b/lib/internal/errors.js
index 8090b4d66cb3d7..6c7c94c484add3 100644
--- a/lib/internal/errors.js
+++ b/lib/internal/errors.js
@@ -21,9 +21,18 @@ const { kMaxLength } = internalBinding('buffer');
 
 const MainContextError = Error;
 const ErrorToString = Error.prototype.toString;
-// Polyfill of V8's Error.prepareStackTrace API.
-// https://crbug.com/v8/7848
+const overrideStackTrace = new WeakMap();
 const prepareStackTrace = (globalThis, error, trace) => {
+  // API for node internals to override error stack formatting
+  // without interfering with userland code.
+  if (overrideStackTrace.has(error)) {
+    const f = overrideStackTrace.get(error);
+    overrideStackTrace.delete(error);
+    return f(error, trace);
+  }
+
+  // Polyfill of V8's Error.prepareStackTrace API.
+  // https://crbug.com/v8/7848
   // `globalThis` is the global that contains the constructor which
   // created `error`.
   if (typeof globalThis.Error.prepareStackTrace === 'function') {
@@ -36,6 +45,11 @@ const prepareStackTrace = (globalThis, error, trace) => {
     return MainContextError.prepareStackTrace(error, trace);
   }
 
+  // Normal error formatting:
+  //
+  // Error: Message
+  //     at function (file)
+  //     at file
   const errorString = ErrorToString.call(error);
   if (trace.length === 0) {
     return errorString;
@@ -675,6 +689,7 @@ module.exports = {
   // This is exported only to facilitate testing.
   E,
   prepareStackTrace,
+  overrideStackTrace,
   kEnhanceStackBeforeInspector,
   fatalExceptionStackEnhancers
 };
diff --git a/lib/internal/util.js b/lib/internal/util.js
index e13cce92fff3eb..58502f3b7a7a93 100644
--- a/lib/internal/util.js
+++ b/lib/internal/util.js
@@ -7,7 +7,8 @@ const {
     ERR_NO_CRYPTO,
     ERR_UNKNOWN_SIGNAL
   },
-  uvErrmapGet
+  uvErrmapGet,
+  overrideStackTrace,
 } = require('internal/errors');
 const { signals } = internalBinding('constants').os;
 const {
@@ -338,15 +339,13 @@ function isInsideNodeModules() {
     // side-effect-free. Since this is currently only used for a deprecated API,
     // the perf implications should be okay.
     getStructuredStack = runInNewContext(`(function() {
-      Error.prepareStackTrace = function(err, trace) {
-        return trace;
-      };
       Error.stackTraceLimit = Infinity;
-
       return function structuredStack() {
-        return new Error().stack;
+        const e = new Error();
+        overrideStackTrace.set(e, (err, trace) => trace);
+        return e.stack;
       };
-    })()`, {}, { filename: 'structured-stack' });
+    })()`, { overrideStackTrace }, { filename: 'structured-stack' });
   }
 
   const stack = getStructuredStack();
diff --git a/lib/repl.js b/lib/repl.js
index ef19d257916ab6..e0f20ff5bf0447 100644
--- a/lib/repl.js
+++ b/lib/repl.js
@@ -69,12 +69,15 @@ const CJSModule = require('internal/modules/cjs/loader');
 const domain = require('domain');
 const debug = require('internal/util/debuglog').debuglog('repl');
 const {
-  ERR_CANNOT_WATCH_SIGINT,
-  ERR_INVALID_ARG_TYPE,
-  ERR_INVALID_REPL_EVAL_CONFIG,
-  ERR_INVALID_REPL_INPUT,
-  ERR_SCRIPT_EXECUTION_INTERRUPTED
-} = require('internal/errors').codes;
+  codes: {
+    ERR_CANNOT_WATCH_SIGINT,
+    ERR_INVALID_ARG_TYPE,
+    ERR_INVALID_REPL_EVAL_CONFIG,
+    ERR_INVALID_REPL_INPUT,
+    ERR_SCRIPT_EXECUTION_INTERRUPTED,
+  },
+  overrideStackTrace,
+} = require('internal/errors');
 const { sendInspectorCommand } = require('internal/util/inspector');
 const experimentalREPLAwait = require('internal/options').getOptionValue(
   '--experimental-repl-await'
@@ -473,10 +476,29 @@ function REPLServer(prompt,
     let errStack = '';
 
     if (typeof e === 'object' && e !== null) {
-      const pstrace = Error.prepareStackTrace;
-      Error.prepareStackTrace = prepareStackTrace(pstrace);
+      overrideStackTrace.set(e, (error, stackFrames) => {
+        let frames;
+        if (typeof stackFrames === 'object') {
+          // Search from the bottom of the call stack to
+          // find the first frame with a null function name
+          const idx = stackFrames
+            .reverse()
+            .findIndex((frame) => frame.getFunctionName() === null);
+          // If found, get rid of it and everything below it
+          frames = stackFrames.splice(idx + 1);
+        } else {
+          frames = stackFrames;
+        }
+        // FIXME(devsnek): this is inconsistent with the checks
+        // that the real prepareStackTrace dispatch uses in
+        // lib/internal/errors.js.
+        if (typeof Error.prepareStackTrace === 'function') {
+          return Error.prepareStackTrace(error, frames);
+        }
+        frames.push(error);
+        return frames.reverse().join('\n    at ');
+      });
       decorateErrorStack(e);
-      Error.prepareStackTrace = pstrace;
 
       if (e.domainThrown) {
         delete e.domain;
@@ -590,30 +612,6 @@ function REPLServer(prompt,
     }
   }
 
-  function filterInternalStackFrames(structuredStack) {
-    // Search from the bottom of the call stack to
-    // find the first frame with a null function name
-    if (typeof structuredStack !== 'object')
-      return structuredStack;
-    const idx = structuredStack.reverse().findIndex(
-      (frame) => frame.getFunctionName() === null);
-
-    // If found, get rid of it and everything below it
-    structuredStack = structuredStack.splice(idx + 1);
-    return structuredStack;
-  }
-
-  function prepareStackTrace(fn) {
-    return (error, stackFrames) => {
-      const frames = filterInternalStackFrames(stackFrames);
-      if (fn) {
-        return fn(error, frames);
-      }
-      frames.push(error);
-      return frames.reverse().join('\n    at ');
-    };
-  }
-
   function _parseREPLKeyword(keyword, rest) {
     const cmd = this.commands[keyword];
     if (cmd) {

From 8b4f210bf5f3ccccef692810563886bdab427279 Mon Sep 17 00:00:00 2001
From: cjihrig <cjihrig@gmail.com>
Date: Thu, 3 Oct 2019 00:39:38 +0200
Subject: [PATCH 26/65] doc: add missing deprecation code

PR-URL: https://github.com/nodejs/node/pull/29820
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Jiawen Geng <technicalcute@gmail.com>
---
 doc/api/deprecations.md                 | 4 ++--
 lib/internal/bootstrap/pre_execution.js | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/doc/api/deprecations.md b/doc/api/deprecations.md
index e45130340c77ef..08e4ec065a992a 100644
--- a/doc/api/deprecations.md
+++ b/doc/api/deprecations.md
@@ -2508,8 +2508,8 @@ Type: Documentation-only
 Prefer [`response.socket`][] over [`response.connection`] and
 [`request.socket`][] over [`request.connection`].
 
-<a id="DEP0XXX"></a>
-### DEP0XXX: process._tickCallback
+<a id="DEP0134"></a>
+### DEP0134: process._tickCallback
 <!-- YAML
 changes:
   - version: REPLACEME
diff --git a/lib/internal/bootstrap/pre_execution.js b/lib/internal/bootstrap/pre_execution.js
index 626791a5725773..6fe9f36bc2c1e6 100644
--- a/lib/internal/bootstrap/pre_execution.js
+++ b/lib/internal/bootstrap/pre_execution.js
@@ -274,7 +274,7 @@ function initializeDeprecations() {
 
     process._tickCallback = deprecate(process._tickCallback,
                                       'process._tickCallback() is deprecated',
-                                      'DEP0XXX');
+                                      'DEP0134');
   }
 
   // Create global.process and global.Buffer as getters so that we have a

From 79f6cd36061cf5adb1da2369e213d9ecea368ad3 Mon Sep 17 00:00:00 2001
From: Rich Trott <rtrott@gmail.com>
Date: Mon, 30 Sep 2019 21:09:47 -0700
Subject: [PATCH 27/65] tools: update ESLint to v6.5.1

PR-URL: https://github.com/nodejs/node/pull/29785
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Yongsheng Zhang <zyszys98@gmail.com>
Reviewed-By: Beth Griggs <Bethany.Griggs@uk.ibm.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: David Carlier <devnexen@gmail.com>
---
 tools/node_modules/eslint/README.md           |  16 +-
 tools/node_modules/eslint/bin/eslint.js       |  50 ++++--
 .../eslint/lib/cli-engine/cli-engine.js       |   6 +-
 .../eslint/lib/cli-engine/ignored-paths.js    |   6 +-
 .../lib/cli-engine/lint-result-cache.js       |   1 -
 tools/node_modules/eslint/lib/cli.js          |  25 +--
 .../eslint/lib/init/config-rule.js            |   4 +-
 .../node_modules/eslint/lib/init/npm-utils.js |   2 +-
 .../code-path-analysis/debug-helpers.js       |   2 +-
 .../node_modules/eslint/lib/linter/linter.js  |   1 -
 tools/node_modules/eslint/lib/options.js      |   6 +
 .../eslint/lib/rule-tester/rule-tester.js     |   3 +-
 .../eslint/lib/rules/capitalized-comments.js  |   4 +-
 .../eslint/lib/rules/indent-legacy.js         |   2 +-
 tools/node_modules/eslint/lib/rules/indent.js |  28 +++
 .../eslint/lib/rules/new-parens.js            |   6 +-
 .../eslint/lib/rules/no-extra-bind.js         |   8 +-
 .../eslint/lib/rules/no-extra-label.js        |  10 +-
 .../eslint/lib/rules/no-extra-parens.js       |  17 +-
 .../eslint/lib/rules/no-regex-spaces.js       | 151 +++++++++++-----
 .../eslint/lib/rules/no-undef-init.js         |   8 +-
 .../eslint/lib/rules/no-useless-rename.js     |  38 ++--
 .../eslint/lib/rules/no-useless-return.js     |   5 +-
 .../lib/rules/prefer-named-capture-group.js   |  18 +-
 .../lib/rules/prefer-numeric-literals.js      |   4 +
 .../eslint/lib/rules/use-isnan.js             |  73 +++++++-
 .../node_modules/eslint/lib/shared/logging.js |   2 +
 .../eslint/lib/shared/runtime-info.js         | 163 ++++++++++++++++++
 .../eslint/lib/source-code/source-code.js     |   7 +-
 .../eslint/node_modules/acorn/README.md       |   7 +-
 .../eslint/node_modules/acorn/dist/acorn.js   |  28 ++-
 .../eslint/node_modules/acorn/dist/acorn.mjs  |  28 ++-
 .../eslint/node_modules/acorn/package.json    |   2 +-
 .../eslint/node_modules/glob-parent/README.md |  11 +-
 .../eslint/node_modules/glob-parent/index.js  |  11 +-
 .../node_modules/glob-parent/package.json     |   2 +-
 tools/node_modules/eslint/package.json        |   6 +-
 37 files changed, 604 insertions(+), 157 deletions(-)
 create mode 100644 tools/node_modules/eslint/lib/shared/runtime-info.js

diff --git a/tools/node_modules/eslint/README.md b/tools/node_modules/eslint/README.md
index 28f512920c2466..fbd99b12df19da 100644
--- a/tools/node_modules/eslint/README.md
+++ b/tools/node_modules/eslint/README.md
@@ -120,7 +120,7 @@ Yes, ESLint natively supports parsing JSX syntax (this must be enabled in [confi
 
 ### What ECMAScript versions does ESLint support?
 
-ESLint has full support for ECMAScript 3, 5 (default), 2015, 2016, 2017, and 2018. You can set your desired ECMAScript syntax (and other settings, like global variables or your target environments) through [configuration](https://eslint.org/docs/user-guide/configuring).
+ESLint has full support for ECMAScript 3, 5 (default), 2015, 2016, 2017, 2018, and 2019. You can set your desired ECMAScript syntax (and other settings, like global variables or your target environments) through [configuration](https://eslint.org/docs/user-guide/configuring).
 
 ### What about experimental features?
 
@@ -210,11 +210,6 @@ Toru Nagashima
 Gyandeep Singh
 </a>
 </td><td align="center" valign="top" width="11%">
-<a href="https://github.com/kaicataldo">
-<img src="https://github.com/kaicataldo.png?s=75" width="75" height="75"><br />
-Kai Cataldo
-</a>
-</td><td align="center" valign="top" width="11%">
 <a href="https://github.com/not-an-aardvark">
 <img src="https://github.com/not-an-aardvark.png?s=75" width="75" height="75"><br />
 Teddy Katz
@@ -241,6 +236,11 @@ The people who review and implement new features.
 The people who review and fix bugs and help triage issues.
 
 <table><tbody><tr><td align="center" valign="top" width="11%">
+<a href="https://github.com/kaicataldo">
+<img src="https://github.com/kaicataldo.png?s=75" width="75" height="75"><br />
+Kai Cataldo
+</a>
+</td><td align="center" valign="top" width="11%">
 <a href="https://github.com/g-plane">
 <img src="https://github.com/g-plane.png?s=75" width="75" height="75"><br />
 Pig Fang
@@ -262,9 +262,9 @@ The following companies, organizations, and individuals support ESLint's ongoing
 <!-- NOTE: This section is autogenerated. Do not manually edit.-->
 <!--sponsorsstart-->
 <h3>Gold Sponsors</h3>
-<p><a href="https://www.shopify.com"><img src="https://images.opencollective.com/shopify/eeb91aa/logo.png" alt="Shopify" height="96"></a> <a href="http://engineering.salesforce.com"><img src="https://images.opencollective.com/salesforce/d1b37c4/logo.png" alt="Salesforce" height="96"></a> <a href="https://badoo.com/team?utm_source=eslint"><img src="https://images.opencollective.com/badoo/2826a3b/logo.png" alt="Badoo" height="96"></a> <a href="https://www.airbnb.com/"><img src="https://images.opencollective.com/airbnb/d327d66/logo.png" alt="Airbnb" height="96"></a> <a href="https://code.facebook.com/projects/"><img src="https://images.opencollective.com/fbopensource/fbb8a5b/logo.png" alt="Facebook Open Source" height="96"></a></p><h3>Silver Sponsors</h3>
+<p><a href="https://www.shopify.com"><img src="https://images.opencollective.com/shopify/eeb91aa/logo.png" alt="Shopify" height="96"></a> <a href="http://engineering.salesforce.com"><img src="https://images.opencollective.com/salesforce/ca8f997/logo.png" alt="Salesforce" height="96"></a> <a href="https://badoo.com/team?utm_source=eslint"><img src="https://images.opencollective.com/badoo/2826a3b/logo.png" alt="Badoo" height="96"></a> <a href="https://www.airbnb.com/"><img src="https://images.opencollective.com/airbnb/d327d66/logo.png" alt="Airbnb" height="96"></a> <a href="https://opensource.facebook.com"><img src="https://images.opencollective.com/fbopensource/fbb8a5b/logo.png" alt="Facebook Open Source" height="96"></a></p><h3>Silver Sponsors</h3>
 <p><a href="https://www.ampproject.org/"><img src="https://images.opencollective.com/amp/c8a3b25/logo.png" alt="AMP Project" height="64"></a></p><h3>Bronze Sponsors</h3>
-<p><a href="https://discordapp.com"><img src="https://images.opencollective.com/discordapp/7e3d9a9/logo.png" alt="Discord" height="32"></a> <a href="https://moneypug.co.uk/"><img src="https://images.opencollective.com/moneypug/45f8d53/logo.png" alt="MONEYPUG" height="32"></a> <a href="https://icons8.com"><img src="https://images.opencollective.com/icons8/0b37d14/logo.png" alt="Free Icons by Icons8" height="32"></a> <a href="https://uxplanet.org/top-ui-ux-design-agencies-user-experience-firms-8c54697e290"><img src="https://images.opencollective.com/ui-ux-design-agencies/cae5dfe/logo.png" alt="UI UX Design Agencies" height="32"></a> <a href="https://clay.global"><img src="https://images.opencollective.com/clayglobal/2468f34/logo.png" alt="clay" height="32"></a> <a href="https://www.vpsserver.com"><img src="https://images.opencollective.com/vpsservercom/logo.png" alt="VPS Server" height="32"></a> <a href="https://themeisle.com"><img src="https://images.opencollective.com/themeisle/logo.png" alt="ThemeIsle" height="32"></a> <a href="https://tekhattan.com"><img src="https://images.opencollective.com/tekhattan/bc73c28/logo.png" alt="TekHattan" height="32"></a> <a href="https://www.marfeel.com/"><img src="https://images.opencollective.com/marfeel/4b88e30/logo.png" alt="Marfeel" height="32"></a> <a href="http://www.firesticktricks.com"><img src="https://images.opencollective.com/fire-stick-tricks/b8fbe2c/logo.png" alt="Fire Stick Tricks" height="32"></a> <a href="https://jsheroes.io/"><img src="https://images.opencollective.com/jsheroes1/9fedf0b/logo.png" alt="JSHeroes " height="32"></a></p>
+<p><a href="https://discordapp.com"><img src="https://images.opencollective.com/discordapp/7e3d9a9/logo.png" alt="Discord" height="32"></a> <a href="https://mixpanel.com"><img src="https://images.opencollective.com/mixpanel/cd682f7/logo.png" alt="Mixpanel" height="32"></a> <a href="https://icons8.com"><img src="https://images.opencollective.com/icons8/0b37d14/logo.png" alt="Free Icons by Icons8" height="32"></a> <a href="https://uxplanet.org/top-ui-ux-design-agencies-user-experience-firms-8c54697e290"><img src="https://images.opencollective.com/ui-ux-design-agencies/cae5dfe/logo.png" alt="UI UX Design Agencies" height="32"></a> <a href="https://clay.global"><img src="https://images.opencollective.com/clayglobal/2468f34/logo.png" alt="clay" height="32"></a> <a href="https://www.vpsserver.com"><img src="https://images.opencollective.com/vpsservercom/logo.png" alt="VPS Server" height="32"></a> <a href="https://themeisle.com"><img src="https://images.opencollective.com/themeisle/logo.png" alt="ThemeIsle" height="32"></a> <a href="https://tekhattan.com"><img src="https://images.opencollective.com/tekhattan/bc73c28/logo.png" alt="TekHattan" height="32"></a> <a href="https://www.marfeel.com/"><img src="https://images.opencollective.com/marfeel/4b88e30/logo.png" alt="Marfeel" height="32"></a> <a href="http://www.firesticktricks.com"><img src="https://images.opencollective.com/fire-stick-tricks/b8fbe2c/logo.png" alt="Fire Stick Tricks" height="32"></a> <a href="https://jsheroes.io/"><img src="https://images.opencollective.com/jsheroes1/9fedf0b/logo.png" alt="JSHeroes " height="32"></a></p>
 <!--sponsorsend-->
 
 ## <a name="technology-sponsors"></a>Technology Sponsors
diff --git a/tools/node_modules/eslint/bin/eslint.js b/tools/node_modules/eslint/bin/eslint.js
index 061e94767f0b92..a9f51f1d7d4c57 100755
--- a/tools/node_modules/eslint/bin/eslint.js
+++ b/tools/node_modules/eslint/bin/eslint.js
@@ -16,9 +16,9 @@ require("v8-compile-cache");
 // Helpers
 //------------------------------------------------------------------------------
 
-const useStdIn = (process.argv.indexOf("--stdin") > -1),
-    init = (process.argv.indexOf("--init") > -1),
-    debug = (process.argv.indexOf("--debug") > -1);
+const useStdIn = process.argv.includes("--stdin"),
+    init = process.argv.includes("--init"),
+    debug = process.argv.includes("--debug");
 
 // must do this initialization *before* other requires in order to work
 if (debug) {
@@ -30,9 +30,9 @@ if (debug) {
 //------------------------------------------------------------------------------
 
 // now we can safely include the other modules that use debug
-const cli = require("../lib/cli"),
-    path = require("path"),
-    fs = require("fs");
+const path = require("path"),
+    fs = require("fs"),
+    cli = require("../lib/cli");
 
 //------------------------------------------------------------------------------
 // Execution
@@ -50,7 +50,6 @@ process.once("uncaughtException", err => {
         console.error("\nOops! Something went wrong! :(");
         console.error(`\nESLint: ${pkg.version}.\n\n${template(err.messageData || {})}`);
     } else {
-
         console.error(err.stack);
     }
 
@@ -60,13 +59,40 @@ process.once("uncaughtException", err => {
 if (useStdIn) {
 
     /*
-     * Note: `process.stdin.fd` is not used here due to https://github.com/nodejs/node/issues/7439.
-     * Accessing the `process.stdin` property seems to modify the behavior of file descriptor 0, resulting
-     * in an error when stdin is piped in asynchronously.
+     * Note: See
+     * - https://github.com/nodejs/node/blob/master/doc/api/process.md#processstdin
+     * - https://github.com/nodejs/node/blob/master/doc/api/process.md#a-note-on-process-io
+     * - https://lists.gnu.org/archive/html/bug-gnu-emacs/2016-01/msg00419.html
+     * - https://github.com/nodejs/node/issues/7439 (historical)
+     *
+     * On Windows using `fs.readFileSync(STDIN_FILE_DESCRIPTOR, "utf8")` seems
+     * to read 4096 bytes before blocking and never drains to read further data.
+     *
+     * The investigation on the Emacs thread indicates:
+     *
+     * > Emacs on MS-Windows uses pipes to communicate with subprocesses; a
+     * > pipe on Windows has a 4K buffer. So as soon as Emacs writes more than
+     * > 4096 bytes to the pipe, the pipe becomes full, and Emacs then waits for
+     * > the subprocess to read its end of the pipe, at which time Emacs will
+     * > write the rest of the stuff.
+     *
+     * Using the nodejs code example for reading from stdin.
      */
-    const STDIN_FILE_DESCRIPTOR = 0;
+    let contents = "",
+        chunk = "";
+
+    process.stdin.setEncoding("utf8");
+    process.stdin.on("readable", () => {
 
-    process.exitCode = cli.execute(process.argv, fs.readFileSync(STDIN_FILE_DESCRIPTOR, "utf8"));
+        // Use a loop to make sure we read all available data.
+        while ((chunk = process.stdin.read()) !== null) {
+            contents += chunk;
+        }
+    });
+
+    process.stdin.on("end", () => {
+        process.exitCode = cli.execute(process.argv, contents, "utf8");
+    });
 } else if (init) {
     const configInit = require("../lib/init/config-initializer");
 
diff --git a/tools/node_modules/eslint/lib/cli-engine/cli-engine.js b/tools/node_modules/eslint/lib/cli-engine/cli-engine.js
index 7f80887f086464..3c67d33daa6413 100644
--- a/tools/node_modules/eslint/lib/cli-engine/cli-engine.js
+++ b/tools/node_modules/eslint/lib/cli-engine/cli-engine.js
@@ -85,8 +85,8 @@ const validFixTypes = new Set(["problem", "suggestion", "layout"]);
  * @property {number} warningCount Number of warnings for the result.
  * @property {number} fixableErrorCount Number of fixable errors for the result.
  * @property {number} fixableWarningCount Number of fixable warnings for the result.
- * @property {string=} [source] The source code of the file that was linted.
- * @property {string=} [output] The source code of the file that was linted, with as many fixes applied as possible.
+ * @property {string} [source] The source code of the file that was linted.
+ * @property {string} [output] The source code of the file that was linted, with as many fixes applied as possible.
  */
 
 /**
@@ -329,7 +329,6 @@ function getRule(ruleId, configArrays) {
 /**
  * Collect used deprecated rules.
  * @param {ConfigArray[]} usedConfigArrays The config arrays which were used.
- * @param {Map<string, Object>} ruleMap The rule definitions which were used (built-ins).
  * @returns {IterableIterator<DeprecatedRuleInfo>} Used deprecated rules.
  */
 function *iterateRuleDeprecationWarnings(usedConfigArrays) {
@@ -530,7 +529,6 @@ class CLIEngine {
     /**
      * Creates a new instance of the core CLI engine.
      * @param {CLIEngineOptions} providedOptions The options for this instance.
-     * @constructor
      */
     constructor(providedOptions) {
         const options = Object.assign(
diff --git a/tools/node_modules/eslint/lib/cli-engine/ignored-paths.js b/tools/node_modules/eslint/lib/cli-engine/ignored-paths.js
index 137d156e9c05af..12dfce06665eef 100644
--- a/tools/node_modules/eslint/lib/cli-engine/ignored-paths.js
+++ b/tools/node_modules/eslint/lib/cli-engine/ignored-paths.js
@@ -78,7 +78,7 @@ function mergeDefaultOptions(options) {
     return Object.assign({}, DEFAULT_OPTIONS, options);
 }
 
-/* eslint-disable valid-jsdoc */
+/* eslint-disable jsdoc/check-param-names, jsdoc/require-param */
 /**
  * Normalize the path separators in a given string.
  * On Windows environment, this replaces `\` by `/`.
@@ -89,7 +89,7 @@ function mergeDefaultOptions(options) {
 const normalizePathSeps = path.sep === "/"
     ? (str => str)
     : ((seps, str) => str.replace(seps, "/")).bind(null, new RegExp(`\\${path.sep}`, "gu"));
-/* eslint-enable valid-jsdoc */
+/* eslint-enable jsdoc/check-param-names, jsdoc/require-param */
 
 /**
  * Converts a glob pattern to a new glob pattern relative to a different directory
@@ -298,7 +298,7 @@ class IgnoredPaths {
 
     /**
      * read ignore filepath
-     * @param {string} filePath, file to add to ig
+     * @param {string} filePath file to add to ig
      * @returns {Array} raw ignore rules
      */
     readIgnoreFile(filePath) {
diff --git a/tools/node_modules/eslint/lib/cli-engine/lint-result-cache.js b/tools/node_modules/eslint/lib/cli-engine/lint-result-cache.js
index 9408780fb022c6..14e19d9e5a1c63 100644
--- a/tools/node_modules/eslint/lib/cli-engine/lint-result-cache.js
+++ b/tools/node_modules/eslint/lib/cli-engine/lint-result-cache.js
@@ -47,7 +47,6 @@ class LintResultCache {
 
     /**
      * Creates a new LintResultCache instance.
-     * @constructor
      * @param {string} cacheFileLocation The cache file location.
      *   configuration lookup by file path).
      */
diff --git a/tools/node_modules/eslint/lib/cli.js b/tools/node_modules/eslint/lib/cli.js
index c34545544b1040..18a917cf0b0a95 100644
--- a/tools/node_modules/eslint/lib/cli.js
+++ b/tools/node_modules/eslint/lib/cli.js
@@ -20,7 +20,8 @@ const fs = require("fs"),
     mkdirp = require("mkdirp"),
     { CLIEngine } = require("./cli-engine"),
     options = require("./options"),
-    log = require("./shared/logging");
+    log = require("./shared/logging"),
+    RuntimeInfo = require("./shared/runtime-info");
 
 const debug = require("debug")("eslint:cli");
 
@@ -159,13 +160,18 @@ const cli = {
         }
 
         const files = currentOptions._;
-
         const useStdin = typeof text === "string";
 
-        if (currentOptions.version) { // version from package.json
-
-            log.info(`v${require("../package.json").version}`);
-
+        if (currentOptions.version) {
+            log.info(RuntimeInfo.version());
+        } else if (currentOptions.envInfo) {
+            try {
+                log.info(RuntimeInfo.environment());
+                return 0;
+            } catch (err) {
+                log.error(err.message);
+                return 2;
+            }
         } else if (currentOptions.printConfig) {
             if (files.length) {
                 log.error("The --print-config option must be used with exactly one file name.");
@@ -177,17 +183,13 @@ const cli = {
             }
 
             const engine = new CLIEngine(translateOptions(currentOptions));
-
             const fileConfig = engine.getConfigForFile(currentOptions.printConfig);
 
             log.info(JSON.stringify(fileConfig, null, "  "));
             return 0;
         } else if (currentOptions.help || (!files.length && !useStdin)) {
-
             log.info(options.generateHelp());
-
         } else {
-
             debug(`Running on ${useStdin ? "text" : "files"}`);
 
             if (currentOptions.fix && currentOptions.fixDryRun) {
@@ -227,9 +229,8 @@ const cli = {
 
                 return (report.errorCount || tooManyWarnings) ? 1 : 0;
             }
-            return 2;
-
 
+            return 2;
         }
 
         return 0;
diff --git a/tools/node_modules/eslint/lib/init/config-rule.js b/tools/node_modules/eslint/lib/init/config-rule.js
index fbe9b779ab7f54..e40feb7145b0cf 100644
--- a/tools/node_modules/eslint/lib/init/config-rule.js
+++ b/tools/node_modules/eslint/lib/init/config-rule.js
@@ -99,7 +99,7 @@ function groupByProperty(objects) {
  * Configs may also have one or more additional elements to specify rule
  * configuration or options.
  *
- * @typedef {array|number} ruleConfig
+ * @typedef {Array|number} ruleConfig
  * @param {number}  0  The rule's severity (0, 1, 2).
  */
 
@@ -185,7 +185,7 @@ class RuleConfigSet {
 
         /**
          * Stored valid rule configurations for this instance
-         * @type {array}
+         * @type {Array}
          */
         this.ruleConfigs = configs || [];
     }
diff --git a/tools/node_modules/eslint/lib/init/npm-utils.js b/tools/node_modules/eslint/lib/init/npm-utils.js
index 7fe7c6e7d59b34..3d4a896b6f6e51 100644
--- a/tools/node_modules/eslint/lib/init/npm-utils.js
+++ b/tools/node_modules/eslint/lib/init/npm-utils.js
@@ -163,7 +163,7 @@ function checkDevDeps(packages) {
 /**
  * Check whether package.json is found in current path.
  *
- * @param   {string=} startDir Starting directory
+ * @param   {string} [startDir] Starting directory
  * @returns {boolean} Whether a package.json is found in current path.
  */
 function checkPackageJson(startDir) {
diff --git a/tools/node_modules/eslint/lib/linter/code-path-analysis/debug-helpers.js b/tools/node_modules/eslint/lib/linter/code-path-analysis/debug-helpers.js
index 9af985ce85f56e..2ca6dbc1e5293c 100644
--- a/tools/node_modules/eslint/lib/linter/code-path-analysis/debug-helpers.js
+++ b/tools/node_modules/eslint/lib/linter/code-path-analysis/debug-helpers.js
@@ -21,7 +21,7 @@ const debug = require("debug")("eslint:code-path");
  * @returns {string} Id of the segment.
  */
 /* istanbul ignore next */
-function getId(segment) { // eslint-disable-line require-jsdoc
+function getId(segment) { // eslint-disable-line jsdoc/require-jsdoc
     return segment.id + (segment.reachable ? "" : "!");
 }
 
diff --git a/tools/node_modules/eslint/lib/linter/linter.js b/tools/node_modules/eslint/lib/linter/linter.js
index 7d1dc8c8c1cfd8..534181da9e4752 100644
--- a/tools/node_modules/eslint/lib/linter/linter.js
+++ b/tools/node_modules/eslint/lib/linter/linter.js
@@ -472,7 +472,6 @@ function normalizeFilename(filename) {
     return index === -1 ? filename : parts.slice(index).join(path.sep);
 }
 
-// eslint-disable-next-line valid-jsdoc
 /**
  * Normalizes the possible options for `linter.verify` and `linter.verifyAndFix` to a
  * consistent shape.
diff --git a/tools/node_modules/eslint/lib/options.js b/tools/node_modules/eslint/lib/options.js
index 440773a844bbfd..83bf9afc22c9f1 100644
--- a/tools/node_modules/eslint/lib/options.js
+++ b/tools/node_modules/eslint/lib/options.js
@@ -224,6 +224,12 @@ module.exports = optionator({
             default: "false",
             description: "Run config initialization wizard"
         },
+        {
+            option: "env-info",
+            type: "Boolean",
+            default: "false",
+            description: "Output execution environment information"
+        },
         {
             option: "debug",
             type: "Boolean",
diff --git a/tools/node_modules/eslint/lib/rule-tester/rule-tester.js b/tools/node_modules/eslint/lib/rule-tester/rule-tester.js
index 0d1319c11a2fdc..9f8324a358fd77 100644
--- a/tools/node_modules/eslint/lib/rule-tester/rule-tester.js
+++ b/tools/node_modules/eslint/lib/rule-tester/rule-tester.js
@@ -130,7 +130,7 @@ function freezeDeeply(x) {
  */
 function sanitize(text) {
     return text.replace(
-        /[\u0000-\u001f]/gu, // eslint-disable-line no-control-regex
+        /[\u0000-\u0009|\u000b-\u001a]/gu, // eslint-disable-line no-control-regex
         c => `\\u${c.codePointAt(0).toString(16).padStart(4, "0")}`
     );
 }
@@ -177,7 +177,6 @@ class RuleTester {
     /**
      * Creates a new instance of RuleTester.
      * @param {Object} [testerConfig] Optional, extra configuration for the tester
-     * @constructor
      */
     constructor(testerConfig) {
 
diff --git a/tools/node_modules/eslint/lib/rules/capitalized-comments.js b/tools/node_modules/eslint/lib/rules/capitalized-comments.js
index 47477743598ac8..dd7ef145648c66 100644
--- a/tools/node_modules/eslint/lib/rules/capitalized-comments.js
+++ b/tools/node_modules/eslint/lib/rules/capitalized-comments.js
@@ -59,7 +59,7 @@ const DEFAULTS = {
  * @param {string} which Either "line" or "block".
  * @returns {Object} The normalized options.
  */
-function getNormalizedOptions(rawOptions = {}, which) {
+function getNormalizedOptions(rawOptions, which) {
     return Object.assign({}, DEFAULTS, rawOptions[which] || rawOptions);
 }
 
@@ -70,7 +70,7 @@ function getNormalizedOptions(rawOptions = {}, which) {
  * @returns {Object} An object with "Line" and "Block" keys and corresponding
  * normalized options objects.
  */
-function getAllNormalizedOptions(rawOptions) {
+function getAllNormalizedOptions(rawOptions = {}) {
     return {
         Line: getNormalizedOptions(rawOptions, "line"),
         Block: getNormalizedOptions(rawOptions, "block")
diff --git a/tools/node_modules/eslint/lib/rules/indent-legacy.js b/tools/node_modules/eslint/lib/rules/indent-legacy.js
index fb84b732ea307e..f1c024c368475d 100644
--- a/tools/node_modules/eslint/lib/rules/indent-legacy.js
+++ b/tools/node_modules/eslint/lib/rules/indent-legacy.js
@@ -303,7 +303,7 @@ module.exports = {
          * @param {int} needed Expected indentation character count
          * @param {int} gottenSpaces Indentation space count in the actual node/code
          * @param {int} gottenTabs Indentation tab count in the actual node/code
-         * @param {Object=} loc Error line and column location
+         * @param {Object} [loc] Error line and column location
          * @param {boolean} isLastNodeCheck Is the error for last node check
          * @returns {void}
          */
diff --git a/tools/node_modules/eslint/lib/rules/indent.js b/tools/node_modules/eslint/lib/rules/indent.js
index f44eafa715cf96..a2fa9c4f409c01 100644
--- a/tools/node_modules/eslint/lib/rules/indent.js
+++ b/tools/node_modules/eslint/lib/rules/indent.js
@@ -81,6 +81,9 @@ const KNOWN_NODES = new Set([
     "WhileStatement",
     "WithStatement",
     "YieldExpression",
+    "JSXFragment",
+    "JSXOpeningFragment",
+    "JSXClosingFragment",
     "JSXIdentifier",
     "JSXNamespacedName",
     "JSXMemberExpression",
@@ -1453,6 +1456,31 @@ module.exports = {
                 offsets.setDesiredOffsets(node.name.range, firstToken, 1);
             },
 
+            JSXFragment(node) {
+                const firstOpeningToken = sourceCode.getFirstToken(node.openingFragment);
+                const firstClosingToken = sourceCode.getFirstToken(node.closingFragment);
+
+                addElementListIndent(node.children, firstOpeningToken, firstClosingToken, 1);
+            },
+
+            JSXOpeningFragment(node) {
+                const firstToken = sourceCode.getFirstToken(node);
+                const closingToken = sourceCode.getLastToken(node);
+
+                offsets.setDesiredOffsets(node.range, firstToken, 1);
+                offsets.matchOffsetOf(firstToken, closingToken);
+            },
+
+            JSXClosingFragment(node) {
+                const firstToken = sourceCode.getFirstToken(node);
+                const slashToken = sourceCode.getLastToken(node, { skip: 1 });
+                const closingToken = sourceCode.getLastToken(node);
+                const tokenToMatch = astUtils.isTokenOnSameLine(slashToken, closingToken) ? slashToken : closingToken;
+
+                offsets.setDesiredOffsets(node.range, firstToken, 1);
+                offsets.matchOffsetOf(firstToken, tokenToMatch);
+            },
+
             JSXExpressionContainer(node) {
                 const openingCurly = sourceCode.getFirstToken(node);
                 const closingCurly = sourceCode.getLastToken(node);
diff --git a/tools/node_modules/eslint/lib/rules/new-parens.js b/tools/node_modules/eslint/lib/rules/new-parens.js
index 4b9958fe6cb2fe..405ec1b515a4d6 100644
--- a/tools/node_modules/eslint/lib/rules/new-parens.js
+++ b/tools/node_modules/eslint/lib/rules/new-parens.js
@@ -65,7 +65,11 @@ module.exports = {
 
                 const lastToken = sourceCode.getLastToken(node);
                 const hasLastParen = lastToken && astUtils.isClosingParenToken(lastToken);
-                const hasParens = hasLastParen && astUtils.isOpeningParenToken(sourceCode.getTokenBefore(lastToken));
+
+                // `hasParens` is true only if the new expression ends with its own parens, e.g., new new foo() does not end with its own parens
+                const hasParens = hasLastParen &&
+                    astUtils.isOpeningParenToken(sourceCode.getTokenBefore(lastToken)) &&
+                    node.callee.range[1] < node.range[1];
 
                 if (always) {
                     if (!hasParens) {
diff --git a/tools/node_modules/eslint/lib/rules/no-extra-bind.js b/tools/node_modules/eslint/lib/rules/no-extra-bind.js
index cc0b1f84372049..cc5611b10894ee 100644
--- a/tools/node_modules/eslint/lib/rules/no-extra-bind.js
+++ b/tools/node_modules/eslint/lib/rules/no-extra-bind.js
@@ -40,6 +40,7 @@ module.exports = {
     },
 
     create(context) {
+        const sourceCode = context.getSourceCode();
         let scopeInfo = null;
 
         /**
@@ -71,8 +72,13 @@ module.exports = {
                         return null;
                     }
 
-                    const firstTokenToRemove = context.getSourceCode()
+                    const firstTokenToRemove = sourceCode
                         .getFirstTokenBetween(node.parent.object, node.parent.property, astUtils.isNotClosingParenToken);
+                    const lastTokenToRemove = sourceCode.getLastToken(node.parent.parent);
+
+                    if (sourceCode.commentsExistBetween(firstTokenToRemove, lastTokenToRemove)) {
+                        return null;
+                    }
 
                     return fixer.removeRange([firstTokenToRemove.range[0], node.parent.parent.range[1]]);
                 }
diff --git a/tools/node_modules/eslint/lib/rules/no-extra-label.js b/tools/node_modules/eslint/lib/rules/no-extra-label.js
index a4a98af5853b98..48add937e6ef57 100644
--- a/tools/node_modules/eslint/lib/rules/no-extra-label.js
+++ b/tools/node_modules/eslint/lib/rules/no-extra-label.js
@@ -116,7 +116,15 @@ module.exports = {
                             node: labelNode,
                             messageId: "unexpected",
                             data: labelNode,
-                            fix: fixer => fixer.removeRange([sourceCode.getFirstToken(node).range[1], labelNode.range[1]])
+                            fix(fixer) {
+                                const breakOrContinueToken = sourceCode.getFirstToken(node);
+
+                                if (sourceCode.commentsExistBetween(breakOrContinueToken, labelNode)) {
+                                    return null;
+                                }
+
+                                return fixer.removeRange([breakOrContinueToken.range[1], labelNode.range[1]]);
+                            }
                         });
                     }
                     return;
diff --git a/tools/node_modules/eslint/lib/rules/no-extra-parens.js b/tools/node_modules/eslint/lib/rules/no-extra-parens.js
index c5cf7904774c0d..c6809c355bc752 100644
--- a/tools/node_modules/eslint/lib/rules/no-extra-parens.js
+++ b/tools/node_modules/eslint/lib/rules/no-extra-parens.js
@@ -205,7 +205,14 @@ module.exports = {
             const lastToken = sourceCode.getLastToken(newExpression);
             const penultimateToken = sourceCode.getTokenBefore(lastToken);
 
-            return newExpression.arguments.length > 0 || astUtils.isOpeningParenToken(penultimateToken) && astUtils.isClosingParenToken(lastToken);
+            return newExpression.arguments.length > 0 ||
+                (
+
+                    // The expression should end with its own parens, e.g., new new foo() is not a new expression with parens
+                    astUtils.isOpeningParenToken(penultimateToken) &&
+                    astUtils.isClosingParenToken(lastToken) &&
+                    newExpression.callee.range[1] < newExpression.range[1]
+                );
         }
 
         /**
@@ -338,7 +345,7 @@ module.exports = {
             function finishReport() {
                 context.report({
                     node,
-                    loc: leftParenToken.loc.start,
+                    loc: leftParenToken.loc,
                     messageId: "unexpected",
                     fix(fixer) {
                         const parenthesizedSource = sourceCode.text.slice(leftParenToken.range[1], rightParenToken.range[0]);
@@ -887,6 +894,12 @@ module.exports = {
                     report(node.object);
                 }
 
+                if (nodeObjHasExcessParens &&
+                  node.object.type === "NewExpression" &&
+                  isNewExpressionWithParens(node.object)) {
+                    report(node.object);
+                }
+
                 if (node.computed && hasExcessParens(node.property)) {
                     report(node.property);
                 }
diff --git a/tools/node_modules/eslint/lib/rules/no-regex-spaces.js b/tools/node_modules/eslint/lib/rules/no-regex-spaces.js
index 55e79517cef2d7..41f5e149df049b 100644
--- a/tools/node_modules/eslint/lib/rules/no-regex-spaces.js
+++ b/tools/node_modules/eslint/lib/rules/no-regex-spaces.js
@@ -5,7 +5,29 @@
 
 "use strict";
 
+//------------------------------------------------------------------------------
+// Requirements
+//------------------------------------------------------------------------------
+
 const astUtils = require("./utils/ast-utils");
+const regexpp = require("regexpp");
+
+//------------------------------------------------------------------------------
+// Helpers
+//------------------------------------------------------------------------------
+
+const regExpParser = new regexpp.RegExpParser();
+const DOUBLE_SPACE = / {2}/u;
+
+/**
+ * Check if node is a string
+ * @param {ASTNode} node node to evaluate
+ * @returns {boolean} True if its a string
+ * @private
+ */
+function isString(node) {
+    return node && node.type === "Literal" && typeof node.value === "string";
+}
 
 //------------------------------------------------------------------------------
 // Rule Definition
@@ -27,40 +49,70 @@ module.exports = {
     },
 
     create(context) {
-        const sourceCode = context.getSourceCode();
 
         /**
-         * Validate regular expressions
-         * @param {ASTNode} node node to validate
-         * @param {string} value regular expression to validate
-         * @param {number} valueStart The start location of the regex/string literal. It will always be the case that
-         * `sourceCode.getText().slice(valueStart, valueStart + value.length) === value`
+         * Validate regular expression
+         *
+         * @param {ASTNode} nodeToReport Node to report.
+         * @param {string} pattern Regular expression pattern to validate.
+         * @param {string} rawPattern Raw representation of the pattern in the source code.
+         * @param {number} rawPatternStartRange Start range of the pattern in the source code.
+         * @param {string} flags Regular expression flags.
          * @returns {void}
          * @private
          */
-        function checkRegex(node, value, valueStart) {
-            const multipleSpacesRegex = /( {2,})( [+*{?]|[^+*{?]|$)/u,
-                regexResults = multipleSpacesRegex.exec(value);
+        function checkRegex(nodeToReport, pattern, rawPattern, rawPatternStartRange, flags) {
 
-            if (regexResults !== null) {
-                const count = regexResults[1].length;
+            // Skip if there are no consecutive spaces in the source code, to avoid reporting e.g., RegExp(' \ ').
+            if (!DOUBLE_SPACE.test(rawPattern)) {
+                return;
+            }
 
-                context.report({
-                    node,
-                    message: "Spaces are hard to count. Use {{{count}}}.",
-                    data: { count },
-                    fix(fixer) {
-                        return fixer.replaceTextRange(
-                            [valueStart + regexResults.index, valueStart + regexResults.index + count],
-                            ` {${count}}`
-                        );
-                    }
-                });
-
-                /*
-                 * TODO: (platinumazure) Fix message to use rule message
-                 * substitution when api.report is fixed in lib/eslint.js.
-                 */
+            const characterClassNodes = [];
+            let regExpAST;
+
+            try {
+                regExpAST = regExpParser.parsePattern(pattern, 0, pattern.length, flags.includes("u"));
+            } catch (e) {
+
+                // Ignore regular expressions with syntax errors
+                return;
+            }
+
+            regexpp.visitRegExpAST(regExpAST, {
+                onCharacterClassEnter(ccNode) {
+                    characterClassNodes.push(ccNode);
+                }
+            });
+
+            const spacesPattern = /( {2,})(?: [+*{?]|[^+*{?]|$)/gu;
+            let match;
+
+            while ((match = spacesPattern.exec(pattern))) {
+                const { 1: { length }, index } = match;
+
+                // Report only consecutive spaces that are not in character classes.
+                if (
+                    characterClassNodes.every(({ start, end }) => index < start || end <= index)
+                ) {
+                    context.report({
+                        node: nodeToReport,
+                        message: "Spaces are hard to count. Use {{{length}}}.",
+                        data: { length },
+                        fix(fixer) {
+                            if (pattern !== rawPattern) {
+                                return null;
+                            }
+                            return fixer.replaceTextRange(
+                                [rawPatternStartRange + index, rawPatternStartRange + index + length],
+                                ` {${length}}`
+                            );
+                        }
+                    });
+
+                    // Report only the first occurence of consecutive spaces
+                    return;
+                }
             }
         }
 
@@ -71,25 +123,22 @@ module.exports = {
          * @private
          */
         function checkLiteral(node) {
-            const token = sourceCode.getFirstToken(node),
-                nodeType = token.type,
-                nodeValue = token.value;
+            if (node.regex) {
+                const pattern = node.regex.pattern;
+                const rawPattern = node.raw.slice(1, node.raw.lastIndexOf("/"));
+                const rawPatternStartRange = node.range[0] + 1;
+                const flags = node.regex.flags;
 
-            if (nodeType === "RegularExpression") {
-                checkRegex(node, nodeValue, token.range[0]);
+                checkRegex(
+                    node,
+                    pattern,
+                    rawPattern,
+                    rawPatternStartRange,
+                    flags
+                );
             }
         }
 
-        /**
-         * Check if node is a string
-         * @param {ASTNode} node node to evaluate
-         * @returns {boolean} True if its a string
-         * @private
-         */
-        function isString(node) {
-            return node && node.type === "Literal" && typeof node.value === "string";
-        }
-
         /**
          * Validate strings passed to the RegExp constructor
          * @param {ASTNode} node node to validate
@@ -100,9 +149,22 @@ module.exports = {
             const scope = context.getScope();
             const regExpVar = astUtils.getVariableByName(scope, "RegExp");
             const shadowed = regExpVar && regExpVar.defs.length > 0;
+            const patternNode = node.arguments[0];
+            const flagsNode = node.arguments[1];
 
-            if (node.callee.type === "Identifier" && node.callee.name === "RegExp" && isString(node.arguments[0]) && !shadowed) {
-                checkRegex(node, node.arguments[0].value, node.arguments[0].range[0] + 1);
+            if (node.callee.type === "Identifier" && node.callee.name === "RegExp" && isString(patternNode) && !shadowed) {
+                const pattern = patternNode.value;
+                const rawPattern = patternNode.raw.slice(1, -1);
+                const rawPatternStartRange = patternNode.range[0] + 1;
+                const flags = isString(flagsNode) ? flagsNode.value : "";
+
+                checkRegex(
+                    node,
+                    pattern,
+                    rawPattern,
+                    rawPatternStartRange,
+                    flags
+                );
             }
         }
 
@@ -111,6 +173,5 @@ module.exports = {
             CallExpression: checkFunction,
             NewExpression: checkFunction
         };
-
     }
 };
diff --git a/tools/node_modules/eslint/lib/rules/no-undef-init.js b/tools/node_modules/eslint/lib/rules/no-undef-init.js
index 1390c880fc8621..1fdccb867b3c24 100644
--- a/tools/node_modules/eslint/lib/rules/no-undef-init.js
+++ b/tools/node_modules/eslint/lib/rules/no-undef-init.js
@@ -37,7 +37,8 @@ module.exports = {
                     init = node.init && node.init.name,
                     scope = context.getScope(),
                     undefinedVar = astUtils.getVariableByName(scope, "undefined"),
-                    shadowed = undefinedVar && undefinedVar.defs.length > 0;
+                    shadowed = undefinedVar && undefinedVar.defs.length > 0,
+                    lastToken = sourceCode.getLastToken(node);
 
                 if (init === "undefined" && node.parent.kind !== "const" && !shadowed) {
                     context.report({
@@ -54,6 +55,11 @@ module.exports = {
                                 // Don't fix destructuring assignment to `undefined`.
                                 return null;
                             }
+
+                            if (sourceCode.commentsExistBetween(node.id, lastToken)) {
+                                return null;
+                            }
+
                             return fixer.removeRange([node.id.range[1], node.range[1]]);
                         }
                     });
diff --git a/tools/node_modules/eslint/lib/rules/no-useless-rename.js b/tools/node_modules/eslint/lib/rules/no-useless-rename.js
index c1860645ea698e..f31459bd8ae281 100644
--- a/tools/node_modules/eslint/lib/rules/no-useless-rename.js
+++ b/tools/node_modules/eslint/lib/rules/no-useless-rename.js
@@ -36,7 +36,8 @@ module.exports = {
     },
 
     create(context) {
-        const options = context.options[0] || {},
+        const sourceCode = context.getSourceCode(),
+            options = context.options[0] || {},
             ignoreDestructuring = options.ignoreDestructuring === true,
             ignoreImport = options.ignoreImport === true,
             ignoreExport = options.ignoreExport === true;
@@ -64,10 +65,18 @@ module.exports = {
                     type
                 },
                 fix(fixer) {
+                    if (sourceCode.commentsExistBetween(initial, result)) {
+                        return null;
+                    }
+
+                    const replacementText = result.type === "AssignmentPattern"
+                        ? sourceCode.getText(result)
+                        : name;
+
                     return fixer.replaceTextRange([
                         initial.range[0],
                         result.range[1]
-                    ], name);
+                    ], replacementText);
                 }
             });
         }
@@ -82,26 +91,29 @@ module.exports = {
                 return;
             }
 
-            const properties = node.properties;
+            for (const property of node.properties) {
 
-            for (let i = 0; i < properties.length; i++) {
-                if (properties[i].shorthand) {
+                /*
+                 * TODO: Remove after babel-eslint removes ExperimentalRestProperty
+                 * https://github.com/eslint/eslint/issues/12335
+                 */
+                if (property.type === "ExperimentalRestProperty") {
                     continue;
                 }
 
                 /**
-                 * If an ObjectPattern property is computed, we have no idea
-                 * if a rename is useless or not. If an ObjectPattern property
-                 * lacks a key, it is likely an ExperimentalRestProperty and
-                 * so there is no "renaming" occurring here.
+                 * Properties using shorthand syntax and rest elements can not be renamed.
+                 * If the property is computed, we have no idea if a rename is useless or not.
                  */
-                if (properties[i].computed || !properties[i].key) {
+                if (property.shorthand || property.type === "RestElement" || property.computed) {
                     continue;
                 }
 
-                if (properties[i].key.type === "Identifier" && properties[i].key.name === properties[i].value.name ||
-                        properties[i].key.type === "Literal" && properties[i].key.value === properties[i].value.name) {
-                    reportError(properties[i], properties[i].key, properties[i].value, "Destructuring assignment");
+                const key = (property.key.type === "Identifier" && property.key.name) || (property.key.type === "Literal" && property.key.value);
+                const renamedKey = property.value.type === "AssignmentPattern" ? property.value.left.name : property.value.name;
+
+                if (key === renamedKey) {
+                    reportError(property, property.key, property.value, "Destructuring assignment");
                 }
             }
         }
diff --git a/tools/node_modules/eslint/lib/rules/no-useless-return.js b/tools/node_modules/eslint/lib/rules/no-useless-return.js
index 46b5f4b648fc99..7b12e85091c644 100644
--- a/tools/node_modules/eslint/lib/rules/no-useless-return.js
+++ b/tools/node_modules/eslint/lib/rules/no-useless-return.js
@@ -82,6 +82,7 @@ module.exports = {
     create(context) {
         const segmentInfoMap = new WeakMap();
         const usedUnreachableSegments = new WeakSet();
+        const sourceCode = context.getSourceCode();
         let scopeInfo = null;
 
         /**
@@ -216,7 +217,7 @@ module.exports = {
                         loc: node.loc,
                         message: "Unnecessary return statement.",
                         fix(fixer) {
-                            if (isRemovable(node)) {
+                            if (isRemovable(node) && !sourceCode.getCommentsInside(node).length) {
 
                                 /*
                                  * Extend the replacement range to include the
@@ -224,7 +225,7 @@ module.exports = {
                                  * no-else-return.
                                  * https://github.com/eslint/eslint/issues/8026
                                  */
-                                return new FixTracker(fixer, context.getSourceCode())
+                                return new FixTracker(fixer, sourceCode)
                                     .retainEnclosingFunction(node)
                                     .remove(node);
                             }
diff --git a/tools/node_modules/eslint/lib/rules/prefer-named-capture-group.js b/tools/node_modules/eslint/lib/rules/prefer-named-capture-group.js
index 07e69f022c741b..7f4a9c3c8e34a1 100644
--- a/tools/node_modules/eslint/lib/rules/prefer-named-capture-group.js
+++ b/tools/node_modules/eslint/lib/rules/prefer-named-capture-group.js
@@ -50,16 +50,16 @@ module.exports = {
         /**
          * Function to check regular expression.
          *
-         * @param {string} regex The regular expression to be check.
+         * @param {string} pattern The regular expression pattern to be check.
          * @param {ASTNode} node AST node which contains regular expression.
          * @param {boolean} uFlag Flag indicates whether unicode mode is enabled or not.
          * @returns {void}
          */
-        function checkRegex(regex, node, uFlag) {
+        function checkRegex(pattern, node, uFlag) {
             let ast;
 
             try {
-                ast = parser.parsePattern(regex, 0, regex.length, uFlag);
+                ast = parser.parsePattern(pattern, 0, pattern.length, uFlag);
             } catch (_) {
 
                 // ignore regex syntax errors
@@ -69,21 +69,9 @@ module.exports = {
             regexpp.visitRegExpAST(ast, {
                 onCapturingGroupEnter(group) {
                     if (!group.name) {
-                        const locNode = node.type === "Literal" ? node : node.arguments[0];
-
                         context.report({
                             node,
                             messageId: "required",
-                            loc: {
-                                start: {
-                                    line: locNode.loc.start.line,
-                                    column: locNode.loc.start.column + group.start + 1
-                                },
-                                end: {
-                                    line: locNode.loc.start.line,
-                                    column: locNode.loc.start.column + group.end + 1
-                                }
-                            },
                             data: {
                                 group: group.raw
                             }
diff --git a/tools/node_modules/eslint/lib/rules/prefer-numeric-literals.js b/tools/node_modules/eslint/lib/rules/prefer-numeric-literals.js
index ca7358aa013bda..b4113a3b327542 100644
--- a/tools/node_modules/eslint/lib/rules/prefer-numeric-literals.js
+++ b/tools/node_modules/eslint/lib/rules/prefer-numeric-literals.js
@@ -96,6 +96,10 @@ module.exports = {
                         fix(fixer) {
                             const newPrefix = prefixMap[node.arguments[1].value];
 
+                            if (sourceCode.getCommentsInside(node).length) {
+                                return null;
+                            }
+
                             if (+(newPrefix + node.arguments[0].value) !== parseInt(node.arguments[0].value, node.arguments[1].value)) {
 
                                 /*
diff --git a/tools/node_modules/eslint/lib/rules/use-isnan.js b/tools/node_modules/eslint/lib/rules/use-isnan.js
index 877c02754aecf1..b2eb84b7b37f60 100644
--- a/tools/node_modules/eslint/lib/rules/use-isnan.js
+++ b/tools/node_modules/eslint/lib/rules/use-isnan.js
@@ -5,6 +5,19 @@
 
 "use strict";
 
+//------------------------------------------------------------------------------
+// Helpers
+//------------------------------------------------------------------------------
+
+/**
+ * Determines if the given node is a NaN `Identifier` node.
+ * @param {ASTNode|null} node The node to check.
+ * @returns {boolean} `true` if the node is 'NaN' identifier.
+ */
+function isNaNIdentifier(node) {
+    return Boolean(node) && node.type === "Identifier" && node.name === "NaN";
+}
+
 //------------------------------------------------------------------------------
 // Rule Definition
 //------------------------------------------------------------------------------
@@ -20,21 +33,69 @@ module.exports = {
             url: "https://eslint.org/docs/rules/use-isnan"
         },
 
-        schema: [],
+        schema: [
+            {
+                type: "object",
+                properties: {
+                    enforceForSwitchCase: {
+                        type: "boolean",
+                        default: false
+                    }
+                },
+                additionalProperties: false
+            }
+        ],
+
         messages: {
-            useIsNaN: "Use the isNaN function to compare with NaN."
+            comparisonWithNaN: "Use the isNaN function to compare with NaN.",
+            switchNaN: "'switch(NaN)' can never match a case clause. Use Number.isNaN instead of the switch.",
+            caseNaN: "'case NaN' can never match. Use Number.isNaN before the switch."
         }
     },
 
     create(context) {
 
-        return {
-            BinaryExpression(node) {
-                if (/^(?:[<>]|[!=]=)=?$/u.test(node.operator) && (node.left.name === "NaN" || node.right.name === "NaN")) {
-                    context.report({ node, messageId: "useIsNaN" });
+        const enforceForSwitchCase = context.options[0] && context.options[0].enforceForSwitchCase;
+
+        /**
+         * Checks the given `BinaryExpression` node.
+         * @param {ASTNode} node The node to check.
+         * @returns {void}
+         */
+        function checkBinaryExpression(node) {
+            if (
+                /^(?:[<>]|[!=]=)=?$/u.test(node.operator) &&
+                (isNaNIdentifier(node.left) || isNaNIdentifier(node.right))
+            ) {
+                context.report({ node, messageId: "comparisonWithNaN" });
+            }
+        }
+
+        /**
+         * Checks the discriminant and all case clauses of the given `SwitchStatement` node.
+         * @param {ASTNode} node The node to check.
+         * @returns {void}
+         */
+        function checkSwitchStatement(node) {
+            if (isNaNIdentifier(node.discriminant)) {
+                context.report({ node, messageId: "switchNaN" });
+            }
+
+            for (const switchCase of node.cases) {
+                if (isNaNIdentifier(switchCase.test)) {
+                    context.report({ node: switchCase, messageId: "caseNaN" });
                 }
             }
+        }
+
+        const listeners = {
+            BinaryExpression: checkBinaryExpression
         };
 
+        if (enforceForSwitchCase) {
+            listeners.SwitchStatement = checkSwitchStatement;
+        }
+
+        return listeners;
     }
 };
diff --git a/tools/node_modules/eslint/lib/shared/logging.js b/tools/node_modules/eslint/lib/shared/logging.js
index 3eb898c34f8a88..6aa1f5a1e59c77 100644
--- a/tools/node_modules/eslint/lib/shared/logging.js
+++ b/tools/node_modules/eslint/lib/shared/logging.js
@@ -12,6 +12,7 @@ module.exports = {
 
     /**
      * Cover for console.log
+     * @param {...any} args The elements to log.
      * @returns {void}
      */
     info(...args) {
@@ -20,6 +21,7 @@ module.exports = {
 
     /**
      * Cover for console.error
+     * @param {...any} args The elements to log.
      * @returns {void}
      */
     error(...args) {
diff --git a/tools/node_modules/eslint/lib/shared/runtime-info.js b/tools/node_modules/eslint/lib/shared/runtime-info.js
new file mode 100644
index 00000000000000..169bbc58f13c16
--- /dev/null
+++ b/tools/node_modules/eslint/lib/shared/runtime-info.js
@@ -0,0 +1,163 @@
+/**
+ * @fileoverview Utility to get information about the execution environment.
+ * @author Kai Cataldo
+ */
+
+"use strict";
+
+//------------------------------------------------------------------------------
+// Requirements
+//------------------------------------------------------------------------------
+
+const path = require("path");
+const spawn = require("cross-spawn");
+const { isEmpty } = require("lodash");
+const log = require("../shared/logging");
+const packageJson = require("../../package.json");
+
+//------------------------------------------------------------------------------
+// Helpers
+//------------------------------------------------------------------------------
+
+/**
+ * Generates and returns execution environment information.
+ * @returns {string} A string that contains execution environment information.
+ */
+function environment() {
+    const cache = new Map();
+
+    /**
+     * Checks if a path is a child of a directory.
+     * @param {string} parentPath - The parent path to check.
+     * @param {string} childPath - The path to check.
+     * @returns {boolean} Whether or not the given path is a child of a directory.
+     */
+    function isChildOfDirectory(parentPath, childPath) {
+        return !path.relative(parentPath, childPath).startsWith("..");
+    }
+
+    /**
+     * Synchronously executes a shell command and formats the result.
+     * @param {string} cmd - The command to execute.
+     * @param {Array} args - The arguments to be executed with the command.
+     * @returns {string} The version returned by the command.
+     */
+    function execCommand(cmd, args) {
+        const key = [cmd, ...args].join(" ");
+
+        if (cache.has(key)) {
+            return cache.get(key);
+        }
+
+        const process = spawn.sync(cmd, args, { encoding: "utf8" });
+
+        if (process.error) {
+            throw process.error;
+        }
+
+        const result = process.stdout.trim();
+
+        cache.set(key, result);
+        return result;
+    }
+
+    /**
+     * Normalizes a version number.
+     * @param {string} versionStr - The string to normalize.
+     * @returns {string} The normalized version number.
+     */
+    function normalizeVersionStr(versionStr) {
+        return versionStr.startsWith("v") ? versionStr : `v${versionStr}`;
+    }
+
+    /**
+     * Gets bin version.
+     * @param {string} bin - The bin to check.
+     * @returns {string} The normalized version returned by the command.
+     */
+    function getBinVersion(bin) {
+        const binArgs = ["--version"];
+
+        try {
+            return normalizeVersionStr(execCommand(bin, binArgs));
+        } catch (e) {
+            log.error(`Error finding ${bin} version running the command \`${bin} ${binArgs.join(" ")}\``);
+            throw e;
+        }
+    }
+
+    /**
+     * Gets installed npm package version.
+     * @param {string} pkg - The package to check.
+     * @param {boolean} global - Whether to check globally or not.
+     * @returns {string} The normalized version returned by the command.
+     */
+    function getNpmPackageVersion(pkg, { global = false } = {}) {
+        const npmBinArgs = ["bin", "-g"];
+        const npmLsArgs = ["ls", "--depth=0", "--json", "eslint"];
+
+        if (global) {
+            npmLsArgs.push("-g");
+        }
+
+        try {
+            const parsedStdout = JSON.parse(execCommand("npm", npmLsArgs));
+
+            /*
+             * Checking globally returns an empty JSON object, while local checks
+             * include the name and version of the local project.
+             */
+            if (isEmpty(parsedStdout) || !(parsedStdout.dependencies && parsedStdout.dependencies.eslint)) {
+                return "Not found";
+            }
+
+            const [, processBinPath] = process.argv;
+            let npmBinPath;
+
+            try {
+                npmBinPath = execCommand("npm", npmBinArgs);
+            } catch (e) {
+                log.error(`Error finding npm binary path when running command \`npm ${npmBinArgs.join(" ")}\``);
+                throw e;
+            }
+
+            const isGlobal = isChildOfDirectory(npmBinPath, processBinPath);
+            let pkgVersion = parsedStdout.dependencies.eslint.version;
+
+            if ((global && isGlobal) || (!global && !isGlobal)) {
+                pkgVersion += " (Currently used)";
+            }
+
+            return normalizeVersionStr(pkgVersion);
+        } catch (e) {
+            log.error(`Error finding ${pkg} version running the command \`npm ${npmLsArgs.join(" ")}\``);
+            throw e;
+        }
+    }
+
+    return [
+        "Environment Info:",
+        "",
+        `Node version: ${getBinVersion("node")}`,
+        `npm version: ${getBinVersion("npm")}`,
+        `Local ESLint version: ${getNpmPackageVersion("eslint", { global: false })}`,
+        `Global ESLint version: ${getNpmPackageVersion("eslint", { global: true })}`
+    ].join("\n");
+}
+
+/**
+ * Returns version of currently executing ESLint.
+ * @returns {string} The version from the currently executing ESLint's package.json.
+ */
+function version() {
+    return `v${packageJson.version}`;
+}
+
+//------------------------------------------------------------------------------
+// Public Interface
+//------------------------------------------------------------------------------
+
+module.exports = {
+    environment,
+    version
+};
diff --git a/tools/node_modules/eslint/lib/source-code/source-code.js b/tools/node_modules/eslint/lib/source-code/source-code.js
index 88a9c0a4e431c8..42e7b0c2f475e4 100644
--- a/tools/node_modules/eslint/lib/source-code/source-code.js
+++ b/tools/node_modules/eslint/lib/source-code/source-code.js
@@ -93,7 +93,6 @@ class SourceCode extends TokenStore {
      * @param {ScopeManager|null} textOrConfig.scopeManager - The scope of this source code.
      * @param {Object|null} textOrConfig.visitorKeys - The visitor keys to traverse AST.
      * @param {ASTNode} [astIfNoConfig] - The Program node of the AST representing the code. This AST should be created from the text that BOM was stripped.
-     * @constructor
      */
     constructor(textOrConfig, astIfNoConfig) {
         let text, ast, parserServices, scopeManager, visitorKeys;
@@ -206,9 +205,9 @@ class SourceCode extends TokenStore {
 
     /**
      * Gets the source code for the given node.
-     * @param {ASTNode=} node The AST node to get the text for.
-     * @param {int=} beforeCount The number of characters before the node to retrieve.
-     * @param {int=} afterCount The number of characters after the node to retrieve.
+     * @param {ASTNode} [node] The AST node to get the text for.
+     * @param {int} [beforeCount] The number of characters before the node to retrieve.
+     * @param {int} [afterCount] The number of characters after the node to retrieve.
      * @returns {string} The text representing the AST node.
      * @public
      */
diff --git a/tools/node_modules/eslint/node_modules/acorn/README.md b/tools/node_modules/eslint/node_modules/acorn/README.md
index 9b7c0badb1084d..585f2736fc05b5 100644
--- a/tools/node_modules/eslint/node_modules/acorn/README.md
+++ b/tools/node_modules/eslint/node_modules/acorn/README.md
@@ -52,9 +52,10 @@ Options can be provided by passing a second argument, which should be
 an object containing any of these fields:
 
 - **ecmaVersion**: Indicates the ECMAScript version to parse. Must be
-  either 3, 5, 6 (2015), 7 (2016), 8 (2017), 9 (2018) or 10 (2019, partial
-  support). This influences support for strict mode, the set of
-  reserved words, and support for new syntax features. Default is 10.
+  either 3, 5, 6 (2015), 7 (2016), 8 (2017), 9 (2018), 10 (2019) or 11
+  (2020, partial support). This influences support for strict mode,
+  the set of reserved words, and support for new syntax features.
+  Default is 10.
 
   **NOTE**: Only 'stage 4' (finalized) ECMAScript features are being
   implemented by Acorn. Other proposed new features can be implemented
diff --git a/tools/node_modules/eslint/node_modules/acorn/dist/acorn.js b/tools/node_modules/eslint/node_modules/acorn/dist/acorn.js
index e4d9e76eb7b5d5..c9209c0f6cbdc4 100644
--- a/tools/node_modules/eslint/node_modules/acorn/dist/acorn.js
+++ b/tools/node_modules/eslint/node_modules/acorn/dist/acorn.js
@@ -2173,7 +2173,7 @@
       //     super [ Expression ]
       //     super . IdentifierName
       // SuperCall:
-      //     super Arguments
+      //     super ( Arguments )
       if (this.type !== types.dot && this.type !== types.bracketL && this.type !== types.parenL)
         { this.unexpected(); }
       return this.finishNode(node, "Super")
@@ -2468,7 +2468,7 @@
     while (!this.eat(types.braceR)) {
       if (!first) {
         this.expect(types.comma);
-        if (this.afterTrailingComma(types.braceR)) { break }
+        if (this.options.ecmaVersion >= 5 && this.afterTrailingComma(types.braceR)) { break }
       } else { first = false; }
 
       var prop = this.parseProperty(isPattern, refDestructuringErrors);
@@ -4923,7 +4923,29 @@
 
   // Acorn is a tiny, fast JavaScript parser written in JavaScript.
 
-  var version = "7.0.0";
+  var version = "7.1.0";
+
+  Parser.acorn = {
+    Parser: Parser,
+    version: version,
+    defaultOptions: defaultOptions,
+    Position: Position,
+    SourceLocation: SourceLocation,
+    getLineInfo: getLineInfo,
+    Node: Node,
+    TokenType: TokenType,
+    tokTypes: types,
+    keywordTypes: keywords$1,
+    TokContext: TokContext,
+    tokContexts: types$1,
+    isIdentifierChar: isIdentifierChar,
+    isIdentifierStart: isIdentifierStart,
+    Token: Token,
+    isNewLine: isNewLine,
+    lineBreak: lineBreak,
+    lineBreakG: lineBreakG,
+    nonASCIIwhitespace: nonASCIIwhitespace
+  };
 
   // The main exported interface (under `self.acorn` when in the
   // browser) is a `parse` function that takes a code string and
diff --git a/tools/node_modules/eslint/node_modules/acorn/dist/acorn.mjs b/tools/node_modules/eslint/node_modules/acorn/dist/acorn.mjs
index 3e8e6f19fa4dcd..7e6aa1f70f6b57 100644
--- a/tools/node_modules/eslint/node_modules/acorn/dist/acorn.mjs
+++ b/tools/node_modules/eslint/node_modules/acorn/dist/acorn.mjs
@@ -2167,7 +2167,7 @@ pp$3.parseExprAtom = function(refDestructuringErrors) {
     //     super [ Expression ]
     //     super . IdentifierName
     // SuperCall:
-    //     super Arguments
+    //     super ( Arguments )
     if (this.type !== types.dot && this.type !== types.bracketL && this.type !== types.parenL)
       { this.unexpected(); }
     return this.finishNode(node, "Super")
@@ -2462,7 +2462,7 @@ pp$3.parseObj = function(isPattern, refDestructuringErrors) {
   while (!this.eat(types.braceR)) {
     if (!first) {
       this.expect(types.comma);
-      if (this.afterTrailingComma(types.braceR)) { break }
+      if (this.options.ecmaVersion >= 5 && this.afterTrailingComma(types.braceR)) { break }
     } else { first = false; }
 
     var prop = this.parseProperty(isPattern, refDestructuringErrors);
@@ -4917,7 +4917,29 @@ pp$9.readWord = function() {
 
 // Acorn is a tiny, fast JavaScript parser written in JavaScript.
 
-var version = "7.0.0";
+var version = "7.1.0";
+
+Parser.acorn = {
+  Parser: Parser,
+  version: version,
+  defaultOptions: defaultOptions,
+  Position: Position,
+  SourceLocation: SourceLocation,
+  getLineInfo: getLineInfo,
+  Node: Node,
+  TokenType: TokenType,
+  tokTypes: types,
+  keywordTypes: keywords$1,
+  TokContext: TokContext,
+  tokContexts: types$1,
+  isIdentifierChar: isIdentifierChar,
+  isIdentifierStart: isIdentifierStart,
+  Token: Token,
+  isNewLine: isNewLine,
+  lineBreak: lineBreak,
+  lineBreakG: lineBreakG,
+  nonASCIIwhitespace: nonASCIIwhitespace
+};
 
 // The main exported interface (under `self.acorn` when in the
 // browser) is a `parse` function that takes a code string and
diff --git a/tools/node_modules/eslint/node_modules/acorn/package.json b/tools/node_modules/eslint/node_modules/acorn/package.json
index 46baa1e126513a..9fe1c550ef91c1 100644
--- a/tools/node_modules/eslint/node_modules/acorn/package.json
+++ b/tools/node_modules/eslint/node_modules/acorn/package.json
@@ -39,5 +39,5 @@
   "scripts": {
     "prepare": "cd ..; npm run build:main && npm run build:bin"
   },
-  "version": "7.0.0"
+  "version": "7.1.0"
 }
\ No newline at end of file
diff --git a/tools/node_modules/eslint/node_modules/glob-parent/README.md b/tools/node_modules/eslint/node_modules/glob-parent/README.md
index c7fbe3202264a2..36a279384b14a8 100644
--- a/tools/node_modules/eslint/node_modules/glob-parent/README.md
+++ b/tools/node_modules/eslint/node_modules/glob-parent/README.md
@@ -36,10 +36,19 @@ globParent('path/foo'); // 'path' (see issue #3 for details)
 
 ## API
 
-### `globParent(maybeGlobString)`
+### `globParent(maybeGlobString, [options])`
 
 Takes a string and returns the part of the path before the glob begins. Be aware of Escaping rules and Limitations below.
 
+#### options
+
+```js
+{
+  // Disables the automatic conversion of slashes for Windows
+  flipBackslashes: true
+}
+```
+
 ## Escaping
 
 The following characters have special significance in glob patterns and must be escaped if you want them to be treated as regular path characters:
diff --git a/tools/node_modules/eslint/node_modules/glob-parent/index.js b/tools/node_modules/eslint/node_modules/glob-parent/index.js
index 900d3fbe3bd1af..2ded6ea7e63ba0 100644
--- a/tools/node_modules/eslint/node_modules/glob-parent/index.js
+++ b/tools/node_modules/eslint/node_modules/glob-parent/index.js
@@ -10,9 +10,16 @@ var enclosure = /[\{\[].*[\/]*.*[\}\]]$/;
 var globby = /(^|[^\\])([\{\[]|\([^\)]+$)/;
 var escaped = /\\([\*\?\|\[\]\(\)\{\}])/g;
 
-module.exports = function globParent(str) {
+/**
+ * @param {string} str
+ * @param {Object} opts
+ * @param {boolean} [opts.flipBackslashes=true]
+ */
+module.exports = function globParent(str, opts) {
+  var options = Object.assign({ flipBackslashes: true }, opts);
+
   // flip windows path separators
-  if (isWin32 && str.indexOf(slash) < 0) {
+  if (options.flipBackslashes && isWin32 && str.indexOf(slash) < 0) {
     str = str.replace(backslash, slash);
   }
 
diff --git a/tools/node_modules/eslint/node_modules/glob-parent/package.json b/tools/node_modules/eslint/node_modules/glob-parent/package.json
index f59d1f99f39cda..af850b522587b3 100644
--- a/tools/node_modules/eslint/node_modules/glob-parent/package.json
+++ b/tools/node_modules/eslint/node_modules/glob-parent/package.json
@@ -63,5 +63,5 @@
     "pretest": "npm run lint",
     "test": "nyc mocha --async-only"
   },
-  "version": "5.0.0"
+  "version": "5.1.0"
 }
\ No newline at end of file
diff --git a/tools/node_modules/eslint/package.json b/tools/node_modules/eslint/package.json
index 2fa34e93727013..b57c88bc36455b 100644
--- a/tools/node_modules/eslint/package.json
+++ b/tools/node_modules/eslint/package.json
@@ -17,7 +17,7 @@
     "cross-spawn": "^6.0.5",
     "debug": "^4.0.1",
     "doctrine": "^3.0.0",
-    "eslint-plugin-markdown": "1.0.0",
+    "eslint-plugin-markdown": "^1.0.0",
     "eslint-scope": "^5.0.0",
     "eslint-utils": "^1.4.2",
     "eslint-visitor-keys": "^1.1.0",
@@ -67,6 +67,7 @@
     "eslint-config-eslint": "file:packages/eslint-config-eslint",
     "eslint-plugin-eslint-plugin": "^2.0.1",
     "eslint-plugin-internal-rules": "file:tools/internal-rules",
+    "eslint-plugin-jsdoc": "^15.9.5",
     "eslint-plugin-node": "^9.0.0",
     "eslint-release": "^1.2.0",
     "eslump": "^2.0.0",
@@ -137,6 +138,7 @@
   },
   "scripts": {
     "docs": "node Makefile.js docs",
+    "fix": "node Makefile.js lint -- fix",
     "fuzz": "node Makefile.js fuzz",
     "generate-alpharelease": "node Makefile.js generatePrerelease -- alpha",
     "generate-betarelease": "node Makefile.js generatePrerelease -- beta",
@@ -149,5 +151,5 @@
     "test": "node Makefile.js test",
     "webpack": "node Makefile.js webpack"
   },
-  "version": "6.4.0"
+  "version": "6.5.1"
 }
\ No newline at end of file

From bf1727a3f3a09f6ae3189af61e75ade82cfa0b24 Mon Sep 17 00:00:00 2001
From: Robert Nagy <ronagy@icloud.com>
Date: Sat, 28 Sep 2019 09:48:33 +0200
Subject: [PATCH 28/65] test: add test for writable.write() argument types

PR-URL: https://github.com/nodejs/node/pull/29746
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
---
 .../test-stream-writable-invalid-chunk.js     | 35 +++++++++++++++++++
 1 file changed, 35 insertions(+)
 create mode 100644 test/parallel/test-stream-writable-invalid-chunk.js

diff --git a/test/parallel/test-stream-writable-invalid-chunk.js b/test/parallel/test-stream-writable-invalid-chunk.js
new file mode 100644
index 00000000000000..09ee5877c8d00c
--- /dev/null
+++ b/test/parallel/test-stream-writable-invalid-chunk.js
@@ -0,0 +1,35 @@
+'use strict';
+
+const common = require('../common');
+const stream = require('stream');
+
+function testWriteType(val, objectMode, code) {
+  const writable = new stream.Writable({
+    objectMode,
+    write: () => {}
+  });
+  if (!code) {
+    writable.on('error', common.mustNotCall());
+  } else {
+    writable.on('error', common.expectsError({
+      code: code,
+    }));
+  }
+  writable.write(val);
+}
+
+testWriteType([], false, 'ERR_INVALID_ARG_TYPE');
+testWriteType({}, false, 'ERR_INVALID_ARG_TYPE');
+testWriteType(0, false, 'ERR_INVALID_ARG_TYPE');
+testWriteType(true, false, 'ERR_INVALID_ARG_TYPE');
+testWriteType(0.0, false, 'ERR_INVALID_ARG_TYPE');
+testWriteType(undefined, false, 'ERR_INVALID_ARG_TYPE');
+testWriteType(null, false, 'ERR_STREAM_NULL_VALUES');
+
+testWriteType([], true);
+testWriteType({}, true);
+testWriteType(0, true);
+testWriteType(true, true);
+testWriteType(0.0, true);
+testWriteType(undefined, true);
+testWriteType(null, true, 'ERR_STREAM_NULL_VALUES');

From 87fb1c297adb2a8b2cd5e7441f9447329af1584f Mon Sep 17 00:00:00 2001
From: Ruben Bridgewater <ruben@bridgewater.de>
Date: Mon, 23 Sep 2019 17:22:10 +0200
Subject: [PATCH 29/65] errors: make sure all Node.js errors show their
 properties

This improves Node.js errors by always showing the attached properties
when inspecting such an error. This applies especially to SystemError.
It did often not show any properties but now all properties will be
visible.

This is done in a mainly backwards compatible way. Instead of using
prototype getters and setters, the property is now set directly on the
error.

PR-URL: https://github.com/nodejs/node/pull/29677
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
---
 lib/internal/errors.js                        | 139 +++++++++---------
 test/message/internal_assert.out              |   4 +-
 test/message/internal_assert_fail.out         |   4 +-
 .../parallel/test-dgram-socket-buffer-size.js |  23 ++-
 test/parallel/test-internal-errors.js         |  12 +-
 test/parallel/test-repl-top-level-await.js    |   6 +-
 6 files changed, 103 insertions(+), 85 deletions(-)

diff --git a/lib/internal/errors.js b/lib/internal/errors.js
index 6c7c94c484add3..99ccec9109a650 100644
--- a/lib/internal/errors.js
+++ b/lib/internal/errors.js
@@ -12,8 +12,6 @@
 
 const { Object, Math } = primordials;
 
-const kCode = Symbol('code');
-const kInfo = Symbol('info');
 const messages = new Map();
 const codes = {};
 
@@ -121,76 +119,86 @@ class SystemError extends Error {
       writable: true,
       configurable: true
     });
-    Object.defineProperty(this, kInfo, {
-      configurable: false,
-      enumerable: false,
-      value: context
-    });
-    Object.defineProperty(this, kCode, {
-      configurable: true,
-      enumerable: false,
-      value: key,
-      writable: true
-    });
     addCodeToName(this, 'SystemError', key);
-  }
 
-  get code() {
-    return this[kCode];
-  }
+    this.code = key;
 
-  set code(value) {
-    Object.defineProperty(this, 'code', {
-      configurable: true,
+    Object.defineProperty(this, 'info', {
+      value: context,
       enumerable: true,
-      value,
-      writable: true
+      configurable: true,
+      writable: false
     });
-  }
-
-  get info() {
-    return this[kInfo];
-  }
 
-  get errno() {
-    return this[kInfo].errno;
-  }
-
-  set errno(val) {
-    this[kInfo].errno = val;
-  }
-
-  get syscall() {
-    return this[kInfo].syscall;
-  }
-
-  set syscall(val) {
-    this[kInfo].syscall = val;
-  }
-
-  get path() {
-    return this[kInfo].path !== undefined ?
-      this[kInfo].path.toString() : undefined;
-  }
+    Object.defineProperty(this, 'errno', {
+      get() {
+        return context.errno;
+      },
+      set: (value) => {
+        context.errno = value;
+      },
+      enumerable: true,
+      configurable: true
+    });
 
-  set path(val) {
-    this[kInfo].path = val ?
-      lazyBuffer().from(val.toString()) : undefined;
-  }
+    Object.defineProperty(this, 'syscall', {
+      get() {
+        return context.syscall;
+      },
+      set: (value) => {
+        context.syscall = value;
+      },
+      enumerable: true,
+      configurable: true
+    });
 
-  get dest() {
-    return this[kInfo].path !== undefined ?
-      this[kInfo].dest.toString() : undefined;
-  }
+    if (context.path !== undefined) {
+      // TODO(BridgeAR): Investigate why and when the `.toString()` was
+      // introduced. The `path` and `dest` properties in the context seem to
+      // always be of type string. We should probably just remove the
+      // `.toString()` and `Buffer.from()` operations and set the value on the
+      // context as the user did.
+      Object.defineProperty(this, 'path', {
+        get() {
+          return context.path != null ?
+            context.path.toString() : context.path;
+        },
+        set: (value) => {
+          context.path = value ?
+            lazyBuffer().from(value.toString()) : undefined;
+        },
+        enumerable: true,
+        configurable: true
+      });
+    }
 
-  set dest(val) {
-    this[kInfo].dest = val ?
-      lazyBuffer().from(val.toString()) : undefined;
+    if (context.dest !== undefined) {
+      Object.defineProperty(this, 'dest', {
+        get() {
+          return context.dest != null ?
+            context.dest.toString() : context.dest;
+        },
+        set: (value) => {
+          context.dest = value ?
+            lazyBuffer().from(value.toString()) : undefined;
+        },
+        enumerable: true,
+        configurable: true
+      });
+    }
   }
 
   toString() {
     return `${this.name} [${this.code}]: ${this.message}`;
   }
+
+  [Symbol.for('nodejs.util.inspect.custom')](recurseTimes, ctx) {
+    return lazyInternalUtilInspect().inspect(this, {
+      ...ctx,
+      getters: true,
+      customInspect: false
+    });
+  }
 }
 
 function makeSystemErrorWithCode(key) {
@@ -221,19 +229,7 @@ function makeNodeErrorWithCode(Base, key) {
         configurable: true
       });
       addCodeToName(this, super.name, key);
-    }
-
-    get code() {
-      return key;
-    }
-
-    set code(value) {
-      Object.defineProperty(this, 'code', {
-        configurable: true,
-        enumerable: true,
-        value,
-        writable: true
-      });
+      this.code = key;
     }
 
     toString() {
@@ -394,7 +390,6 @@ function uvException(ctx) {
     err[prop] = ctx[prop];
   }
 
-  // TODO(BridgeAR): Show the `code` property as part of the stack.
   err.code = code;
   if (path) {
     err.path = path;
diff --git a/test/message/internal_assert.out b/test/message/internal_assert.out
index ae8de3e1a0dff5..cf09fdcb605269 100644
--- a/test/message/internal_assert.out
+++ b/test/message/internal_assert.out
@@ -12,4 +12,6 @@ Please open an issue with this stack trace at https://github.com/nodejs/node/iss
     at *
     at *
     at *
-    at *
+    at * {
+  code: 'ERR_INTERNAL_ASSERTION'
+}
diff --git a/test/message/internal_assert_fail.out b/test/message/internal_assert_fail.out
index 70f49ad33aa26d..11b532b7b2af3c 100644
--- a/test/message/internal_assert_fail.out
+++ b/test/message/internal_assert_fail.out
@@ -13,4 +13,6 @@ Please open an issue with this stack trace at https://github.com/nodejs/node/iss
     at *
     at *
     at *
-    at *
+    at * {
+  code: 'ERR_INTERNAL_ASSERTION'
+}
diff --git a/test/parallel/test-dgram-socket-buffer-size.js b/test/parallel/test-dgram-socket-buffer-size.js
index c2936ba8fd91b0..d3317e85c3d1b6 100644
--- a/test/parallel/test-dgram-socket-buffer-size.js
+++ b/test/parallel/test-dgram-socket-buffer-size.js
@@ -4,6 +4,7 @@
 const common = require('../common');
 const assert = require('assert');
 const dgram = require('dgram');
+const { inspect } = require('util');
 const { SystemError } = require('internal/errors');
 const { internalBinding } = require('internal/test/binding');
 const {
@@ -22,7 +23,7 @@ function getExpectedError(type) {
     'ENOTSOCK (socket operation on non-socket)' : 'EBADF (bad file descriptor)';
   const error = {
     code: 'ERR_SOCKET_BUFFER_SIZE',
-    type: SystemError,
+    name: 'SystemError',
     message: `Could not get or set buffer size: ${syscall} returned ${suffix}`,
     info: {
       code,
@@ -40,9 +41,25 @@ function getExpectedError(type) {
 
   const socket = dgram.createSocket('udp4');
 
-  common.expectsError(() => {
+  assert.throws(() => {
     socket.setSendBufferSize(8192);
-  }, errorObj);
+  }, (err) => {
+    assert.strictEqual(
+      inspect(err).replace(/^ +at .*\n/gm, ''),
+      `SystemError [ERR_SOCKET_BUFFER_SIZE]: ${errorObj.message}\n` +
+        "  code: 'ERR_SOCKET_BUFFER_SIZE',\n" +
+        '  info: {\n' +
+        `    errno: ${errorObj.info.errno},\n` +
+        `    code: '${errorObj.info.code}',\n` +
+        `    message: '${errorObj.info.message}',\n` +
+        `    syscall: '${errorObj.info.syscall}'\n` +
+        '  },\n' +
+        `  errno: [Getter/Setter: ${errorObj.info.errno}],\n` +
+        `  syscall: [Getter/Setter: '${errorObj.info.syscall}']\n` +
+        '}'
+    );
+    return true;
+  });
 
   common.expectsError(() => {
     socket.getSendBufferSize();
diff --git a/test/parallel/test-internal-errors.js b/test/parallel/test-internal-errors.js
index 10d79cb8fafef2..a34218fd1dd688 100644
--- a/test/parallel/test-internal-errors.js
+++ b/test/parallel/test-internal-errors.js
@@ -82,9 +82,9 @@ common.expectsError(() => {
 {
   const myError = new errors.codes.TEST_ERROR_1('foo');
   assert.strictEqual(myError.code, 'TEST_ERROR_1');
-  assert.strictEqual(myError.hasOwnProperty('code'), false);
+  assert.strictEqual(myError.hasOwnProperty('code'), true);
   assert.strictEqual(myError.hasOwnProperty('name'), false);
-  assert.deepStrictEqual(Object.keys(myError), []);
+  assert.deepStrictEqual(Object.keys(myError), ['code']);
   const initialName = myError.name;
   myError.code = 'FHQWHGADS';
   assert.strictEqual(myError.code, 'FHQWHGADS');
@@ -99,11 +99,11 @@ common.expectsError(() => {
 // browser. Note that `name` becomes enumerable after being assigned.
 {
   const myError = new errors.codes.TEST_ERROR_1('foo');
-  assert.deepStrictEqual(Object.keys(myError), []);
+  assert.deepStrictEqual(Object.keys(myError), ['code']);
   const initialToString = myError.toString();
 
   myError.name = 'Fhqwhgads';
-  assert.deepStrictEqual(Object.keys(myError), ['name']);
+  assert.deepStrictEqual(Object.keys(myError), ['code', 'name']);
   assert.notStrictEqual(myError.toString(), initialToString);
 }
 
@@ -114,7 +114,7 @@ common.expectsError(() => {
   let initialConsoleLog = '';
   hijackStdout((data) => { initialConsoleLog += data; });
   const myError = new errors.codes.TEST_ERROR_1('foo');
-  assert.deepStrictEqual(Object.keys(myError), []);
+  assert.deepStrictEqual(Object.keys(myError), ['code']);
   const initialToString = myError.toString();
   console.log(myError);
   assert.notStrictEqual(initialConsoleLog, '');
@@ -124,7 +124,7 @@ common.expectsError(() => {
   let subsequentConsoleLog = '';
   hijackStdout((data) => { subsequentConsoleLog += data; });
   myError.message = 'Fhqwhgads';
-  assert.deepStrictEqual(Object.keys(myError), []);
+  assert.deepStrictEqual(Object.keys(myError), ['code']);
   assert.notStrictEqual(myError.toString(), initialToString);
   console.log(myError);
   assert.strictEqual(subsequentConsoleLog, initialConsoleLog);
diff --git a/test/parallel/test-repl-top-level-await.js b/test/parallel/test-repl-top-level-await.js
index f72a5daa01581f..f629d3f1d0d428 100644
--- a/test/parallel/test-repl-top-level-await.js
+++ b/test/parallel/test-repl-top-level-await.js
@@ -161,8 +161,10 @@ async function ctrlCTest() {
   ]), [
     'await timeout(100000)\r',
     'Thrown:',
-    'Error [ERR_SCRIPT_EXECUTION_INTERRUPTED]: ' +
-      'Script execution was interrupted by `SIGINT`',
+    '[Error [ERR_SCRIPT_EXECUTION_INTERRUPTED]: ' +
+      'Script execution was interrupted by `SIGINT`] {',
+    "  code: 'ERR_SCRIPT_EXECUTION_INTERRUPTED'",
+    '}',
     PROMPT
   ]);
 }

From ab4c53e0ef6704b6c526bb8ee0cdc9e5aa896c92 Mon Sep 17 00:00:00 2001
From: Anna Henningsen <anna@addaleax.net>
Date: Tue, 1 Oct 2019 13:59:25 +0200
Subject: [PATCH 30/65] crypto: remove arbitrary UTF16 restriction
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Since 71f633a32f1f5617, this is no longer necessary.

Refs: https://github.com/nodejs/node/pull/22622
Fixes: https://github.com/nodejs/node/issues/29793

PR-URL: https://github.com/nodejs/node/pull/29795
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: David Carlier <devnexen@gmail.com>
---
 doc/api/errors.md                 | 20 ++++++++++++--------
 lib/internal/crypto/hash.js       | 11 ++++-------
 lib/internal/errors.js            |  2 --
 src/node_crypto.cc                |  1 -
 test/parallel/test-crypto-hash.js | 10 +++-------
 test/parallel/test-crypto-hmac.js |  9 +++------
 6 files changed, 22 insertions(+), 31 deletions(-)

diff --git a/doc/api/errors.md b/doc/api/errors.md
index f479d06f1456fb..2ba78a95cf2550 100644
--- a/doc/api/errors.md
+++ b/doc/api/errors.md
@@ -763,14 +763,6 @@ to enable or disable FIPS mode in the `crypto` module.
 An attempt was made to enable or disable FIPS mode, but FIPS mode was not
 available.
 
-<a id="ERR_CRYPTO_HASH_DIGEST_NO_UTF16"></a>
-### ERR_CRYPTO_HASH_DIGEST_NO_UTF16
-
-The UTF-16 encoding was used with [`hash.digest()`][]. While the
-`hash.digest()` method does allow an `encoding` argument to be passed in,
-causing the method to return a string rather than a `Buffer`, the UTF-16
-encoding (e.g. `ucs` or `utf16le`) is not supported.
-
 <a id="ERR_CRYPTO_HASH_FINALIZED"></a>
 ### ERR_CRYPTO_HASH_FINALIZED
 
@@ -2070,6 +2062,18 @@ removed: v11.12.0
 There was an attempt to use a `MessagePort` instance in a closed
 state, usually after `.close()` has been called.
 
+<a id="ERR_CRYPTO_HASH_DIGEST_NO_UTF16"></a>
+### ERR_CRYPTO_HASH_DIGEST_NO_UTF16
+<!-- YAML
+added: v9.0.0
+removed: REPLACEME
+-->
+
+The UTF-16 encoding was used with [`hash.digest()`][]. While the
+`hash.digest()` method does allow an `encoding` argument to be passed in,
+causing the method to return a string rather than a `Buffer`, the UTF-16
+encoding (e.g. `ucs` or `utf16le`) is not supported.
+
 <a id="ERR_HTTP2_FRAME_ERROR"></a>
 ### ERR_HTTP2_FRAME_ERROR
 <!-- YAML
diff --git a/lib/internal/crypto/hash.js b/lib/internal/crypto/hash.js
index 38b125e5f22c2d..3812ecfe68e609 100644
--- a/lib/internal/crypto/hash.js
+++ b/lib/internal/crypto/hash.js
@@ -20,13 +20,14 @@ const {
 const { Buffer } = require('buffer');
 
 const {
-  ERR_CRYPTO_HASH_DIGEST_NO_UTF16,
   ERR_CRYPTO_HASH_FINALIZED,
   ERR_CRYPTO_HASH_UPDATE_FAILED,
   ERR_INVALID_ARG_TYPE
 } = require('internal/errors').codes;
-const { validateString, validateUint32 } = require('internal/validators');
-const { normalizeEncoding } = require('internal/util');
+const {
+  validateString,
+  validateUint32
+} = require('internal/validators');
 const { isArrayBufferView } = require('internal/util/types');
 const LazyTransform = require('internal/streams/lazy_transform');
 const kState = Symbol('kState');
@@ -85,8 +86,6 @@ Hash.prototype.digest = function digest(outputEncoding) {
   if (state[kFinalized])
     throw new ERR_CRYPTO_HASH_FINALIZED();
   outputEncoding = outputEncoding || getDefaultEncoding();
-  if (normalizeEncoding(outputEncoding) === 'utf16le')
-    throw new ERR_CRYPTO_HASH_DIGEST_NO_UTF16();
 
   // Explicit conversion for backward compatibility.
   const ret = this[kHandle].digest(`${outputEncoding}`);
@@ -116,8 +115,6 @@ Hmac.prototype.update = Hash.prototype.update;
 Hmac.prototype.digest = function digest(outputEncoding) {
   const state = this[kState];
   outputEncoding = outputEncoding || getDefaultEncoding();
-  if (normalizeEncoding(outputEncoding) === 'utf16le')
-    throw new ERR_CRYPTO_HASH_DIGEST_NO_UTF16();
 
   if (state[kFinalized]) {
     const buf = Buffer.from('');
diff --git a/lib/internal/errors.js b/lib/internal/errors.js
index 99ccec9109a650..daf6831be05f71 100644
--- a/lib/internal/errors.js
+++ b/lib/internal/errors.js
@@ -744,8 +744,6 @@ E('ERR_CRYPTO_FIPS_FORCED',
   'Cannot set FIPS mode, it was forced with --force-fips at startup.', Error);
 E('ERR_CRYPTO_FIPS_UNAVAILABLE', 'Cannot set FIPS mode in a non-FIPS build.',
   Error);
-E('ERR_CRYPTO_HASH_DIGEST_NO_UTF16', 'hash.digest() does not support UTF-16',
-  Error);
 E('ERR_CRYPTO_HASH_FINALIZED', 'Digest already called', Error);
 E('ERR_CRYPTO_HASH_UPDATE_FAILED', 'Hash update failed', Error);
 E('ERR_CRYPTO_INCOMPATIBLE_KEY_OPTIONS', 'The selected key encoding %s %s.',
diff --git a/src/node_crypto.cc b/src/node_crypto.cc
index a666b0225ac625..2d539094a0589e 100644
--- a/src/node_crypto.cc
+++ b/src/node_crypto.cc
@@ -4676,7 +4676,6 @@ void Hmac::HmacDigest(const FunctionCallbackInfo<Value>& args) {
   if (args.Length() >= 1) {
     encoding = ParseEncoding(env->isolate(), args[0], BUFFER);
   }
-  CHECK_NE(encoding, UCS2);  // Digest does not support UTF-16
 
   unsigned char md_value[EVP_MAX_MD_SIZE];
   unsigned int md_len = 0;
diff --git a/test/parallel/test-crypto-hash.js b/test/parallel/test-crypto-hash.js
index 4d3214adb2db0b..7f752f898a2898 100644
--- a/test/parallel/test-crypto-hash.js
+++ b/test/parallel/test-crypto-hash.js
@@ -161,13 +161,9 @@ common.expectsError(
     type: Error
   });
 
-common.expectsError(
-  () => crypto.createHash('sha256').digest('ucs2'),
-  {
-    code: 'ERR_CRYPTO_HASH_DIGEST_NO_UTF16',
-    type: Error
-  }
-);
+assert.strictEqual(
+  crypto.createHash('sha256').update('test').digest('ucs2'),
+  crypto.createHash('sha256').update('test').digest().toString('ucs2'));
 
 common.expectsError(
   () => crypto.createHash(),
diff --git a/test/parallel/test-crypto-hmac.js b/test/parallel/test-crypto-hmac.js
index 21ff3b0b040506..2601994ab1a433 100644
--- a/test/parallel/test-crypto-hmac.js
+++ b/test/parallel/test-crypto-hmac.js
@@ -408,12 +408,9 @@ const rfc2202_sha1 = [
 for (const { key, data, hmac } of rfc2202_sha1)
   testHmac('sha1', key, data, hmac);
 
-common.expectsError(
-  () => crypto.createHmac('sha256', 'w00t').digest('ucs2'),
-  {
-    code: 'ERR_CRYPTO_HASH_DIGEST_NO_UTF16',
-    type: Error
-  });
+assert.strictEqual(
+  crypto.createHmac('sha256', 'w00t').digest('ucs2'),
+  crypto.createHmac('sha256', 'w00t').digest().toString('ucs2'));
 
 // Check initialized -> uninitialized state transition after calling digest().
 {

From 320f649539d786814352f49859334df71aa8f9d6 Mon Sep 17 00:00:00 2001
From: Robert Nagy <ronagy@icloud.com>
Date: Tue, 1 Oct 2019 20:44:02 +0200
Subject: [PATCH 31/65] stream: add comment about undocumented API

PR-URL: https://github.com/nodejs/node/pull/29805
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Minwoo Jung <minwoo@nodesource.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Masashi Hirano <shisama07@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
---
 lib/internal/streams/destroy.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/internal/streams/destroy.js b/lib/internal/streams/destroy.js
index 200c75459ad56d..e59a61de1feef5 100644
--- a/lib/internal/streams/destroy.js
+++ b/lib/internal/streams/destroy.js
@@ -1,6 +1,7 @@
 'use strict';
 
-// Undocumented cb() API, needed for core, not for public API
+// Undocumented cb() API, needed for core, not for public API.
+// The cb() will be invoked synchronously if _destroy is synchronous.
 function destroy(err, cb) {
   const readableDestroyed = this._readableState &&
     this._readableState.destroyed;

From aea02536974a5708ade24dcb20d7c33f7f5ee276 Mon Sep 17 00:00:00 2001
From: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
Date: Tue, 1 Oct 2019 18:57:09 +0300
Subject: [PATCH 32/65] doc: unify place of stability notes

In most cases, stability note is the first info in a doc section
after YAML. This PR makes it consistent across all docs,
as this info seems the most relevant for a reader.

PR-URL: https://github.com/nodejs/node/pull/29799
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: David Carlier <devnexen@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
---
 doc/api/assert.md  | 6 +++---
 doc/api/events.md  | 4 ++--
 doc/api/modules.md | 4 ++--
 doc/api/repl.md    | 4 ++--
 doc/api/util.md    | 4 ++--
 5 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/doc/api/assert.md b/doc/api/assert.md
index 09d2aa46c26c96..2c74b6809e1a45 100644
--- a/doc/api/assert.md
+++ b/doc/api/assert.md
@@ -623,15 +623,15 @@ changes:
                  deprecated and emits a warning.
 -->
 
+> Stability: 0 - Deprecated: Use `assert.fail([message])` or other assert
+> functions instead.
+
 * `actual` {any}
 * `expected` {any}
 * `message` {string|Error}
 * `operator` {string} **Default:** `'!='`
 * `stackStartFn` {Function} **Default:** `assert.fail`
 
-> Stability: 0 - Deprecated: Use `assert.fail([message])` or other assert
-> functions instead.
-
 If `message` is falsy, the error message is set as the values of `actual` and
 `expected` separated by the provided `operator`. If just the two `actual` and
 `expected` arguments are provided, `operator` will default to `'!='`. If
diff --git a/doc/api/events.md b/doc/api/events.md
index 9b22d33e12caa0..608d7d09e04cf0 100644
--- a/doc/api/events.md
+++ b/doc/api/events.md
@@ -229,11 +229,11 @@ added: v0.9.12
 deprecated: v4.0.0
 -->
 
+> Stability: 0 - Deprecated: Use [`emitter.listenerCount()`][] instead.
+
 * `emitter` {EventEmitter} The emitter to query
 * `eventName` {string|symbol} The event name
 
-> Stability: 0 - Deprecated: Use [`emitter.listenerCount()`][] instead.
-
 A class method that returns the number of listeners for the given `eventName`
 registered on the given `emitter`.
 
diff --git a/doc/api/modules.md b/doc/api/modules.md
index 6225f41cad8365..32490cf47f1792 100644
--- a/doc/api/modules.md
+++ b/doc/api/modules.md
@@ -970,12 +970,12 @@ added: v10.12.0
 deprecated: v12.2.0
 -->
 
+> Stability: 0 - Deprecated: Please use [`createRequire()`][] instead.
+
 * `filename` {string} Filename to be used to construct the relative require
   function.
 * Returns: {require} Require function
 
-> Stability: 0 - Deprecated: Please use [`createRequire()`][] instead.
-
 ```js
 const { createRequireFromPath } = require('module');
 const requireUtil = createRequireFromPath('../src/utils/');
diff --git a/doc/api/repl.md b/doc/api/repl.md
index 573fbb6af422a6..d4a207dc493373 100644
--- a/doc/api/repl.md
+++ b/doc/api/repl.md
@@ -482,12 +482,12 @@ added: v0.8.9
 deprecated: v9.0.0
 -->
 
+> Stability: 0 - Deprecated.
+
 * `keyword` {string} the potential keyword to parse and execute
 * `rest` {any} any parameters to the keyword command
 * Returns: {boolean}
 
-> Stability: 0 - Deprecated.
-
 An internal method used to parse and execute `REPLServer` keywords.
 Returns `true` if `keyword` is a valid keyword, otherwise `false`.
 
diff --git a/doc/api/util.md b/doc/api/util.md
index f00cf9e58c3010..d158fbd1a832d7 100644
--- a/doc/api/util.md
+++ b/doc/api/util.md
@@ -1766,11 +1766,11 @@ added: v0.7.5
 deprecated: v6.0.0
 -->
 
+> Stability: 0 - Deprecated: Use [`Object.assign()`] instead.
+
 * `target` {Object}
 * `source` {Object}
 
-> Stability: 0 - Deprecated: Use [`Object.assign()`] instead.
-
 The `util._extend()` method was never intended to be used outside of internal
 Node.js modules. The community found and used it anyway.
 

From 20896f74d615a23ba11787f36355d96470ba098b Mon Sep 17 00:00:00 2001
From: legendecas <legendecas@gmail.com>
Date: Tue, 1 Oct 2019 21:36:56 +0800
Subject: [PATCH 33/65] n-api,doc: clarify napi_finalize related APIs

All these APIs have napi_finalize parameter but they don't behave
exactly the same.

Fixes: https://github.com/nodejs/node/issues/29750

PR-URL: https://github.com/nodejs/node/pull/29797
Reviewed-By: Gabriel Schulhof <gabriel.schulhof@intel.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
---
 doc/api/n-api.md | 32 ++++++++++++++++++++++++++++----
 1 file changed, 28 insertions(+), 4 deletions(-)

diff --git a/doc/api/n-api.md b/doc/api/n-api.md
index 6ae0f44643c3b1..ec9af50ee15284 100644
--- a/doc/api/n-api.md
+++ b/doc/api/n-api.md
@@ -1809,9 +1809,15 @@ Returns `napi_ok` if the API succeeded.
 
 This API allocates a JavaScript value with external data attached to it. This
 is used to pass external data through JavaScript code, so it can be retrieved
-later by native code. The API allows the caller to pass in a finalize callback,
-in case the underlying native resource needs to be cleaned up when the external
-JavaScript value gets collected.
+later by native code using [`napi_get_value_external`].
+
+The API adds a `napi_finalize` callback which will be called when the JavaScript
+object just created is ready for garbage collection. It is similar to
+`napi_wrap()` except that:
+
+* the native data cannot be retrieved later using `napi_unwrap()`,
+* nor can it be removed later using `napi_remove_wrap()`, and
+* the object created by the API can be used with `napi_wrap()`.
 
 The created value is not an object, and therefore does not support additional
 properties. It is considered a distinct value type: calling `napi_typeof()` with
@@ -1850,6 +1856,14 @@ The underlying byte buffer of the `ArrayBuffer` is externally allocated and
 managed. The caller must ensure that the byte buffer remains valid until the
 finalize callback is called.
 
+The API adds a `napi_finalize` callback which will be called when the JavaScript
+object just created is ready for garbage collection. It is similar to
+`napi_wrap()` except that:
+
+* the native data cannot be retrieved later using `napi_unwrap()`,
+* nor can it be removed later using `napi_remove_wrap()`, and
+* the object created by the API can be used with `napi_wrap()`.
+
 JavaScript `ArrayBuffer`s are described in
 [Section 24.1][] of the ECMAScript Language Specification.
 
@@ -1884,6 +1898,14 @@ This API allocates a `node::Buffer` object and initializes it with data
 backed by the passed in buffer. While this is still a fully-supported data
 structure, in most cases using a `TypedArray` will suffice.
 
+The API adds a `napi_finalize` callback which will be called when the JavaScript
+object just created is ready for garbage collection. It is similar to
+`napi_wrap()` except that:
+
+* the native data cannot be retrieved later using `napi_unwrap()`,
+* nor can it be removed later using `napi_remove_wrap()`, and
+* the object created by the API can be used with `napi_wrap()`.
+
 For Node.js >=4 `Buffers` are `Uint8Array`s.
 
 #### napi_create_object
@@ -4228,7 +4250,8 @@ in `js_object` is ready for garbage collection. This API is similar to
 * the native data cannot be retrieved later using `napi_unwrap()`,
 * nor can it be removed later using `napi_remove_wrap()`, and
 * the API can be called multiple times with different data items in order to
-  attach each of them to the JavaScript object.
+  attach each of them to the JavaScript object, and
+* the object manipulated by the API can be used with `napi_wrap()`.
 
 *Caution*: The optional returned reference (if obtained) should be deleted via
 [`napi_delete_reference`][] ONLY in response to the finalize callback
@@ -5164,6 +5187,7 @@ This API may only be called from the main thread.
 [`napi_get_last_error_info`]: #n_api_napi_get_last_error_info
 [`napi_get_property`]: #n_api_napi_get_property
 [`napi_get_reference_value`]: #n_api_napi_get_reference_value
+[`napi_get_value_external`]: #n_api_napi_get_value_external
 [`napi_has_own_property`]: #n_api_napi_has_own_property
 [`napi_has_property`]: #n_api_napi_has_property
 [`napi_is_error`]: #n_api_napi_is_error

From 65c475269edc38e310e814947cf913989d268665 Mon Sep 17 00:00:00 2001
From: Robert Nagy <ronagy@icloud.com>
Date: Tue, 1 Oct 2019 20:21:22 +0200
Subject: [PATCH 34/65] net: emit close on unconnected socket

Socket should always emit 'close'. Regardless
whether it has been connected or not.

PR-URL: https://github.com/nodejs/node/pull/29803
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Minwoo Jung <minwoo@nodesource.com>
---
 lib/net.js                                | 6 ++++--
 test/parallel/test-net-connect-destroy.js | 7 +++++++
 2 files changed, 11 insertions(+), 2 deletions(-)
 create mode 100644 test/parallel/test-net-connect-destroy.js

diff --git a/lib/net.js b/lib/net.js
index 760bf084f4d324..baaf2180d1b463 100644
--- a/lib/net.js
+++ b/lib/net.js
@@ -660,10 +660,12 @@ Socket.prototype._destroy = function(exception, cb) {
     this._handle.onread = noop;
     this._handle = null;
     this._sockname = null;
+    cb(exception);
+  } else {
+    cb(exception);
+    process.nextTick(emitCloseNT, this);
   }
 
-  cb(exception);
-
   if (this._server) {
     debug('has server');
     this._server._connections--;
diff --git a/test/parallel/test-net-connect-destroy.js b/test/parallel/test-net-connect-destroy.js
new file mode 100644
index 00000000000000..73fdb988f9ca83
--- /dev/null
+++ b/test/parallel/test-net-connect-destroy.js
@@ -0,0 +1,7 @@
+'use strict';
+const common = require('../common');
+const net = require('net');
+
+const socket = new net.Socket();
+socket.on('close', common.mustCall());
+socket.destroy();

From d09f2b4170a20e3a7cd8d83d97143257786577f2 Mon Sep 17 00:00:00 2001
From: Richard Lau <riclau@uk.ibm.com>
Date: Mon, 30 Sep 2019 13:14:18 -0400
Subject: [PATCH 35/65] build: build docs on Travis

PR-URL: https://github.com/nodejs/node/pull/29783
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
---
 .travis.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index e3cf371831765a..93456573438b1c 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -74,14 +74,14 @@ jobs:
         - make -j1 V=1 test/addons/.buildstamp test/js-native-api/.buildstamp test/node-api/.buildstamp
         - python tools/test.py -j 2 -p dots --report --mode=release --flaky-tests=dontcare addons js-native-api node-api
 
-    - name: "Linter"
+    - name: "Run Linter and Build Docs"
       language: node_js
       node_js: "node"
       install:
         - pyenv global ${PYTHON_VERSION}
         - make lint-py-build || true
       script:
-        - NODE=$(which node) make lint lint-py
+        - NODE=$(which node) make lint-py doc-only lint
 
     - name: "First commit message adheres to guidelines at <a href=\"https://goo.gl/p2fr5Q\">https://goo.gl/p2fr5Q</a>"
       if: type = pull_request

From a00cd17b9e517784130ab1244bdca6058def5393 Mon Sep 17 00:00:00 2001
From: legendecas <legendecas@gmail.com>
Date: Tue, 1 Oct 2019 14:19:26 +0800
Subject: [PATCH 36/65] doc: reuse link indexes for n-api.md

PR-URL: https://github.com/nodejs/node/pull/29787
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Gabriel Schulhof <gabriel.schulhof@intel.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
---
 doc/api/n-api.md | 98 ++++++++++++++++++++++--------------------------
 1 file changed, 45 insertions(+), 53 deletions(-)

diff --git a/doc/api/n-api.md b/doc/api/n-api.md
index ec9af50ee15284..1aa05b9bc8bf2c 100644
--- a/doc/api/n-api.md
+++ b/doc/api/n-api.md
@@ -37,8 +37,7 @@ properties:
 The N-API is a C API that ensures ABI stability across Node.js versions
 and different compiler levels. A C++ API can be easier to use.
 To support using C++, the project maintains a
-C++ wrapper module called
-[node-addon-api](https://github.com/nodejs/node-addon-api).
+C++ wrapper module called [node-addon-api][].
 This wrapper provides an inlineable C++ API. Binaries built
 with `node-addon-api` will depend on the symbols for the N-API C-based
 functions exported by Node.js. `node-addon-api` is a more
@@ -1557,8 +1556,7 @@ API.
 
 ## Working with JavaScript Values
 N-API exposes a set of APIs to create all types of JavaScript values.
-Some of these types are documented under
-[Section 6](https://tc39.github.io/ecma262/#sec-ecmascript-data-types-and-values)
+Some of these types are documented under [Section 6][]
 of the [ECMAScript Language Specification][].
 
 Fundamentally, these APIs are used to do one of the following:
@@ -1594,9 +1592,7 @@ typedef enum {
 ```
 
 Describes the type of a `napi_value`. This generally corresponds to the types
-described in
-[Section 6.1](https://tc39.github.io/ecma262/#sec-ecmascript-language-types) of
-the ECMAScript Language Specification.
+described in [Section 6.1][] of the ECMAScript Language Specification.
 In addition to types in that section, `napi_valuetype` can also represent
 `Function`s and `Object`s with external data.
 
@@ -1926,8 +1922,7 @@ Returns `napi_ok` if the API succeeded.
 This API allocates a default JavaScript `Object`.
 It is the equivalent of doing `new Object()` in JavaScript.
 
-The JavaScript `Object` type is described in
-[Section 6.1.7](https://tc39.github.io/ecma262/#sec-object-type) of the
+The JavaScript `Object` type is described in [Section 6.1.7][] of the
 ECMAScript Language Specification.
 
 #### napi_create_symbol
@@ -1951,8 +1946,7 @@ Returns `napi_ok` if the API succeeded.
 
 This API creates a JavaScript `Symbol` object from a UTF8-encoded C string.
 
-The JavaScript `Symbol` type is described in
-[Section 19.4](https://tc39.github.io/ecma262/#sec-symbol-objects)
+The JavaScript `Symbol` type is described in [Section 19.4][]
 of the ECMAScript Language Specification.
 
 #### napi_create_typedarray
@@ -2093,11 +2087,8 @@ This API is used to convert from the C `int64_t` type to the JavaScript
 The JavaScript `Number` type is described in [Section 6.1.6][]
 of the ECMAScript Language Specification. Note the complete range of `int64_t`
 cannot be represented with full precision in JavaScript. Integer values
-outside the range of
-[`Number.MIN_SAFE_INTEGER`](https://tc39.github.io/ecma262/#sec-number.min_safe_integer)
--(2^53 - 1) -
-[`Number.MAX_SAFE_INTEGER`](https://tc39.github.io/ecma262/#sec-number.max_safe_integer)
-(2^53 - 1) will lose precision.
+outside the range of [`Number.MIN_SAFE_INTEGER`][] `-(2^53 - 1)` -
+[`Number.MAX_SAFE_INTEGER`][] `(2^53 - 1)` will lose precision.
 
 #### napi_create_double
 <!-- YAML
@@ -2296,9 +2287,8 @@ Returns `napi_ok` if the API succeeded.
 
 This API returns the length of an array.
 
-`Array` length is described in
-[Section 22.1.4.1](https://tc39.github.io/ecma262/#sec-properties-of-array-instances-length)
-of the ECMAScript Language Specification.
+`Array` length is described in [Section 22.1.4.1][] of the ECMAScript Language
+Specification.
 
 #### napi_get_arraybuffer_info
 <!-- YAML
@@ -2671,11 +2661,8 @@ is passed in it returns `napi_number_expected`.
 This API returns the C `int64` primitive equivalent of the given JavaScript
 `Number`.
 
-`Number` values outside the range of
-[`Number.MIN_SAFE_INTEGER`](https://tc39.github.io/ecma262/#sec-number.min_safe_integer)
--(2^53 - 1) -
-[`Number.MAX_SAFE_INTEGER`](https://tc39.github.io/ecma262/#sec-number.max_safe_integer)
-(2^53 - 1) will lose precision.
+`Number` values outside the range of [`Number.MIN_SAFE_INTEGER`][]
+`-(2^53 - 1)` - [`Number.MAX_SAFE_INTEGER`][] `(2^53 - 1)` will lose precision.
 
 Non-finite number values (`NaN`, `+Infinity`, or `-Infinity`) set the
 result to zero.
@@ -2863,8 +2850,7 @@ This API returns the Undefined object.
 ## Working with JavaScript Values - Abstract Operations
 
 N-API exposes a set of APIs to perform some abstract operations on JavaScript
-values. Some of these operations are documented under
-[Section 7](https://tc39.github.io/ecma262/#sec-abstract-operations)
+values. Some of these operations are documented under [Section 7][]
 of the [ECMAScript Language Specification][].
 
 These APIs support doing one of the following:
@@ -2893,8 +2879,7 @@ napi_status napi_coerce_to_bool(napi_env env,
 Returns `napi_ok` if the API succeeded.
 
 This API implements the abstract operation `ToBoolean()` as defined in
-[Section 7.1.2](https://tc39.github.io/ecma262/#sec-toboolean)
-of the ECMAScript Language Specification.
+[Section 7.1.2][] of the ECMAScript Language Specification.
 This API can be re-entrant if getters are defined on the passed-in `Object`.
 
 ### napi_coerce_to_number
@@ -2916,8 +2901,7 @@ napi_status napi_coerce_to_number(napi_env env,
 Returns `napi_ok` if the API succeeded.
 
 This API implements the abstract operation `ToNumber()` as defined in
-[Section 7.1.3](https://tc39.github.io/ecma262/#sec-tonumber)
-of the ECMAScript Language Specification.
+[Section 7.1.3][] of the ECMAScript Language Specification.
 This API can be re-entrant if getters are defined on the passed-in `Object`.
 
 ### napi_coerce_to_object
@@ -2939,8 +2923,7 @@ napi_status napi_coerce_to_object(napi_env env,
 Returns `napi_ok` if the API succeeded.
 
 This API implements the abstract operation `ToObject()` as defined in
-[Section 7.1.13](https://tc39.github.io/ecma262/#sec-toobject)
-of the ECMAScript Language Specification.
+[Section 7.1.13][] of the ECMAScript Language Specification.
 This API can be re-entrant if getters are defined on the passed-in `Object`.
 
 ### napi_coerce_to_string
@@ -2962,8 +2945,7 @@ napi_status napi_coerce_to_string(napi_env env,
 Returns `napi_ok` if the API succeeded.
 
 This API implements the abstract operation `ToString()` as defined in
-[Section 7.1.13](https://tc39.github.io/ecma262/#sec-tostring)
-of the ECMAScript Language Specification.
+[Section 7.1.13][] of the ECMAScript Language Specification.
 This API can be re-entrant if getters are defined on the passed-in `Object`.
 
 ### napi_typeof
@@ -3013,9 +2995,7 @@ is true.
 Returns `napi_ok` if the API succeeded.
 
 This API represents invoking the `instanceof` Operator on the object as
-defined in
-[Section 12.10.4](https://tc39.github.io/ecma262/#sec-instanceofoperator)
-of the ECMAScript Language Specification.
+defined in [Section 12.10.4][] of the ECMAScript Language Specification.
 
 ### napi_is_array
 <!-- YAML
@@ -3034,8 +3014,7 @@ napi_status napi_is_array(napi_env env, napi_value value, bool* result)
 Returns `napi_ok` if the API succeeded.
 
 This API represents invoking the `IsArray` operation on the object
-as defined in [Section 7.2.2](https://tc39.github.io/ecma262/#sec-isarray)
-of the ECMAScript Language Specification.
+as defined in [Section 7.2.2][] of the ECMAScript Language Specification.
 
 ### napi_is_arraybuffer
 <!-- YAML
@@ -3167,15 +3146,12 @@ napi_status napi_strict_equals(napi_env env,
 Returns `napi_ok` if the API succeeded.
 
 This API represents the invocation of the Strict Equality algorithm as
-defined in
-[Section 7.2.14](https://tc39.github.io/ecma262/#sec-strict-equality-comparison)
-of the ECMAScript Language Specification.
+defined in [Section 7.2.14][] of the ECMAScript Language Specification.
 
 ## Working with JavaScript Properties
 
 N-API exposes a set of APIs to get and set properties on JavaScript
-objects. Some of these types are documented under
-[Section 7](https://tc39.github.io/ecma262/#sec-operations-on-objects) of the
+objects. Some of these types are documented under [Section 7][] of the
 [ECMAScript Language Specification][].
 
 Properties in JavaScript are represented as a tuple of a key and a value.
@@ -3388,7 +3364,7 @@ property to be a JavaScript function represented by `method`. If this is
 passed in, set `value`, `getter` and `setter` to `NULL` (since these members
 won't be used).
 * `attributes`: The attributes associated with the particular property.
-See [`napi_property_attributes`](#n_api_napi_property_attributes).
+See [`napi_property_attributes`][].
 * `data`: The callback data passed into `method`, `getter` and `setter` if
 this function is invoked.
 
@@ -3889,9 +3865,8 @@ be associated with the resulting JavaScript function (which is returned in the
 `result` parameter) and freed whenever the function is garbage-collected by
 passing both the JavaScript function and the data to [`napi_add_finalizer`][].
 
-JavaScript `Function`s are described in
-[Section 19.2](https://tc39.github.io/ecma262/#sec-function-objects)
-of the ECMAScript Language Specification.
+JavaScript `Function`s are described in [Section 19.2][] of the ECMAScript
+Language Specification.
 
 ### napi_get_cb_info
 <!-- YAML
@@ -5146,18 +5121,33 @@ This API may only be called from the main thread.
 [Native Abstractions for Node.js]: https://github.com/nodejs/nan
 [Object Lifetime Management]: #n_api_object_lifetime_management
 [Object Wrap]: #n_api_object_wrap
+[Section 6]: https://tc39.github.io/ecma262/#sec-ecmascript-data-types-and-values
+[Section 6.1]: https://tc39.github.io/ecma262/#sec-ecmascript-language-types
+[Section 6.1.4]: https://tc39.github.io/ecma262/#sec-ecmascript-language-types-string-type
+[Section 6.1.6]: https://tc39.github.io/ecma262/#sec-ecmascript-language-types-number-type
+[Section 6.1.7]: https://tc39.github.io/ecma262/#sec-object-type
+[Section 6.1.7.1]: https://tc39.github.io/ecma262/#table-2
+[Section 7]: https://tc39.github.io/ecma262/#sec-abstract-operations
+[Section 7.1.2]: https://tc39.github.io/ecma262/#sec-toboolean
+[Section 7.1.3]: https://tc39.github.io/ecma262/#sec-tonumber
+[Section 7.1.13]: https://tc39.github.io/ecma262/#sec-toobject
+[Section 7.2.2]: https://tc39.github.io/ecma262/#sec-isarray
+[Section 7.2.14]: https://tc39.github.io/ecma262/#sec-strict-equality-comparison
+[Section 8.7]: https://tc39.es/ecma262/#sec-agents
+[Section 9.1.6]: https://tc39.github.io/ecma262/#sec-ordinary-object-internal-methods-and-internal-slots-defineownproperty-p-desc
 [Section 12.5.5]: https://tc39.github.io/ecma262/#sec-typeof-operator
+[Section 12.10.4]: https://tc39.github.io/ecma262/#sec-instanceofoperator
+[Section 19.2]: https://tc39.github.io/ecma262/#sec-function-objects
+[Section 19.4]: https://tc39.github.io/ecma262/#sec-symbol-objects
 [Section 20.3]: https://tc39.github.io/ecma262/#sec-date-objects
 [Section 22.1]: https://tc39.github.io/ecma262/#sec-array-objects
+[Section 22.1.4.1]: https://tc39.github.io/ecma262/#sec-properties-of-array-instances-length
 [Section 22.2]: https://tc39.github.io/ecma262/#sec-typedarray-objects
 [Section 24.1]: https://tc39.github.io/ecma262/#sec-arraybuffer-objects
 [Section 24.3]: https://tc39.github.io/ecma262/#sec-dataview-objects
 [Section 25.4]: https://tc39.github.io/ecma262/#sec-promise-objects
-[Section 6.1.4]: https://tc39.github.io/ecma262/#sec-ecmascript-language-types-string-type
-[Section 6.1.6]: https://tc39.github.io/ecma262/#sec-ecmascript-language-types-number-type
-[Section 6.1.7.1]: https://tc39.github.io/ecma262/#table-2
-[Section 8.7]: https://tc39.es/ecma262/#sec-agents
-[Section 9.1.6]: https://tc39.github.io/ecma262/#sec-ordinary-object-internal-methods-and-internal-slots-defineownproperty-p-desc
+[`Number.MIN_SAFE_INTEGER`]: https://tc39.github.io/ecma262/#sec-number.min_safe_integer
+[`Number.MAX_SAFE_INTEGER`]: https://tc39.github.io/ecma262/#sec-number.max_safe_integer
 [Working with JavaScript Functions]: #n_api_working_with_javascript_functions
 [Working with JavaScript Properties]: #n_api_working_with_javascript_properties
 [Working with JavaScript Values - Abstract Operations]: #n_api_working_with_javascript_values_abstract_operations
@@ -5196,6 +5186,7 @@ This API may only be called from the main thread.
 [`napi_open_callback_scope`]: #n_api_napi_open_callback_scope
 [`napi_open_escapable_handle_scope`]: #n_api_napi_open_escapable_handle_scope
 [`napi_open_handle_scope`]: #n_api_napi_open_handle_scope
+[`napi_property_attributes`]: #n_api_napi_property_attributes
 [`napi_property_descriptor`]: #n_api_napi_property_descriptor
 [`napi_queue_async_work`]: #n_api_napi_queue_async_work
 [`napi_reference_ref`]: #n_api_napi_reference_ref
@@ -5212,4 +5203,5 @@ This API may only be called from the main thread.
 [`uv_unref`]: http://docs.libuv.org/en/v1.x/handle.html#c.uv_unref
 [async_hooks `type`]: async_hooks.html#async_hooks_type
 [context-aware addons]: addons.html#addons_context_aware_addons
+[node-addon-api]: https://github.com/nodejs/node-addon-api
 [worker threads]: https://nodejs.org/api/worker_threads.html

From a0498606a0fcc3bc6ca9fd038850cb0d7ebae484 Mon Sep 17 00:00:00 2001
From: exoego <mogami@exoego.net>
Date: Wed, 25 Sep 2019 05:27:37 +0900
Subject: [PATCH 37/65] doc: fix return type for
 crypto.createDiffieHellmanGroup()

PR-URL: https://github.com/nodejs/node/pull/29696
Reviewed-By: Rich Trott <rtrott@gmail.com>
---
 doc/api/crypto.md        | 6 +++---
 tools/doc/type-parser.js | 1 +
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/doc/api/crypto.md b/doc/api/crypto.md
index 5ac8b09820ef60..ba1582bd78d542 100644
--- a/doc/api/crypto.md
+++ b/doc/api/crypto.md
@@ -1824,7 +1824,7 @@ added: v0.9.3
 -->
 
 * `name` {string}
-* Returns: {DiffieHellman}
+* Returns: {DiffieHellmanGroup}
 
 An alias for [`crypto.getDiffieHellman()`][]
 
@@ -2194,9 +2194,9 @@ added: v0.7.5
 -->
 
 * `groupName` {string}
-* Returns: {DiffieHellman}
+* Returns: {DiffieHellmanGroup}
 
-Creates a predefined `DiffieHellman` key exchange object. The
+Creates a predefined `DiffieHellmanGroup` key exchange object. The
 supported groups are: `'modp1'`, `'modp2'`, `'modp5'` (defined in
 [RFC 2412][], but see [Caveats][]) and `'modp14'`, `'modp15'`,
 `'modp16'`, `'modp17'`, `'modp18'` (defined in [RFC 3526][]). The
diff --git a/tools/doc/type-parser.js b/tools/doc/type-parser.js
index 35039b68d95c8f..4c3ec0503e7701 100644
--- a/tools/doc/type-parser.js
+++ b/tools/doc/type-parser.js
@@ -52,6 +52,7 @@ const customTypesMap = {
   'Cipher': 'crypto.html#crypto_class_cipher',
   'Decipher': 'crypto.html#crypto_class_decipher',
   'DiffieHellman': 'crypto.html#crypto_class_diffiehellman',
+  'DiffieHellmanGroup': 'crypto.html#crypto_class_diffiehellmangroup',
   'ECDH': 'crypto.html#crypto_class_ecdh',
   'Hash': 'crypto.html#crypto_class_hash',
   'Hmac': 'crypto.html#crypto_class_hmac',

From ea9bf4a666a8073bbecff39135c3bc5d1259b256 Mon Sep 17 00:00:00 2001
From: XhmikosR <xhmikosr@gmail.com>
Date: Mon, 23 Sep 2019 16:04:11 +0300
Subject: [PATCH 38/65] doc: implement minor CSS improvements

* split selectors to one per line
* remove units from 0
* use double colon pseudo selectors consistently
* use `background-color` instead of the `background` shorthand since
  only the color is supposed to change
* remove leading zeros from numbers
* remove redundant values from shorthands
* use lowercase hex for colors
* use numeric values for `font-weight`

PR-URL: https://github.com/nodejs/node/pull/29669
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
---
 doc/api_assets/style.css | 196 ++++++++++++++++++++++++---------------
 1 file changed, 122 insertions(+), 74 deletions(-)

diff --git a/doc/api_assets/style.css b/doc/api_assets/style.css
index bdef22b04f78c9..4f1f5c93840626 100644
--- a/doc/api_assets/style.css
+++ b/doc/api_assets/style.css
@@ -13,28 +13,38 @@ html {
 }
 
 body {
-  font-family: "Lato", "Lucida Grande", "Lucida Sans Unicode", "Lucida Sans", Verdana, Tahoma, sans-serif;
+  font-family: Lato, "Lucida Grande", "Lucida Sans Unicode", "Lucida Sans", Verdana, Tahoma, sans-serif;
   margin: 0;
   padding: 0;
   color: #333;
-  background: #fff;
-}
-
-h1 { font-size: 2.5rem }
-h2 { font-size: 2rem }
-h3 { font-size: 1.75rem }
-h4 { font-size: 1.5rem }
-h5 { font-size: 1.25rem }
-h6 { font-size: 1rem }
-
-h1, h2, h3, h4, h5, h6 {
+  background-color: #fff;
+}
+
+h1 { font-size: 2.5rem; }
+h2 { font-size: 2rem; }
+h3 { font-size: 1.75rem; }
+h4 { font-size: 1.5rem; }
+h5 { font-size: 1.25rem; }
+h6 { font-size: 1rem; }
+
+h1,
+h2,
+h3,
+h4,
+h5,
+h6 {
   margin: 1.5rem 0 1rem;
   text-rendering: optimizeLegibility;
   font-weight: 700;
   position: relative;
 }
 
-pre, tt, code, .pre, span.type, a.type {
+pre,
+tt,
+code,
+.pre,
+span.type,
+a.type {
   font-family: SFMono-Regular, Menlo, Consolas, "Liberation Mono", "Courier New", monospace;
   font-size: .9em;
 }
@@ -43,14 +53,17 @@ pre, tt, code, .pre, span.type, a.type {
   position: relative;
 }
 
-a, a:link, a:active {
+a,
+a:link,
+a:active {
   color: #43853d;
   text-decoration: none;
   border-radius: 2px;
   padding: 1px 3px;
 }
 
-a:hover, a:focus {
+a:hover,
+a:focus {
   color: #fff;
   background-color: #43853d;
   outline: none;
@@ -61,7 +74,7 @@ strong {
 }
 
 code a:hover {
-  background: none;
+  background-color: transparent;
 }
 
 em code {
@@ -86,8 +99,8 @@ em code {
 #gtoc > ul > li {
   display: inline;
   border-right: 1px #000 solid;
-  margin-right: 0.4rem;
-  padding-right: 0.4rem;
+  margin-right: .4rem;
+  padding-right: .4rem;
 }
 
 #gtoc > ul > li:last-child {
@@ -114,8 +127,8 @@ li.version-picker a span {
 }
 
 ol.version-picker {
-  background: #fff;
-  border: 1px #43853d solid;
+  background-color: #fff;
+  border: 1px solid #43853d;
   border-radius: 0 0 2px 2px;
   display: none;
   list-style: none;
@@ -151,39 +164,40 @@ ol.version-picker li:last-child a {
 }
 
 .api_stability {
-  color: white !important;
-  margin: 0 0 1rem 0;
-  font-family: "Lato", "Lucida Grande", "Lucida Sans Unicode", "Lucida Sans", Verdana, Tahoma, sans-serif;
+  color: #fff !important;
+  margin: 0 0 1rem;
   padding: 1rem;
   line-height: 1.5;
 }
 
 .api_stability * {
-  color: white !important;
+  color: #fff !important;
 }
 
 .api_stability a {
   text-decoration: underline;
 }
 
-.api_stability a:hover, .api_stability a:active, .api_stability a:focus {
-  background: rgba(255, 255, 255, .4);
+.api_stability a:hover,
+.api_stability a:active,
+.api_stability a:focus {
+  background-color: rgba(255, 255, 255, .4);
 }
 
 .api_stability a code {
-  background: none;
+  background-color: transparent;
 }
 
 .api_stability_0 {
-  background-color: #D60027;
+  background-color: #d60027;
 }
 
 .api_stability_1 {
-  background-color: #EC5315;
+  background-color: #ec5315;
 }
 
 .api_stability_2 {
-  background-color: #4EBA0F;
+  background-color: #4eba0f;
 }
 
 .api_metadata {
@@ -196,7 +210,7 @@ ol.version-picker li:last-child a {
 }
 
 .api_metadata span:last-child {
-  margin-right: 0px;
+  margin-right: 0;
 }
 
 ul.plain {
@@ -209,7 +223,7 @@ abbr {
 
 p {
   text-rendering: optimizeLegibility;
-  margin: 0 0 1.125rem 0;
+  margin: 0 0 1.125rem;
   line-height: 1.5;
 }
 
@@ -220,29 +234,41 @@ p {
 
 table {
   border-collapse: collapse;
-  margin: 0 0 1.5rem 0;
+  margin: 0 0 1.5rem;
 }
 
-th, td {
+th,
+td {
   border: 1px solid #aaa;
-  padding: .75rem 1rem .75rem 1rem;
+  padding: .75rem 1rem;
   vertical-align: top;
 }
 
 th {
-  text-align:left;
+  text-align: left;
 }
 
-ol, ul, dl {
-  margin: 0 0 .6rem 0;
+ol,
+ul,
+dl {
+  margin: 0 0 .6rem;
   padding: 0;
 }
 
-ol ul, ol ol, ol dl, ul ul, ul ol, ul dl, dl ul, dl ol, dl dl {
+ol ul,
+ol ol,
+ol dl,
+ul ul,
+ul ol,
+ul dl,
+dl ul,
+dl ol,
+dl dl {
   margin-bottom: 0;
 }
 
-ul, ol {
+ul,
+ol {
   margin-left: 2rem;
 }
 
@@ -253,7 +279,7 @@ dl dt {
 
 dl dd {
   position: relative;
-  margin: 0 1rem 0;
+  margin: 0 1rem;
 }
 
 dd + dt.pre {
@@ -278,7 +304,10 @@ h3 + h3 {
   margin: 0 0 .5rem;
 }
 
-h2, h3, h4, h5 {
+h2,
+h3,
+h4,
+h5 {
   position: relative;
   padding-right: 40px;
 }
@@ -288,26 +317,38 @@ h2, h3, h4, h5 {
   font-size: smaller;
 }
 
-h1 span, h2 span, h3 span, h4 span {
+h1 span,
+h2 span,
+h3 span,
+h4 span {
   position: absolute;
   display: block;
   top: 0;
   right: 0;
 }
 
-h1 span:hover, h2 span:hover, h3 span:hover, h4 span:hover {
+h1 span:hover,
+h2 span:hover,
+h3 span:hover,
+h4 span:hover {
   opacity: 1;
 }
 
-h1 span a, h2 span a, h3 span a, h4 span a {
+h1 span a,
+h2 span a,
+h3 span a,
+h4 span a {
   color: #000;
   text-decoration: none;
-  font-weight: bold;
+  font-weight: 700;
 }
 
-pre, tt, code {
+pre,
+tt,
+code {
   line-height: 1.5rem;
-  margin: 0; padding: 0;
+  margin: 0;
+  padding: 0;
 }
 
 .pre {
@@ -317,7 +358,7 @@ pre, tt, code {
 pre {
   padding: 1rem;
   vertical-align: top;
-  background: #f2f2f2;
+  background-color: #f2f2f2;
   margin: 1rem;
   overflow-x: auto;
 }
@@ -341,18 +382,17 @@ code.pre {
 
 #intro a {
   color: #ddd;
-  font-weight: bold;
+  font-weight: 700;
 }
 
 hr {
-  background: none;
+  background-color: transparent;
   border: medium none;
   border-bottom: 1px solid #7a7a7a;
-  margin: 0 0 1rem 0;
+  margin: 0 0 1rem;
 }
 
 #toc h2 {
-  margin-top: 0;
   margin: 1.5rem 0;
 }
 
@@ -361,7 +401,7 @@ hr {
 }
 
 #toc ul a {
-  text-decoration:none;
+  text-decoration: none;
 }
 
 #toc ul li {
@@ -390,7 +430,8 @@ hr {
   margin-bottom: 0;
 }
 
-tt, code {
+tt,
+code {
   color: #040404;
   background-color: #f2f2f2;
   border-radius: 2px;
@@ -398,12 +439,12 @@ tt, code {
 }
 
 .api_stability code {
-  background: rgba(0, 0, 0, .1);
+  background-color: rgba(0, 0, 0, .1);
 }
 
 a code {
   color: inherit;
-  background: inherit;
+  background-color: inherit;
   padding: 0;
 }
 
@@ -419,7 +460,7 @@ a code {
 
 #column2.interior {
   width: 234px;
-  background: #333;
+  background-color: #333;
   position: fixed;
   left: 0;
   top: 0;
@@ -431,7 +472,7 @@ a code {
 #column2 ul {
   list-style: none;
   margin: .9rem 0 .5rem;
-  background: #333;
+  background-color: #333;
 }
 
 #column2 > :first-child {
@@ -467,33 +508,40 @@ a code {
   border-radius: 0;
 }
 
-#column2 ul li a.active, #column2 ul li a.active:hover,
+#column2 ul li a.active,
+#column2 ul li a.active:hover,
 #column2 ul li a.active:focus {
   color: #43853d;
   border-radius: 0;
   border-bottom: 1px solid #43853d;
-  background: none;
+  background-color: transparent;
 }
 
-#intro a:hover, #intro a:focus,
-#column2 ul li a:hover, #column2 ul li a:focus {
+#intro a:hover,
+#intro a:focus,
+#column2 ul li a:hover,
+#column2 ul li a:focus {
   color: #fff;
-  background: none;
+  background-color: transparent;
 }
 
-span > .mark, span > .mark:visited {
+span > .mark,
+span > .mark:visited {
   color: #707070;
   position: absolute;
-  top: 0px;
-  right: 0px;
+  top: 0;
+  right: 0;
 }
 
-span > .mark:hover, span > .mark:focus, span > .mark:active {
+span > .mark:hover,
+span > .mark:focus,
+span > .mark:active {
   color: #43853d;
-  background: none;
+  background-color: transparent;
 }
 
-th > *:last-child, td > *:last-child {
+th > *:last-child,
+td > *:last-child {
   margin-bottom: 0;
 }
 
@@ -504,7 +552,7 @@ th > *:last-child, td > *:last-child {
 }
 
 /* simpler clearfix */
-.clearfix:after {
+.clearfix::after {
   content: ".";
   display: block;
   height: 0;
@@ -536,14 +584,14 @@ th > *:last-child, td > *:last-child {
 @media print {
   html {
     height: auto;
-    font-size: 0.75em;
+    font-size: .75em;
   }
   #column2.interior {
     display: none;
   }
   #column1.interior {
-    margin-left: 0px;
-    padding: 0px;
+    margin-left: 0;
+    padding: 0;
     overflow-y: auto;
   }
   .api_metadata,

From a7b56a5b017834c87e4335f4d67192d063603be6 Mon Sep 17 00:00:00 2001
From: Robert Jensen <rjensen@butterflynetwork.com>
Date: Fri, 20 Sep 2019 14:15:16 -0400
Subject: [PATCH 39/65] tls: honor pauseOnConnect option

`pauseOnConnect` is now passed along to the net.Socket constructor from
the tls.Socket constructor. The `readable` flag must match the value of
`pauseOnConnect`. Tests were added to cover all available net.Server
options when used in the tls.Server constructor.

Fixes: https://github.com/nodejs/node/issues/29620
Refs: https://github.com/nodejs/node/pull/27665

PR-URL: https://github.com/nodejs/node/pull/29635
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
---
 lib/_tls_wrap.js                                           | 7 +++++--
 .../parallel/test-tls-server-parent-constructor-options.js | 5 +++++
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/lib/_tls_wrap.js b/lib/_tls_wrap.js
index d29182d585779b..db6f6b5e765f0b 100644
--- a/lib/_tls_wrap.js
+++ b/lib/_tls_wrap.js
@@ -411,7 +411,9 @@ function TLSSocket(socket, opts) {
   net.Socket.call(this, {
     handle: this._wrapHandle(wrap),
     allowHalfOpen: socket ? socket.allowHalfOpen : tlsOptions.allowHalfOpen,
-    readable: false,
+    pauseOnCreate: tlsOptions.pauseOnConnect,
+    // The readable flag is only needed if pauseOnCreate will be handled.
+    readable: tlsOptions.pauseOnConnect,
     writable: false
   });
 
@@ -926,7 +928,8 @@ function tlsConnectionListener(rawSocket) {
     handshakeTimeout: this[kHandshakeTimeout],
     ALPNProtocols: this.ALPNProtocols,
     SNICallback: this[kSNICallback] || SNICallback,
-    enableTrace: this[kEnableTrace]
+    enableTrace: this[kEnableTrace],
+    pauseOnConnect: this.pauseOnConnect,
   });
 
   socket.on('secure', onServerSocketSecure);
diff --git a/test/parallel/test-tls-server-parent-constructor-options.js b/test/parallel/test-tls-server-parent-constructor-options.js
index 17484c29bae930..f8b34e8b0cab62 100644
--- a/test/parallel/test-tls-server-parent-constructor-options.js
+++ b/test/parallel/test-tls-server-parent-constructor-options.js
@@ -19,9 +19,11 @@ const options = {
 {
   const server = tls.createServer(options, common.mustCall((socket) => {
     assert.strictEqual(socket.allowHalfOpen, false);
+    assert.strictEqual(socket.isPaused(), false);
   }));
 
   assert.strictEqual(server.allowHalfOpen, false);
+  assert.strictEqual(server.pauseOnConnect, false);
 
   server.listen(0, common.mustCall(() => {
     const socket = tls.connect({
@@ -40,13 +42,16 @@ const options = {
 {
   const server = tls.createServer({
     allowHalfOpen: true,
+    pauseOnConnect: true,
     ...options
   }, common.mustCall((socket) => {
     assert.strictEqual(socket.allowHalfOpen, true);
+    assert.strictEqual(socket.isPaused(), true);
     socket.on('end', socket.end);
   }));
 
   assert.strictEqual(server.allowHalfOpen, true);
+  assert.strictEqual(server.pauseOnConnect, true);
 
   server.listen(0, common.mustCall(() => {
     const socket = tls.connect({

From 3f6ce39acf2e5f9f9029fe1d8fddde7eb2c95366 Mon Sep 17 00:00:00 2001
From: Thomas <hakerh403@gmail.com>
Date: Mon, 16 Sep 2019 10:45:05 +0200
Subject: [PATCH 40/65] src: fix ESM path resolution on Windows

Windows has some reserved file names such as "con", "prn",
"nul", etc. Such files can be accessed only if the path is
prefixed with "\\.\"

PR-URL: https://github.com/nodejs/node/pull/29574
Reviewed-By: Guy Bedford <guybedford@gmail.com>
---
 src/module_wrap.cc                 |  5 +++
 test/es-module/test-esm-windows.js | 49 ++++++++++++++++++++++++++++++
 2 files changed, 54 insertions(+)
 create mode 100644 test/es-module/test-esm-windows.js

diff --git a/src/module_wrap.cc b/src/module_wrap.cc
index 4a572c00e15086..2d0829860cefbf 100644
--- a/src/module_wrap.cc
+++ b/src/module_wrap.cc
@@ -488,7 +488,12 @@ enum DescriptorType {
 // Nothing for the "null" cache entries.
 inline Maybe<uv_file> OpenDescriptor(const std::string& path) {
   uv_fs_t fs_req;
+#ifdef _WIN32
+  std::string pth = "\\\\.\\" + path;
+  uv_file fd = uv_fs_open(nullptr, &fs_req, pth.c_str(), O_RDONLY, 0, nullptr);
+#else
   uv_file fd = uv_fs_open(nullptr, &fs_req, path.c_str(), O_RDONLY, 0, nullptr);
+#endif
   uv_fs_req_cleanup(&fs_req);
   if (fd < 0) return Nothing<uv_file>();
   return Just(fd);
diff --git a/test/es-module/test-esm-windows.js b/test/es-module/test-esm-windows.js
new file mode 100644
index 00000000000000..64ba1249a76c06
--- /dev/null
+++ b/test/es-module/test-esm-windows.js
@@ -0,0 +1,49 @@
+'use strict';
+
+// Flags: --experimental-modules
+// This test ensures that JavaScript file that includes
+// a reserved Windows word can be loaded as ESM module
+
+const common = require('../common');
+const tmpdir = require('../common/tmpdir');
+const assert = require('assert');
+const fs = require('fs').promises;
+const path = require('path');
+
+const imp = (file) => {
+  return import(path.relative(__dirname, file).replace(/\\/g, '/'));
+};
+
+(async () => {
+  const tmp = tmpdir.path;
+  await fs.mkdir(tmp).catch(() => {});
+  const rel = (file) => path.join(tmp, file);
+
+  { // Load a single script
+    const file = rel('con.mjs');
+    await fs.writeFile(file, 'export default "ok"');
+    assert.strictEqual((await imp(file)).default, 'ok');
+    await fs.unlink(file);
+  }
+
+  { // Load a module
+    const entry = rel('entry.mjs');
+    const nmDir = rel('node_modules');
+    const mDir = rel('node_modules/con');
+    const pkg = rel('node_modules/con/package.json');
+    const script = rel('node_modules/con/index.mjs');
+
+    await fs.writeFile(entry, 'export {default} from "con"');
+    await fs.mkdir(nmDir);
+    await fs.mkdir(mDir);
+    await fs.writeFile(pkg, '{"main":"index.mjs"}');
+    await fs.writeFile(script, 'export default "ok"');
+
+    assert.strictEqual((await imp(entry)).default, 'ok');
+    await fs.unlink(script);
+    await fs.unlink(pkg);
+    await fs.rmdir(mDir);
+    await fs.rmdir(nmDir);
+    await fs.unlink(entry);
+  }
+})().then(common.mustCall());

From b2cce1323534b792fbcf3c6b22624ec7daa6a9a2 Mon Sep 17 00:00:00 2001
From: dokugo <dokugo@users.noreply.github.com>
Date: Sun, 15 Sep 2019 03:09:03 +0300
Subject: [PATCH 41/65] inspector: update faviconUrl

PR-URL: https://github.com/nodejs/node/pull/29562
Reviewed-By: David Carlier <devnexen@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Yongsheng Zhang <zyszys98@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Jiawen Geng <technicalcute@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
---
 src/inspector_socket_server.cc | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/inspector_socket_server.cc b/src/inspector_socket_server.cc
index 092d5e7a786d47..9e27bd30f76871 100644
--- a/src/inspector_socket_server.cc
+++ b/src/inspector_socket_server.cc
@@ -343,7 +343,8 @@ void InspectorSocketServer::SendListResponse(InspectorSocket* socket,
     response.push_back(std::map<std::string, std::string>());
     std::map<std::string, std::string>& target_map = response.back();
     target_map["description"] = "node.js instance";
-    target_map["faviconUrl"] = "https://nodejs.org/static/favicon.ico";
+    target_map["faviconUrl"] =
+                        "https://nodejs.org/static/images/favicons/favicon.ico";
     target_map["id"] = id;
     target_map["title"] = delegate_->GetTargetTitle(id);
     Escape(&target_map["title"]);

From a5c2154534aa5342e4ec7842c8cb6678d2f3444c Mon Sep 17 00:00:00 2001
From: Nick Schonning <nschonni@gmail.com>
Date: Wed, 2 Oct 2019 00:31:57 -0400
Subject: [PATCH 42/65] doc: add explicit bracket for markdown reference links

Use explicit trailing `[]` for reference markdown links to prevent
implicit links when references are added to documents.

PR-URL: https://github.com/nodejs/node/pull/29808
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: David Carlier <devnexen@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
---
 doc/api/assert.md            |  6 +++---
 doc/api/crypto.md            |  4 ++--
 doc/api/deprecations.md      |  4 ++--
 doc/api/errors.md            | 18 ++++++++--------
 doc/api/fs.md                | 15 +++++++-------
 doc/api/globals.md           | 22 ++++++++++----------
 doc/api/http.md              |  2 +-
 doc/api/http2.md             | 10 ++++-----
 doc/api/inspector.md         |  2 +-
 doc/api/process.md           | 10 ++++-----
 doc/api/readline.md          |  3 ++-
 doc/api/stream.md            | 14 ++++++-------
 doc/api/timers.md            |  2 +-
 doc/api/tls.md               | 40 ++++++++++++++++++------------------
 doc/api/tracing.md           |  8 ++++----
 doc/api/util.md              |  2 +-
 doc/guides/maintaining-V8.md | 20 +++++++++---------
 17 files changed, 92 insertions(+), 90 deletions(-)

diff --git a/doc/api/assert.md b/doc/api/assert.md
index 2c74b6809e1a45..68feec9f45212e 100644
--- a/doc/api/assert.md
+++ b/doc/api/assert.md
@@ -34,9 +34,9 @@ All instances contain the built-in `Error` properties (`message` and `name`)
 and:
 
 * `actual` {any} Set to the `actual` argument for methods such as
-  [`assert.strictEqual()`].
+  [`assert.strictEqual()`][].
 * `expected` {any} Set to the `expected` value for methods such as
-  [`assert.strictEqual()`].
+  [`assert.strictEqual()`][].
 * `generatedMessage` {boolean} Indicates if the message was auto-generated
   (`true`) or not.
 * `code` {string} Value is always `ERR_ASSERTION` to show that the error is an
@@ -638,7 +638,7 @@ If `message` is falsy, the error message is set as the values of `actual` and
 `message` is provided as third argument it will be used as the error message and
 the other arguments will be stored as properties on the thrown object. If
 `stackStartFn` is provided, all stack frames above that function will be
-removed from stacktrace (see [`Error.captureStackTrace`]). If no arguments are
+removed from stacktrace (see [`Error.captureStackTrace`][]). If no arguments are
 given, the default message `Failed` will be used.
 
 ```js
diff --git a/doc/api/crypto.md b/doc/api/crypto.md
index ba1582bd78d542..0c98506f1b48b1 100644
--- a/doc/api/crypto.md
+++ b/doc/api/crypto.md
@@ -2076,7 +2076,7 @@ and Ed448 are currently supported.
 
 If a `publicKeyEncoding` or `privateKeyEncoding` was specified, this function
 behaves as if [`keyObject.export()`][] had been called on its result. Otherwise,
-the respective part of the key is returned as a [`KeyObject`].
+the respective part of the key is returned as a [`KeyObject`][].
 
 It is recommended to encode public keys as `'spki'` and private keys as
 `'pkcs8'` with encryption for long-term storage:
@@ -2136,7 +2136,7 @@ and Ed448 are currently supported.
 
 If a `publicKeyEncoding` or `privateKeyEncoding` was specified, this function
 behaves as if [`keyObject.export()`][] had been called on its result. Otherwise,
-the respective part of the key is returned as a [`KeyObject`].
+the respective part of the key is returned as a [`KeyObject`][].
 
 When encoding public keys, it is recommended to use `'spki'`. When encoding
 private keys, it is recommended to use `'pks8'` with a strong passphrase, and to
diff --git a/doc/api/deprecations.md b/doc/api/deprecations.md
index 08e4ec065a992a..9687f342b46141 100644
--- a/doc/api/deprecations.md
+++ b/doc/api/deprecations.md
@@ -2505,8 +2505,8 @@ changes:
 
 Type: Documentation-only
 
-Prefer [`response.socket`][] over [`response.connection`] and
-[`request.socket`][] over [`request.connection`].
+Prefer [`response.socket`][] over [`response.connection`][] and
+[`request.socket`][] over [`request.connection`][].
 
 <a id="DEP0134"></a>
 ### DEP0134: process._tickCallback
diff --git a/doc/api/errors.md b/doc/api/errors.md
index 2ba78a95cf2550..4b92452cd362a0 100644
--- a/doc/api/errors.md
+++ b/doc/api/errors.md
@@ -461,7 +461,7 @@ system error.
 
 The `error.errno` property is a number or a string. If it is a number, it is a
 negative value which corresponds to the error code defined in
-[`libuv Error handling`]. See the libuv `errno.h` header file
+[`libuv Error handling`][]. See the libuv `errno.h` header file
 (`deps/uv/include/uv/errno.h` in the Node.js source tree) for details. In case
 of a string, it is the same as `error.code`.
 
@@ -1283,8 +1283,8 @@ semantics for determining whether a path can be used is platform-dependent.
 ### ERR_INVALID_HANDLE_TYPE
 
 An attempt was made to send an unsupported "handle" over an IPC communication
-channel to a child process. See [`subprocess.send()`] and [`process.send()`] for
-more information.
+channel to a child process. See [`subprocess.send()`][] and [`process.send()`][]
+for more information.
 
 <a id="ERR_INVALID_HTTP_TOKEN"></a>
 ### ERR_INVALID_HTTP_TOKEN
@@ -1436,7 +1436,7 @@ for more information.
 ### ERR_MANIFEST_ASSERT_INTEGRITY
 
 An attempt was made to load a resource, but the resource did not match the
-integrity defined by the policy manifest. See the documentation for [policy]
+integrity defined by the policy manifest. See the documentation for [policy][]
 manifests for more information.
 
 <a id="ERR_MANIFEST_DEPENDENCY_MISSING"></a>
@@ -1444,7 +1444,7 @@ manifests for more information.
 
 An attempt was made to load a resource, but the resource was not listed as a
 dependency from the location that attempted to load it. See the documentation
-for [policy] manifests for more information.
+for [policy][] manifests for more information.
 
 <a id="ERR_MANIFEST_INTEGRITY_MISMATCH"></a>
 ### ERR_MANIFEST_INTEGRITY_MISMATCH
@@ -1452,20 +1452,20 @@ for [policy] manifests for more information.
 An attempt was made to load a policy manifest, but the manifest had multiple
 entries for a resource which did not match each other. Update the manifest
 entries to match in order to resolve this error. See the documentation for
-[policy] manifests for more information.
+[policy][] manifests for more information.
 
 <a id="ERR_MANIFEST_INVALID_RESOURCE_FIELD"></a>
 ### ERR_MANIFEST_INVALID_RESOURCE_FIELD
 
 A policy manifest resource had an invalid value for one of its fields. Update
 the manifest entry to match in order to resolve this error. See the
-documentation for [policy] manifests for more information.
+documentation for [policy][] manifests for more information.
 
 <a id="ERR_MANIFEST_PARSE_POLICY"></a>
 ### ERR_MANIFEST_PARSE_POLICY
 
 An attempt was made to load a policy manifest, but the manifest was unable to
-be parsed. See the documentation for [policy] manifests for more information.
+be parsed. See the documentation for [policy][] manifests for more information.
 
 <a id="ERR_MANIFEST_TDZ"></a>
 ### ERR_MANIFEST_TDZ
@@ -1477,7 +1477,7 @@ initialization has not yet taken place. This is likely a bug in Node.js.
 ### ERR_MANIFEST_UNKNOWN_ONERROR
 
 A policy manifest was loaded, but had an unknown value for its "onerror"
-behavior. See the documentation for [policy] manifests for more information.
+behavior. See the documentation for [policy][] manifests for more information.
 
 <a id="ERR_MEMORY_ALLOCATION_FAILED"></a>
 ### ERR_MEMORY_ALLOCATION_FAILED
diff --git a/doc/api/fs.md b/doc/api/fs.md
index 7ea6835387719b..c22e169f1c3937 100644
--- a/doc/api/fs.md
+++ b/doc/api/fs.md
@@ -3133,7 +3133,7 @@ Using `fs.stat()` to check for the existence of a file before calling
 Instead, user code should open/read/write the file directly and handle the
 error raised if the file is not available.
 
-To check if a file exists without manipulating it afterwards, [`fs.access()`]
+To check if a file exists without manipulating it afterwards, [`fs.access()`][]
 is recommended.
 
 For example, given the following folder structure:
@@ -3541,12 +3541,13 @@ The recursive option is only supported on macOS and Windows.
 This feature depends on the underlying operating system providing a way
 to be notified of filesystem changes.
 
-* On Linux systems, this uses [`inotify(7)`].
-* On BSD systems, this uses [`kqueue(2)`].
-* On macOS, this uses [`kqueue(2)`] for files and [`FSEvents`] for directories.
-* On SunOS systems (including Solaris and SmartOS), this uses [`event ports`].
-* On Windows systems, this feature depends on [`ReadDirectoryChangesW`].
-* On Aix systems, this feature depends on [`AHAFS`], which must be enabled.
+* On Linux systems, this uses [`inotify(7)`][].
+* On BSD systems, this uses [`kqueue(2)`][].
+* On macOS, this uses [`kqueue(2)`][] for files and [`FSEvents`][] for
+  directories.
+* On SunOS systems (including Solaris and SmartOS), this uses [`event ports`][].
+* On Windows systems, this feature depends on [`ReadDirectoryChangesW`][].
+* On Aix systems, this feature depends on [`AHAFS`][], which must be enabled.
 
 If the underlying functionality is not available for some reason, then
 `fs.watch` will not be able to function. For example, watching files or
diff --git a/doc/api/globals.md b/doc/api/globals.md
index f3263c22e73644..89592b98e1c9bf 100644
--- a/doc/api/globals.md
+++ b/doc/api/globals.md
@@ -30,11 +30,11 @@ Used to handle binary data. See the [buffer section][].
 
 ## \_\_dirname
 
-This variable may appear to be global but is not. See [`__dirname`].
+This variable may appear to be global but is not. See [`__dirname`][].
 
 ## \_\_filename
 
-This variable may appear to be global but is not. See [`__filename`].
+This variable may appear to be global but is not. See [`__filename`][].
 
 ## clearImmediate(immediateObject)
 <!-- YAML
@@ -43,7 +43,7 @@ added: v0.9.1
 
 <!--type=global-->
 
-[`clearImmediate`] is described in the [timers][] section.
+[`clearImmediate`][] is described in the [timers][] section.
 
 ## clearInterval(intervalObject)
 <!-- YAML
@@ -52,7 +52,7 @@ added: v0.0.1
 
 <!--type=global-->
 
-[`clearInterval`] is described in the [timers][] section.
+[`clearInterval`][] is described in the [timers][] section.
 
 ## clearTimeout(timeoutObject)
 <!-- YAML
@@ -61,7 +61,7 @@ added: v0.0.1
 
 <!--type=global-->
 
-[`clearTimeout`] is described in the [timers][] section.
+[`clearTimeout`][] is described in the [timers][] section.
 
 ## console
 <!-- YAML
@@ -76,7 +76,7 @@ Used to print to stdout and stderr. See the [`console`][] section.
 
 ## exports
 
-This variable may appear to be global but is not. See [`exports`].
+This variable may appear to be global but is not. See [`exports`][].
 
 ## global
 <!-- YAML
@@ -94,7 +94,7 @@ Node.js this is different. The top-level scope is not the global scope;
 
 ## module
 
-This variable may appear to be global but is not. See [`module`].
+This variable may appear to be global but is not. See [`module`][].
 
 ## process
 <!-- YAML
@@ -148,7 +148,7 @@ DataHandler.prototype.load = async function load(key) {
 
 ## require()
 
-This variable may appear to be global but is not. See [`require()`].
+This variable may appear to be global but is not. See [`require()`][].
 
 ## setImmediate(callback[, ...args])
 <!-- YAML
@@ -157,7 +157,7 @@ added: v0.9.1
 
 <!-- type=global -->
 
-[`setImmediate`] is described in the [timers][] section.
+[`setImmediate`][] is described in the [timers][] section.
 
 ## setInterval(callback, delay[, ...args])
 <!-- YAML
@@ -166,7 +166,7 @@ added: v0.0.1
 
 <!-- type=global -->
 
-[`setInterval`] is described in the [timers][] section.
+[`setInterval`][] is described in the [timers][] section.
 
 ## setTimeout(callback, delay[, ...args])
 <!-- YAML
@@ -175,7 +175,7 @@ added: v0.0.1
 
 <!-- type=global -->
 
-[`setTimeout`] is described in the [timers][] section.
+[`setTimeout`][] is described in the [timers][] section.
 
 ## TextDecoder
 <!-- YAML
diff --git a/doc/api/http.md b/doc/api/http.md
index bce8c06db82faf..83b9c69ed45364 100644
--- a/doc/api/http.md
+++ b/doc/api/http.md
@@ -71,7 +71,7 @@ the requests to that server, but each one will occur over a new connection.
 When a connection is closed by the client or the server, it is removed
 from the pool. Any unused sockets in the pool will be unrefed so as not
 to keep the Node.js process running when there are no outstanding requests.
-(see [`socket.unref()`]).
+(see [`socket.unref()`][]).
 
 It is good practice, to [`destroy()`][] an `Agent` instance when it is no
 longer in use, because unused sockets consume OS resources.
diff --git a/doc/api/http2.md b/doc/api/http2.md
index 1afdb08f0d19ee..33ec78bd4a7c7b 100644
--- a/doc/api/http2.md
+++ b/doc/api/http2.md
@@ -500,7 +500,7 @@ added: v9.4.0
 -->
 
 Calls [`ref()`][`net.Socket.prototype.ref()`] on this `Http2Session`
-instance's underlying [`net.Socket`].
+instance's underlying [`net.Socket`][].
 
 #### http2session.remoteSettings
 <!-- YAML
@@ -613,7 +613,7 @@ added: v9.4.0
 -->
 
 Calls [`unref()`][`net.Socket.prototype.unref()`] on this `Http2Session`
-instance's underlying [`net.Socket`].
+instance's underlying [`net.Socket`][].
 
 ### Class: ServerHttp2Session
 <!-- YAML
@@ -1756,7 +1756,7 @@ added: v8.4.0
 
 Stops the server from establishing new sessions. This does not prevent new
 request streams from being created due to the persistent nature of HTTP/2
-sessions. To gracefully shut down the server, call [`http2session.close()`] on
+sessions. To gracefully shut down the server, call [`http2session.close()`][] on
 all active sessions.
 
 If `callback` is provided, it is not invoked until all active sessions have been
@@ -1905,7 +1905,7 @@ added: v8.4.0
 
 Stops the server from establishing new sessions. This does not prevent new
 request streams from being created due to the persistent nature of HTTP/2
-sessions. To gracefully shut down the server, call [`http2session.close()`] on
+sessions. To gracefully shut down the server, call [`http2session.close()`][] on
 all active sessions.
 
 If `callback` is provided, it is not invoked until all active sessions have been
@@ -3420,7 +3420,7 @@ added: v8.4.0
   * `stream` {ServerHttp2Stream} The newly-created `ServerHttp2Stream` object
 
 Call [`http2stream.pushStream()`][] with the given headers, and wrap the
-given [`Http2Stream`] on a newly created `Http2ServerResponse` as the callback
+given [`Http2Stream`][] on a newly created `Http2ServerResponse` as the callback
 parameter if successful. When `Http2ServerRequest` is closed, the callback is
 called with an error `ERR_HTTP2_INVALID_STREAM`.
 
diff --git a/doc/api/inspector.md b/doc/api/inspector.md
index 3d9a956f095ede..3205cce7148f1d 100644
--- a/doc/api/inspector.md
+++ b/doc/api/inspector.md
@@ -137,7 +137,7 @@ added: v8.0.0
 -->
 
 Immediately close the session. All pending message callbacks will be called
-with an error. [`session.connect()`] will need to be called to be able to send
+with an error. [`session.connect()`][] will need to be called to be able to send
 messages again. Reconnected session will lose all inspector state, such as
 enabled agents or configured breakpoints.
 
diff --git a/doc/api/process.md b/doc/api/process.md
index ae0dd86bc00548..5ecd5b513f3543 100644
--- a/doc/api/process.md
+++ b/doc/api/process.md
@@ -80,7 +80,7 @@ all `'exit'` listeners have finished running the Node.js process will terminate.
 
 The listener callback function is invoked with the exit code specified either
 by the [`process.exitCode`][] property, or the `exitCode` argument passed to the
-[`process.exit()`] method.
+[`process.exit()`][] method.
 
 ```js
 process.on('exit', (code) => {
@@ -570,8 +570,8 @@ added: v0.1.27
 
 The `process.argv` property returns an array containing the command line
 arguments passed when the Node.js process was launched. The first element will
-be [`process.execPath`]. See `process.argv0` if access to the original value of
-`argv[0]` is needed. The second element will be the path to the JavaScript
+be [`process.execPath`][]. See `process.argv0` if access to the original value
+of `argv[0]` is needed. The second element will be the path to the JavaScript
 file being executed. The remaining elements will be any additional command line
 arguments.
 
@@ -1122,7 +1122,7 @@ added: v0.1.13
 The `process.exit()` method instructs Node.js to terminate the process
 synchronously with an exit status of `code`. If `code` is omitted, exit uses
 either the 'success' code `0` or the value of `process.exitCode` if it has been
-set. Node.js will not terminate until all the [`'exit'`] event listeners are
+set. Node.js will not terminate until all the [`'exit'`][] event listeners are
 called.
 
 To exit with a 'failure' code:
@@ -1506,7 +1506,7 @@ changes:
 fully drained after the current operation on the JavaScript stack runs to
 completion and before the event loop is allowed to continue. It's possible to
 create an infinite loop if one were to recursively call `process.nextTick()`.
-See the [Event Loop] guide for more background.
+See the [Event Loop][] guide for more background.
 
 ```js
 console.log('start');
diff --git a/doc/api/readline.md b/doc/api/readline.md
index 898d7e005fb652..03fdc4417230cf 100644
--- a/doc/api/readline.md
+++ b/doc/api/readline.md
@@ -5,7 +5,8 @@
 > Stability: 2 - Stable
 
 The `readline` module provides an interface for reading data from a [Readable][]
-stream (such as [`process.stdin`]) one line at a time. It can be accessed using:
+stream (such as [`process.stdin`][]) one line at a time. It can be accessed
+using:
 
 ```js
 const readline = require('readline');
diff --git a/doc/api/stream.md b/doc/api/stream.md
index eb4b0b82740a8f..4bdf3159dfaa80 100644
--- a/doc/api/stream.md
+++ b/doc/api/stream.md
@@ -89,7 +89,7 @@ total size of the internal write buffer is below the threshold set by
 the size of the internal buffer reaches or exceeds the `highWaterMark`, `false`
 will be returned.
 
-A key goal of the `stream` API, particularly the [`stream.pipe()`] method,
+A key goal of the `stream` API, particularly the [`stream.pipe()`][] method,
 is to limit the buffering of data to acceptable levels such that sources and
 destinations of differing speeds will not overwhelm the available memory.
 
@@ -682,7 +682,7 @@ from the stream.
 
 Adding a [`'readable'`][] event handler automatically make the stream to
 stop flowing, and the data to be consumed via
-[`readable.read()`][stream-read]. If the [`'readable'`] event handler is
+[`readable.read()`][stream-read]. If the [`'readable'`][] event handler is
 removed, then the stream will start flowing again if there is a
 [`'data'`][] event handler.
 
@@ -1653,10 +1653,10 @@ on the type of stream being created, as detailed in the chart below:
 
 | Use-case | Class | Method(s) to implement |
 | -------- | ----- | ---------------------- |
-| Reading only | [`Readable`] | <code>[_read()][stream-_read]</code> |
-| Writing only | [`Writable`] | <code>[_write()][stream-_write]</code>, <code>[_writev()][stream-_writev]</code>, <code>[_final()][stream-_final]</code> |
-| Reading and writing | [`Duplex`] | <code>[_read()][stream-_read]</code>, <code>[_write()][stream-_write]</code>, <code>[_writev()][stream-_writev]</code>, <code>[_final()][stream-_final]</code> |
-| Operate on written data, then read the result | [`Transform`] | <code>[_transform()][stream-_transform]</code>, <code>[_flush()][stream-_flush]</code>, <code>[_final()][stream-_final]</code> |
+| Reading only | [`Readable`][] | [`_read()`][stream-_read] |
+| Writing only | [`Writable`][] | [`_write()`][stream-_write], [`_writev()`][stream-_writev], [`_final()`][stream-_final] |
+| Reading and writing | [`Duplex`][] | [`_read()`][stream-_read], [`_write()`][stream-_write], [`_writev()`][stream-_writev], [`_final()`][stream-_final] |
+| Operate on written data, then read the result | [`Transform`][] | [`_transform()`][stream-_transform], [`_flush()`][stream-_flush], [`_final()`][stream-_final] |
 
 The implementation code for a stream should *never* call the "public" methods
 of a stream that are intended for use by consumers (as described in the
@@ -1881,7 +1881,7 @@ or write buffered data before a stream ends.
 #### Errors While Writing
 
 Errors occurring during the processing of the [`writable._write()`][],
-[`writable._writev()`][] and [`writable._final()`] methods must be propagated
+[`writable._writev()`][] and [`writable._final()`][] methods must be propagated
 by invoking the callback and passing the error as the first argument.
 Throwing an `Error` from within these methods or manually emitting an `'error'`
 event results in undefined behavior.
diff --git a/doc/api/timers.md b/doc/api/timers.md
index 66ee2ca97e8455..a99dd1c41e60b0 100644
--- a/doc/api/timers.md
+++ b/doc/api/timers.md
@@ -136,7 +136,7 @@ added: v0.9.1
 -->
 
 * `callback` {Function} The function to call at the end of this turn of
-  [the Node.js Event Loop]
+  the Node.js [Event Loop][]
 * `...args` {any} Optional arguments to pass when the `callback` is called.
 * Returns: {Immediate} for use with [`clearImmediate()`][]
 
diff --git a/doc/api/tls.md b/doc/api/tls.md
index 297c1e7fd460dc..d90affa4c3b70d 100644
--- a/doc/api/tls.md
+++ b/doc/api/tls.md
@@ -68,12 +68,12 @@ Where:
 
 <!-- type=misc -->
 
-The term "[Forward Secrecy]" or "Perfect Forward Secrecy" describes a feature of
-key-agreement (i.e., key-exchange) methods. That is, the server and client keys
-are used to negotiate new temporary keys that are used specifically and only for
-the current communication session. Practically, this means that even if the
-server's private key is compromised, communication can only be decrypted by
-eavesdroppers if the attacker manages to obtain the key-pair specifically
+The term "[Forward Secrecy][]" or "Perfect Forward Secrecy" describes a feature
+of key-agreement (i.e., key-exchange) methods. That is, the server and client
+keys are used to negotiate new temporary keys that are used specifically and
+only for the current communication session. Practically, this means that even
+if the server's private key is compromised, communication can only be decrypted
+by eavesdroppers if the attacker manages to obtain the key-pair specifically
 generated for the session.
 
 Perfect Forward Secrecy is achieved by randomly generating a key pair for
@@ -83,8 +83,8 @@ all sessions). Methods implementing this technique are called "ephemeral".
 Currently two methods are commonly used to achieve Perfect Forward Secrecy (note
 the character "E" appended to the traditional abbreviations):
 
-* [DHE] - An ephemeral version of the Diffie Hellman key-agreement protocol.
-* [ECDHE] - An ephemeral version of the Elliptic Curve Diffie Hellman
+* [DHE][] - An ephemeral version of the Diffie Hellman key-agreement protocol.
+* [ECDHE][] - An ephemeral version of the Elliptic Curve Diffie Hellman
   key-agreement protocol.
 
 Ephemeral methods may have some performance drawbacks, because key generation
@@ -102,7 +102,7 @@ openssl dhparam -outform PEM -out dhparam.pem 2048
 If using Perfect Forward Secrecy using `ECDHE`, Diffie-Hellman parameters are
 not required and a default ECDHE curve will be used. The `ecdhCurve` property
 can be used when creating a TLS Server to specify the list of names of supported
-curves to use, see [`tls.createServer()`] for more info.
+curves to use, see [`tls.createServer()`][] for more info.
 
 Perfect Forward Secrecy was optional up to TLSv1.2, but it is not optional for
 TLSv1.3, because all TLSv1.3 cipher suites use ECDHE.
@@ -279,8 +279,8 @@ node server.js
 
 The default can also be replaced on a per client or server basis using the
 `ciphers` option from [`tls.createSecureContext()`][], which is also available
-in [`tls.createServer()`], [`tls.connect()`], and when creating new
-[`tls.TLSSocket`]s.
+in [`tls.createServer()`][], [`tls.connect()`][], and when creating new
+[`tls.TLSSocket`][]s.
 
 The ciphers list can contain a mixture of TLSv1.3 cipher suite names, the ones
 that start with `'TLS_'`, and specifications for TLSv1.2 and below cipher
@@ -303,16 +303,16 @@ of an application. The `--tls-cipher-list` switch and `ciphers` option should by
 used only if absolutely necessary.
 
 The default cipher suite prefers GCM ciphers for [Chrome's 'modern
-cryptography' setting] and also prefers ECDHE and DHE ciphers for Perfect
+cryptography' setting][] and also prefers ECDHE and DHE ciphers for Perfect
 Forward Secrecy, while offering *some* backward compatibility.
 
 128 bit AES is preferred over 192 and 256 bit AES in light of [specific
-attacks affecting larger AES key sizes].
+attacks affecting larger AES key sizes][].
 
 Old clients that rely on insecure and deprecated RC4 or DES-based ciphers
 (like Internet Explorer 6) cannot complete the handshaking process with
 the default configuration. If these clients _must_ be supported, the
-[TLS recommendations] may offer a compatible cipher suite. For more details
+[TLS recommendations][] may offer a compatible cipher suite. For more details
 on the format, see the OpenSSL [cipher list format][] documentation.
 
 There are only 5 TLSv1.3 cipher suites:
@@ -415,7 +415,7 @@ The typical flow of an OCSP Request is as follows:
 2. Server receives the request and emits the `'OCSPRequest'` event, calling the
    listener if registered.
 3. Server extracts the OCSP URL from either the `certificate` or `issuer` and
-   performs an [OCSP request] to the CA.
+   performs an [OCSP request][] to the CA.
 4. Server receives `'OCSPResponse'` from the CA and sends it back to the client
    via the `callback` argument
 5. Client validates the response and either destroys the socket or performs a
@@ -428,7 +428,7 @@ via the `ca` option when establishing the TLS connection.)
 Listening for this event will have an effect only on connections established
 after the addition of the event listener.
 
-An npm module like [asn1.js] may be used to parse the certificates.
+An npm module like [asn1.js][] may be used to parse the certificates.
 
 ### Event: 'resumeSession'
 <!-- YAML
@@ -1416,7 +1416,7 @@ changes:
     provided.
     For PEM encoded certificates, supported types are "TRUSTED CERTIFICATE",
     "X509 CERTIFICATE", and "CERTIFICATE".
-    See also [`tls.rootCertificates`].
+    See also [`tls.rootCertificates`][].
   * `cert` {string|string[]|Buffer|Buffer[]} Cert chains in PEM format. One cert
     chain should be provided per private key. Each cert chain should consist of
     the PEM formatted certificate for a provided private `key`, followed by the
@@ -1452,7 +1452,7 @@ changes:
     curve automatically. Use [`crypto.getCurves()`][] to obtain a list of
     available curve names. On recent releases, `openssl ecparam -list_curves`
     will also display the name and description of each available elliptic curve.
-    **Default:** [`tls.DEFAULT_ECDH_CURVE`].
+    **Default:** [`tls.DEFAULT_ECDH_CURVE`][].
   * `honorCipherOrder` {boolean} Attempt to use the server's cipher suite
     preferences instead of the client's. When `true`, causes
     `SSL_OP_CIPHER_SERVER_PREFERENCE` to be set in `secureOptions`, see
@@ -1653,7 +1653,7 @@ added: v12.3.0
 
 An immutable array of strings representing the root certificates (in PEM format)
 used for verifying peer certificates. This is the default value of the `ca`
-option to [`tls.createSecureContext()`].
+option to [`tls.createSecureContext()`][].
 
 ## tls.DEFAULT_ECDH_CURVE
 <!-- YAML
@@ -1665,7 +1665,7 @@ changes:
 -->
 
 The default curve name to use for ECDH key agreement in a tls server. The
-default value is `'auto'`. See [`tls.createSecureContext()`] for further
+default value is `'auto'`. See [`tls.createSecureContext()`][] for further
 information.
 
 ## tls.DEFAULT_MAX_VERSION
diff --git a/doc/api/tracing.md b/doc/api/tracing.md
index 64622d6b503a56..999c7d723012b0 100644
--- a/doc/api/tracing.md
+++ b/doc/api/tracing.md
@@ -14,8 +14,8 @@ accepts a list of comma-separated category names.
 The available categories are:
 
 * `node` - An empty placeholder.
-* `node.async_hooks` - Enables capture of detailed [`async_hooks`] trace data.
-  The [`async_hooks`] events have a unique `asyncId` and a special `triggerId`
+* `node.async_hooks` - Enables capture of detailed [`async_hooks`][] trace data.
+  The [`async_hooks`][] events have a unique `asyncId` and a special `triggerId`
   `triggerAsyncId` property.
 * `node.bootstrap` - Enables capture of Node.js bootstrap milestones.
 * `node.console` - Enables capture of `console.time()` and `console.count()`
@@ -23,7 +23,7 @@ The available categories are:
 * `node.dns.native` - Enables capture of trace data for DNS queries.
 * `node.environment` - Enables capture of Node.js Environment milestones.
 * `node.fs.sync` - Enables capture of trace data for file system sync methods.
-* `node.perf` - Enables capture of [Performance API] measurements.
+* `node.perf` - Enables capture of [Performance API][] measurements.
   * `node.perf.usertiming` - Enables capture of only Performance API User Timing
     measures and marks.
   * `node.perf.timerify` - Enables capture of only Performance API timerify
@@ -32,7 +32,7 @@ The available categories are:
   of unhandled Promise rejections and handled-after-rejections.
 * `node.vm.script` - Enables capture of trace data for the `vm` module's
   `runInNewContext()`, `runInContext()`, and `runInThisContext()` methods.
-* `v8` - The [V8] events are GC, compiling, and execution related.
+* `v8` - The [V8][] events are GC, compiling, and execution related.
 
 By default the `node`, `node.async_hooks`, and `v8` categories are enabled.
 
diff --git a/doc/api/util.md b/doc/api/util.md
index d158fbd1a832d7..46df7c01ea7e17 100644
--- a/doc/api/util.md
+++ b/doc/api/util.md
@@ -1775,7 +1775,7 @@ The `util._extend()` method was never intended to be used outside of internal
 Node.js modules. The community found and used it anyway.
 
 It is deprecated and should not be used in new code. JavaScript comes with very
-similar built-in functionality through [`Object.assign()`].
+similar built-in functionality through [`Object.assign()`][].
 
 ### util.isArray(object)
 <!-- YAML
diff --git a/doc/guides/maintaining-V8.md b/doc/guides/maintaining-V8.md
index 98b543ef2dd70b..d33b745ac56b8e 100644
--- a/doc/guides/maintaining-V8.md
+++ b/doc/guides/maintaining-V8.md
@@ -162,9 +162,9 @@ process.
 
 ### Unfixed Upstream Bugs
 
-If the bug can be reproduced on the [Node.js `canary` branch], Chromium canary,
-or V8 tip-of-tree, and the test case is valid, then the bug needs to be fixed
-upstream first.
+If the bug can be reproduced on the [Node.js `canary` branch][], Chromium
+canary, or V8 tip-of-tree, and the test case is valid, then the bug needs to be
+fixed upstream first.
 
 * Start by opening a bug upstream using [this template][V8TemplateUpstreamBug].
 * Make sure to include a link to the corresponding Node.js issue
@@ -226,12 +226,12 @@ to be cherry-picked in the Node.js repository and V8-CI must test the change.
     V8 team to get help with reimplementing the patch.
   * Open a cherry-pick PR on `nodejs/node` targeting the *vY.x-staging* branch
     and notify the `@nodejs/v8` team.
-  * Run the Node.js [V8 CI] in addition to the [Node.js CI].
+  * Run the Node.js [V8 CI][] in addition to the [Node.js CI][].
     The CI uses the `test-v8` target in the `Makefile`, which uses
     `tools/make-v8.sh` to reconstruct a git tree in the `deps/v8` directory to
     run V8 tests.
 
-The [`git-node`] tool can be used to simplify this task. Run
+The [`git-node`][] tool can be used to simplify this task. Run
 `git node v8 backport <sha>` to cherry-pick a commit.
 
 An example for workflow how to cherry-pick consider the bug
@@ -275,8 +275,8 @@ PR-URL: https://github.com/nodejs/node/pull/7833
 ```
 
 * Open a PR against the `v6.x-staging` branch in the Node.js repo. Launch the
-  normal and [V8 CI] using the Node.js CI system. We only needed to backport to
-  `v6.x` as the other LTS branches weren't affected by this bug.
+  normal and [V8 CI][] using the Node.js CI system. We only needed to backport
+  to `v6.x` as the other LTS branches weren't affected by this bug.
 
 ### Backports Identified by the V8 team
 
@@ -340,7 +340,7 @@ curl -L https://github.com/v8/v8/compare/${V8_OLD_VERSION}...${V8_NEW_VERSION}.p
 V8 also keeps tags of the form *5.4-lkgr* which point to the *Last Known Good
 Revision* from the 5.4 branch that can be useful in the update process above.
 
-The [`git-node`] tool can be used to simplify this task. Run `git node v8 minor`
+The [`git-node`][] tool can be used to simplify this task. Run `git node v8 minor`
 to apply a minor update.
 
 ### Major Updates
@@ -367,8 +367,8 @@ To audit for floating patches:
 git log --oneline deps/v8
 ```
 
-To replace the copy of V8 in Node.js, use the [`git-node`] tool. For example, if
-you want to replace the copy of V8 in Node.js with the branch-head for V8 5.1
+To replace the copy of V8 in Node.js, use the [`git-node`][] tool. For example,
+if you want to replace the copy of V8 in Node.js with the branch-head for V8 5.1
 branch:
 
 ```shell

From 3f153789b559221550226bf72e622a7ae4f7478e Mon Sep 17 00:00:00 2001
From: ZYSzys <zyszys98@gmail.com>
Date: Thu, 3 Oct 2019 23:07:42 +0800
Subject: [PATCH 43/65] http2: set default maxConcurrentStreams

Set the default maxConcurrentStreams to
NGHTTP2_DEFAULT_MAX_CONCURRENT_STREAMS.

PR-URL: https://github.com/nodejs/node/pull/29833
Fixes: https://github.com/nodejs/node/issues/29763
Refs: https://github.com/nghttp2/nghttp2/commit/16c46114dc724278beaa6d59462f8396f35fa4a9
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: David Carlier <devnexen@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anto Aravinth <anto.aravinth.cse@gmail.com>
---
 doc/api/http2.md                                 |  8 ++++++--
 lib/internal/http2/core.js                       |  2 +-
 src/node_http2.cc                                |  4 ++++
 src/node_http2.h                                 |  1 +
 test/parallel/test-http2-binding.js              |  2 ++
 .../test-http2-client-setNextStreamID-errors.js  |  4 ++--
 .../test-http2-client-settings-before-connect.js |  2 +-
 test/parallel/test-http2-getpackedsettings.js    | 16 ++--------------
 8 files changed, 19 insertions(+), 20 deletions(-)

diff --git a/doc/api/http2.md b/doc/api/http2.md
index 33ec78bd4a7c7b..4be87eb6136230 100644
--- a/doc/api/http2.md
+++ b/doc/api/http2.md
@@ -2357,6 +2357,9 @@ server.on('stream', (stream, headers) => {
 <!-- YAML
 added: v8.4.0
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/29833
+    description: The `maxConcurrentStreams` setting is stricter.
   - version: v8.9.3
     pr-url: https://github.com/nodejs/node/pull/16676
     description: The `maxHeaderListSize` setting is now strictly enforced.
@@ -2382,9 +2385,10 @@ properties.
   is 2<sup>24</sup>-1. **Default:** `16,384 bytes`.
 * `maxConcurrentStreams` {number} Specifies the maximum number of concurrent
   streams permitted on an `Http2Session`. There is no default value which
-  implies, at least theoretically, 2<sup>31</sup>-1 streams may be open
+  implies, at least theoretically, 2<sup>32</sup>-1 streams may be open
   concurrently at any given time in an `Http2Session`. The minimum value
-  is 0. The maximum allowed value is 2<sup>31</sup>-1.
+  is 0. The maximum allowed value is 2<sup>32</sup>-1. **Default:**
+  `4294967295`.
 * `maxHeaderListSize` {number} Specifies the maximum size (uncompressed octets)
   of header list that will be accepted. The minimum allowed value is 0. The
   maximum allowed value is 2<sup>32</sup>-1. **Default:** `65535`.
diff --git a/lib/internal/http2/core.js b/lib/internal/http2/core.js
index 2a68376c09bcbd..5925cbfefc52d9 100644
--- a/lib/internal/http2/core.js
+++ b/lib/internal/http2/core.js
@@ -161,7 +161,7 @@ function debugSessionObj(session, message, ...args) {
 
 const kMaxFrameSize = (2 ** 24) - 1;
 const kMaxInt = (2 ** 32) - 1;
-const kMaxStreams = (2 ** 31) - 1;
+const kMaxStreams = (2 ** 32) - 1;
 const kMaxALTSVC = (2 ** 14) - 2;
 
 // eslint-disable-next-line no-control-regex
diff --git a/src/node_http2.cc b/src/node_http2.cc
index 70877c14063482..358c687768d616 100644
--- a/src/node_http2.cc
+++ b/src/node_http2.cc
@@ -292,6 +292,8 @@ void Http2Session::Http2Settings::RefreshDefaults(Environment* env) {
       DEFAULT_SETTINGS_HEADER_TABLE_SIZE;
   buffer[IDX_SETTINGS_ENABLE_PUSH] =
       DEFAULT_SETTINGS_ENABLE_PUSH;
+  buffer[IDX_SETTINGS_MAX_CONCURRENT_STREAMS] =
+      DEFAULT_SETTINGS_MAX_CONCURRENT_STREAMS;
   buffer[IDX_SETTINGS_INITIAL_WINDOW_SIZE] =
       DEFAULT_SETTINGS_INITIAL_WINDOW_SIZE;
   buffer[IDX_SETTINGS_MAX_FRAME_SIZE] =
@@ -301,6 +303,7 @@ void Http2Session::Http2Settings::RefreshDefaults(Environment* env) {
   buffer[IDX_SETTINGS_COUNT] =
     (1 << IDX_SETTINGS_HEADER_TABLE_SIZE) |
     (1 << IDX_SETTINGS_ENABLE_PUSH) |
+    (1 << IDX_SETTINGS_MAX_CONCURRENT_STREAMS) |
     (1 << IDX_SETTINGS_INITIAL_WINDOW_SIZE) |
     (1 << IDX_SETTINGS_MAX_FRAME_SIZE) |
     (1 << IDX_SETTINGS_MAX_HEADER_LIST_SIZE);
@@ -3233,6 +3236,7 @@ void Initialize(Local<Object> target,
 
   NODE_DEFINE_CONSTANT(constants, DEFAULT_SETTINGS_HEADER_TABLE_SIZE);
   NODE_DEFINE_CONSTANT(constants, DEFAULT_SETTINGS_ENABLE_PUSH);
+  NODE_DEFINE_CONSTANT(constants, DEFAULT_SETTINGS_MAX_CONCURRENT_STREAMS);
   NODE_DEFINE_CONSTANT(constants, DEFAULT_SETTINGS_INITIAL_WINDOW_SIZE);
   NODE_DEFINE_CONSTANT(constants, DEFAULT_SETTINGS_MAX_FRAME_SIZE);
   NODE_DEFINE_CONSTANT(constants, MAX_MAX_FRAME_SIZE);
diff --git a/src/node_http2.h b/src/node_http2.h
index 792078d1261dd0..0b5e3d3ab88c2d 100644
--- a/src/node_http2.h
+++ b/src/node_http2.h
@@ -40,6 +40,7 @@ using performance::PerformanceEntry;
 // These are the standard HTTP/2 defaults as specified by the RFC
 #define DEFAULT_SETTINGS_HEADER_TABLE_SIZE 4096
 #define DEFAULT_SETTINGS_ENABLE_PUSH 1
+#define DEFAULT_SETTINGS_MAX_CONCURRENT_STREAMS 0xffffffffu
 #define DEFAULT_SETTINGS_INITIAL_WINDOW_SIZE 65535
 #define DEFAULT_SETTINGS_MAX_FRAME_SIZE 16384
 #define DEFAULT_SETTINGS_MAX_HEADER_LIST_SIZE 65535
diff --git a/test/parallel/test-http2-binding.js b/test/parallel/test-http2-binding.js
index 82eafc0de946ff..f12fd1a8cac905 100644
--- a/test/parallel/test-http2-binding.js
+++ b/test/parallel/test-http2-binding.js
@@ -16,6 +16,7 @@ assert.strictEqual(typeof binding.Http2Session, 'function');
 const settings = http2.getDefaultSettings();
 assert.strictEqual(settings.headerTableSize, 4096);
 assert.strictEqual(settings.enablePush, true);
+assert.strictEqual(settings.maxConcurrentStreams, 4294967295);
 assert.strictEqual(settings.initialWindowSize, 65535);
 assert.strictEqual(settings.maxFrameSize, 16384);
 
@@ -227,6 +228,7 @@ const expectedNGConstants = {
 const defaultSettings = {
   DEFAULT_SETTINGS_HEADER_TABLE_SIZE: 4096,
   DEFAULT_SETTINGS_ENABLE_PUSH: 1,
+  DEFAULT_SETTINGS_MAX_CONCURRENT_STREAMS: 4294967295,
   DEFAULT_SETTINGS_INITIAL_WINDOW_SIZE: 65535,
   DEFAULT_SETTINGS_MAX_FRAME_SIZE: 16384
 };
diff --git a/test/parallel/test-http2-client-setNextStreamID-errors.js b/test/parallel/test-http2-client-setNextStreamID-errors.js
index 39d194e1f51a93..203b552ef7f7f1 100644
--- a/test/parallel/test-http2-client-setNextStreamID-errors.js
+++ b/test/parallel/test-http2-client-setNextStreamID-errors.js
@@ -26,14 +26,14 @@ server.listen(0, common.mustCall(() => {
   const client = http2.connect(`http://localhost:${server.address().port}`);
 
   client.on('connect', () => {
-    const outOfRangeNum = 2 ** 31;
+    const outOfRangeNum = 2 ** 32;
     common.expectsError(
       () => client.setNextStreamID(outOfRangeNum),
       {
         type: RangeError,
         code: 'ERR_OUT_OF_RANGE',
         message: 'The value of "id" is out of range.' +
-           ' It must be > 0 and <= 2147483647. Received ' + outOfRangeNum
+           ' It must be > 0 and <= 4294967295. Received ' + outOfRangeNum
       }
     );
 
diff --git a/test/parallel/test-http2-client-settings-before-connect.js b/test/parallel/test-http2-client-settings-before-connect.js
index 961292d803ab7a..8bcdabe3268afb 100644
--- a/test/parallel/test-http2-client-settings-before-connect.js
+++ b/test/parallel/test-http2-client-settings-before-connect.js
@@ -28,7 +28,7 @@ server.listen(0, common.mustCall(() => {
     ['maxFrameSize', 1, RangeError],
     ['maxFrameSize', 2 ** 24, RangeError],
     ['maxConcurrentStreams', -1, RangeError],
-    ['maxConcurrentStreams', 2 ** 31, RangeError],
+    ['maxConcurrentStreams', 2 ** 32, RangeError],
     ['maxHeaderListSize', -1, RangeError],
     ['maxHeaderListSize', 2 ** 32, RangeError],
     ['enablePush', 'a', TypeError],
diff --git a/test/parallel/test-http2-getpackedsettings.js b/test/parallel/test-http2-getpackedsettings.js
index 77c8cf442f5f27..341cfb4fc799f2 100644
--- a/test/parallel/test-http2-getpackedsettings.js
+++ b/test/parallel/test-http2-getpackedsettings.js
@@ -7,6 +7,7 @@ const assert = require('assert');
 const http2 = require('http2');
 
 const check = Buffer.from([0x00, 0x01, 0x00, 0x00, 0x10, 0x00,
+                           0x00, 0x03, 0xff, 0xff, 0xff, 0xff,
                            0x00, 0x05, 0x00, 0x00, 0x40, 0x00,
                            0x00, 0x04, 0x00, 0x00, 0xff, 0xff,
                            0x00, 0x06, 0x00, 0x00, 0xff, 0xff,
@@ -41,7 +42,7 @@ http2.getPackedSettings({ enablePush: false });
   ['maxFrameSize', 16383],
   ['maxFrameSize', 2 ** 24],
   ['maxConcurrentStreams', -1],
-  ['maxConcurrentStreams', 2 ** 31],
+  ['maxConcurrentStreams', 2 ** 32],
   ['maxHeaderListSize', -1],
   ['maxHeaderListSize', 2 ** 32]
 ].forEach((i) => {
@@ -168,16 +169,3 @@ http2.getPackedSettings({ enablePush: false });
     message: 'Invalid value for setting "maxFrameSize": 16777216'
   });
 }
-
-// Check for maxConcurrentStreams failing the max number.
-{
-  const packed = Buffer.from([0x00, 0x03, 0xFF, 0xFF, 0xFF, 0xFF]);
-
-  common.expectsError(() => {
-    http2.getUnpackedSettings(packed, { validate: true });
-  }, {
-    code: 'ERR_HTTP2_INVALID_SETTING_VALUE',
-    type: RangeError,
-    message: 'Invalid value for setting "maxConcurrentStreams": 4294967295'
-  });
-}

From 9e5d691ee4d8ba775e6a25cfa4289b1cf568a48b Mon Sep 17 00:00:00 2001
From: ZYSzys <zyszys98@gmail.com>
Date: Fri, 4 Oct 2019 00:35:41 +0800
Subject: [PATCH 44/65] lib: introduce no-mixed-operators eslint rule to lib

PR-URL: https://github.com/nodejs/node/pull/29834
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Gus Caplan <me@gus.host>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
---
 lib/.eslintrc.yaml                     |  3 +++
 lib/_http_client.js                    |  2 +-
 lib/_stream_readable.js                |  2 +-
 lib/_tls_wrap.js                       |  4 ++--
 lib/assert.js                          |  4 ++--
 lib/internal/assert/assertion_error.js |  2 +-
 lib/internal/child_process.js          |  2 +-
 lib/internal/cluster/child.js          |  2 +-
 lib/internal/errors.js                 |  4 ++--
 lib/internal/fs/utils.js               |  6 +++---
 lib/internal/modules/cjs/loader.js     |  2 +-
 lib/internal/readline/utils.js         | 26 +++++++++++++-------------
 lib/internal/tty.js                    |  2 +-
 lib/internal/url.js                    |  2 +-
 lib/internal/util/comparisons.js       |  6 +++---
 lib/internal/util/inspect.js           | 24 ++++++++++++------------
 lib/path.js                            | 12 ++++++------
 lib/readline.js                        |  2 +-
 lib/url.js                             | 10 +++++-----
 lib/util.js                            |  2 +-
 20 files changed, 61 insertions(+), 58 deletions(-)

diff --git a/lib/.eslintrc.yaml b/lib/.eslintrc.yaml
index 824bd32980da8c..b7e8e1f4fbeb4a 100644
--- a/lib/.eslintrc.yaml
+++ b/lib/.eslintrc.yaml
@@ -4,6 +4,9 @@ env:
 rules:
   prefer-object-spread: error
   no-buffer-constructor: error
+  no-mixed-operators:
+    - error
+    - groups: [[ "&&", "||" ]]
   no-restricted-globals:
     - error
     - name: JSON
diff --git a/lib/_http_client.js b/lib/_http_client.js
index 91dd398ce6639c..0eae2e7e58dd04 100644
--- a/lib/_http_client.js
+++ b/lib/_http_client.js
@@ -144,7 +144,7 @@ function ClientRequest(input, options, cb) {
   }
 
   const defaultPort = options.defaultPort ||
-                    this.agent && this.agent.defaultPort;
+                    (this.agent && this.agent.defaultPort);
 
   const port = options.port = options.port || defaultPort || 80;
   const host = options.host = validateHost(options.hostname, 'hostname') ||
diff --git a/lib/_stream_readable.js b/lib/_stream_readable.js
index 6c2bbb3495a3a3..d3198c7545f1d8 100644
--- a/lib/_stream_readable.js
+++ b/lib/_stream_readable.js
@@ -260,7 +260,7 @@ function readableAddChunk(stream, chunk, encoding, addToFront) {
       er = chunkInvalid(state, chunk);
     if (er) {
       errorOrDestroy(stream, er);
-    } else if (state.objectMode || chunk && chunk.length > 0) {
+    } else if (state.objectMode || (chunk && chunk.length > 0)) {
       if (typeof chunk !== 'string' &&
           !state.objectMode &&
           // Do not use Object.getPrototypeOf as it is slower since V8 7.3.
diff --git a/lib/_tls_wrap.js b/lib/_tls_wrap.js
index db6f6b5e765f0b..9c3fe656a7ce80 100644
--- a/lib/_tls_wrap.js
+++ b/lib/_tls_wrap.js
@@ -149,8 +149,8 @@ function loadSession(hello) {
 
   if (hello.sessionId.length <= 0 ||
       hello.tlsTicket ||
-      owner.server &&
-      !owner.server.emit('resumeSession', hello.sessionId, onSession)) {
+      (owner.server &&
+      !owner.server.emit('resumeSession', hello.sessionId, onSession))) {
     // Sessions without identifiers can't be resumed.
     // Sessions with tickets can be resumed directly from the ticket, no server
     // session storage is necessary.
diff --git a/lib/assert.js b/lib/assert.js
index 562c9628c9dacb..cb9cef6b902a1e 100644
--- a/lib/assert.js
+++ b/lib/assert.js
@@ -647,9 +647,9 @@ function checkIsPromise(obj) {
   // way. Do not accept thenables that use a function as `obj` and that have no
   // `catch` handler.
   return isPromise(obj) ||
-    obj !== null && typeof obj === 'object' &&
+    (obj !== null && typeof obj === 'object' &&
     typeof obj.then === 'function' &&
-    typeof obj.catch === 'function';
+    typeof obj.catch === 'function');
 }
 
 async function waitForActual(promiseFn) {
diff --git a/lib/internal/assert/assertion_error.js b/lib/internal/assert/assertion_error.js
index 3734796e2d2a2d..0b57bf2cb200c5 100644
--- a/lib/internal/assert/assertion_error.js
+++ b/lib/internal/assert/assertion_error.js
@@ -349,7 +349,7 @@ class AssertionError extends Error {
         // In case "actual" is an object or a function, it should not be
         // reference equal.
         if (operator === 'notStrictEqual' &&
-            (typeof actual === 'object' && actual !== null ||
+            ((typeof actual === 'object' && actual !== null) ||
              typeof actual === 'function')) {
           base = kReadableOperator.notStrictEqualObject;
         }
diff --git a/lib/internal/child_process.js b/lib/internal/child_process.js
index a0f083d8deb58e..5612d31bb5738d 100644
--- a/lib/internal/child_process.js
+++ b/lib/internal/child_process.js
@@ -934,7 +934,7 @@ function getValidStdio(stdio, sync) {
 
     if (stdio === 'ignore') {
       acc.push({ type: 'ignore' });
-    } else if (stdio === 'pipe' || typeof stdio === 'number' && stdio < 0) {
+    } else if (stdio === 'pipe' || (typeof stdio === 'number' && stdio < 0)) {
       var a = {
         type: 'pipe',
         readable: i === 0,
diff --git a/lib/internal/cluster/child.js b/lib/internal/cluster/child.js
index e7bddc1d0bc1f9..097c6dafae0172 100644
--- a/lib/internal/cluster/child.js
+++ b/lib/internal/cluster/child.js
@@ -100,7 +100,7 @@ cluster._getServer = function(obj, options, cb) {
     cluster.worker.state = 'listening';
     const address = obj.address();
     message.act = 'listening';
-    message.port = address && address.port || options.port;
+    message.port = (address && address.port) || options.port;
     send(message);
   });
 };
diff --git a/lib/internal/errors.js b/lib/internal/errors.js
index daf6831be05f71..c7e4c4783e7d2e 100644
--- a/lib/internal/errors.js
+++ b/lib/internal/errors.js
@@ -656,8 +656,8 @@ const fatalExceptionStackEnhancers = {
         colors: defaultColors
       }
     } = lazyInternalUtilInspect();
-    const colors = internalBinding('util').guessHandleType(2) === 'TTY' &&
-                   require('internal/tty').hasColors() ||
+    const colors = (internalBinding('util').guessHandleType(2) === 'TTY' &&
+                   require('internal/tty').hasColors()) ||
                    defaultColors;
     try {
       return inspect(error, { colors });
diff --git a/lib/internal/fs/utils.js b/lib/internal/fs/utils.js
index 80f0784681b588..efb54ca393cc8a 100644
--- a/lib/internal/fs/utils.js
+++ b/lib/internal/fs/utils.js
@@ -204,9 +204,9 @@ const nullCheck = hideStackFrames((path, propName, throwError = true) => {
   const pathIsUint8Array = isUint8Array(path);
 
   // We can only perform meaningful checks on strings and Uint8Arrays.
-  if (!pathIsString && !pathIsUint8Array ||
-      pathIsString && !path.includes('\u0000') ||
-      pathIsUint8Array && !path.includes(0)) {
+  if ((!pathIsString && !pathIsUint8Array) ||
+      (pathIsString && !path.includes('\u0000')) ||
+      (pathIsUint8Array && !path.includes(0))) {
     return;
   }
 
diff --git a/lib/internal/modules/cjs/loader.js b/lib/internal/modules/cjs/loader.js
index eab006935b0cad..9933839a055a47 100644
--- a/lib/internal/modules/cjs/loader.js
+++ b/lib/internal/modules/cjs/loader.js
@@ -733,7 +733,7 @@ Module._resolveFilename = function(request, parent, isMain, options) {
     if (Array.isArray(options.paths)) {
       const isRelative = request.startsWith('./') ||
           request.startsWith('../') ||
-          (isWindows && request.startsWith('.\\') ||
+          ((isWindows && request.startsWith('.\\')) ||
           request.startsWith('..\\'));
 
       if (isRelative) {
diff --git a/lib/internal/readline/utils.js b/lib/internal/readline/utils.js
index f72a03bb3915f4..31de512f74ba85 100644
--- a/lib/internal/readline/utils.js
+++ b/lib/internal/readline/utils.js
@@ -108,30 +108,30 @@ if (internalBinding('config').hasIntl) {
       code === 0x2329 || // LEFT-POINTING ANGLE BRACKET
       code === 0x232a || // RIGHT-POINTING ANGLE BRACKET
       // CJK Radicals Supplement .. Enclosed CJK Letters and Months
-      code >= 0x2e80 && code <= 0x3247 && code !== 0x303f ||
+      (code >= 0x2e80 && code <= 0x3247 && code !== 0x303f) ||
       // Enclosed CJK Letters and Months .. CJK Unified Ideographs Extension A
-      code >= 0x3250 && code <= 0x4dbf ||
+      (code >= 0x3250 && code <= 0x4dbf) ||
       // CJK Unified Ideographs .. Yi Radicals
-      code >= 0x4e00 && code <= 0xa4c6 ||
+      (code >= 0x4e00 && code <= 0xa4c6) ||
       // Hangul Jamo Extended-A
-      code >= 0xa960 && code <= 0xa97c ||
+      (code >= 0xa960 && code <= 0xa97c) ||
       // Hangul Syllables
-      code >= 0xac00 && code <= 0xd7a3 ||
+      (code >= 0xac00 && code <= 0xd7a3) ||
       // CJK Compatibility Ideographs
-      code >= 0xf900 && code <= 0xfaff ||
+      (code >= 0xf900 && code <= 0xfaff) ||
       // Vertical Forms
-      code >= 0xfe10 && code <= 0xfe19 ||
+      (code >= 0xfe10 && code <= 0xfe19) ||
       // CJK Compatibility Forms .. Small Form Variants
-      code >= 0xfe30 && code <= 0xfe6b ||
+      (code >= 0xfe30 && code <= 0xfe6b) ||
       // Halfwidth and Fullwidth Forms
-      code >= 0xff01 && code <= 0xff60 ||
-      code >= 0xffe0 && code <= 0xffe6 ||
+      (code >= 0xff01 && code <= 0xff60) ||
+      (code >= 0xffe0 && code <= 0xffe6) ||
       // Kana Supplement
-      code >= 0x1b000 && code <= 0x1b001 ||
+      (code >= 0x1b000 && code <= 0x1b001) ||
       // Enclosed Ideographic Supplement
-      code >= 0x1f200 && code <= 0x1f251 ||
+      (code >= 0x1f200 && code <= 0x1f251) ||
       // CJK Unified Ideographs Extension B .. Tertiary Ideographic Plane
-      code >= 0x20000 && code <= 0x3fffd
+      (code >= 0x20000 && code <= 0x3fffd)
     );
   };
 }
diff --git a/lib/internal/tty.js b/lib/internal/tty.js
index 6fd14145fcc12a..faf5df9b42e6b2 100644
--- a/lib/internal/tty.js
+++ b/lib/internal/tty.js
@@ -200,7 +200,7 @@ function getColorDepth(env = process.env) {
 
 function hasColors(count, env) {
   if (env === undefined &&
-      (count === undefined || typeof count === 'object' && count !== null)) {
+      (count === undefined || (typeof count === 'object' && count !== null))) {
     env = count;
     count = 16;
   } else {
diff --git a/lib/internal/url.js b/lib/internal/url.js
index a920511df489dc..fde643bea370c8 100644
--- a/lib/internal/url.js
+++ b/lib/internal/url.js
@@ -1363,7 +1363,7 @@ function pathToFileURL(filepath) {
   // path.resolve strips trailing slashes so we must add them back
   const filePathLast = filepath.charCodeAt(filepath.length - 1);
   if ((filePathLast === CHAR_FORWARD_SLASH ||
-       isWindows && filePathLast === CHAR_BACKWARD_SLASH) &&
+       (isWindows && filePathLast === CHAR_BACKWARD_SLASH)) &&
       resolved[resolved.length - 1] !== path.sep)
     resolved += '/';
   const outURL = new URL('file://');
diff --git a/lib/internal/util/comparisons.js b/lib/internal/util/comparisons.js
index a895da2ad12945..b3256716c38b63 100644
--- a/lib/internal/util/comparisons.js
+++ b/lib/internal/util/comparisons.js
@@ -294,7 +294,7 @@ function keyCheck(val1, val2, strict, memos, iterationType, aKeys) {
 
   if (aKeys.length === 0 &&
       (iterationType === kNoIterator ||
-        iterationType === kIsArray && val1.length === 0 ||
+        (iterationType === kIsArray && val1.length === 0) ||
         val1.size === 0)) {
     return true;
   }
@@ -383,7 +383,7 @@ function mapMightHaveLoosePrim(a, b, prim, item, memo) {
     return altValue;
   }
   const curB = b.get(altValue);
-  if (curB === undefined && !b.has(altValue) ||
+  if ((curB === undefined && !b.has(altValue)) ||
       !innerDeepEqual(item, curB, false, memo)) {
     return false;
   }
@@ -470,7 +470,7 @@ function mapEquiv(a, b, strict, memo) {
       // By directly retrieving the value we prevent another b.has(key) check in
       // almost all possible cases.
       const item2 = b.get(key);
-      if ((item2 === undefined && !b.has(key) ||
+      if (((item2 === undefined && !b.has(key)) ||
           !innerDeepEqual(item1, item2, strict, memo))) {
         if (strict)
           return false;
diff --git a/lib/internal/util/inspect.js b/lib/internal/util/inspect.js
index f63fafd01f89e0..efe8f23e08aeae 100644
--- a/lib/internal/util/inspect.js
+++ b/lib/internal/util/inspect.js
@@ -599,10 +599,10 @@ function formatRaw(ctx, value, recurseTimes, typedArray) {
   // Only list the tag in case it's non-enumerable / not an own property.
   // Otherwise we'd print this twice.
   if (typeof tag !== 'string' ||
-      tag !== '' &&
+      (tag !== '' &&
       (ctx.showHidden ? hasOwnProperty : propertyIsEnumerable)(
         value, Symbol.toStringTag
-      )) {
+      ))) {
     tag = '';
   }
   let base = '';
@@ -686,7 +686,7 @@ function formatRaw(ctx, value, recurseTimes, typedArray) {
       const prefix = getPrefix(constructor, tag, 'RegExp');
       if (prefix !== 'RegExp ')
         base = `${prefix}${base}`;
-      if (keys.length === 0 || recurseTimes > ctx.depth && ctx.depth !== null)
+      if (keys.length === 0 || (recurseTimes > ctx.depth && ctx.depth !== null))
         return ctx.stylize(base, 'regexp');
     } else if (isDate(value)) {
       // Make dates with properties first say the date
@@ -911,14 +911,14 @@ function formatError(err, constructor, tag, ctx) {
   const name = err.name || 'Error';
   let len = name.length;
   if (constructor === null ||
-      name.endsWith('Error') &&
+      (name.endsWith('Error') &&
       stack.startsWith(name) &&
-      (stack.length === len || stack[len] === ':' || stack[len] === '\n')) {
+      (stack.length === len || stack[len] === ':' || stack[len] === '\n'))) {
     let fallback = 'Error';
     if (constructor === null) {
       const start = stack.match(/^([A-Z][a-z_ A-Z0-9[\]()-]+)(?::|\n {4}at)/) ||
         stack.match(/^([a-z_A-Z0-9-]*Error)$/);
-      fallback = start && start[1] || '';
+      fallback = (start && start[1]) || '';
       len = fallback.length;
       fallback = fallback || 'Error';
     }
@@ -936,7 +936,7 @@ function formatError(err, constructor, tag, ctx) {
     }
   }
   // Ignore the error message if it's contained in the stack.
-  let pos = err.message && stack.indexOf(err.message) || -1;
+  let pos = (err.message && stack.indexOf(err.message)) || -1;
   if (pos !== -1)
     pos += err.message.length;
   // Wrap the error in brackets in case it has no stack trace.
@@ -1416,8 +1416,8 @@ function formatProperty(ctx, value, recurseTimes, key, type) {
     const s = ctx.stylize;
     const sp = 'special';
     if (ctx.getters && (ctx.getters === true ||
-          ctx.getters === 'get' && desc.set === undefined ||
-          ctx.getters === 'set' && desc.set !== undefined)) {
+          (ctx.getters === 'get' && desc.set === undefined) ||
+          (ctx.getters === 'set' && desc.set !== undefined))) {
       try {
         const tmp = value[key];
         ctx.indentationLvl += 2;
@@ -1594,15 +1594,15 @@ function formatWithOptions(inspectOptions, ...args) {
                 let constr;
                 if (typeof tempArg !== 'object' ||
                     tempArg === null ||
-                    typeof tempArg.toString === 'function' &&
+                    (typeof tempArg.toString === 'function' &&
                      // A direct own property.
                      (hasOwnProperty(tempArg, 'toString') ||
                       // A direct own property on the constructor prototype in
                       // case the constructor is not an built-in object.
-                      (constr = tempArg.constructor) &&
+                      ((constr = tempArg.constructor) &&
                       !builtInObjects.has(constr.name) &&
                       constr.prototype &&
-                      hasOwnProperty(constr.prototype, 'toString'))) {
+                      hasOwnProperty(constr.prototype, 'toString'))))) {
                   tempStr = String(tempArg);
                 } else {
                   tempStr = inspect(tempArg, {
diff --git a/lib/path.js b/lib/path.js
index 884da4cd8e6822..395fe1f35702c4 100644
--- a/lib/path.js
+++ b/lib/path.js
@@ -44,8 +44,8 @@ function isPosixPathSeparator(code) {
 }
 
 function isWindowsDeviceRoot(code) {
-  return code >= CHAR_UPPERCASE_A && code <= CHAR_UPPERCASE_Z ||
-         code >= CHAR_LOWERCASE_A && code <= CHAR_LOWERCASE_Z;
+  return (code >= CHAR_UPPERCASE_A && code <= CHAR_UPPERCASE_Z) ||
+         (code >= CHAR_LOWERCASE_A && code <= CHAR_LOWERCASE_Z);
 }
 
 // Resolves . and .. elements in a path with directory names
@@ -155,8 +155,8 @@ const win32 = {
         // Verify that a cwd was found and that it actually points
         // to our drive. If not, default to the drive's root.
         if (path === undefined ||
-            path.slice(0, 2).toLowerCase() !== resolvedDevice.toLowerCase() &&
-            path.charCodeAt(2) === CHAR_BACKWARD_SLASH) {
+            (path.slice(0, 2).toLowerCase() !== resolvedDevice.toLowerCase() &&
+            path.charCodeAt(2) === CHAR_BACKWARD_SLASH)) {
           path = `${resolvedDevice}\\`;
         }
       }
@@ -358,10 +358,10 @@ const win32 = {
     const code = path.charCodeAt(0);
     return isPathSeparator(code) ||
       // Possible device root
-      len > 2 &&
+      (len > 2 &&
       isWindowsDeviceRoot(code) &&
       path.charCodeAt(1) === CHAR_COLON &&
-      isPathSeparator(path.charCodeAt(2));
+      isPathSeparator(path.charCodeAt(2)));
   },
 
   join(...args) {
diff --git a/lib/readline.js b/lib/readline.js
index feffb5592b1b50..e7c5a04bb03eed 100644
--- a/lib/readline.js
+++ b/lib/readline.js
@@ -602,7 +602,7 @@ Interface.prototype._wordRight = function() {
 function charLengthLeft(str, i) {
   if (i <= 0)
     return 0;
-  if (i > 1 && str.codePointAt(i - 2) >= kUTF16SurrogateThreshold ||
+  if ((i > 1 && str.codePointAt(i - 2) >= kUTF16SurrogateThreshold) ||
       str.codePointAt(i - 1) >= kUTF16SurrogateThreshold) {
     return 2;
   }
diff --git a/lib/url.js b/lib/url.js
index 665bd436148819..7a268cd43868a9 100644
--- a/lib/url.js
+++ b/lib/url.js
@@ -765,13 +765,13 @@ Url.prototype.resolveObject = function resolveObject(relative) {
 
   const isSourceAbs = (result.pathname && result.pathname.charAt(0) === '/');
   const isRelAbs = (
-    relative.host || relative.pathname && relative.pathname.charAt(0) === '/'
+    relative.host || (relative.pathname && relative.pathname.charAt(0) === '/')
   );
   var mustEndAbs = (isRelAbs || isSourceAbs ||
                     (result.host && relative.pathname));
   const removeAllDots = mustEndAbs;
-  var srcPath = result.pathname && result.pathname.split('/') || [];
-  const relPath = relative.pathname && relative.pathname.split('/') || [];
+  var srcPath = (result.pathname && result.pathname.split('/')) || [];
+  const relPath = (relative.pathname && relative.pathname.split('/')) || [];
   const noLeadingSlashes = result.protocol &&
       !slashedProtocol.has(result.protocol);
 
@@ -869,8 +869,8 @@ Url.prototype.resolveObject = function resolveObject(relative) {
   // then it must NOT get a trailing slash.
   var last = srcPath.slice(-1)[0];
   const hasTrailingSlash = (
-    (result.host || relative.host || srcPath.length > 1) &&
-    (last === '.' || last === '..') || last === '');
+    ((result.host || relative.host || srcPath.length > 1) &&
+    (last === '.' || last === '..')) || last === '');
 
   // Strip single dots, resolve double dots to parent dir
   // if the path tries to go above the root, `up` ends up > 0
diff --git a/lib/util.js b/lib/util.js
index c54b1dba302b1e..5ac2516f738b83 100644
--- a/lib/util.js
+++ b/lib/util.js
@@ -94,7 +94,7 @@ function isFunction(arg) {
 
 function isPrimitive(arg) {
   return arg === null ||
-         typeof arg !== 'object' && typeof arg !== 'function';
+         (typeof arg !== 'object' && typeof arg !== 'function');
 }
 
 function pad(n) {

From ae8b2b4ab76c68d9911bca52f9b9559e37729bf7 Mon Sep 17 00:00:00 2001
From: bcoe <bencoe@google.com>
Date: Sun, 29 Sep 2019 14:15:39 -0700
Subject: [PATCH 45/65] process: add source-map support to stack traces

PR-URL: https://github.com/nodejs/node/pull/29564
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
---
 doc/api/cli.md                                |  10 +
 lib/internal/bootstrap/pre_execution.js       |  12 +-
 lib/internal/modules/cjs/loader.js            |  20 +-
 lib/internal/modules/esm/translators.js       |   2 +-
 lib/internal/source_map/source_map.js         | 301 ++++++++++++++++++
 .../source_map_cache.js}                      |  93 +++++-
 node.gyp                                      |   3 +-
 src/node_options.cc                           |   4 +
 src/node_options.h                            |   1 +
 .../source-map/babel-esm-original.mjs         |   9 +
 test/fixtures/source-map/babel-esm.mjs        |  10 +
 .../source-map/babel-throw-original.js        |  19 ++
 test/fixtures/source-map/babel-throw.js       |  21 ++
 test/fixtures/source-map/basic.js             |   2 +-
 test/fixtures/source-map/esm-basic.mjs        |   2 +-
 test/fixtures/source-map/esm-dep.mjs          |   2 +-
 test/fixtures/source-map/exit-1.js            |   2 +-
 .../source-map/istanbul-throw-original.js     |  10 +
 test/fixtures/source-map/istanbul-throw.js    |   4 +
 test/fixtures/source-map/sigint.js            |   2 +-
 test/fixtures/source-map/typescript-throw.js  |  27 ++
 .../source-map/typescript-throw.js.map        |   1 +
 test/fixtures/source-map/typescript-throw.ts  |  24 ++
 .../source-map/uglify-throw-original.js       |  10 +
 test/fixtures/source-map/uglify-throw.js      |   2 +
 test/message/source_map_throw_catch.js        |  11 +
 test/message/source_map_throw_catch.out       |  14 +
 test/message/source_map_throw_first_tick.js   |   5 +
 test/message/source_map_throw_first_tick.out  |  14 +
 .../message/source_map_throw_set_immediate.js |   5 +
 .../source_map_throw_set_immediate.out        |  10 +
 test/parallel/test-bootstrap-modules.js       |   2 +-
 test/parallel/test-source-map.js              |  97 +++++-
 33 files changed, 729 insertions(+), 22 deletions(-)
 create mode 100644 lib/internal/source_map/source_map.js
 rename lib/internal/{source_map.js => source_map/source_map_cache.js} (58%)
 create mode 100644 test/fixtures/source-map/babel-esm-original.mjs
 create mode 100644 test/fixtures/source-map/babel-esm.mjs
 create mode 100644 test/fixtures/source-map/babel-throw-original.js
 create mode 100644 test/fixtures/source-map/babel-throw.js
 create mode 100644 test/fixtures/source-map/istanbul-throw-original.js
 create mode 100644 test/fixtures/source-map/istanbul-throw.js
 create mode 100644 test/fixtures/source-map/typescript-throw.js
 create mode 100644 test/fixtures/source-map/typescript-throw.js.map
 create mode 100644 test/fixtures/source-map/typescript-throw.ts
 create mode 100644 test/fixtures/source-map/uglify-throw-original.js
 create mode 100644 test/fixtures/source-map/uglify-throw.js
 create mode 100644 test/message/source_map_throw_catch.js
 create mode 100644 test/message/source_map_throw_catch.out
 create mode 100644 test/message/source_map_throw_first_tick.js
 create mode 100644 test/message/source_map_throw_first_tick.out
 create mode 100644 test/message/source_map_throw_set_immediate.js
 create mode 100644 test/message/source_map_throw_set_immediate.out

diff --git a/doc/api/cli.md b/doc/api/cli.md
index e6cb4b1952f02b..0ef08ed7e37fc1 100644
--- a/doc/api/cli.md
+++ b/doc/api/cli.md
@@ -135,6 +135,15 @@ added: v6.0.0
 Enable FIPS-compliant crypto at startup. (Requires Node.js to be built with
 `./configure --openssl-fips`.)
 
+### `--enable-source-maps`
+<!-- YAML
+added: REPLACEME
+-->
+
+> Stability: 1 - Experimental
+
+Enable experimental Source Map V3 support for stack traces.
+
 ### `--es-module-specifier-resolution=mode`
 <!-- YAML
 added: v12.0.0
@@ -1007,6 +1016,7 @@ node --require "./a.js" --require "./b.js"
 Node.js options that are allowed are:
 <!-- node-options-node start -->
 * `--enable-fips`
+* `--enable-source-maps`
 * `--es-module-specifier-resolution`
 * `--experimental-exports`
 * `--experimental-loader`
diff --git a/lib/internal/bootstrap/pre_execution.js b/lib/internal/bootstrap/pre_execution.js
index 6fe9f36bc2c1e6..f9593101561416 100644
--- a/lib/internal/bootstrap/pre_execution.js
+++ b/lib/internal/bootstrap/pre_execution.js
@@ -21,6 +21,15 @@ function prepareMainThreadExecution(expandArgv1 = false) {
       setupCoverageHooks(process.env.NODE_V8_COVERAGE);
   }
 
+  // If source-map support has been enabled, we substitute in a new
+  // prepareStackTrace method, replacing the default in errors.js.
+  if (getOptionValue('--enable-source-maps')) {
+    const { prepareStackTrace } =
+      require('internal/source_map/source_map_cache');
+    const { setPrepareStackTraceCallback } = internalBinding('errors');
+    setPrepareStackTraceCallback(prepareStackTrace);
+  }
+
   setupDebugEnv();
 
   // Only main thread receives signals.
@@ -119,7 +128,8 @@ function setupCoverageHooks(dir) {
   const cwd = require('internal/process/execution').tryGetCwd();
   const { resolve } = require('path');
   const coverageDirectory = resolve(cwd, dir);
-  const { sourceMapCacheToObject } = require('internal/source_map');
+  const { sourceMapCacheToObject } =
+    require('internal/source_map/source_map_cache');
 
   if (process.features.inspector) {
     internalBinding('profiler').setCoverageDirectory(coverageDirectory);
diff --git a/lib/internal/modules/cjs/loader.js b/lib/internal/modules/cjs/loader.js
index 9933839a055a47..e4c71f2edf44ef 100644
--- a/lib/internal/modules/cjs/loader.js
+++ b/lib/internal/modules/cjs/loader.js
@@ -31,7 +31,10 @@ const {
 } = primordials;
 
 const { NativeModule } = require('internal/bootstrap/loaders');
-const { maybeCacheSourceMap } = require('internal/source_map');
+const {
+  maybeCacheSourceMap,
+  rekeySourceMap
+} = require('internal/source_map/source_map_cache');
 const { pathToFileURL, fileURLToPath, URL } = require('internal/url');
 const { deprecate } = require('internal/util');
 const vm = require('vm');
@@ -52,6 +55,7 @@ const {
   loadNativeModule
 } = require('internal/modules/cjs/helpers');
 const { getOptionValue } = require('internal/options');
+const enableSourceMaps = getOptionValue('--enable-source-maps');
 const preserveSymlinks = getOptionValue('--preserve-symlinks');
 const preserveSymlinksMain = getOptionValue('--preserve-symlinks-main');
 const experimentalModules = getOptionValue('--experimental-modules');
@@ -708,7 +712,19 @@ Module._load = function(request, parent, isMain) {
 
   let threw = true;
   try {
-    module.load(filename);
+    // Intercept exceptions that occur during the first tick and rekey them
+    // on error instance rather than module instance (which will immediately be
+    // garbage collected).
+    if (enableSourceMaps) {
+      try {
+        module.load(filename);
+      } catch (err) {
+        rekeySourceMap(Module._cache[filename], err);
+        throw err; /* node-do-not-add-exception-line */
+      }
+    } else {
+      module.load(filename);
+    }
     threw = false;
   } finally {
     if (threw) {
diff --git a/lib/internal/modules/esm/translators.js b/lib/internal/modules/esm/translators.js
index 19f434d44e68d4..7a84b51e2d0e05 100644
--- a/lib/internal/modules/esm/translators.js
+++ b/lib/internal/modules/esm/translators.js
@@ -32,7 +32,7 @@ const {
 } = require('internal/errors').codes;
 const readFileAsync = promisify(fs.readFile);
 const JsonParse = JSON.parse;
-const { maybeCacheSourceMap } = require('internal/source_map');
+const { maybeCacheSourceMap } = require('internal/source_map/source_map_cache');
 
 const debug = debuglog('esm');
 
diff --git a/lib/internal/source_map/source_map.js b/lib/internal/source_map/source_map.js
new file mode 100644
index 00000000000000..9044521b6d62d0
--- /dev/null
+++ b/lib/internal/source_map/source_map.js
@@ -0,0 +1,301 @@
+// This file is a modified version of:
+// https://cs.chromium.org/chromium/src/v8/tools/SourceMap.js?rcl=dd10454c1d
+// from the V8 codebase. Logic specific to WebInspector is removed and linting
+// is made to match the Node.js style guide.
+
+// Copyright 2013 the V8 project authors. All rights reserved.
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+//     * Redistributions of source code must retain the above copyright
+//       notice, this list of conditions and the following disclaimer.
+//     * Redistributions in binary form must reproduce the above
+//       copyright notice, this list of conditions and the following
+//       disclaimer in the documentation and/or other materials provided
+//       with the distribution.
+//     * Neither the name of Google Inc. nor the names of its
+//       contributors may be used to endorse or promote products derived
+//       from this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+// This is a copy from blink dev tools, see:
+// http://src.chromium.org/viewvc/blink/trunk/Source/devtools/front_end/SourceMap.js
+// revision: 153407
+
+/*
+ * Copyright (C) 2012 Google Inc. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are
+ * met:
+ *
+ *     * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *     * Redistributions in binary form must reproduce the above
+ * copyright notice, this list of conditions and the following disclaimer
+ * in the documentation and/or other materials provided with the
+ * distribution.
+ *     * Neither the name of Google Inc. nor the names of its
+ * contributors may be used to endorse or promote products derived from
+ * this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+'use strict';
+
+let base64Map;
+
+const VLQ_BASE_SHIFT = 5;
+const VLQ_BASE_MASK = (1 << 5) - 1;
+const VLQ_CONTINUATION_MASK = 1 << 5;
+
+class StringCharIterator {
+  /**
+   * @constructor
+   * @param {string} string
+   */
+  constructor(string) {
+    this._string = string;
+    this._position = 0;
+  }
+
+  /**
+   * @return {string}
+   */
+  next() {
+    return this._string.charAt(this._position++);
+  }
+
+  /**
+   * @return {string}
+   */
+  peek() {
+    return this._string.charAt(this._position);
+  }
+
+  /**
+   * @return {boolean}
+   */
+  hasNext() {
+    return this._position < this._string.length;
+  }
+}
+
+/**
+ * Implements Source Map V3 model. See http://code.google.com/p/closure-compiler/wiki/SourceMaps
+ * for format description.
+ * @constructor
+ * @param {string} sourceMappingURL
+ * @param {SourceMapV3} payload
+ */
+class SourceMap {
+  #reverseMappingsBySourceURL = [];
+  #mappings = [];
+  #sources = {};
+  #sourceContentByURL = {};
+
+  /**
+   * @constructor
+   * @param {SourceMapV3} payload
+   */
+  constructor(payload) {
+    if (!base64Map) {
+      const base64Digits =
+             'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
+      base64Map = {};
+      for (let i = 0; i < base64Digits.length; ++i)
+        base64Map[base64Digits[i]] = i;
+    }
+    this.#parseMappingPayload(payload);
+  }
+
+  /**
+   * @param {SourceMapV3} mappingPayload
+   */
+  #parseMappingPayload = (mappingPayload) => {
+    if (mappingPayload.sections)
+      this.#parseSections(mappingPayload.sections);
+    else
+      this.#parseMap(mappingPayload, 0, 0);
+  }
+
+  /**
+   * @param {Array.<SourceMapV3.Section>} sections
+   */
+  #parseSections = (sections) => {
+    for (let i = 0; i < sections.length; ++i) {
+      const section = sections[i];
+      this.#parseMap(section.map, section.offset.line, section.offset.column);
+    }
+  }
+
+  /**
+   * @param {number} lineNumber in compiled resource
+   * @param {number} columnNumber in compiled resource
+   * @return {?Array}
+   */
+  findEntry(lineNumber, columnNumber) {
+    let first = 0;
+    let count = this.#mappings.length;
+    while (count > 1) {
+      const step = count >> 1;
+      const middle = first + step;
+      const mapping = this.#mappings[middle];
+      if (lineNumber < mapping[0] ||
+          (lineNumber === mapping[0] && columnNumber < mapping[1])) {
+        count = step;
+      } else {
+        first = middle;
+        count -= step;
+      }
+    }
+    const entry = this.#mappings[first];
+    if (!first && entry && (lineNumber < entry[0] ||
+        (lineNumber === entry[0] && columnNumber < entry[1]))) {
+      return null;
+    }
+    return entry;
+  }
+
+  /**
+   * @param {string} sourceURL of the originating resource
+   * @param {number} lineNumber in the originating resource
+   * @return {Array}
+   */
+  findEntryReversed(sourceURL, lineNumber) {
+    const mappings = this.#reverseMappingsBySourceURL[sourceURL];
+    for (; lineNumber < mappings.length; ++lineNumber) {
+      const mapping = mappings[lineNumber];
+      if (mapping)
+        return mapping;
+    }
+    return this.#mappings[0];
+  }
+
+  /**
+   * @override
+   */
+  #parseMap = (map, lineNumber, columnNumber) => {
+    let sourceIndex = 0;
+    let sourceLineNumber = 0;
+    let sourceColumnNumber = 0;
+
+    const sources = [];
+    const originalToCanonicalURLMap = {};
+    for (let i = 0; i < map.sources.length; ++i) {
+      const url = map.sources[i];
+      originalToCanonicalURLMap[url] = url;
+      sources.push(url);
+      this.#sources[url] = true;
+
+      if (map.sourcesContent && map.sourcesContent[i])
+        this.#sourceContentByURL[url] = map.sourcesContent[i];
+    }
+
+    const stringCharIterator = new StringCharIterator(map.mappings);
+    let sourceURL = sources[sourceIndex];
+
+    while (true) {
+      if (stringCharIterator.peek() === ',')
+        stringCharIterator.next();
+      else {
+        while (stringCharIterator.peek() === ';') {
+          lineNumber += 1;
+          columnNumber = 0;
+          stringCharIterator.next();
+        }
+        if (!stringCharIterator.hasNext())
+          break;
+      }
+
+      columnNumber += decodeVLQ(stringCharIterator);
+      if (isSeparator(stringCharIterator.peek())) {
+        this.#mappings.push([lineNumber, columnNumber]);
+        continue;
+      }
+
+      const sourceIndexDelta = decodeVLQ(stringCharIterator);
+      if (sourceIndexDelta) {
+        sourceIndex += sourceIndexDelta;
+        sourceURL = sources[sourceIndex];
+      }
+      sourceLineNumber += decodeVLQ(stringCharIterator);
+      sourceColumnNumber += decodeVLQ(stringCharIterator);
+      if (!isSeparator(stringCharIterator.peek()))
+        // Unused index into the names list.
+        decodeVLQ(stringCharIterator);
+
+      this.#mappings.push([lineNumber, columnNumber, sourceURL,
+                           sourceLineNumber, sourceColumnNumber]);
+    }
+
+    for (let i = 0; i < this.#mappings.length; ++i) {
+      const mapping = this.#mappings[i];
+      const url = mapping[2];
+      if (!url)
+        continue;
+      if (!this.#reverseMappingsBySourceURL[url])
+        this.#reverseMappingsBySourceURL[url] = [];
+      const reverseMappings = this.#reverseMappingsBySourceURL[url];
+      const sourceLine = mapping[3];
+      if (!reverseMappings[sourceLine])
+        reverseMappings[sourceLine] = [mapping[0], mapping[1]];
+    }
+  };
+}
+
+/**
+ * @param {string} char
+ * @return {boolean}
+ */
+function isSeparator(char) {
+  return char === ',' || char === ';';
+}
+
+/**
+ * @param {SourceMap.StringCharIterator} stringCharIterator
+ * @return {number}
+ */
+function decodeVLQ(stringCharIterator) {
+  // Read unsigned value.
+  let result = 0;
+  let shift = 0;
+  let digit;
+  do {
+    digit = base64Map[stringCharIterator.next()];
+    result += (digit & VLQ_BASE_MASK) << shift;
+    shift += VLQ_BASE_SHIFT;
+  } while (digit & VLQ_CONTINUATION_MASK);
+
+  // Fix the sign.
+  const negative = result & 1;
+  result >>= 1;
+  return negative ? -result : result;
+}
+
+module.exports = {
+  SourceMap
+};
diff --git a/lib/internal/source_map.js b/lib/internal/source_map/source_map_cache.js
similarity index 58%
rename from lib/internal/source_map.js
rename to lib/internal/source_map/source_map_cache.js
index 4b198ff59871d1..94a4165546b77c 100644
--- a/lib/internal/source_map.js
+++ b/lib/internal/source_map/source_map_cache.js
@@ -5,6 +5,7 @@ const { Buffer } = require('buffer');
 const debug = require('internal/util/debuglog').debuglog('source_map');
 const { dirname, resolve } = require('path');
 const fs = require('fs');
+const { getOptionValue } = require('internal/options');
 const {
   normalizeReferrerURL,
 } = require('internal/modules/cjs/helpers');
@@ -16,10 +17,14 @@ const cjsSourceMapCache = new WeakMap();
 // on filenames.
 const esmSourceMapCache = new Map();
 const { fileURLToPath, URL } = require('url');
+const { overrideStackTrace } = require('internal/errors');
 
+let experimentalSourceMaps;
 function maybeCacheSourceMap(filename, content, cjsModuleInstance) {
-  if (!process.env.NODE_V8_COVERAGE) return;
-
+  if (experimentalSourceMaps === undefined) {
+    experimentalSourceMaps = getOptionValue('--enable-source-maps');
+  }
+  if (!(process.env.NODE_V8_COVERAGE || experimentalSourceMaps)) return;
   let basePath;
   try {
     filename = normalizeReferrerURL(filename);
@@ -35,6 +40,7 @@ function maybeCacheSourceMap(filename, content, cjsModuleInstance) {
   if (match) {
     if (cjsModuleInstance) {
       cjsSourceMapCache.set(cjsModuleInstance, {
+        filename,
         url: match.groups.sourceMappingURL,
         data: dataFromUrl(basePath, match.groups.sourceMappingURL)
       });
@@ -119,6 +125,16 @@ function sourcesToAbsolute(base, data) {
   return data;
 }
 
+// Move source map from garbage collected module to alternate key.
+function rekeySourceMap(cjsModuleInstance, newInstance) {
+  const sourceMap = cjsSourceMapCache.get(cjsModuleInstance);
+  if (sourceMap) {
+    cjsSourceMapCache.set(newInstance, sourceMap);
+  }
+}
+
+// Get serialized representation of source-map cache, this is used
+// to persist a cache of source-maps to disk when NODE_V8_COVERAGE is enabled.
 function sourceMapCacheToObject() {
   const obj = Object.create(null);
 
@@ -136,17 +152,86 @@ function sourceMapCacheToObject() {
 
 // Since WeakMap can't be iterated over, we use Module._cache's
 // keys to facilitate Source Map serialization.
+//
+// TODO(bcoe): this means we don't currently serialize source-maps attached
+// to error instances, only module instances.
 function appendCJSCache(obj) {
   const { Module } = require('internal/modules/cjs/loader');
   Object.keys(Module._cache).forEach((key) => {
     const value = cjsSourceMapCache.get(Module._cache[key]);
     if (value) {
-      obj[`file://${key}`] = value;
+      obj[`file://${key}`] = {
+        url: value.url,
+        data: value.data
+      };
+    }
+  });
+}
+
+// Create a prettified stacktrace, inserting context from source maps
+// if possible.
+const ErrorToString = Error.prototype.toString; // Capture original toString.
+const prepareStackTrace = (globalThis, error, trace) => {
+  // API for node internals to override error stack formatting
+  // without interfering with userland code.
+  // TODO(bcoe): add support for source-maps to repl.
+  if (overrideStackTrace.has(error)) {
+    const f = overrideStackTrace.get(error);
+    overrideStackTrace.delete(error);
+    return f(error, trace);
+  }
+
+  const { SourceMap } = require('internal/source_map/source_map');
+  const errorString = ErrorToString.call(error);
+
+  if (trace.length === 0) {
+    return errorString;
+  }
+  const preparedTrace = trace.map((t, i) => {
+    let str = i !== 0 ? '\n    at ' : '';
+    str = `${str}${t}`;
+    try {
+      const sourceMap = findSourceMap(t.getFileName(), error);
+      if (sourceMap && sourceMap.data) {
+        const sm = new SourceMap(sourceMap.data);
+        // Source Map V3 lines/columns use zero-based offsets whereas, in
+        // stack traces, they start at 1/1.
+        const [, , url, line, col] =
+                   sm.findEntry(t.getLineNumber() - 1, t.getColumnNumber() - 1);
+        if (url && line !== undefined && col !== undefined) {
+          str +=
+            `\n        -> ${url.replace('file://', '')}:${line + 1}:${col + 1}`;
+        }
+      }
+    } catch (err) {
+      debug(err.stack);
     }
+    return str;
   });
+  return `${errorString}\n    at ${preparedTrace.join('')}`;
+};
+
+// Attempt to lookup a source map, which is either attached to a file URI, or
+// keyed on an error instance.
+function findSourceMap(uri, error) {
+  const { Module } = require('internal/modules/cjs/loader');
+  let sourceMap = cjsSourceMapCache.get(Module._cache[uri]);
+  if (!uri.startsWith('file://')) uri = normalizeReferrerURL(uri);
+  if (sourceMap === undefined) {
+    sourceMap = esmSourceMapCache.get(uri);
+  }
+  if (sourceMap === undefined) {
+    const candidateSourceMap = cjsSourceMapCache.get(error);
+    if (candidateSourceMap && uri === candidateSourceMap.filename) {
+      sourceMap = candidateSourceMap;
+    }
+  }
+  return sourceMap;
 }
 
 module.exports = {
+  maybeCacheSourceMap,
+  prepareStackTrace,
+  rekeySourceMap,
   sourceMapCacheToObject,
-  maybeCacheSourceMap
 };
diff --git a/node.gyp b/node.gyp
index 5bb6fd93845cd4..e7d0f27410bd73 100644
--- a/node.gyp
+++ b/node.gyp
@@ -175,7 +175,8 @@
       'lib/internal/repl/history.js',
       'lib/internal/repl/utils.js',
       'lib/internal/socket_list.js',
-      'lib/internal/source_map.js',
+      'lib/internal/source_map/source_map.js',
+      'lib/internal/source_map/source_map_cache.js',
       'lib/internal/test/binding.js',
       'lib/internal/timers.js',
       'lib/internal/tls.js',
diff --git a/src/node_options.cc b/src/node_options.cc
index a9425c4c0862ec..917de69fe8e875 100644
--- a/src/node_options.cc
+++ b/src/node_options.cc
@@ -312,6 +312,10 @@ DebugOptionsParser::DebugOptionsParser() {
 }
 
 EnvironmentOptionsParser::EnvironmentOptionsParser() {
+  AddOption("--enable-source-maps",
+            "experimental Source Map V3 support",
+            &EnvironmentOptions::enable_source_maps,
+            kAllowedInEnvironment);
   AddOption("--experimental-exports",
             "experimental support for exports in package.json",
             &EnvironmentOptions::experimental_exports,
diff --git a/src/node_options.h b/src/node_options.h
index c4d33831e02bbe..89f6363f4a6e04 100644
--- a/src/node_options.h
+++ b/src/node_options.h
@@ -100,6 +100,7 @@ class DebugOptions : public Options {
 class EnvironmentOptions : public Options {
  public:
   bool abort_on_uncaught_exception = false;
+  bool enable_source_maps = false;
   bool experimental_exports = false;
   bool experimental_modules = false;
   std::string es_module_specifier_resolution;
diff --git a/test/fixtures/source-map/babel-esm-original.mjs b/test/fixtures/source-map/babel-esm-original.mjs
new file mode 100644
index 00000000000000..70ae479452a970
--- /dev/null
+++ b/test/fixtures/source-map/babel-esm-original.mjs
@@ -0,0 +1,9 @@
+import {foo} from './esm-dep.mjs';
+
+const obj = {
+  a: {
+    b: 22
+  }
+};
+
+if (obj?.a?.b === 22) throw Error('an exception');
diff --git a/test/fixtures/source-map/babel-esm.mjs b/test/fixtures/source-map/babel-esm.mjs
new file mode 100644
index 00000000000000..9ad84663a32d35
--- /dev/null
+++ b/test/fixtures/source-map/babel-esm.mjs
@@ -0,0 +1,10 @@
+var _obj$a;
+
+import { foo } from './esm-dep.mjs';
+const obj = {
+  a: {
+    b: 22
+  }
+};
+if ((obj === null || obj === void 0 ? void 0 : (_obj$a = obj.a) === null || _obj$a === void 0 ? void 0 : _obj$a.b) === 22) throw Error('an exception');
+//# sourceMappingURL=data:application/json;charset=utf-8;base64,eyJ2ZXJzaW9uIjozLCJzb3VyY2VzIjpbImJhYmVsLWVzbS1vcmlnaW5hbC5tanMiXSwibmFtZXMiOlsiZm9vIiwib2JqIiwiYSIsImIiLCJFcnJvciJdLCJtYXBwaW5ncyI6Ijs7QUFBQSxTQUFRQSxHQUFSLFFBQWtCLGVBQWxCO0FBRUEsTUFBTUMsR0FBRyxHQUFHO0FBQ1ZDLEVBQUFBLENBQUMsRUFBRTtBQUNEQyxJQUFBQSxDQUFDLEVBQUU7QUFERjtBQURPLENBQVo7QUFNQSxJQUFJLENBQUFGLEdBQUcsU0FBSCxJQUFBQSxHQUFHLFdBQUgsc0JBQUFBLEdBQUcsQ0FBRUMsQ0FBTCxrREFBUUMsQ0FBUixNQUFjLEVBQWxCLEVBQXNCLE1BQU1DLEtBQUssQ0FBQyxjQUFELENBQVgiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQge2Zvb30gZnJvbSAnLi9lc20tZGVwLm1qcyc7XG5cbmNvbnN0IG9iaiA9IHtcbiAgYToge1xuICAgIGI6IDIyXG4gIH1cbn07XG5cbmlmIChvYmo/LmE/LmIgPT09IDIyKSB0aHJvdyBFcnJvcignYW4gZXhjZXB0aW9uJyk7XG5cbiJdfQ==
diff --git a/test/fixtures/source-map/babel-throw-original.js b/test/fixtures/source-map/babel-throw-original.js
new file mode 100644
index 00000000000000..779bd16fd4611d
--- /dev/null
+++ b/test/fixtures/source-map/babel-throw-original.js
@@ -0,0 +1,19 @@
+/*---
+esid: prod-OptionalExpression
+features: [optional-chaining]
+---*/
+
+const obj = {
+  a: {
+    b: 22
+  }
+};
+
+function fn () {
+  return {};
+}
+
+setTimeout((err) => {
+  // OptionalExpression (MemberExpression OptionalChain) OptionalChain
+  if (obj?.a?.b === 22) throw Error('an exception');
+}, 5);
diff --git a/test/fixtures/source-map/babel-throw.js b/test/fixtures/source-map/babel-throw.js
new file mode 100644
index 00000000000000..3cef68136ce186
--- /dev/null
+++ b/test/fixtures/source-map/babel-throw.js
@@ -0,0 +1,21 @@
+/*---
+esid: prod-OptionalExpression
+features: [optional-chaining]
+---*/
+const obj = {
+  a: {
+    b: 22
+  }
+};
+
+function fn() {
+  return {};
+}
+
+setTimeout(err => {
+  var _obj$a;
+
+  // OptionalExpression (MemberExpression OptionalChain) OptionalChain
+  if ((obj === null || obj === void 0 ? void 0 : (_obj$a = obj.a) === null || _obj$a === void 0 ? void 0 : _obj$a.b) === 22) throw Error('an exception');
+}, 5);
+//# sourceMappingURL=data:application/json;charset=utf-8;base64,eyJ2ZXJzaW9uIjozLCJzb3VyY2VzIjpbImJhYmVsLXRocm93LW9yaWdpbmFsLmpzIl0sIm5hbWVzIjpbIm9iaiIsImEiLCJiIiwiZm4iLCJzZXRUaW1lb3V0IiwiZXJyIiwiRXJyb3IiXSwibWFwcGluZ3MiOiJBQUFBOzs7O0FBS0EsTUFBTUEsR0FBRyxHQUFHO0FBQ1ZDLEVBQUFBLENBQUMsRUFBRTtBQUNEQyxJQUFBQSxDQUFDLEVBQUU7QUFERjtBQURPLENBQVo7O0FBTUEsU0FBU0MsRUFBVCxHQUFlO0FBQ2IsU0FBTyxFQUFQO0FBQ0Q7O0FBRURDLFVBQVUsQ0FBRUMsR0FBRCxJQUFTO0FBQUE7O0FBQ2xCO0FBQ0EsTUFBSSxDQUFBTCxHQUFHLFNBQUgsSUFBQUEsR0FBRyxXQUFILHNCQUFBQSxHQUFHLENBQUVDLENBQUwsa0RBQVFDLENBQVIsTUFBYyxFQUFsQixFQUFzQixNQUFNSSxLQUFLLENBQUMsY0FBRCxDQUFYO0FBQ3ZCLENBSFMsRUFHUCxDQUhPLENBQVYiLCJzb3VyY2VzQ29udGVudCI6WyIvKi0tLVxuZXNpZDogcHJvZC1PcHRpb25hbEV4cHJlc3Npb25cbmZlYXR1cmVzOiBbb3B0aW9uYWwtY2hhaW5pbmddXG4tLS0qL1xuXG5jb25zdCBvYmogPSB7XG4gIGE6IHtcbiAgICBiOiAyMlxuICB9XG59O1xuXG5mdW5jdGlvbiBmbiAoKSB7XG4gIHJldHVybiB7fTtcbn1cblxuc2V0VGltZW91dCgoZXJyKSA9PiB7XG4gIC8vIE9wdGlvbmFsRXhwcmVzc2lvbiAoTWVtYmVyRXhwcmVzc2lvbiBPcHRpb25hbENoYWluKSBPcHRpb25hbENoYWluXG4gIGlmIChvYmo/LmE/LmIgPT09IDIyKSB0aHJvdyBFcnJvcignYW4gZXhjZXB0aW9uJyk7XG59LCA1KTtcblxuIl19
diff --git a/test/fixtures/source-map/basic.js b/test/fixtures/source-map/basic.js
index a483ffb105cfd7..5d1420360f466e 100644
--- a/test/fixtures/source-map/basic.js
+++ b/test/fixtures/source-map/basic.js
@@ -4,4 +4,4 @@ if (true) {
 } else {
   const c = 102;
 }
-//# sourceMappingURL=https://http.cat/418
+//# sourceMappingURL=https://ci.nodejs.org/418
diff --git a/test/fixtures/source-map/esm-basic.mjs b/test/fixtures/source-map/esm-basic.mjs
index 55747d3870bbe6..03222b244bae36 100644
--- a/test/fixtures/source-map/esm-basic.mjs
+++ b/test/fixtures/source-map/esm-basic.mjs
@@ -1,4 +1,4 @@
 import {foo} from './esm-dep.mjs';
 import {strictEqual} from 'assert';
 strictEqual(foo(), 'foo');
-//# sourceMappingURL=https://http.cat/405
+//# sourceMappingURL=https://ci.nodejs.org/405
diff --git a/test/fixtures/source-map/esm-dep.mjs b/test/fixtures/source-map/esm-dep.mjs
index 00805894afa6a2..5e86405751427c 100644
--- a/test/fixtures/source-map/esm-dep.mjs
+++ b/test/fixtures/source-map/esm-dep.mjs
@@ -1,4 +1,4 @@
 export function foo () {
   return 'foo';
 };
-//# sourceMappingURL=https://http.cat/422
+//# sourceMappingURL=https://ci.nodejs.org/422
diff --git a/test/fixtures/source-map/exit-1.js b/test/fixtures/source-map/exit-1.js
index 9734649a773b42..d8b56264457593 100644
--- a/test/fixtures/source-map/exit-1.js
+++ b/test/fixtures/source-map/exit-1.js
@@ -5,4 +5,4 @@ if (true) {
   const c = 102;
 }
 process.exit(1);
-//# sourceMappingURL=https://http.cat/404
+//# sourceMappingURL=https://ci.nodejs.org/404
diff --git a/test/fixtures/source-map/istanbul-throw-original.js b/test/fixtures/source-map/istanbul-throw-original.js
new file mode 100644
index 00000000000000..099faa175dbfd8
--- /dev/null
+++ b/test/fixtures/source-map/istanbul-throw-original.js
@@ -0,0 +1,10 @@
+/*
+ * comments dropped by uglify.
+ */
+function Hello() {
+  throw Error('goodbye');
+}
+
+setImmediate(function() {
+  Hello();
+});
diff --git a/test/fixtures/source-map/istanbul-throw.js b/test/fixtures/source-map/istanbul-throw.js
new file mode 100644
index 00000000000000..4f719a1c7a1ff0
--- /dev/null
+++ b/test/fixtures/source-map/istanbul-throw.js
@@ -0,0 +1,4 @@
+var cov_ono70fls3=function(){var path="/Users/bencoe/oss/source-map-testing/istanbul-throw-original.js";var hash="4302fcea4eb0ea4d9af6e63a478f214aa61f9dd8";var global=new Function("return this")();var gcv="__coverage__";var coverageData={path:"/Users/bencoe/oss/source-map-testing/istanbul-throw-original.js",statementMap:{"0":{start:{line:5,column:2},end:{line:5,column:25}},"1":{start:{line:8,column:0},end:{line:10,column:3}},"2":{start:{line:9,column:2},end:{line:9,column:10}}},fnMap:{"0":{name:"Hello",decl:{start:{line:4,column:9},end:{line:4,column:14}},loc:{start:{line:4,column:17},end:{line:6,column:1}},line:4},"1":{name:"(anonymous_1)",decl:{start:{line:8,column:13},end:{line:8,column:14}},loc:{start:{line:8,column:24},end:{line:10,column:1}},line:8}},branchMap:{},s:{"0":0,"1":0,"2":0},f:{"0":0,"1":0},b:{},_coverageSchema:"43e27e138ebf9cfc5966b082cf9a028302ed4184",hash:"4302fcea4eb0ea4d9af6e63a478f214aa61f9dd8"};var coverage=global[gcv]||(global[gcv]={});if(coverage[path]&&coverage[path].hash===hash){return coverage[path];}return coverage[path]=coverageData;}();/*
+ * comments dropped by uglify.
+ */function Hello(){cov_ono70fls3.f[0]++;cov_ono70fls3.s[0]++;throw Error('goodbye');}cov_ono70fls3.s[1]++;setImmediate(function(){cov_ono70fls3.f[1]++;cov_ono70fls3.s[2]++;Hello();});
+//# sourceMappingURL=data:application/json;charset=utf-8;base64,eyJ2ZXJzaW9uIjozLCJzb3VyY2VzIjpbIi9Vc2Vycy9iZW5jb2Uvb3NzL3NvdXJjZS1tYXAtdGVzdGluZy9pc3RhbmJ1bC10aHJvdy1vcmlnaW5hbC5qcyJdLCJuYW1lcyI6WyJIZWxsbyIsIkVycm9yIiwic2V0SW1tZWRpYXRlIl0sIm1hcHBpbmdzIjoiMmpDQUFBOztHQUdBLFFBQVNBLENBQUFBLEtBQVQsRUFBaUIsMkNBQ2YsS0FBTUMsQ0FBQUEsS0FBSyxDQUFDLFNBQUQsQ0FBWCxDQUNELEMscUJBRURDLFlBQVksQ0FBQyxVQUFXLDJDQUN0QkYsS0FBSyxHQUNOLENBRlcsQ0FBWiIsInNvdXJjZXNDb250ZW50IjpbIi8qXG4gKiBjb21tZW50cyBkcm9wcGVkIGJ5IHVnbGlmeS5cbiAqL1xuZnVuY3Rpb24gSGVsbG8oKSB7XG4gIHRocm93IEVycm9yKCdnb29kYnllJyk7XG59XG5cbnNldEltbWVkaWF0ZShmdW5jdGlvbigpIHtcbiAgSGVsbG8oKTtcbn0pO1xuXG4iXX0=
diff --git a/test/fixtures/source-map/sigint.js b/test/fixtures/source-map/sigint.js
index 11df66645f07d7..f9ffaa8666229d 100644
--- a/test/fixtures/source-map/sigint.js
+++ b/test/fixtures/source-map/sigint.js
@@ -5,4 +5,4 @@ if (true) {
   const c = 102;
 }
 process.kill(process.pid, "SIGINT");
-//# sourceMappingURL=https://http.cat/402
+//# sourceMappingURL=https://ci.nodejs.org/402
diff --git a/test/fixtures/source-map/typescript-throw.js b/test/fixtures/source-map/typescript-throw.js
new file mode 100644
index 00000000000000..0c4e57756f708d
--- /dev/null
+++ b/test/fixtures/source-map/typescript-throw.js
@@ -0,0 +1,27 @@
+var ATrue;
+(function (ATrue) {
+    ATrue[ATrue["IsTrue"] = 1] = "IsTrue";
+    ATrue[ATrue["IsFalse"] = 0] = "IsFalse";
+})(ATrue || (ATrue = {}));
+if (false) {
+    console.info('unreachable');
+}
+else if (true) {
+    console.info('reachable');
+}
+else {
+    console.info('unreachable');
+}
+function branch(a) {
+    if (a === ATrue.IsFalse) {
+        console.info('a = false');
+    }
+    else if (a === ATrue.IsTrue) {
+        throw Error('an exception');
+    }
+    else {
+        console.info('a = ???');
+    }
+}
+branch(ATrue.IsTrue);
+//# sourceMappingURL=typescript-throw.js.map
diff --git a/test/fixtures/source-map/typescript-throw.js.map b/test/fixtures/source-map/typescript-throw.js.map
new file mode 100644
index 00000000000000..f1f55af1a92107
--- /dev/null
+++ b/test/fixtures/source-map/typescript-throw.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"typescript-throw.js","sourceRoot":"","sources":["typescript-throw.ts"],"names":[],"mappings":"AAAA,IAAK,KAGJ;AAHD,WAAK,KAAK;IACR,qCAAU,CAAA;IACV,uCAAW,CAAA;AACb,CAAC,EAHI,KAAK,KAAL,KAAK,QAGT;AAED,IAAI,KAAK,EAAE;IACT,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC,CAAA;CAC5B;KAAM,IAAI,IAAI,EAAE;IACf,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,CAAA;CAC1B;KAAM;IACL,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC,CAAA;CAC5B;AAED,SAAS,MAAM,CAAE,CAAQ;IACvB,IAAI,CAAC,KAAK,KAAK,CAAC,OAAO,EAAE;QACvB,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,CAAA;KAC1B;SAAM,IAAI,CAAC,KAAK,KAAK,CAAC,MAAM,EAAE;QAC7B,MAAM,KAAK,CAAC,cAAc,CAAC,CAAC;KAC7B;SAAM;QACL,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;KACxB;AACH,CAAC;AAED,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAA"}
diff --git a/test/fixtures/source-map/typescript-throw.ts b/test/fixtures/source-map/typescript-throw.ts
new file mode 100644
index 00000000000000..befb58fe0a5185
--- /dev/null
+++ b/test/fixtures/source-map/typescript-throw.ts
@@ -0,0 +1,24 @@
+enum ATrue {
+  IsTrue = 1,
+  IsFalse = 0
+}
+
+if (false) {
+  console.info('unreachable')
+} else if (true) {
+  console.info('reachable')
+} else {
+  console.info('unreachable')
+}
+
+function branch (a: ATrue) {
+  if (a === ATrue.IsFalse) {
+    console.info('a = false')
+  } else if (a === ATrue.IsTrue) {
+    throw Error('an exception');
+  } else {
+    console.info('a = ???')
+  }
+}
+
+branch(ATrue.IsTrue)
diff --git a/test/fixtures/source-map/uglify-throw-original.js b/test/fixtures/source-map/uglify-throw-original.js
new file mode 100644
index 00000000000000..099faa175dbfd8
--- /dev/null
+++ b/test/fixtures/source-map/uglify-throw-original.js
@@ -0,0 +1,10 @@
+/*
+ * comments dropped by uglify.
+ */
+function Hello() {
+  throw Error('goodbye');
+}
+
+setImmediate(function() {
+  Hello();
+});
diff --git a/test/fixtures/source-map/uglify-throw.js b/test/fixtures/source-map/uglify-throw.js
new file mode 100644
index 00000000000000..ea6201e59d6c17
--- /dev/null
+++ b/test/fixtures/source-map/uglify-throw.js
@@ -0,0 +1,2 @@
+setImmediate(function(){!function(){throw Error("goodbye")}()});
+//# sourceMappingURL=data:application/json;charset=utf-8;base64,eyJ2ZXJzaW9uIjozLCJzb3VyY2VzIjpbInVnbGlmeS10aHJvdy1vcmlnaW5hbC5qcyJdLCJuYW1lcyI6WyJzZXRJbW1lZGlhdGUiLCJFcnJvciIsIkhlbGxvIl0sIm1hcHBpbmdzIjoiQUFPQUEsYUFBYSxZQUpiLFdBQ0UsTUFBTUMsTUFBTSxXQUlaQyIsInNvdXJjZXNDb250ZW50IjpbIi8qXG4gKiBjb21tZW50cyBkcm9wcGVkIGJ5IHVnbGlmeS5cbiAqL1xuZnVuY3Rpb24gSGVsbG8oKSB7XG4gIHRocm93IEVycm9yKCdnb29kYnllJyk7XG59XG5cbnNldEltbWVkaWF0ZShmdW5jdGlvbigpIHtcbiAgSGVsbG8oKTtcbn0pO1xuXG4iXX0=
diff --git a/test/message/source_map_throw_catch.js b/test/message/source_map_throw_catch.js
new file mode 100644
index 00000000000000..f3a887474bfbac
--- /dev/null
+++ b/test/message/source_map_throw_catch.js
@@ -0,0 +1,11 @@
+// Flags:  --enable-source-maps
+
+'use strict';
+require('../common');
+try {
+  require('../fixtures/source-map/typescript-throw');
+} catch (err) {
+  setTimeout(() => {
+    console.info(err);
+  }, 10);
+}
diff --git a/test/message/source_map_throw_catch.out b/test/message/source_map_throw_catch.out
new file mode 100644
index 00000000000000..63e3eca3eff0ce
--- /dev/null
+++ b/test/message/source_map_throw_catch.out
@@ -0,0 +1,14 @@
+reachable
+Error: an exception
+    at branch (*typescript-throw.js:20:15)
+        -> *typescript-throw.ts:18:11
+    at Object.<anonymous> (*typescript-throw.js:26:1)
+        -> *typescript-throw.ts:24:1
+    at Module._compile (internal/modules/cjs/loader.js:*)
+    at Object.Module._extensions..js (internal/modules/cjs/loader.js:*)
+    at Module.load (internal/modules/cjs/loader.js:*)
+    at Function.Module._load (internal/modules/cjs/loader.js:*)
+    at Module.require (internal/modules/cjs/loader.js:*)
+    at require (internal/modules/cjs/helpers.js:*)
+    at Object.<anonymous> (*source_map_throw_catch.js:6:3)
+    at Module._compile (internal/modules/cjs/loader.js:*)
diff --git a/test/message/source_map_throw_first_tick.js b/test/message/source_map_throw_first_tick.js
new file mode 100644
index 00000000000000..b691b51f355194
--- /dev/null
+++ b/test/message/source_map_throw_first_tick.js
@@ -0,0 +1,5 @@
+// Flags:  --enable-source-maps
+
+'use strict';
+require('../common');
+require('../fixtures/source-map/typescript-throw');
diff --git a/test/message/source_map_throw_first_tick.out b/test/message/source_map_throw_first_tick.out
new file mode 100644
index 00000000000000..7f11d9fbd969be
--- /dev/null
+++ b/test/message/source_map_throw_first_tick.out
@@ -0,0 +1,14 @@
+reachable
+Error: an exception
+    at branch (*typescript-throw.js:20:15)
+        -> *typescript-throw.ts:18:11
+    at Object.<anonymous> (*typescript-throw.js:26:1)
+        -> *typescript-throw.ts:24:1
+    at Module._compile (internal/modules/cjs/loader.js:*)
+    at Object.Module._extensions..js (internal/modules/cjs/loader.js:*)
+    at Module.load (internal/modules/cjs/loader.js:*)
+    at Function.Module._load (internal/modules/cjs/loader.js:*)
+    at Module.require (internal/modules/cjs/loader.js:*)
+    at require (internal/modules/cjs/helpers.js:*)
+    at Object.<anonymous> (*source_map_throw_first_tick.js:5:1)
+    at Module._compile (internal/modules/cjs/loader.js:*)
diff --git a/test/message/source_map_throw_set_immediate.js b/test/message/source_map_throw_set_immediate.js
new file mode 100644
index 00000000000000..17da1bd7acea66
--- /dev/null
+++ b/test/message/source_map_throw_set_immediate.js
@@ -0,0 +1,5 @@
+// Flags:  --enable-source-maps
+
+'use strict';
+require('../common');
+require('../fixtures/source-map/uglify-throw');
diff --git a/test/message/source_map_throw_set_immediate.out b/test/message/source_map_throw_set_immediate.out
new file mode 100644
index 00000000000000..6b169d7e025f7e
--- /dev/null
+++ b/test/message/source_map_throw_set_immediate.out
@@ -0,0 +1,10 @@
+*uglify-throw.js:1
+setImmediate(function(){!function(){throw Error("goodbye")}()});
+                                    ^
+
+Error: goodbye
+    at *uglify-throw.js:1:43
+        -> *uglify-throw-original.js:5:9
+    at Immediate.<anonymous> (*uglify-throw.js:1:60)
+        -> *uglify-throw-original.js:9:3
+    at processImmediate (internal/timers.js:*)
diff --git a/test/parallel/test-bootstrap-modules.js b/test/parallel/test-bootstrap-modules.js
index 36c323b97736a4..ae69f5aef01da9 100644
--- a/test/parallel/test-bootstrap-modules.js
+++ b/test/parallel/test-bootstrap-modules.js
@@ -55,7 +55,7 @@ const expectedModules = new Set([
   'NativeModule internal/process/task_queues',
   'NativeModule internal/process/warning',
   'NativeModule internal/querystring',
-  'NativeModule internal/source_map',
+  'NativeModule internal/source_map/source_map_cache',
   'NativeModule internal/timers',
   'NativeModule internal/url',
   'NativeModule internal/util',
diff --git a/test/parallel/test-source-map.js b/test/parallel/test-source-map.js
index de728c05bf8413..41a315e3f8184c 100644
--- a/test/parallel/test-source-map.js
+++ b/test/parallel/test-source-map.js
@@ -30,7 +30,7 @@ function nextdir() {
   assert.strictEqual(output.status, 0);
   assert.strictEqual(output.stderr.toString(), '');
   const sourceMap = getSourceMapFromCache('basic.js', coverageDirectory);
-  assert.strictEqual(sourceMap.url, 'https://http.cat/418');
+  assert.strictEqual(sourceMap.url, 'https://ci.nodejs.org/418');
 }
 
 // Outputs source maps when process.kill(process.pid, "SIGINT"); exits process.
@@ -47,7 +47,7 @@ function nextdir() {
   }
   assert.strictEqual(output.stderr.toString(), '');
   const sourceMap = getSourceMapFromCache('sigint.js', coverageDirectory);
-  assert.strictEqual(sourceMap.url, 'https://http.cat/402');
+  assert.strictEqual(sourceMap.url, 'https://ci.nodejs.org/402');
 }
 
 // Outputs source maps when source-file calls process.exit(1).
@@ -58,7 +58,7 @@ function nextdir() {
   ], { env: { ...process.env, NODE_V8_COVERAGE: coverageDirectory } });
   assert.strictEqual(output.stderr.toString(), '');
   const sourceMap = getSourceMapFromCache('exit-1.js', coverageDirectory);
-  assert.strictEqual(sourceMap.url, 'https://http.cat/404');
+  assert.strictEqual(sourceMap.url, 'https://ci.nodejs.org/404');
 }
 
 // Outputs source-maps for esm module.
@@ -71,7 +71,7 @@ function nextdir() {
   ], { env: { ...process.env, NODE_V8_COVERAGE: coverageDirectory } });
   assert.strictEqual(output.stderr.toString(), '');
   const sourceMap = getSourceMapFromCache('esm-basic.mjs', coverageDirectory);
-  assert.strictEqual(sourceMap.url, 'https://http.cat/405');
+  assert.strictEqual(sourceMap.url, 'https://ci.nodejs.org/405');
 }
 
 // Loads source-maps with relative path from .map file on disk.
@@ -116,12 +116,95 @@ function nextdir() {
   );
 }
 
+// Does not apply source-map to stack trace if --experimental-modules
+// is not set.
+{
+  const output = spawnSync(process.execPath, [
+    require.resolve('../fixtures/source-map/uglify-throw.js')
+  ]);
+  assert.strictEqual(
+    output.stderr.toString().match(/->.*uglify-throw-original\.js:5:9/),
+    null
+  );
+  assert.strictEqual(
+    output.stderr.toString().match(/->.*uglify-throw-original\.js:9:3/),
+    null
+  );
+}
+
+// Applies source-maps generated by uglifyjs to stack trace.
+{
+  const output = spawnSync(process.execPath, [
+    '--enable-source-maps',
+    require.resolve('../fixtures/source-map/uglify-throw.js')
+  ]);
+  assert.ok(
+    output.stderr.toString().match(/->.*uglify-throw-original\.js:5:9/)
+  );
+  assert.ok(
+    output.stderr.toString().match(/->.*uglify-throw-original\.js:9:3/)
+  );
+}
+
+// Applies source-maps generated by tsc to stack trace.
+{
+  const output = spawnSync(process.execPath, [
+    '--enable-source-maps',
+    require.resolve('../fixtures/source-map/typescript-throw.js')
+  ]);
+  assert.ok(output.stderr.toString().match(/->.*typescript-throw\.ts:18:11/));
+  assert.ok(output.stderr.toString().match(/->.*typescript-throw\.ts:24:1/));
+}
+
+// Applies source-maps generated by babel to stack trace.
+{
+  const output = spawnSync(process.execPath, [
+    '--enable-source-maps',
+    require.resolve('../fixtures/source-map/babel-throw.js')
+  ]);
+  assert.ok(
+    output.stderr.toString().match(/->.*babel-throw-original\.js:18:31/)
+  );
+}
+
+// Applies source-maps generated by nyc to stack trace.
+{
+  const output = spawnSync(process.execPath, [
+    '--enable-source-maps',
+    require.resolve('../fixtures/source-map/istanbul-throw.js')
+  ]);
+  assert.ok(
+    output.stderr.toString().match(/->.*istanbul-throw-original\.js:5:9/)
+  );
+  assert.ok(
+    output.stderr.toString().match(/->.*istanbul-throw-original\.js:9:3/)
+  );
+}
+
+// Applies source-maps in esm modules to stack trace.
+{
+  const output = spawnSync(process.execPath, [
+    '--enable-source-maps',
+    '--experimental-modules',
+    require.resolve('../fixtures/source-map/babel-esm.mjs')
+  ]);
+  assert.ok(
+    output.stderr.toString().match(/->.*babel-esm-original\.mjs:9:29/)
+  );
+}
+
 function getSourceMapFromCache(fixtureFile, coverageDirectory) {
   const jsonFiles = fs.readdirSync(coverageDirectory);
   for (const jsonFile of jsonFiles) {
-    const maybeSourceMapCache = require(
-      path.join(coverageDirectory, jsonFile)
-    )['source-map-cache'] || {};
+    let maybeSourceMapCache;
+    try {
+      maybeSourceMapCache = require(
+        path.join(coverageDirectory, jsonFile)
+      )['source-map-cache'] || {};
+    } catch (err) {
+      console.warn(err);
+      maybeSourceMapCache = {};
+    }
     const keys = Object.keys(maybeSourceMapCache);
     for (const key of keys) {
       if (key.includes(fixtureFile)) {

From e7f604f495568091686678c1a4a612d1e0ea7889 Mon Sep 17 00:00:00 2001
From: Bradley Farias <bfarias@godaddy.com>
Date: Fri, 27 Sep 2019 12:12:18 -0500
Subject: [PATCH 46/65] esm: remove proxy for builtin exports

PR-URL: https://github.com/nodejs/node/pull/29737
Reviewed-By: Guy Bedford <guybedford@gmail.com>
Reviewed-By: Gus Caplan <me@gus.host>
Reviewed-By: Jan Krems <jan.krems@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Minwoo Jung <minwoo@nodesource.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
---
 doc/api/esm.md                           | 12 ++--
 doc/api/modules.md                       | 30 ++++++++
 lib/internal/bootstrap/loaders.js        | 92 ++++++++++--------------
 lib/internal/modules/cjs/loader.js       |  8 +++
 lib/internal/modules/esm/translators.js  | 10 +--
 test/es-module/test-esm-live-binding.mjs | 24 ++++++-
 6 files changed, 107 insertions(+), 69 deletions(-)

diff --git a/doc/api/esm.md b/doc/api/esm.md
index 580528401629e2..e0a548f0424410 100644
--- a/doc/api/esm.md
+++ b/doc/api/esm.md
@@ -555,10 +555,11 @@ cjs === 'cjs'; // true
 
 ## Builtin modules
 
-Builtin modules will provide named exports of their public API, as well as a
-default export which can be used for, among other things, modifying the named
-exports. Named exports of builtin modules are updated when the corresponding
-exports property is accessed, redefined, or deleted.
+Builtin modules will provide named exports of their public API. A
+default export is also provided which is the value of the CommonJS exports.
+The default export can be used for, among other things, modifying the named
+exports. Named exports of builtin modules are updated only by calling
+[`module.syncBuiltinESMExports()`][].
 
 ```js
 import EventEmitter from 'events';
@@ -578,8 +579,10 @@ readFile('./foo.txt', (err, source) => {
 
 ```js
 import fs, { readFileSync } from 'fs';
+import { syncBuiltinESMExports } from 'module';
 
 fs.readFileSync = () => Buffer.from('Hello, ESM');
+syncBuiltinESMExports();
 
 fs.readFileSync === readFileSync;
 ```
@@ -1008,6 +1011,7 @@ success!
 [`import.meta.url`]: #esm_import_meta
 [`import`]: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Statements/import
 [`module.createRequire()`]: modules.html#modules_module_createrequire_filename
+[`module.syncBuiltinESMExports()`]: modules.html#modules_module_syncbuiltinesmexports
 [dynamic instantiate hook]: #esm_dynamic_instantiate_hook
 [package exports]: #esm_package_exports
 [special scheme]: https://url.spec.whatwg.org/#special-scheme
diff --git a/doc/api/modules.md b/doc/api/modules.md
index 32490cf47f1792..9ed9273e0b578f 100644
--- a/doc/api/modules.md
+++ b/doc/api/modules.md
@@ -984,6 +984,36 @@ const requireUtil = createRequireFromPath('../src/utils/');
 requireUtil('./some-tool');
 ```
 
+### module.syncBuiltinESMExports()
+<!-- YAML
+added: REPLACEME
+-->
+
+The `module.syncBuiltinESMExports()` method updates all the live bindings for
+builtin ES Modules to match the properties of the CommonJS exports. It does
+not add or remove exported names from the ES Modules.
+
+```js
+const fs = require('fs');
+const { syncBuiltinESMExports } = require('module');
+
+fs.readFile = null;
+
+delete fs.readFileSync;
+
+fs.newAPI = function newAPI() {
+  // ...
+};
+
+syncBuiltinESMExports();
+
+import('fs').then((esmFS) => {
+  assert.strictEqual(esmFS.readFile, null);
+  assert.strictEqual('readFileSync' in fs, true);
+  assert.strictEqual(esmFS.newAPI, undefined);
+});
+```
+
 [GLOBAL_FOLDERS]: #modules_loading_from_the_global_folders
 [`Error`]: errors.html#errors_class_error
 [`__dirname`]: #modules_dirname
diff --git a/lib/internal/bootstrap/loaders.js b/lib/internal/bootstrap/loaders.js
index cc1157a55774e2..dbc21a9697e800 100644
--- a/lib/internal/bootstrap/loaders.js
+++ b/lib/internal/bootstrap/loaders.js
@@ -151,6 +151,7 @@ function NativeModule(id) {
   this.id = id;
   this.exports = {};
   this.reflect = undefined;
+  this.esmFacade = undefined;
   this.exportKeys = undefined;
   this.loaded = false;
   this.loading = false;
@@ -211,15 +212,19 @@ function requireWithFallbackInDeps(request) {
 }
 
 // This is exposed for public loaders
-NativeModule.prototype.compileForPublicLoader = function(needToProxify) {
+NativeModule.prototype.compileForPublicLoader = function(needToSyncExports) {
   if (!this.canBeRequiredByUsers) {
     // No code because this is an assertion against bugs
     // eslint-disable-next-line no-restricted-syntax
     throw new Error(`Should not compile ${this.id} for public use`);
   }
   this.compile();
-  if (needToProxify && !this.exportKeys) {
-    this.proxifyExports();
+  if (needToSyncExports) {
+    if (!this.exportKeys) {
+      this.exportKeys = Object.keys(this.exports);
+    }
+    this.getESMFacade();
+    this.syncExports();
   }
   return this.exports;
 };
@@ -230,61 +235,38 @@ const getOwn = (target, property, receiver) => {
     undefined;
 };
 
+NativeModule.prototype.getURL = function() {
+  return `node:${this.id}`;
+};
+
+NativeModule.prototype.getESMFacade = function() {
+  if (this.esmFacade) return this.esmFacade;
+  const createDynamicModule = nativeModuleRequire(
+    'internal/modules/esm/create_dynamic_module');
+  const url = this.getURL();
+  return this.esmFacade = createDynamicModule(
+    [], [...this.exportKeys, 'default'], url, (reflect) => {
+      this.reflect = reflect;
+      this.syncExports();
+      reflect.exports.default.set(this.exports);
+    });
+};
+
 // Provide named exports for all builtin libraries so that the libraries
 // may be imported in a nicer way for ESM users. The default export is left
-// as the entire namespace (module.exports) and wrapped in a proxy such
-// that APMs and other behavior are still left intact.
-NativeModule.prototype.proxifyExports = function() {
-  this.exportKeys = Object.keys(this.exports);
-
-  const update = (property, value) => {
-    if (this.reflect !== undefined &&
-        ObjectPrototype.hasOwnProperty(this.reflect.exports, property))
-      this.reflect.exports[property].set(value);
-  };
-
-  const handler = {
-    __proto__: null,
-    defineProperty: (target, prop, descriptor) => {
-      // Use `Object.defineProperty` instead of `Reflect.defineProperty`
-      // to throw the appropriate error if something goes wrong.
-      Object.defineProperty(target, prop, descriptor);
-      if (typeof descriptor.get === 'function' &&
-          !Reflect.has(handler, 'get')) {
-        handler.get = (target, prop, receiver) => {
-          const value = Reflect.get(target, prop, receiver);
-          if (ObjectPrototype.hasOwnProperty(target, prop))
-            update(prop, value);
-          return value;
-        };
-      }
-      update(prop, getOwn(target, prop));
-      return true;
-    },
-    deleteProperty: (target, prop) => {
-      if (Reflect.deleteProperty(target, prop)) {
-        update(prop, undefined);
-        return true;
-      }
-      return false;
-    },
-    set: (target, prop, value, receiver) => {
-      const descriptor = Reflect.getOwnPropertyDescriptor(target, prop);
-      if (Reflect.set(target, prop, value, receiver)) {
-        if (descriptor && typeof descriptor.set === 'function') {
-          for (const key of this.exportKeys) {
-            update(key, getOwn(target, key, receiver));
-          }
-        } else {
-          update(prop, getOwn(target, prop, receiver));
-        }
-        return true;
-      }
-      return false;
+// as the entire namespace (module.exports) and updates when this function is
+// called so that APMs and other behavior are supported.
+NativeModule.prototype.syncExports = function() {
+  const names = this.exportKeys;
+  if (this.reflect) {
+    for (let i = 0; i < names.length; i++) {
+      const exportName = names[i];
+      if (exportName === 'default') continue;
+      this.reflect.exports[exportName].set(
+        getOwn(this.exports, exportName, this.exports)
+      );
     }
-  };
-
-  this.exports = new Proxy(this.exports, handler);
+  }
 };
 
 NativeModule.prototype.compile = function() {
diff --git a/lib/internal/modules/cjs/loader.js b/lib/internal/modules/cjs/loader.js
index e4c71f2edf44ef..77f5eeb319c4b9 100644
--- a/lib/internal/modules/cjs/loader.js
+++ b/lib/internal/modules/cjs/loader.js
@@ -1130,6 +1130,14 @@ Module._preloadModules = function(requests) {
     parent.require(requests[n]);
 };
 
+Module.syncBuiltinESMExports = function syncBuiltinESMExports() {
+  for (const mod of NativeModule.map.values()) {
+    if (mod.canBeRequiredByUsers) {
+      mod.syncExports();
+    }
+  }
+};
+
 // Backwards compatibility
 Module.Module = Module;
 
diff --git a/lib/internal/modules/esm/translators.js b/lib/internal/modules/esm/translators.js
index 7a84b51e2d0e05..7e6c017213b0c4 100644
--- a/lib/internal/modules/esm/translators.js
+++ b/lib/internal/modules/esm/translators.js
@@ -129,14 +129,8 @@ translators.set('builtin', async function builtinStrategy(url) {
   if (!module) {
     throw new ERR_UNKNOWN_BUILTIN_MODULE(id);
   }
-  return createDynamicModule(
-    [], [...module.exportKeys, 'default'], url, (reflect) => {
-      debug(`Loading BuiltinModule ${url}`);
-      module.reflect = reflect;
-      for (const key of module.exportKeys)
-        reflect.exports[key].set(module.exports[key]);
-      reflect.exports.default.set(module.exports);
-    });
+  debug(`Loading BuiltinModule ${url}`);
+  return module.getESMFacade();
 });
 
 // Strategy for loading a JSON file
diff --git a/test/es-module/test-esm-live-binding.mjs b/test/es-module/test-esm-live-binding.mjs
index 5858b13bb51861..4000a621a2bd04 100644
--- a/test/es-module/test-esm-live-binding.mjs
+++ b/test/es-module/test-esm-live-binding.mjs
@@ -1,6 +1,7 @@
 // Flags: --experimental-modules
 import '../common/index.mjs';
 import assert from 'assert';
+import { syncBuiltinESMExports } from 'module';
 
 import fs, { readFile, readFileSync } from 'fs';
 import events, { defaultMaxListeners } from 'events';
@@ -14,10 +15,12 @@ const s = Symbol();
 const fn = () => s;
 
 Reflect.deleteProperty(fs, 'readFile');
+syncBuiltinESMExports();
 
 assert.deepStrictEqual([fs.readFile, readFile], [undefined, undefined]);
 
 fs.readFile = fn;
+syncBuiltinESMExports();
 
 assert.deepStrictEqual([fs.readFile(), readFile()], [s, s]);
 
@@ -26,10 +29,12 @@ Reflect.defineProperty(fs, 'readFile', {
   configurable: true,
   writable: true,
 });
+syncBuiltinESMExports();
 
 assert.deepStrictEqual([fs.readFile(), readFile()], [s, s]);
 
 Reflect.deleteProperty(fs, 'readFile');
+syncBuiltinESMExports();
 
 assert.deepStrictEqual([fs.readFile, readFile], [undefined, undefined]);
 
@@ -39,10 +44,14 @@ Reflect.defineProperty(fs, 'readFile', {
   get() { return count; },
   configurable: true,
 });
+syncBuiltinESMExports();
+
+assert.deepStrictEqual([readFile, fs.readFile], [0, 0]);
 
 count++;
+syncBuiltinESMExports();
 
-assert.deepStrictEqual([readFile, fs.readFile, readFile], [0, 1, 1]);
+assert.deepStrictEqual([fs.readFile, readFile], [1, 1]);
 
 let otherValue;
 
@@ -62,6 +71,7 @@ Reflect.defineProperty(fs, 'readFileSync', {
 });
 
 fs.readFile = 2;
+syncBuiltinESMExports();
 
 assert.deepStrictEqual([readFile, readFileSync], [undefined, 2]);
 
@@ -86,17 +96,23 @@ Reflect.defineProperty(Function.prototype, 'defaultMaxListeners', {
     });
   },
 });
+syncBuiltinESMExports();
 
 assert.strictEqual(defaultMaxListeners, originDefaultMaxListeners);
 assert.strictEqual(events.defaultMaxListeners, originDefaultMaxListeners);
 
-assert.strictEqual(++events.defaultMaxListeners,
+events.defaultMaxListeners += 1;
+
+assert.strictEqual(events.defaultMaxListeners,
                    originDefaultMaxListeners + 1);
 
+syncBuiltinESMExports();
+
 assert.strictEqual(defaultMaxListeners, originDefaultMaxListeners + 1);
 assert.strictEqual(Function.prototype.defaultMaxListeners, 1);
 
 Function.prototype.defaultMaxListeners = 'foo';
+syncBuiltinESMExports();
 
 assert.strictEqual(Function.prototype.defaultMaxListeners, 'foo');
 assert.strictEqual(events.defaultMaxListeners, originDefaultMaxListeners + 1);
@@ -117,16 +133,19 @@ const p = {
 };
 
 util.__proto__ = p; // eslint-disable-line no-proto
+syncBuiltinESMExports();
 
 assert.strictEqual(util.foo, 1);
 
 util.foo = 'bar';
+syncBuiltinESMExports();
 
 assert.strictEqual(count, 1);
 assert.strictEqual(util.foo, 'bar');
 assert.strictEqual(p.foo, 2);
 
 p.foo = 'foo';
+syncBuiltinESMExports();
 
 assert.strictEqual(p.foo, 'foo');
 
@@ -135,6 +154,7 @@ util.__proto__ = utilProto; // eslint-disable-line no-proto
 
 Reflect.deleteProperty(util, 'foo');
 Reflect.deleteProperty(Function.prototype, 'defaultMaxListeners');
+syncBuiltinESMExports();
 
 assert.throws(
   () => Object.defineProperty(events, 'defaultMaxListeners', { value: 3 }),

From 6c75cc1b11fb38448290d16c224f738f6f84fc8d Mon Sep 17 00:00:00 2001
From: Robert Nagy <ronagy@icloud.com>
Date: Thu, 3 Oct 2019 20:53:58 +0200
Subject: [PATCH 47/65] stream: do not deadlock duplexpair

If nothing is buffered then _read will not be called and the
callback will not be invoked, effectivly deadlocking.

Fixes: https://github.com/nodejs/node/issues/29758

PR-URL: https://github.com/nodejs/node/pull/29836
Refs: https://github.com/nodejs/node/pull/29649
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Minwoo Jung <minwoo@nodesource.com>
---
 doc/api/stream.md                  | 4 +++-
 lib/internal/streams/duplexpair.js | 8 ++++++--
 test/common/duplexpair.js          | 8 ++++++--
 3 files changed, 15 insertions(+), 5 deletions(-)

diff --git a/doc/api/stream.md b/doc/api/stream.md
index 4bdf3159dfaa80..8189f5c84d93ab 100644
--- a/doc/api/stream.md
+++ b/doc/api/stream.md
@@ -2059,7 +2059,9 @@ when `_read()` is called again after it has stopped should it resume pushing
 additional data onto the queue.
 
 Once the `readable._read()` method has been called, it will not be called again
-until the [`readable.push()`][stream-push] method is called.
+until more data is pushed through the [`readable.push()`][stream-push] method.
+Empty data such as empty buffers and strings will not cause `readable._read()`
+to be called.
 
 The `size` argument is advisory. For implementations where a "read" is a
 single operation that returns data can use the `size` argument to determine how
diff --git a/lib/internal/streams/duplexpair.js b/lib/internal/streams/duplexpair.js
index beaf9e9eb3d03d..6735bcb2b92531 100644
--- a/lib/internal/streams/duplexpair.js
+++ b/lib/internal/streams/duplexpair.js
@@ -20,8 +20,12 @@ class DuplexSocket extends Duplex {
   }
 
   _write(chunk, encoding, callback) {
-    this[kOtherSide][kCallback] = callback;
-    this[kOtherSide].push(chunk);
+    if (chunk.length === 0) {
+      process.nextTick(callback);
+    } else {
+      this[kOtherSide].push(chunk);
+      this[kOtherSide][kCallback] = callback;
+    }
   }
 
   _final(callback) {
diff --git a/test/common/duplexpair.js b/test/common/duplexpair.js
index 0783aeb861100e..4eb4f326f2d295 100644
--- a/test/common/duplexpair.js
+++ b/test/common/duplexpair.js
@@ -24,8 +24,12 @@ class DuplexSocket extends Duplex {
   _write(chunk, encoding, callback) {
     assert.notStrictEqual(this[kOtherSide], null);
     assert.strictEqual(this[kOtherSide][kCallback], null);
-    this[kOtherSide][kCallback] = callback;
-    this[kOtherSide].push(chunk);
+    if (chunk.length === 0) {
+      process.nextTick(callback);
+    } else {
+      this[kOtherSide].push(chunk);
+      this[kOtherSide][kCallback] = callback;
+    }
   }
 
   _final(callback) {

From b309e2066144c66b43f522efed2b5598f5873834 Mon Sep 17 00:00:00 2001
From: Austin Wright <aaa@bzfx.net>
Date: Sat, 21 Sep 2019 17:30:29 -0700
Subject: [PATCH 48/65] test: add test for HTTP server response with
 Connection: close

PR-URL: https://github.com/nodejs/node/pull/29836
Refs: https://github.com/nodejs/node/issues/29758
Refs: https://github.com/nodejs/node/pull/29649
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Minwoo Jung <minwoo@nodesource.com>
---
 test/parallel/test-http-generic-streams.js | 80 ++++++++++++++++++++++
 1 file changed, 80 insertions(+)

diff --git a/test/parallel/test-http-generic-streams.js b/test/parallel/test-http-generic-streams.js
index bc28d1fcd4632b..aea371432a3d07 100644
--- a/test/parallel/test-http-generic-streams.js
+++ b/test/parallel/test-http-generic-streams.js
@@ -23,6 +23,7 @@ const MakeDuplexPair = require('../common/duplexpair');
     res.on('data', common.mustCall((data) => {
       assert.strictEqual(data, testData);
     }));
+    res.on('end', common.mustCall());
   }));
   req.end();
 }
@@ -58,3 +59,82 @@ const MakeDuplexPair = require('../common/duplexpair');
     doRequest();
   });
 }
+
+// Test 3: Connection: close request/response with chunked
+{
+  const testData = 'Hello, World!\n';
+  const server = http.createServer(common.mustCall((req, res) => {
+    req.setEncoding('utf8');
+    req.resume();
+    req.on('data', common.mustCall(function test3_req_data(data) {
+      assert.strictEqual(data, testData);
+    }));
+    req.once('end', function() {
+      res.statusCode = 200;
+      res.setHeader('Content-Type', 'text/plain');
+      res.write(testData);
+      res.end();
+    });
+  }));
+
+  const { clientSide, serverSide } = MakeDuplexPair();
+  server.emit('connection', serverSide);
+  clientSide.on('end', common.mustCall());
+  serverSide.on('end', common.mustCall());
+
+  const req = http.request({
+    createConnection: common.mustCall(() => clientSide),
+    method: 'PUT',
+    headers: { 'Connection': 'close' }
+  }, common.mustCall((res) => {
+    res.setEncoding('utf8');
+    res.on('data', common.mustCall(function test3_res_data(data) {
+      assert.strictEqual(data, testData);
+    }));
+    res.on('end', common.mustCall());
+  }));
+  req.write(testData);
+  req.end();
+}
+
+// Test 4: Connection: close request/response with Content-Length
+// The same as Test 3, but with Content-Length headers
+{
+  const testData = 'Hello, World!\n';
+  const server = http.createServer(common.mustCall((req, res) => {
+    assert.strictEqual(req.headers['content-length'], testData.length + '');
+    req.setEncoding('utf8');
+    req.on('data', common.mustCall(function test4_req_data(data) {
+      assert.strictEqual(data, testData);
+    }));
+    req.once('end', function() {
+      res.statusCode = 200;
+      res.setHeader('Content-Type', 'text/plain');
+      res.setHeader('Content-Length', testData.length);
+      res.write(testData);
+      res.end();
+    });
+
+  }));
+
+  const { clientSide, serverSide } = MakeDuplexPair();
+  server.emit('connection', serverSide);
+  clientSide.on('end', common.mustCall());
+  serverSide.on('end', common.mustCall());
+
+  const req = http.request({
+    createConnection: common.mustCall(() => clientSide),
+    method: 'PUT',
+    headers: { 'Connection': 'close' }
+  }, common.mustCall((res) => {
+    res.setEncoding('utf8');
+    assert.strictEqual(res.headers['content-length'], testData.length + '');
+    res.on('data', common.mustCall(function test4_res_data(data) {
+      assert.strictEqual(data, testData);
+    }));
+    res.on('end', common.mustCall());
+  }));
+  req.setHeader('Content-Length', testData.length);
+  req.write(testData);
+  req.end();
+}

From 600478ac137fff82f9c2b584e5aa1a45339592a1 Mon Sep 17 00:00:00 2001
From: Anna Henningsen <anna@addaleax.net>
Date: Wed, 2 Oct 2019 23:26:51 +0200
Subject: [PATCH 49/65] dgram: use `uv_udp_try_send()`

This improves dgram performance by avoiding unnecessary async
operations.

One issue with this commit is that it seems hard to actually create
conditions under which the fallback path to the async case is
actually taken, for all supported OS, so an internal CLI option
is used for testing that path.

Another caveat is that the lack of an async operation means
that there are slight timing differences (essentially `nextTick()`
rather than `setImmediate()` for the send callback).

PR-URL: https://github.com/nodejs/node/pull/29832
Reviewed-By: David Carlier <devnexen@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
---
 benchmark/dgram/array-vs-concat.js            | 20 ++++++---
 benchmark/dgram/multi-buffer.js               | 10 +++--
 benchmark/dgram/offset-length.js              | 10 +++--
 benchmark/dgram/single-buffer.js              | 10 +++--
 lib/dgram.js                                  |  8 ++++
 src/node_options.cc                           |  2 +
 src/node_options.h                            |  1 +
 src/udp_wrap.cc                               | 44 ++++++++++++++-----
 test/async-hooks/test-udpsendwrap.js          |  1 +
 .../test-dgram-send-callback-recursive.js     |  2 +-
 test/sequential/test-async-wrap-getasyncid.js |  2 +-
 11 files changed, 82 insertions(+), 28 deletions(-)

diff --git a/benchmark/dgram/array-vs-concat.js b/benchmark/dgram/array-vs-concat.js
index 669cf47df40ff2..d260a48063d489 100644
--- a/benchmark/dgram/array-vs-concat.js
+++ b/benchmark/dgram/array-vs-concat.js
@@ -29,17 +29,25 @@ function main({ dur, len, num, type, chunks }) {
 
   function onsendConcat() {
     if (sent++ % num === 0) {
-      for (var i = 0; i < num; i++) {
-        socket.send(Buffer.concat(chunk), PORT, '127.0.0.1', onsend);
-      }
+      // The setImmediate() is necessary to have event loop progress on OSes
+      // that only perform synchronous I/O on nonblocking UDP sockets.
+      setImmediate(() => {
+        for (var i = 0; i < num; i++) {
+          socket.send(Buffer.concat(chunk), PORT, '127.0.0.1', onsend);
+        }
+      });
     }
   }
 
   function onsendMulti() {
     if (sent++ % num === 0) {
-      for (var i = 0; i < num; i++) {
-        socket.send(chunk, PORT, '127.0.0.1', onsend);
-      }
+      // The setImmediate() is necessary to have event loop progress on OSes
+      // that only perform synchronous I/O on nonblocking UDP sockets.
+      setImmediate(() => {
+        for (var i = 0; i < num; i++) {
+          socket.send(chunk, PORT, '127.0.0.1', onsend);
+        }
+      });
     }
   }
 
diff --git a/benchmark/dgram/multi-buffer.js b/benchmark/dgram/multi-buffer.js
index a1c50551b87196..7b69a82255ed4b 100644
--- a/benchmark/dgram/multi-buffer.js
+++ b/benchmark/dgram/multi-buffer.js
@@ -27,9 +27,13 @@ function main({ dur, len, num, type, chunks }) {
 
   function onsend() {
     if (sent++ % num === 0) {
-      for (var i = 0; i < num; i++) {
-        socket.send(chunk, PORT, '127.0.0.1', onsend);
-      }
+      // The setImmediate() is necessary to have event loop progress on OSes
+      // that only perform synchronous I/O on nonblocking UDP sockets.
+      setImmediate(() => {
+        for (var i = 0; i < num; i++) {
+          socket.send(chunk, PORT, '127.0.0.1', onsend);
+        }
+      });
     }
   }
 
diff --git a/benchmark/dgram/offset-length.js b/benchmark/dgram/offset-length.js
index 7c672acae20404..696fa6a7a0c0bd 100644
--- a/benchmark/dgram/offset-length.js
+++ b/benchmark/dgram/offset-length.js
@@ -23,9 +23,13 @@ function main({ dur, len, num, type }) {
 
   function onsend() {
     if (sent++ % num === 0) {
-      for (var i = 0; i < num; i++) {
-        socket.send(chunk, 0, chunk.length, PORT, '127.0.0.1', onsend);
-      }
+      // The setImmediate() is necessary to have event loop progress on OSes
+      // that only perform synchronous I/O on nonblocking UDP sockets.
+      setImmediate(() => {
+        for (var i = 0; i < num; i++) {
+          socket.send(chunk, 0, chunk.length, PORT, '127.0.0.1', onsend);
+        }
+      });
     }
   }
 
diff --git a/benchmark/dgram/single-buffer.js b/benchmark/dgram/single-buffer.js
index d183b9cd1d69a6..5c95b17887d37a 100644
--- a/benchmark/dgram/single-buffer.js
+++ b/benchmark/dgram/single-buffer.js
@@ -23,9 +23,13 @@ function main({ dur, len, num, type }) {
 
   function onsend() {
     if (sent++ % num === 0) {
-      for (var i = 0; i < num; i++) {
-        socket.send(chunk, PORT, '127.0.0.1', onsend);
-      }
+      // The setImmediate() is necessary to have event loop progress on OSes
+      // that only perform synchronous I/O on nonblocking UDP sockets.
+      setImmediate(() => {
+        for (var i = 0; i < num; i++) {
+          socket.send(chunk, PORT, '127.0.0.1', onsend);
+        }
+      });
     }
   }
 
diff --git a/lib/dgram.js b/lib/dgram.js
index 923463cc2e7e08..cc61d4d274eea1 100644
--- a/lib/dgram.js
+++ b/lib/dgram.js
@@ -666,6 +666,14 @@ function doSend(ex, self, ip, list, address, port, callback) {
   else
     err = state.handle.send(req, list, list.length, !!callback);
 
+  if (err >= 1) {
+    // Synchronous finish. The return code is msg_length + 1 so that we can
+    // distinguish between synchronous success and asynchronous success.
+    if (callback)
+      process.nextTick(callback, null, err - 1);
+    return;
+  }
+
   if (err && callback) {
     // Don't emit as error, dgram_legacy.js compatibility
     const ex = exceptionWithHostPort(err, 'send', address, port);
diff --git a/src/node_options.cc b/src/node_options.cc
index 917de69fe8e875..caba0b28c7d1b1 100644
--- a/src/node_options.cc
+++ b/src/node_options.cc
@@ -466,6 +466,8 @@ EnvironmentOptionsParser::EnvironmentOptionsParser() {
             "write warnings to file instead of stderr",
             &EnvironmentOptions::redirect_warnings,
             kAllowedInEnvironment);
+  AddOption("--test-udp-no-try-send", "",  // For testing only.
+            &EnvironmentOptions::test_udp_no_try_send);
   AddOption("--throw-deprecation",
             "throw an exception on deprecations",
             &EnvironmentOptions::throw_deprecation,
diff --git a/src/node_options.h b/src/node_options.h
index 89f6363f4a6e04..0721a4fe2f8821 100644
--- a/src/node_options.h
+++ b/src/node_options.h
@@ -137,6 +137,7 @@ class EnvironmentOptions : public Options {
   bool heap_prof = false;
 #endif  // HAVE_INSPECTOR
   std::string redirect_warnings;
+  bool test_udp_no_try_send = false;
   bool throw_deprecation = false;
   bool trace_deprecation = false;
   bool trace_sync_io = false;
diff --git a/src/udp_wrap.cc b/src/udp_wrap.cc
index 3c66db2155ab74..64c4c8b304fc5f 100644
--- a/src/udp_wrap.cc
+++ b/src/udp_wrap.cc
@@ -429,11 +429,6 @@ void UDPWrap::DoSend(const FunctionCallbackInfo<Value>& args, int family) {
   size_t count = args[2].As<Uint32>()->Value();
   const bool have_callback = sendto ? args[5]->IsTrue() : args[3]->IsTrue();
 
-  SendWrap* req_wrap;
-  {
-    AsyncHooks::DefaultTriggerAsyncIdScope trigger_scope(wrap);
-    req_wrap = new SendWrap(env, req_wrap_obj, have_callback);
-  }
   size_t msg_size = 0;
 
   MaybeStackBuffer<uv_buf_t, 16> bufs(count);
@@ -448,8 +443,6 @@ void UDPWrap::DoSend(const FunctionCallbackInfo<Value>& args, int family) {
     msg_size += length;
   }
 
-  req_wrap->msg_size = msg_size;
-
   int err = 0;
   struct sockaddr_storage addr_storage;
   sockaddr* addr = nullptr;
@@ -462,18 +455,47 @@ void UDPWrap::DoSend(const FunctionCallbackInfo<Value>& args, int family) {
     }
   }
 
+  uv_buf_t* bufs_ptr = *bufs;
+  if (err == 0 && !UNLIKELY(env->options()->test_udp_no_try_send)) {
+    err = uv_udp_try_send(&wrap->handle_, bufs_ptr, count, addr);
+    if (err == UV_ENOSYS || err == UV_EAGAIN) {
+      err = 0;
+    } else if (err >= 0) {
+      size_t sent = err;
+      while (count > 0 && bufs_ptr->len <= sent) {
+        sent -= bufs_ptr->len;
+        bufs_ptr++;
+        count--;
+      }
+      if (count > 0) {
+        CHECK_LT(sent, bufs_ptr->len);
+        bufs_ptr->base += sent;
+        bufs_ptr->len -= sent;
+      } else {
+        CHECK_EQ(static_cast<size_t>(err), msg_size);
+        // + 1 so that the JS side can distinguish 0-length async sends from
+        // 0-length sync sends.
+        args.GetReturnValue().Set(static_cast<uint32_t>(msg_size) + 1);
+        return;
+      }
+    }
+  }
+
   if (err == 0) {
+    AsyncHooks::DefaultTriggerAsyncIdScope trigger_scope(wrap);
+    SendWrap* req_wrap = new SendWrap(env, req_wrap_obj, have_callback);
+    req_wrap->msg_size = msg_size;
+
     err = req_wrap->Dispatch(uv_udp_send,
                              &wrap->handle_,
-                             *bufs,
+                             bufs_ptr,
                              count,
                              addr,
                              OnSend);
+    if (err)
+      delete req_wrap;
   }
 
-  if (err)
-    delete req_wrap;
-
   args.GetReturnValue().Set(err);
 }
 
diff --git a/test/async-hooks/test-udpsendwrap.js b/test/async-hooks/test-udpsendwrap.js
index 25b7eb6103d6f5..f1403e3226a165 100644
--- a/test/async-hooks/test-udpsendwrap.js
+++ b/test/async-hooks/test-udpsendwrap.js
@@ -1,3 +1,4 @@
+// Flags: --test-udp-no-try-send
 'use strict';
 
 const common = require('../common');
diff --git a/test/parallel/test-dgram-send-callback-recursive.js b/test/parallel/test-dgram-send-callback-recursive.js
index 835fa332dfbe4d..1a4c7c84fc2719 100644
--- a/test/parallel/test-dgram-send-callback-recursive.js
+++ b/test/parallel/test-dgram-send-callback-recursive.js
@@ -22,7 +22,7 @@ function onsend() {
 client.on('listening', function() {
   port = this.address().port;
 
-  setImmediate(function() {
+  process.nextTick(() => {
     async = true;
   });
 
diff --git a/test/sequential/test-async-wrap-getasyncid.js b/test/sequential/test-async-wrap-getasyncid.js
index f2702b4b497597..bef6b050ff3178 100644
--- a/test/sequential/test-async-wrap-getasyncid.js
+++ b/test/sequential/test-async-wrap-getasyncid.js
@@ -1,5 +1,5 @@
 'use strict';
-// Flags: --expose-gc --expose-internals --no-warnings
+// Flags: --expose-gc --expose-internals --no-warnings --test-udp-no-try-send
 
 const common = require('../common');
 const { internalBinding } = require('internal/test/binding');

From 60296a36122bfe4cd16f0611965993fccfc6582c Mon Sep 17 00:00:00 2001
From: Ben Noordhuis <info@bnoordhuis.nl>
Date: Thu, 3 Oct 2019 09:53:42 +0200
Subject: [PATCH 50/65] lib: make tick processor detect xcodebuild errors

`node --prof-process` on macOS calls out to nm(1) to look up C++
symbols. If Xcode hasn't been properly installed or its license
hasn't been accepted yet, it prints out an error and exits.

Before this commit, that error was swallowed and the output of
the tick processor was not showing the C++ entry points.

This commit detects that error message and turns it into an
exception. No regression test because this particular condition
is hard to test for without going to extreme lengths to mock
the output of nm.

Fixes: https://github.com/nodejs/node/issues/29804

PR-URL: https://github.com/nodejs/node/pull/29830
Reviewed-By: David Carlier <devnexen@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Minwoo Jung <minwoo@nodesource.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
---
 lib/internal/v8_prof_polyfill.js | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/lib/internal/v8_prof_polyfill.js b/lib/internal/v8_prof_polyfill.js
index 59e1b8947eed55..7d8d3ff0202d20 100644
--- a/lib/internal/v8_prof_polyfill.js
+++ b/lib/internal/v8_prof_polyfill.js
@@ -48,8 +48,15 @@ const os = {
     }
     let out = cp.spawnSync(name, args).stdout.toString();
     // Auto c++filt names, but not [iItT]
-    if (process.platform === 'darwin' && name === 'nm')
+    if (process.platform === 'darwin' && name === 'nm') {
+      // nm prints an error along the lines of "Run xcodebuild -license" and
+      // exits when Xcode hasn't been properly installed or when its license
+      // hasn't been accepted yet. Basically any mention of xcodebuild in
+      // the output means the nm command is non-functional.
+      const match = out.match(/(?:^|\n)([^\n]*xcodebuild[^\n]*)(?:\n|$)/);
+      if (match) throw new Error(match[1]);
       out = macCppfiltNm(out);
+    }
     return out;
   }
 };

From ba4946a520f3c810c802fa7cf88d3c7e92e60478 Mon Sep 17 00:00:00 2001
From: Ruben Bridgewater <ruben@bridgewater.de>
Date: Thu, 3 Oct 2019 02:24:19 +0200
Subject: [PATCH 51/65] tools: prohibit Error.prepareStackTrace() usage

This eslint rule makes sure that `prepareStackTrace()` is not used in
Node.js core.

PR-URL: https://github.com/nodejs/node/pull/29827
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Gus Caplan <me@gus.host>
---
 lib/.eslintrc.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/lib/.eslintrc.yaml b/lib/.eslintrc.yaml
index b7e8e1f4fbeb4a..f66e15e6d963e8 100644
--- a/lib/.eslintrc.yaml
+++ b/lib/.eslintrc.yaml
@@ -33,6 +33,8 @@ rules:
       message: "Use an error exported by the internal/errors module."
     - selector: "CallExpression[callee.object.name='Error'][callee.property.name='captureStackTrace']"
       message: "Please use `require('internal/errors').hideStackFrames()` instead."
+    - selector: "AssignmentExpression:matches([left.name='prepareStackTrace'], [left.property.name='prepareStackTrace'])"
+      message: "Use 'overrideStackTrace' from 'lib/internal/errors.js' instead of 'Error.prepareStackTrace'."
   # Custom rules in tools/eslint-rules
   node-core/lowercase-name-for-primitive: error
   node-core/non-ascii-character: error

From 90562ae35685c7c0eafb743bfa14fd8ec9305d1b Mon Sep 17 00:00:00 2001
From: Guy Bedford <guybedford@gmail.com>
Date: Fri, 4 Oct 2019 13:37:27 -0400
Subject: [PATCH 52/65] module: use v8 synthetic modules

PR-URL: https://github.com/nodejs/node/pull/29846
Reviewed-By: Gus Caplan <me@gus.host>
Reviewed-By: Minwoo Jung <minwoo@nodesource.com>
---
 lib/internal/bootstrap/loaders.js       |  30 ++---
 lib/internal/modules/cjs/loader.js      |  28 ++---
 lib/internal/modules/esm/loader.js      |   9 +-
 lib/internal/modules/esm/module_job.js  |   6 +-
 lib/internal/modules/esm/translators.js |  42 ++++---
 src/module_wrap.cc                      | 147 +++++++++++++++++++-----
 src/module_wrap.h                       |   7 ++
 7 files changed, 173 insertions(+), 96 deletions(-)

diff --git a/lib/internal/bootstrap/loaders.js b/lib/internal/bootstrap/loaders.js
index dbc21a9697e800..0cad5209c4ff4e 100644
--- a/lib/internal/bootstrap/loaders.js
+++ b/lib/internal/bootstrap/loaders.js
@@ -150,8 +150,7 @@ function NativeModule(id) {
   this.filename = `${id}.js`;
   this.id = id;
   this.exports = {};
-  this.reflect = undefined;
-  this.esmFacade = undefined;
+  this.module = undefined;
   this.exportKeys = undefined;
   this.loaded = false;
   this.loading = false;
@@ -240,16 +239,18 @@ NativeModule.prototype.getURL = function() {
 };
 
 NativeModule.prototype.getESMFacade = function() {
-  if (this.esmFacade) return this.esmFacade;
-  const createDynamicModule = nativeModuleRequire(
-    'internal/modules/esm/create_dynamic_module');
+  if (this.module) return this.module;
+  const { ModuleWrap } = internalBinding('module_wrap');
   const url = this.getURL();
-  return this.esmFacade = createDynamicModule(
-    [], [...this.exportKeys, 'default'], url, (reflect) => {
-      this.reflect = reflect;
-      this.syncExports();
-      reflect.exports.default.set(this.exports);
-    });
+  const nativeModule = this;
+  this.module = new ModuleWrap(function() {
+    nativeModule.syncExports();
+    this.setExport('default', nativeModule.exports);
+  }, [...this.exportKeys, 'default'], url);
+  // Ensure immediate sync execution to capture exports now
+  this.module.instantiate();
+  this.module.evaluate(-1, false);
+  return this.module;
 };
 
 // Provide named exports for all builtin libraries so that the libraries
@@ -258,13 +259,12 @@ NativeModule.prototype.getESMFacade = function() {
 // called so that APMs and other behavior are supported.
 NativeModule.prototype.syncExports = function() {
   const names = this.exportKeys;
-  if (this.reflect) {
+  if (this.module) {
     for (let i = 0; i < names.length; i++) {
       const exportName = names[i];
       if (exportName === 'default') continue;
-      this.reflect.exports[exportName].set(
-        getOwn(this.exports, exportName, this.exports)
-      );
+      this.module.setExport(exportName,
+                            getOwn(this.exports, exportName, this.exports));
     }
   }
 };
diff --git a/lib/internal/modules/cjs/loader.js b/lib/internal/modules/cjs/loader.js
index 77f5eeb319c4b9..2d058b7e0dace3 100644
--- a/lib/internal/modules/cjs/loader.js
+++ b/lib/internal/modules/cjs/loader.js
@@ -75,9 +75,7 @@ const experimentalExports = getOptionValue('--experimental-exports');
 
 module.exports = Module;
 
-let asyncESM;
-let ModuleJob;
-let createDynamicModule;
+let asyncESM, ModuleJob, ModuleWrap, kInstantiated;
 
 const {
   CHAR_FORWARD_SLASH,
@@ -820,21 +818,18 @@ Module.prototype.load = function(filename) {
     const module = ESMLoader.moduleMap.get(url);
     // Create module entry at load time to snapshot exports correctly
     const exports = this.exports;
-    if (module !== undefined) { // Called from cjs translator
-      if (module.reflect) {
-        module.reflect.onReady((reflect) => {
-          reflect.exports.default.set(exports);
-        });
-      }
+    // Called from cjs translator
+    if (module !== undefined && module.module !== undefined) {
+      if (module.module.getStatus() >= kInstantiated)
+        module.module.setExport('default', exports);
     } else { // preemptively cache
       ESMLoader.moduleMap.set(
         url,
-        new ModuleJob(ESMLoader, url, async () => {
-          return createDynamicModule(
-            [], ['default'], url, (reflect) => {
-              reflect.exports.default.set(exports);
-            });
-        })
+        new ModuleJob(ESMLoader, url, () =>
+          new ModuleWrap(function() {
+            this.setExport('default', exports);
+          }, ['default'], url)
+        )
       );
     }
   }
@@ -1145,6 +1140,5 @@ Module.Module = Module;
 if (experimentalModules) {
   asyncESM = require('internal/process/esm_loader');
   ModuleJob = require('internal/modules/esm/module_job');
-  createDynamicModule = require(
-    'internal/modules/esm/create_dynamic_module');
+  ({ ModuleWrap, kInstantiated } = internalBinding('module_wrap'));
 }
diff --git a/lib/internal/modules/esm/loader.js b/lib/internal/modules/esm/loader.js
index 9800e8a550c2e0..138cf8b5ecc3ed 100644
--- a/lib/internal/modules/esm/loader.js
+++ b/lib/internal/modules/esm/loader.js
@@ -117,12 +117,7 @@ class Loader {
     source,
     url = pathToFileURL(`${process.cwd()}/[eval${++this.evalIndex}]`).href
   ) {
-    const evalInstance = async (url) => {
-      return {
-        module: new ModuleWrap(source, url),
-        reflect: undefined
-      };
-    };
+    const evalInstance = (url) => new ModuleWrap(source, url);
     const job = new ModuleJob(this, url, evalInstance, false);
     this.moduleMap.set(url, job);
     const { module, result } = await job.run();
@@ -165,7 +160,7 @@ class Loader {
         return createDynamicModule([], exports, url, (reflect) => {
           debug(`Loading dynamic ${url}`);
           execute(reflect.exports);
-        });
+        }).module;
       };
     } else {
       if (!translators.has(format))
diff --git a/lib/internal/modules/esm/module_job.js b/lib/internal/modules/esm/module_job.js
index 6f265ed4608743..ef11e2ec833b89 100644
--- a/lib/internal/modules/esm/module_job.js
+++ b/lib/internal/modules/esm/module_job.js
@@ -30,19 +30,17 @@ class ModuleJob {
     // onto `this` by `link()` below once it has been resolved.
     this.modulePromise = moduleProvider.call(loader, url, isMain);
     this.module = undefined;
-    this.reflect = undefined;
 
     // Wait for the ModuleWrap instance being linked with all dependencies.
     const link = async () => {
-      ({ module: this.module,
-         reflect: this.reflect } = await this.modulePromise);
+      this.module = await this.modulePromise;
       assert(this.module instanceof ModuleWrap);
 
       const dependencyJobs = [];
       const promises = this.module.link(async (specifier) => {
         const jobPromise = this.loader.getModuleJob(specifier, url);
         dependencyJobs.push(jobPromise);
-        return (await (await jobPromise).modulePromise).module;
+        return (await jobPromise).modulePromise;
       });
 
       if (promises !== undefined)
diff --git a/lib/internal/modules/esm/translators.js b/lib/internal/modules/esm/translators.js
index 7e6c017213b0c4..6c710202b85b77 100644
--- a/lib/internal/modules/esm/translators.js
+++ b/lib/internal/modules/esm/translators.js
@@ -33,6 +33,8 @@ const {
 const readFileAsync = promisify(fs.readFile);
 const JsonParse = JSON.parse;
 const { maybeCacheSourceMap } = require('internal/source_map/source_map_cache');
+const moduleWrap = internalBinding('module_wrap');
+const { ModuleWrap } = moduleWrap;
 
 const debug = debuglog('esm');
 
@@ -78,22 +80,18 @@ translators.set('module', async function moduleStrategy(url) {
   const source = `${await getSource(url)}`;
   maybeCacheSourceMap(url, source);
   debug(`Translating StandardModule ${url}`);
-  const { ModuleWrap, callbackMap } = internalBinding('module_wrap');
   const module = new ModuleWrap(stripShebang(source), url);
-  callbackMap.set(module, {
+  moduleWrap.callbackMap.set(module, {
     initializeImportMeta,
     importModuleDynamically,
   });
-  return {
-    module,
-    reflect: undefined,
-  };
+  return module;
 });
 
 // Strategy for loading a node-style CommonJS module
 const isWindows = process.platform === 'win32';
 const winSepRegEx = /\//g;
-translators.set('commonjs', async function commonjsStrategy(url, isMain) {
+translators.set('commonjs', function commonjsStrategy(url, isMain) {
   debug(`Translating CJSModule ${url}`);
   const pathname = internalURLModule.fileURLToPath(new URL(url));
   const cached = this.cjsCache.get(url);
@@ -106,17 +104,17 @@ translators.set('commonjs', async function commonjsStrategy(url, isMain) {
   ];
   if (module && module.loaded) {
     const exports = module.exports;
-    return createDynamicModule([], ['default'], url, (reflect) => {
-      reflect.exports.default.set(exports);
-    });
+    return new ModuleWrap(function() {
+      this.setExport('default', exports);
+    }, ['default'], url);
   }
-  return createDynamicModule([], ['default'], url, () => {
+  return new ModuleWrap(function() {
     debug(`Loading CJSModule ${url}`);
     // We don't care about the return val of _load here because Module#load
     // will handle it for us by checking the loader registry and filling the
     // exports like above
     CJSModule._load(pathname, undefined, isMain);
-  });
+  }, ['default'], url);
 });
 
 // Strategy for loading a node builtin CommonJS module that isn't
@@ -146,9 +144,9 @@ translators.set('json', async function jsonStrategy(url) {
     module = CJSModule._cache[modulePath];
     if (module && module.loaded) {
       const exports = module.exports;
-      return createDynamicModule([], ['default'], url, (reflect) => {
-        reflect.exports.default.set(exports);
-      });
+      return new ModuleWrap(function() {
+        this.setExport('default', exports);
+      }, ['default'], url);
     }
   }
   const content = `${await getSource(url)}`;
@@ -159,9 +157,9 @@ translators.set('json', async function jsonStrategy(url) {
     module = CJSModule._cache[modulePath];
     if (module && module.loaded) {
       const exports = module.exports;
-      return createDynamicModule(['default'], url, (reflect) => {
-        reflect.exports.default.set(exports);
-      });
+      return new ModuleWrap(function() {
+        this.setExport('default', exports);
+      }, ['default'], url);
     }
   }
   try {
@@ -181,10 +179,10 @@ translators.set('json', async function jsonStrategy(url) {
   if (pathname) {
     CJSModule._cache[modulePath] = module;
   }
-  return createDynamicModule([], ['default'], url, (reflect) => {
+  return new ModuleWrap(function() {
     debug(`Parsing JSONModule ${url}`);
-    reflect.exports.default.set(module.exports);
-  });
+    this.setExport('default', module.exports);
+  }, ['default'], url);
 });
 
 // Strategy for loading a wasm module
@@ -207,5 +205,5 @@ translators.set('wasm', async function(url) {
     const { exports } = new WebAssembly.Instance(compiled, reflect.imports);
     for (const expt of Object.keys(exports))
       reflect.exports[expt].set(exports[expt]);
-  });
+  }).module;
 });
diff --git a/src/module_wrap.cc b/src/module_wrap.cc
index 2d0829860cefbf..67e0cbc6185f34 100644
--- a/src/module_wrap.cc
+++ b/src/module_wrap.cc
@@ -98,6 +98,9 @@ ModuleWrap* ModuleWrap::GetFromID(Environment* env, uint32_t id) {
   return module_wrap_it->second;
 }
 
+// new ModuleWrap(source, url)
+// new ModuleWrap(source, url, context?, lineOffset, columnOffset)
+// new ModuleWrap(syntheticExecutionFunction, export_names, url)
 void ModuleWrap::New(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
   Isolate* isolate = env->isolate();
@@ -108,12 +111,6 @@ void ModuleWrap::New(const FunctionCallbackInfo<Value>& args) {
   const int argc = args.Length();
   CHECK_GE(argc, 2);
 
-  CHECK(args[0]->IsString());
-  Local<String> source_text = args[0].As<String>();
-
-  CHECK(args[1]->IsString());
-  Local<String> url = args[1].As<String>();
-
   Local<Context> context;
   Local<Integer> line_offset;
   Local<Integer> column_offset;
@@ -143,8 +140,7 @@ void ModuleWrap::New(const FunctionCallbackInfo<Value>& args) {
     column_offset = Integer::New(isolate, 0);
   }
 
-  ShouldNotAbortOnUncaughtScope no_abort_scope(env);
-  TryCatchScope try_catch(env);
+  Local<String> url;
   Local<Module> module;
 
   Local<PrimitiveArray> host_defined_options =
@@ -152,29 +148,60 @@ void ModuleWrap::New(const FunctionCallbackInfo<Value>& args) {
   host_defined_options->Set(isolate, HostDefinedOptions::kType,
                             Number::New(isolate, ScriptType::kModule));
 
-  // compile
-  {
-    ScriptOrigin origin(url,
-                        line_offset,                          // line offset
-                        column_offset,                        // column offset
-                        True(isolate),                        // is cross origin
-                        Local<Integer>(),                     // script id
-                        Local<Value>(),                       // source map URL
-                        False(isolate),                       // is opaque (?)
-                        False(isolate),                       // is WASM
-                        True(isolate),                        // is ES Module
-                        host_defined_options);
-    Context::Scope context_scope(context);
-    ScriptCompiler::Source source(source_text, origin);
-    if (!ScriptCompiler::CompileModule(isolate, &source).ToLocal(&module)) {
-      if (try_catch.HasCaught() && !try_catch.HasTerminated()) {
-        CHECK(!try_catch.Message().IsEmpty());
-        CHECK(!try_catch.Exception().IsEmpty());
-        AppendExceptionLine(env, try_catch.Exception(), try_catch.Message(),
-                            ErrorHandlingMode::MODULE_ERROR);
-        try_catch.ReThrow();
+  // new ModuleWrap(syntheticExecutionFunction, export_names, url)
+  bool synthetic = args[0]->IsFunction();
+  if (synthetic) {
+    CHECK(args[1]->IsArray());
+    Local<Array> export_names_arr = args[1].As<Array>();
+
+    uint32_t len = export_names_arr->Length();
+    std::vector<Local<String>> export_names(len);
+    for (uint32_t i = 0; i < len; i++) {
+      Local<Value> export_name_val =
+          export_names_arr->Get(context, i).ToLocalChecked();
+      CHECK(export_name_val->IsString());
+      export_names[i] = export_name_val.As<String>();
+    }
+
+    CHECK(args[2]->IsString());
+    url = args[2].As<String>();
+
+    module = Module::CreateSyntheticModule(isolate, url, export_names,
+        SyntheticModuleEvaluationStepsCallback);
+  // Compile
+  } else {
+    CHECK(args[0]->IsString());
+    Local<String> source_text = args[0].As<String>();
+
+    CHECK(args[1]->IsString());
+    url = args[1].As<String>();
+
+    ShouldNotAbortOnUncaughtScope no_abort_scope(env);
+    TryCatchScope try_catch(env);
+
+    {
+      ScriptOrigin origin(url,
+                          line_offset,                      // line offset
+                          column_offset,                    // column offset
+                          True(isolate),                    // is cross origin
+                          Local<Integer>(),                 // script id
+                          Local<Value>(),                   // source map URL
+                          False(isolate),                   // is opaque (?)
+                          False(isolate),                   // is WASM
+                          True(isolate),                    // is ES Module
+                          host_defined_options);
+      Context::Scope context_scope(context);
+      ScriptCompiler::Source source(source_text, origin);
+      if (!ScriptCompiler::CompileModule(isolate, &source).ToLocal(&module)) {
+        if (try_catch.HasCaught() && !try_catch.HasTerminated()) {
+          CHECK(!try_catch.Message().IsEmpty());
+          CHECK(!try_catch.Exception().IsEmpty());
+          AppendExceptionLine(env, try_catch.Exception(), try_catch.Message(),
+                              ErrorHandlingMode::MODULE_ERROR);
+          try_catch.ReThrow();
+        }
+        return;
       }
-      return;
     }
   }
 
@@ -183,6 +210,13 @@ void ModuleWrap::New(const FunctionCallbackInfo<Value>& args) {
   }
 
   ModuleWrap* obj = new ModuleWrap(env, that, module, url);
+
+  if (synthetic) {
+    obj->synthetic_ = true;
+    obj->synthetic_evaluation_steps_.Reset(
+        env->isolate(), args[0].As<Function>());
+  }
+
   obj->context_.Reset(isolate, context);
 
   env->hash_to_module_map.emplace(module->GetIdentityHash(), obj);
@@ -307,6 +341,10 @@ void ModuleWrap::Evaluate(const FunctionCallbackInfo<Value>& args) {
     result = module->Evaluate(context);
   }
 
+  if (result.IsEmpty()) {
+    CHECK(try_catch.HasCaught());
+  }
+
   // Convert the termination exception into a regular exception.
   if (timed_out || received_signal) {
     if (!env->is_main_thread() && env->is_stopping())
@@ -1295,7 +1333,7 @@ static MaybeLocal<Promise> ImportModuleDynamically(
   Local<Value> result;
   if (import_callback->Call(
         context,
-        v8::Undefined(iso),
+        Undefined(iso),
         arraysize(import_args),
         import_args).ToLocal(&result)) {
     CHECK(result->IsPromise());
@@ -1355,6 +1393,52 @@ void ModuleWrap::SetInitializeImportMetaObjectCallback(
       HostInitializeImportMetaObjectCallback);
 }
 
+MaybeLocal<Value> ModuleWrap::SyntheticModuleEvaluationStepsCallback(
+    Local<Context> context, Local<Module> module) {
+  Environment* env = Environment::GetCurrent(context);
+  Isolate* isolate = env->isolate();
+
+  ModuleWrap* obj = GetFromModule(env, module);
+
+  TryCatchScope try_catch(env);
+  Local<Function> synthetic_evaluation_steps =
+      obj->synthetic_evaluation_steps_.Get(isolate);
+  MaybeLocal<Value> ret = synthetic_evaluation_steps->Call(context,
+      obj->object(), 0, nullptr);
+  if (ret.IsEmpty()) {
+    CHECK(try_catch.HasCaught());
+  }
+  obj->synthetic_evaluation_steps_.Reset();
+  if (try_catch.HasCaught() && !try_catch.HasTerminated()) {
+    CHECK(!try_catch.Message().IsEmpty());
+    CHECK(!try_catch.Exception().IsEmpty());
+    try_catch.ReThrow();
+    return MaybeLocal<Value>();
+  }
+  return Undefined(isolate);
+}
+
+void ModuleWrap::SetSyntheticExport(
+      const v8::FunctionCallbackInfo<v8::Value>& args) {
+  Isolate* isolate = args.GetIsolate();
+  Local<Object> that = args.This();
+
+  ModuleWrap* obj;
+  ASSIGN_OR_RETURN_UNWRAP(&obj, that);
+
+  CHECK(obj->synthetic_);
+
+  CHECK_EQ(args.Length(), 2);
+
+  CHECK(args[0]->IsString());
+  Local<String> export_name = args[0].As<String>();
+
+  Local<Value> export_value = args[1];
+
+  Local<Module> module = obj->module_.Get(isolate);
+  module->SetSyntheticModuleExport(export_name, export_value);
+}
+
 void ModuleWrap::Initialize(Local<Object> target,
                             Local<Value> unused,
                             Local<Context> context,
@@ -1369,6 +1453,7 @@ void ModuleWrap::Initialize(Local<Object> target,
   env->SetProtoMethod(tpl, "link", Link);
   env->SetProtoMethod(tpl, "instantiate", Instantiate);
   env->SetProtoMethod(tpl, "evaluate", Evaluate);
+  env->SetProtoMethod(tpl, "setExport", SetSyntheticExport);
   env->SetProtoMethodNoSideEffect(tpl, "getNamespace", GetNamespace);
   env->SetProtoMethodNoSideEffect(tpl, "getStatus", GetStatus);
   env->SetProtoMethodNoSideEffect(tpl, "getError", GetError);
diff --git a/src/module_wrap.h b/src/module_wrap.h
index 9e2aa3b9489dd3..ef20d255e916da 100644
--- a/src/module_wrap.h
+++ b/src/module_wrap.h
@@ -69,12 +69,19 @@ class ModuleWrap : public BaseObject {
       const v8::FunctionCallbackInfo<v8::Value>& args);
   static void SetInitializeImportMetaObjectCallback(
       const v8::FunctionCallbackInfo<v8::Value>& args);
+  static v8::MaybeLocal<v8::Value> SyntheticModuleEvaluationStepsCallback(
+      v8::Local<v8::Context> context, v8::Local<v8::Module> module);
+  static void SetSyntheticExport(
+      const v8::FunctionCallbackInfo<v8::Value>& args);
+
   static v8::MaybeLocal<v8::Module> ResolveCallback(
       v8::Local<v8::Context> context,
       v8::Local<v8::String> specifier,
       v8::Local<v8::Module> referrer);
   static ModuleWrap* GetFromModule(node::Environment*, v8::Local<v8::Module>);
 
+  v8::Global<v8::Function> synthetic_evaluation_steps_;
+  bool synthetic_ = false;
   v8::Global<v8::Module> module_;
   v8::Global<v8::String> url_;
   bool linked_ = false;

From a240d45d1acdd4af897f8ab6846fec44cb867126 Mon Sep 17 00:00:00 2001
From: ZYSzys <zyszys98@gmail.com>
Date: Thu, 3 Oct 2019 01:19:05 +0800
Subject: [PATCH 53/65] http2: support passing options of http2.connect to
 net.connect

PR-URL: https://github.com/nodejs/node/pull/29816
Fixes: https://github.com/nodejs/node/issues/29811
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Jiawen Geng <technicalcute@gmail.com>
---
 lib/internal/http2/core.js                  |  2 +-
 test/parallel/test-http2-client-port-80.js  |  2 +-
 test/parallel/test-http2-connect-options.js | 42 +++++++++++++++++++++
 3 files changed, 44 insertions(+), 2 deletions(-)
 create mode 100644 test/parallel/test-http2-connect-options.js

diff --git a/lib/internal/http2/core.js b/lib/internal/http2/core.js
index 5925cbfefc52d9..73dc6a41e9930a 100644
--- a/lib/internal/http2/core.js
+++ b/lib/internal/http2/core.js
@@ -2920,7 +2920,7 @@ function connect(authority, options, listener) {
   } else {
     switch (protocol) {
       case 'http:':
-        socket = net.connect(options.port || port, options.host || host);
+        socket = net.connect({ port, host, ...options });
         break;
       case 'https:':
         socket = tls.connect(port, host, initializeTLSOptions(options, host));
diff --git a/test/parallel/test-http2-client-port-80.js b/test/parallel/test-http2-client-port-80.js
index fc82e231f6af8f..a286dbf6a725d8 100644
--- a/test/parallel/test-http2-client-port-80.js
+++ b/test/parallel/test-http2-client-port-80.js
@@ -11,7 +11,7 @@ const net = require('net');
 
 const connect = net.connect;
 net.connect = common.mustCall((...args) => {
-  assert.strictEqual(args[0], '80');
+  assert.strictEqual(args[0].port, '80');
   return connect(...args);
 });
 
diff --git a/test/parallel/test-http2-connect-options.js b/test/parallel/test-http2-connect-options.js
new file mode 100644
index 00000000000000..1a7987621ab34e
--- /dev/null
+++ b/test/parallel/test-http2-connect-options.js
@@ -0,0 +1,42 @@
+// Flags: --expose-internals
+'use strict';
+const common = require('../common');
+if (!common.hasCrypto)
+  common.skip('missing crypto');
+
+if (!common.hasMultiLocalhost())
+  common.skip('platform-specific test.');
+
+const http2 = require('http2');
+const assert = require('assert');
+
+const server = http2.createServer((req, res) => {
+  console.log(`Connect from: ${req.connection.remoteAddress}`);
+  assert.strictEqual(req.connection.remoteAddress, '127.0.0.2');
+
+  req.on('end', common.mustCall(() => {
+    res.writeHead(200, { 'Content-Type': 'text/plain' });
+    res.end(`You are from: ${req.connection.remoteAddress}`);
+  }));
+  req.resume();
+});
+
+server.listen(0, '127.0.0.1', common.mustCall(() => {
+  const options = { localAddress: '127.0.0.2' };
+
+  const client = http2.connect(
+    'http://localhost:' + server.address().port,
+    options
+  );
+  const req = client.request({
+    ':path': '/'
+  });
+  req.on('data', () => req.resume());
+  req.on('end', common.mustCall(function() {
+    client.close();
+    req.close();
+    server.close();
+    process.exit();
+  }));
+  req.end();
+}));

From f566cd5801f081c193d65e73a1b6e7614266c12f Mon Sep 17 00:00:00 2001
From: Jakob Krigovsky <jakob@krigovsky.com>
Date: Fri, 4 Oct 2019 13:38:34 +0200
Subject: [PATCH 54/65] doc: remove misleading paragraph about the Legacy URL
 API

The Legacy URL API is deprecated, see:

- https://nodejs.org/api/url.html#url_legacy_url_api
- https://nodejs.org/api/deprecations.html#
deprecations_dep0116_legacy_url_api

PR-URL: https://github.com/nodejs/node/pull/29844
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: David Carlier <devnexen@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anto Aravinth <anto.aravinth.cse@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Minwoo Jung <minwoo@nodesource.com>
---
 doc/api/url.md | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/doc/api/url.md b/doc/api/url.md
index 6cb82c71676e3a..3583d3107491b6 100644
--- a/doc/api/url.md
+++ b/doc/api/url.md
@@ -21,10 +21,6 @@ The `url` module provides two APIs for working with URLs: a legacy API that is
 Node.js specific, and a newer API that implements the same
 [WHATWG URL Standard][] used by web browsers.
 
-While the Legacy API has not been deprecated, it is maintained solely for
-backwards compatibility with existing applications. New application code
-should use the WHATWG API.
-
 A comparison between the WHATWG and Legacy APIs is provided below. Above the URL
 `'http://user:pass@sub.example.com:8080/p/a/t/h?query=string#hash'`, properties
 of an object returned by the legacy `url.parse()` are shown. Below it are

From b76a2e502c6f227f7df5f35ac3bbb0dcb2a8372d Mon Sep 17 00:00:00 2001
From: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Date: Tue, 27 Aug 2019 17:14:27 -0700
Subject: [PATCH 55/65] fs: introduce `opendir()` and `fs.Dir`

This adds long-requested methods for asynchronously interacting and
iterating through directory entries by using `uv_fs_opendir`,
`uv_fs_readdir`, and `uv_fs_closedir`.

`fs.opendir()` and friends return an `fs.Dir`, which contains methods
for doing reads and cleanup. `fs.Dir` also has the async iterator
symbol exposed.

The `read()` method and friends only return `fs.Dirent`s for this API.
Having a entry type or doing a `stat` call is deemed to be necessary in
the majority of cases, so just returning dirents seems like the logical
choice for a new api.

Reading when there are no more entries returns `null` instead of a
dirent. However the async iterator hides that (and does automatic
cleanup).

The code lives in separate files from the rest of fs, this is done
partially to prevent over-pollution of those (already very large)
files, but also in the case of js allows loading into `fsPromises`.

Due to async_hooks, this introduces a new handle type of `DIRHANDLE`.

This PR does not attempt to make complete optimization of
this feature. Notable future improvements include:
- Moving promise work into C++ land like FileHandle.
- Possibly adding `readv()` to do multi-entry directory reads.
- Aliasing `fs.readdir` to `fs.scandir` and doing a deprecation.

Refs: https://github.com/nodejs/node-v0.x-archive/issues/388
Refs: https://github.com/nodejs/node/issues/583
Refs: https://github.com/libuv/libuv/pull/2057

PR-URL: https://github.com/nodejs/node/pull/29349
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: David Carlier <devnexen@gmail.com>
---
 doc/api/errors.md                             |   6 +
 doc/api/fs.md                                 | 216 ++++++++++-
 lib/fs.js                                     |  27 +-
 lib/internal/errors.js                        |   1 +
 lib/internal/fs/dir.js                        | 201 ++++++++++
 lib/internal/fs/promises.js                   |   2 +
 lib/internal/fs/utils.js                      |  52 ++-
 node.gyp                                      |   3 +
 src/async_wrap.h                              |   1 +
 src/env.h                                     |   1 +
 src/node_binding.cc                           |   1 +
 src/node_dir.cc                               | 350 ++++++++++++++++++
 src/node_dir.h                                |  60 +++
 src/node_file.cc                              |  90 -----
 src/node_file.h                               |  89 +++++
 test/parallel/test-bootstrap-modules.js       |   2 +
 test/parallel/test-fs-opendir.js              | 174 +++++++++
 test/sequential/test-async-wrap-getasyncid.js |   7 +
 tools/doc/type-parser.js                      |   1 +
 19 files changed, 1165 insertions(+), 119 deletions(-)
 create mode 100644 lib/internal/fs/dir.js
 create mode 100644 src/node_dir.cc
 create mode 100644 src/node_dir.h
 create mode 100644 test/parallel/test-fs-opendir.js

diff --git a/doc/api/errors.md b/doc/api/errors.md
index 4b92452cd362a0..329c369d152a30 100644
--- a/doc/api/errors.md
+++ b/doc/api/errors.md
@@ -824,6 +824,11 @@ A signing `key` was not provided to the [`sign.sign()`][] method.
 [`crypto.timingSafeEqual()`][] was called with `Buffer`, `TypedArray`, or
 `DataView` arguments of different lengths.
 
+<a id="ERR_DIR_CLOSED"></a>
+### ERR_DIR_CLOSED
+
+The [`fs.Dir`][] was previously closed.
+
 <a id="ERR_DNS_SET_SERVERS_FAILED"></a>
 ### ERR_DNS_SET_SERVERS_FAILED
 
@@ -2380,6 +2385,7 @@ such as `process.stdout.on('data')`.
 [`dgram.disconnect()`]: dgram.html#dgram_socket_disconnect
 [`dgram.remoteAddress()`]: dgram.html#dgram_socket_remoteaddress
 [`errno`(3) man page]: http://man7.org/linux/man-pages/man3/errno.3.html
+[`fs.Dir`]: fs.html#fs_class_fs_dir
 [`fs.readFileSync`]: fs.html#fs_fs_readfilesync_path_options
 [`fs.readdir`]: fs.html#fs_fs_readdir_path_options_callback
 [`fs.symlink()`]: fs.html#fs_fs_symlink_target_path_type_callback
diff --git a/doc/api/fs.md b/doc/api/fs.md
index c22e169f1c3937..a6736d127e9bbc 100644
--- a/doc/api/fs.md
+++ b/doc/api/fs.md
@@ -284,13 +284,148 @@ synchronous use libuv's threadpool, which can have surprising and negative
 performance implications for some applications. See the
 [`UV_THREADPOOL_SIZE`][] documentation for more information.
 
+## Class fs.Dir
+<!-- YAML
+added: REPLACEME
+-->
+
+A class representing a directory stream.
+
+Created by [`fs.opendir()`][], [`fs.opendirSync()`][], or [`fsPromises.opendir()`][].
+
+Example using async interation:
+
+```js
+const fs = require('fs');
+
+async function print(path) {
+  const dir = await fs.promises.opendir(path);
+  for await (const dirent of dir) {
+    console.log(dirent.name);
+  }
+}
+print('./').catch(console.error);
+```
+
+### dir.path
+<!-- YAML
+added: REPLACEME
+-->
+
+* {string}
+
+The read-only path of this directory as was provided to [`fs.opendir()`][],
+[`fs.opendirSync()`][], or [`fsPromises.opendir()`][].
+
+### dir.close()
+<!-- YAML
+added: REPLACEME
+-->
+
+* Returns: {Promise}
+
+Asynchronously close the directory's underlying resource handle.
+Subsequent reads will result in errors.
+
+A `Promise` is returned that will be resolved after the resource has been
+closed.
+
+### dir.close(callback)
+<!-- YAML
+added: REPLACEME
+-->
+
+* `callback` {Function}
+  * `err` {Error}
+
+Asynchronously close the directory's underlying resource handle.
+Subsequent reads will result in errors.
+
+The `callback` will be called after the resource handle has been closed.
+
+### dir.closeSync()
+<!-- YAML
+added: REPLACEME
+-->
+
+Synchronously close the directory's underlying resource handle.
+Subsequent reads will result in errors.
+
+### dir.read([options])
+<!-- YAML
+added: REPLACEME
+-->
+
+* `options` {Object}
+  * `encoding` {string|null} **Default:** `'utf8'`
+* Returns: {Promise} containing {fs.Dirent}
+
+Asynchronously read the next directory entry via readdir(3) as an
+[`fs.Dirent`][].
+
+A `Promise` is returned that will be resolved with a [Dirent][] after the read
+is completed.
+
+_Directory entries returned by this function are in no particular order as
+provided by the operating system's underlying directory mechanisms._
+
+### dir.read([options, ]callback)
+<!-- YAML
+added: REPLACEME
+-->
+
+* `options` {Object}
+  * `encoding` {string|null} **Default:** `'utf8'`
+* `callback` {Function}
+  * `err` {Error}
+  * `dirent` {fs.Dirent}
+
+Asynchronously read the next directory entry via readdir(3) as an
+[`fs.Dirent`][].
+
+The `callback` will be called with a [Dirent][] after the read is completed.
+
+The `encoding` option sets the encoding of the `name` in the `dirent`.
+
+_Directory entries returned by this function are in no particular order as
+provided by the operating system's underlying directory mechanisms._
+
+### dir.readSync([options])
+<!-- YAML
+added: REPLACEME
+-->
+
+* `options` {Object}
+  * `encoding` {string|null} **Default:** `'utf8'`
+* Returns: {fs.Dirent}
+
+Synchronously read the next directory entry via readdir(3) as an
+[`fs.Dirent`][].
+
+The `encoding` option sets the encoding of the `name` in the `dirent`.
+
+_Directory entries returned by this function are in no particular order as
+provided by the operating system's underlying directory mechanisms._
+
+### dir\[Symbol.asyncIterator\]()
+<!-- YAML
+added: REPLACEME
+-->
+
+* Returns: {AsyncIterator} to fully iterate over all entries in the directory.
+
+_Directory entries returned by this iterator are in no particular order as
+provided by the operating system's underlying directory mechanisms._
+
 ## Class: fs.Dirent
 <!-- YAML
 added: v10.10.0
 -->
 
-When [`fs.readdir()`][] or [`fs.readdirSync()`][] is called with the
-`withFileTypes` option set to `true`, the resulting array is filled with
+A representation of a directory entry, as returned by reading from an [`fs.Dir`][].
+
+Additionally, when [`fs.readdir()`][] or [`fs.readdirSync()`][] is called with
+the `withFileTypes` option set to `true`, the resulting array is filled with
 `fs.Dirent` objects, rather than strings or `Buffers`.
 
 ### dirent.isBlockDevice()
@@ -2505,6 +2640,46 @@ Returns an integer representing the file descriptor.
 For detailed information, see the documentation of the asynchronous version of
 this API: [`fs.open()`][].
 
+## fs.opendir(path[, options], callback)
+<!-- YAML
+added: REPLACEME
+-->
+
+* `path` {string|Buffer|URL}
+* `options` {Object}
+  * `encoding` {string|null} **Default:** `'utf8'`
+* `callback` {Function}
+  * `err` {Error}
+  * `dir` {fs.Dir}
+
+Asynchronously open a directory. See opendir(3).
+
+Creates an [`fs.Dir`][], which contains all further functions for reading from
+and cleaning up the directory.
+
+The `encoding` option sets the encoding for the `path` while opening the
+directory and subsequent read operations (unless otherwise overriden during
+reads from the directory).
+
+## fs.opendirSync(path[, options])
+<!-- YAML
+added: REPLACEME
+-->
+
+* `path` {string|Buffer|URL}
+* `options` {Object}
+  * `encoding` {string|null} **Default:** `'utf8'`
+* Returns: {fs.Dir}
+
+Synchronously open a directory. See opendir(3).
+
+Creates an [`fs.Dir`][], which contains all further functions for reading from
+and cleaning up the directory.
+
+The `encoding` option sets the encoding for the `path` while opening the
+directory and subsequent read operations (unless otherwise overriden during
+reads from the directory).
+
 ## fs.read(fd, buffer, offset, length, position, callback)
 <!-- YAML
 added: v0.0.2
@@ -4644,6 +4819,39 @@ by [Naming Files, Paths, and Namespaces][]. Under NTFS, if the filename contains
 a colon, Node.js will open a file system stream, as described by
 [this MSDN page][MSDN-Using-Streams].
 
+## fsPromises.opendir(path[, options])
+<!-- YAML
+added: REPLACEME
+-->
+
+* `path` {string|Buffer|URL}
+* `options` {Object}
+  * `encoding` {string|null} **Default:** `'utf8'`
+* Returns: {Promise} containing {fs.Dir}
+
+Asynchronously open a directory. See opendir(3).
+
+Creates an [`fs.Dir`][], which contains all further functions for reading from
+and cleaning up the directory.
+
+The `encoding` option sets the encoding for the `path` while opening the
+directory and subsequent read operations (unless otherwise overriden during
+reads from the directory).
+
+Example using async interation:
+
+```js
+const fs = require('fs');
+
+async function print(path) {
+  const dir = await fs.promises.opendir(path);
+  for await (const dirent of dir) {
+    console.log(dirent.name);
+  }
+}
+print('./').catch(console.error);
+```
+
 ### fsPromises.readdir(path[, options])
 <!-- YAML
 added: v10.0.0
@@ -5253,6 +5461,7 @@ the file contents.
 [`UV_THREADPOOL_SIZE`]: cli.html#cli_uv_threadpool_size_size
 [`WriteStream`]: #fs_class_fs_writestream
 [`event ports`]: https://illumos.org/man/port_create
+[`fs.Dir`]: #fs_class_fs_dir
 [`fs.Dirent`]: #fs_class_fs_dirent
 [`fs.FSWatcher`]: #fs_class_fs_fswatcher
 [`fs.Stats`]: #fs_class_fs_stats
@@ -5269,6 +5478,8 @@ the file contents.
 [`fs.mkdir()`]: #fs_fs_mkdir_path_options_callback
 [`fs.mkdtemp()`]: #fs_fs_mkdtemp_prefix_options_callback
 [`fs.open()`]: #fs_fs_open_path_flags_mode_callback
+[`fs.opendir()`]: #fs_fs_opendir_path_options_callback
+[`fs.opendirSync()`]: #fs_fs_opendirsync_path_options
 [`fs.read()`]: #fs_fs_read_fd_buffer_offset_length_position_callback
 [`fs.readFile()`]: #fs_fs_readfile_path_options_callback
 [`fs.readFileSync()`]: #fs_fs_readfilesync_path_options
@@ -5284,6 +5495,7 @@ the file contents.
 [`fs.write(fd, string...)`]: #fs_fs_write_fd_string_position_encoding_callback
 [`fs.writeFile()`]: #fs_fs_writefile_file_data_options_callback
 [`fs.writev()`]: #fs_fs_writev_fd_buffers_position_callback
+[`fsPromises.opendir()`]: #fs_fspromises_opendir_path_options
 [`inotify(7)`]: http://man7.org/linux/man-pages/man7/inotify.7.html
 [`kqueue(2)`]: https://www.freebsd.org/cgi/man.cgi?query=kqueue&sektion=2
 [`net.Socket`]: net.html#net_class_net_socket
diff --git a/lib/fs.js b/lib/fs.js
index 89eadf067cd2d3..4e994775a3042d 100644
--- a/lib/fs.js
+++ b/lib/fs.js
@@ -64,6 +64,7 @@ const {
   getDirents,
   getOptions,
   getValidatedPath,
+  handleErrorFromBinding,
   nullCheck,
   preprocessSymlinkDestination,
   Stats,
@@ -79,6 +80,11 @@ const {
   validateRmdirOptions,
   warnOnNonPortableTemplate
 } = require('internal/fs/utils');
+const {
+  Dir,
+  opendir,
+  opendirSync
+} = require('internal/fs/dir');
 const {
   CHAR_FORWARD_SLASH,
   CHAR_BACKWARD_SLASH,
@@ -122,23 +128,6 @@ function showTruncateDeprecation() {
   }
 }
 
-function handleErrorFromBinding(ctx) {
-  if (ctx.errno !== undefined) {  // libuv error numbers
-    const err = uvException(ctx);
-    // eslint-disable-next-line no-restricted-syntax
-    Error.captureStackTrace(err, handleErrorFromBinding);
-    throw err;
-  }
-  if (ctx.error !== undefined) {  // Errors created in C++ land.
-    // TODO(joyeecheung): currently, ctx.error are encoding errors
-    // usually caused by memory problems. We need to figure out proper error
-    // code(s) for this.
-    // eslint-disable-next-line no-restricted-syntax
-    Error.captureStackTrace(ctx.error, handleErrorFromBinding);
-    throw ctx.error;
-  }
-}
-
 function maybeCallback(cb) {
   if (typeof cb === 'function')
     return cb;
@@ -1818,7 +1807,6 @@ function createWriteStream(path, options) {
   return new WriteStream(path, options);
 }
 
-
 module.exports = fs = {
   appendFile,
   appendFileSync,
@@ -1864,6 +1852,8 @@ module.exports = fs = {
   mkdtempSync,
   open,
   openSync,
+  opendir,
+  opendirSync,
   readdir,
   readdirSync,
   read,
@@ -1897,6 +1887,7 @@ module.exports = fs = {
   writeSync,
   writev,
   writevSync,
+  Dir,
   Dirent,
   Stats,
 
diff --git a/lib/internal/errors.js b/lib/internal/errors.js
index c7e4c4783e7d2e..ad071222696a13 100644
--- a/lib/internal/errors.js
+++ b/lib/internal/errors.js
@@ -759,6 +759,7 @@ E('ERR_CRYPTO_SCRYPT_NOT_SUPPORTED', 'Scrypt algorithm not supported', Error);
 E('ERR_CRYPTO_SIGN_KEY_REQUIRED', 'No key provided to sign', Error);
 E('ERR_CRYPTO_TIMING_SAFE_EQUAL_LENGTH',
   'Input buffers must have the same byte length', RangeError);
+E('ERR_DIR_CLOSED', 'Directory handle was closed', Error);
 E('ERR_DNS_SET_SERVERS_FAILED', 'c-ares failed to set servers: "%s" [%s]',
   Error);
 E('ERR_DOMAIN_CALLBACK_NOT_AVAILABLE',
diff --git a/lib/internal/fs/dir.js b/lib/internal/fs/dir.js
new file mode 100644
index 00000000000000..c1a25f0de3cd38
--- /dev/null
+++ b/lib/internal/fs/dir.js
@@ -0,0 +1,201 @@
+'use strict';
+
+const { Object } = primordials;
+
+const pathModule = require('path');
+const binding = internalBinding('fs');
+const dirBinding = internalBinding('fs_dir');
+const {
+  codes: {
+    ERR_DIR_CLOSED,
+    ERR_INVALID_CALLBACK,
+    ERR_MISSING_ARGS
+  }
+} = require('internal/errors');
+
+const { FSReqCallback } = binding;
+const internalUtil = require('internal/util');
+const {
+  getDirent,
+  getOptions,
+  getValidatedPath,
+  handleErrorFromBinding
+} = require('internal/fs/utils');
+
+const kDirHandle = Symbol('kDirHandle');
+const kDirPath = Symbol('kDirPath');
+const kDirClosed = Symbol('kDirClosed');
+const kDirOptions = Symbol('kDirOptions');
+const kDirReadPromisified = Symbol('kDirReadPromisified');
+const kDirClosePromisified = Symbol('kDirClosePromisified');
+
+class Dir {
+  constructor(handle, path, options) {
+    if (handle == null) throw new ERR_MISSING_ARGS('handle');
+    this[kDirHandle] = handle;
+    this[kDirPath] = path;
+    this[kDirClosed] = false;
+
+    this[kDirOptions] = getOptions(options, {
+      encoding: 'utf8'
+    });
+
+    this[kDirReadPromisified] = internalUtil.promisify(this.read).bind(this);
+    this[kDirClosePromisified] = internalUtil.promisify(this.close).bind(this);
+  }
+
+  get path() {
+    return this[kDirPath];
+  }
+
+  read(options, callback) {
+    if (this[kDirClosed] === true) {
+      throw new ERR_DIR_CLOSED();
+    }
+
+    callback = typeof options === 'function' ? options : callback;
+    if (callback === undefined) {
+      return this[kDirReadPromisified](options);
+    } else if (typeof callback !== 'function') {
+      throw new ERR_INVALID_CALLBACK(callback);
+    }
+    options = getOptions(options, this[kDirOptions]);
+
+    const req = new FSReqCallback();
+    req.oncomplete = (err, result) => {
+      if (err || result === null) {
+        return callback(err, result);
+      }
+      getDirent(this[kDirPath], result[0], result[1], callback);
+    };
+
+    this[kDirHandle].read(
+      options.encoding,
+      req
+    );
+  }
+
+  readSync(options) {
+    if (this[kDirClosed] === true) {
+      throw new ERR_DIR_CLOSED();
+    }
+
+    options = getOptions(options, this[kDirOptions]);
+
+    const ctx = { path: this[kDirPath] };
+    const result = this[kDirHandle].read(
+      options.encoding,
+      undefined,
+      ctx
+    );
+    handleErrorFromBinding(ctx);
+
+    if (result === null) {
+      return result;
+    }
+
+    return getDirent(this[kDirPath], result[0], result[1]);
+  }
+
+  close(callback) {
+    if (this[kDirClosed] === true) {
+      throw new ERR_DIR_CLOSED();
+    }
+
+    if (callback === undefined) {
+      return this[kDirClosePromisified]();
+    } else if (typeof callback !== 'function') {
+      throw new ERR_INVALID_CALLBACK(callback);
+    }
+
+    this[kDirClosed] = true;
+    const req = new FSReqCallback();
+    req.oncomplete = callback;
+    this[kDirHandle].close(req);
+  }
+
+  closeSync() {
+    if (this[kDirClosed] === true) {
+      throw new ERR_DIR_CLOSED();
+    }
+
+    this[kDirClosed] = true;
+    const ctx = { path: this[kDirPath] };
+    const result = this[kDirHandle].close(undefined, ctx);
+    handleErrorFromBinding(ctx);
+    return result;
+  }
+
+  async* entries() {
+    try {
+      while (true) {
+        const result = await this[kDirReadPromisified]();
+        if (result === null) {
+          break;
+        }
+        yield result;
+      }
+    } finally {
+      await this[kDirClosePromisified]();
+    }
+  }
+}
+
+Object.defineProperty(Dir.prototype, Symbol.asyncIterator, {
+  value: Dir.prototype.entries,
+  enumerable: false,
+  writable: true,
+  configurable: true,
+});
+
+function opendir(path, options, callback) {
+  callback = typeof options === 'function' ? options : callback;
+  if (typeof callback !== 'function') {
+    throw new ERR_INVALID_CALLBACK(callback);
+  }
+  path = getValidatedPath(path);
+  options = getOptions(options, {
+    encoding: 'utf8'
+  });
+
+  function opendirCallback(error, handle) {
+    if (error) {
+      callback(error);
+    } else {
+      callback(null, new Dir(handle, path, options));
+    }
+  }
+
+  const req = new FSReqCallback();
+  req.oncomplete = opendirCallback;
+
+  dirBinding.opendir(
+    pathModule.toNamespacedPath(path),
+    options.encoding,
+    req
+  );
+}
+
+function opendirSync(path, options) {
+  path = getValidatedPath(path);
+  options = getOptions(options, {
+    encoding: 'utf8'
+  });
+
+  const ctx = { path };
+  const handle = dirBinding.opendir(
+    pathModule.toNamespacedPath(path),
+    options.encoding,
+    undefined,
+    ctx
+  );
+  handleErrorFromBinding(ctx);
+
+  return new Dir(handle, path, options);
+}
+
+module.exports = {
+  Dir,
+  opendir,
+  opendirSync
+};
diff --git a/lib/internal/fs/promises.js b/lib/internal/fs/promises.js
index a642641acf59a5..923ae97abdc26f 100644
--- a/lib/internal/fs/promises.js
+++ b/lib/internal/fs/promises.js
@@ -36,6 +36,7 @@ const {
   validateRmdirOptions,
   warnOnNonPortableTemplate
 } = require('internal/fs/utils');
+const { opendir } = require('internal/fs/dir');
 const {
   parseMode,
   validateBuffer,
@@ -500,6 +501,7 @@ module.exports = {
   access,
   copyFile,
   open,
+  opendir: promisify(opendir),
   rename,
   truncate,
   rmdir,
diff --git a/lib/internal/fs/utils.js b/lib/internal/fs/utils.js
index efb54ca393cc8a..be9ad1b9505c81 100644
--- a/lib/internal/fs/utils.js
+++ b/lib/internal/fs/utils.js
@@ -12,7 +12,8 @@ const {
     ERR_INVALID_OPT_VALUE_ENCODING,
     ERR_OUT_OF_RANGE
   },
-  hideStackFrames
+  hideStackFrames,
+  uvException
 } = require('internal/errors');
 const {
   isArrayBufferView,
@@ -165,19 +166,33 @@ function getDirents(path, [names, types], callback) {
   } else {
     const len = names.length;
     for (i = 0; i < len; i++) {
-      const type = types[i];
-      if (type === UV_DIRENT_UNKNOWN) {
-        const name = names[i];
-        const stats = lazyLoadFs().lstatSync(pathModule.join(path, name));
-        names[i] = new DirentFromStats(name, stats);
-      } else {
-        names[i] = new Dirent(names[i], types[i]);
-      }
+      names[i] = getDirent(path, names[i], types[i]);
     }
     return names;
   }
 }
 
+function getDirent(path, name, type, callback) {
+  if (typeof callback === 'function') {
+    if (type === UV_DIRENT_UNKNOWN) {
+      lazyLoadFs().lstat(pathModule.join(path, name), (err, stats) => {
+        if (err) {
+          callback(err);
+          return;
+        }
+        callback(null, new DirentFromStats(name, stats));
+      });
+    } else {
+      callback(null, new Dirent(name, type));
+    }
+  } else if (type === UV_DIRENT_UNKNOWN) {
+    const stats = lazyLoadFs().lstatSync(pathModule.join(path, name));
+    return new DirentFromStats(name, stats);
+  } else {
+    return new Dirent(name, type);
+  }
+}
+
 function getOptions(options, defaultOptions) {
   if (options === null || options === undefined ||
       typeof options === 'function') {
@@ -197,6 +212,23 @@ function getOptions(options, defaultOptions) {
   return options;
 }
 
+function handleErrorFromBinding(ctx) {
+  if (ctx.errno !== undefined) {  // libuv error numbers
+    const err = uvException(ctx);
+    // eslint-disable-next-line no-restricted-syntax
+    Error.captureStackTrace(err, handleErrorFromBinding);
+    throw err;
+  }
+  if (ctx.error !== undefined) {  // Errors created in C++ land.
+    // TODO(joyeecheung): currently, ctx.error are encoding errors
+    // usually caused by memory problems. We need to figure out proper error
+    // code(s) for this.
+    // eslint-disable-next-line no-restricted-syntax
+    Error.captureStackTrace(ctx.error, handleErrorFromBinding);
+    throw ctx.error;
+  }
+}
+
 // Check if the path contains null types if it is a string nor Uint8Array,
 // otherwise return silently.
 const nullCheck = hideStackFrames((path, propName, throwError = true) => {
@@ -559,9 +591,11 @@ module.exports = {
   BigIntStats,  // for testing
   copyObject,
   Dirent,
+  getDirent,
   getDirents,
   getOptions,
   getValidatedPath,
+  handleErrorFromBinding,
   nullCheck,
   preprocessSymlinkDestination,
   realpathCacheKey: Symbol('realpathCacheKey'),
diff --git a/node.gyp b/node.gyp
index e7d0f27410bd73..f2fcf85d74b394 100644
--- a/node.gyp
+++ b/node.gyp
@@ -121,6 +121,7 @@
       'lib/internal/fixed_queue.js',
       'lib/internal/freelist.js',
       'lib/internal/freeze_intrinsics.js',
+      'lib/internal/fs/dir.js',
       'lib/internal/fs/promises.js',
       'lib/internal/fs/read_file_context.js',
       'lib/internal/fs/rimraf.js',
@@ -526,6 +527,7 @@
         'src/node_constants.cc',
         'src/node_contextify.cc',
         'src/node_credentials.cc',
+        'src/node_dir.cc',
         'src/node_domain.cc',
         'src/node_env_var.cc',
         'src/node_errors.cc',
@@ -608,6 +610,7 @@
         'src/node_constants.h',
         'src/node_context_data.h',
         'src/node_contextify.h',
+        'src/node_dir.h',
         'src/node_errors.h',
         'src/node_file.h',
         'src/node_http_parser_impl.h',
diff --git a/src/async_wrap.h b/src/async_wrap.h
index 876bd0c3418c64..2651b5a054d554 100644
--- a/src/async_wrap.h
+++ b/src/async_wrap.h
@@ -33,6 +33,7 @@ namespace node {
 
 #define NODE_ASYNC_NON_CRYPTO_PROVIDER_TYPES(V)                               \
   V(NONE)                                                                     \
+  V(DIRHANDLE)                                                                \
   V(DNSCHANNEL)                                                               \
   V(ELDHISTOGRAM)                                                             \
   V(FILEHANDLE)                                                               \
diff --git a/src/env.h b/src/env.h
index cafe35022926ce..8e12764ea3a9a3 100644
--- a/src/env.h
+++ b/src/env.h
@@ -382,6 +382,7 @@ constexpr size_t kFsStatsBufferLength =
   V(async_wrap_ctor_template, v8::FunctionTemplate)                            \
   V(async_wrap_object_ctor_template, v8::FunctionTemplate)                     \
   V(compiled_fn_entry_template, v8::ObjectTemplate)                            \
+  V(dir_instance_template, v8::ObjectTemplate)                                 \
   V(fd_constructor_template, v8::ObjectTemplate)                               \
   V(fdclose_constructor_template, v8::ObjectTemplate)                          \
   V(filehandlereadwrap_template, v8::ObjectTemplate)                           \
diff --git a/src/node_binding.cc b/src/node_binding.cc
index fe077e1d92eebd..3a5ea646fc68d8 100644
--- a/src/node_binding.cc
+++ b/src/node_binding.cc
@@ -51,6 +51,7 @@
   V(domain)                                                                    \
   V(errors)                                                                    \
   V(fs)                                                                        \
+  V(fs_dir)                                                                    \
   V(fs_event_wrap)                                                             \
   V(heap_utils)                                                                \
   V(http2)                                                                     \
diff --git a/src/node_dir.cc b/src/node_dir.cc
new file mode 100644
index 00000000000000..c9df7e67e8323a
--- /dev/null
+++ b/src/node_dir.cc
@@ -0,0 +1,350 @@
+#include "node_dir.h"
+#include "node_process.h"
+#include "util.h"
+
+#include "tracing/trace_event.h"
+
+#include "req_wrap-inl.h"
+#include "string_bytes.h"
+
+#include <fcntl.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <cstring>
+#include <cerrno>
+#include <climits>
+
+#include <memory>
+
+namespace node {
+
+namespace fs_dir {
+
+using fs::FSReqAfterScope;
+using fs::FSReqBase;
+using fs::FSReqWrapSync;
+using fs::GetReqWrap;
+
+using v8::Array;
+using v8::Context;
+using v8::Function;
+using v8::FunctionCallbackInfo;
+using v8::FunctionTemplate;
+using v8::HandleScope;
+using v8::Integer;
+using v8::Isolate;
+using v8::Local;
+using v8::MaybeLocal;
+using v8::Null;
+using v8::Object;
+using v8::ObjectTemplate;
+using v8::String;
+using v8::Value;
+
+#define TRACE_NAME(name) "fs_dir.sync." #name
+#define GET_TRACE_ENABLED                                                      \
+  (*TRACE_EVENT_API_GET_CATEGORY_GROUP_ENABLED                                 \
+  (TRACING_CATEGORY_NODE2(fs_dir, sync)) != 0)
+#define FS_DIR_SYNC_TRACE_BEGIN(syscall, ...)                                  \
+  if (GET_TRACE_ENABLED)                                                       \
+  TRACE_EVENT_BEGIN(TRACING_CATEGORY_NODE2(fs_dir, sync), TRACE_NAME(syscall), \
+  ##__VA_ARGS__);
+#define FS_DIR_SYNC_TRACE_END(syscall, ...)                                    \
+  if (GET_TRACE_ENABLED)                                                       \
+  TRACE_EVENT_END(TRACING_CATEGORY_NODE2(fs_dir, sync), TRACE_NAME(syscall),   \
+  ##__VA_ARGS__);
+
+DirHandle::DirHandle(Environment* env, Local<Object> obj, uv_dir_t* dir)
+    : AsyncWrap(env, obj, AsyncWrap::PROVIDER_DIRHANDLE),
+      dir_(dir) {
+  MakeWeak();
+
+  dir_->nentries = 1;
+  dir_->dirents = &dirent_;
+}
+
+DirHandle* DirHandle::New(Environment* env, uv_dir_t* dir) {
+  Local<Object> obj;
+  if (!env->dir_instance_template()
+          ->NewInstance(env->context())
+          .ToLocal(&obj)) {
+    return nullptr;
+  }
+
+  return new DirHandle(env, obj, dir);
+}
+
+void DirHandle::New(const FunctionCallbackInfo<Value>& args) {
+  CHECK(args.IsConstructCall());
+}
+
+DirHandle::~DirHandle() {
+  CHECK(!closing_);  // We should not be deleting while explicitly closing!
+  GCClose();         // Close synchronously and emit warning
+  CHECK(closed_);    // We have to be closed at the point
+}
+
+// Close the directory handle if it hasn't already been closed. A process
+// warning will be emitted using a SetImmediate to avoid calling back to
+// JS during GC. If closing the fd fails at this point, a fatal exception
+// will crash the process immediately.
+inline void DirHandle::GCClose() {
+  if (closed_) return;
+  uv_fs_t req;
+  int ret = uv_fs_closedir(nullptr, &req, dir_, nullptr);
+  uv_fs_req_cleanup(&req);
+  closing_ = false;
+  closed_ = true;
+
+  struct err_detail { int ret; };
+
+  err_detail detail { ret };
+
+  if (ret < 0) {
+    // Do not unref this
+    env()->SetImmediate([detail](Environment* env) {
+      char msg[70];
+      snprintf(msg, arraysize(msg),
+              "Closing directory handle on garbage collection failed");
+      // This exception will end up being fatal for the process because
+      // it is being thrown from within the SetImmediate handler and
+      // there is no JS stack to bubble it to. In other words, tearing
+      // down the process is the only reasonable thing we can do here.
+      HandleScope handle_scope(env->isolate());
+      env->ThrowUVException(detail.ret, "close", msg);
+    });
+    return;
+  }
+
+  // If the close was successful, we still want to emit a process warning
+  // to notify that the file descriptor was gc'd. We want to be noisy about
+  // this because not explicitly closing the DirHandle is a bug.
+
+  env()->SetUnrefImmediate([](Environment* env) {
+    ProcessEmitWarning(env,
+                       "Closing directory handle on garbage collection");
+  });
+}
+
+void AfterClose(uv_fs_t* req) {
+  FSReqBase* req_wrap = FSReqBase::from_req(req);
+  FSReqAfterScope after(req_wrap, req);
+
+  if (after.Proceed())
+    req_wrap->Resolve(Undefined(req_wrap->env()->isolate()));
+}
+
+void DirHandle::Close(const FunctionCallbackInfo<Value>& args) {
+  Environment* env = Environment::GetCurrent(args);
+
+  const int argc = args.Length();
+  CHECK_GE(argc, 1);
+
+  DirHandle* dir;
+  ASSIGN_OR_RETURN_UNWRAP(&dir, args.Holder());
+
+  dir->closing_ = false;
+  dir->closed_ = true;
+
+  FSReqBase* req_wrap_async = GetReqWrap(env, args[0]);
+  if (req_wrap_async != nullptr) {  // close(req)
+    AsyncCall(env, req_wrap_async, args, "closedir", UTF8, AfterClose,
+              uv_fs_closedir, dir->dir());
+  } else {  // close(undefined, ctx)
+    CHECK_EQ(argc, 2);
+    FSReqWrapSync req_wrap_sync;
+    FS_DIR_SYNC_TRACE_BEGIN(closedir);
+    SyncCall(env, args[1], &req_wrap_sync, "closedir", uv_fs_closedir,
+             dir->dir());
+    FS_DIR_SYNC_TRACE_END(closedir);
+  }
+}
+
+void AfterDirReadSingle(uv_fs_t* req) {
+  FSReqBase* req_wrap = FSReqBase::from_req(req);
+  FSReqAfterScope after(req_wrap, req);
+
+  if (!after.Proceed()) {
+    return;
+  }
+
+  Environment* env = req_wrap->env();
+  Isolate* isolate = env->isolate();
+  Local<Value> error;
+
+  if (req->result == 0) {
+    // Done
+    Local<Value> done = Null(isolate);
+    req_wrap->Resolve(done);
+    return;
+  }
+
+  uv_dir_t* dir = static_cast<uv_dir_t*>(req->ptr);
+  req->ptr = nullptr;
+
+  // Single entries are returned without an array wrapper
+  const uv_dirent_t& ent = dir->dirents[0];
+
+  MaybeLocal<Value> filename =
+    StringBytes::Encode(isolate,
+                        ent.name,
+                        req_wrap->encoding(),
+                        &error);
+  if (filename.IsEmpty())
+    return req_wrap->Reject(error);
+
+
+  Local<Array> result = Array::New(isolate, 2);
+  result->Set(env->context(),
+              0,
+              filename.ToLocalChecked()).FromJust();
+  result->Set(env->context(),
+              1,
+              Integer::New(isolate, ent.type)).FromJust();
+  req_wrap->Resolve(result);
+}
+
+
+void DirHandle::Read(const FunctionCallbackInfo<Value>& args) {
+  Environment* env = Environment::GetCurrent(args);
+  Isolate* isolate = env->isolate();
+
+  const int argc = args.Length();
+  CHECK_GE(argc, 2);
+
+  const enum encoding encoding = ParseEncoding(isolate, args[0], UTF8);
+
+  DirHandle* dir;
+  ASSIGN_OR_RETURN_UNWRAP(&dir, args.Holder());
+
+  FSReqBase* req_wrap_async = static_cast<FSReqBase*>(GetReqWrap(env, args[1]));
+  if (req_wrap_async != nullptr) {  // dir.read(encoding, req)
+    AsyncCall(env, req_wrap_async, args, "readdir", encoding,
+              AfterDirReadSingle, uv_fs_readdir, dir->dir());
+  } else {  // dir.read(encoding, undefined, ctx)
+    CHECK_EQ(argc, 3);
+    FSReqWrapSync req_wrap_sync;
+    FS_DIR_SYNC_TRACE_BEGIN(readdir);
+    int err = SyncCall(env, args[2], &req_wrap_sync, "readdir", uv_fs_readdir,
+                       dir->dir());
+    FS_DIR_SYNC_TRACE_END(readdir);
+    if (err < 0) {
+      return;  // syscall failed, no need to continue, error info is in ctx
+    }
+
+    if (req_wrap_sync.req.result == 0) {
+      // Done
+      Local<Value> done = Null(isolate);
+      args.GetReturnValue().Set(done);
+      return;
+    }
+
+    CHECK_GE(req_wrap_sync.req.result, 0);
+    const uv_dirent_t& ent = dir->dir()->dirents[0];
+
+    Local<Value> error;
+    MaybeLocal<Value> filename =
+      StringBytes::Encode(isolate,
+                          ent.name,
+                          encoding,
+                          &error);
+    if (filename.IsEmpty()) {
+      Local<Object> ctx = args[2].As<Object>();
+      ctx->Set(env->context(), env->error_string(), error).FromJust();
+      return;
+    }
+
+    Local<Array> result = Array::New(isolate, 2);
+    result->Set(env->context(),
+                0,
+                filename.ToLocalChecked()).FromJust();
+    result->Set(env->context(),
+                1,
+                Integer::New(isolate, ent.type)).FromJust();
+    args.GetReturnValue().Set(result);
+  }
+}
+
+void AfterOpenDir(uv_fs_t* req) {
+  FSReqBase* req_wrap = FSReqBase::from_req(req);
+  FSReqAfterScope after(req_wrap, req);
+
+  if (!after.Proceed()) {
+    return;
+  }
+
+  Environment* env = req_wrap->env();
+  Local<Value> error;
+
+  uv_dir_t* dir = static_cast<uv_dir_t*>(req->ptr);
+  DirHandle* handle = DirHandle::New(env, dir);
+
+  req_wrap->Resolve(handle->object().As<Value>());
+}
+
+static void OpenDir(const FunctionCallbackInfo<Value>& args) {
+  Environment* env = Environment::GetCurrent(args);
+  Isolate* isolate = env->isolate();
+
+  const int argc = args.Length();
+  CHECK_GE(argc, 3);
+
+  BufferValue path(isolate, args[0]);
+  CHECK_NOT_NULL(*path);
+
+  const enum encoding encoding = ParseEncoding(isolate, args[1], UTF8);
+
+  FSReqBase* req_wrap_async = static_cast<FSReqBase*>(GetReqWrap(env, args[2]));
+  if (req_wrap_async != nullptr) {  // openDir(path, encoding, req)
+    AsyncCall(env, req_wrap_async, args, "opendir", encoding, AfterOpenDir,
+              uv_fs_opendir, *path);
+  } else {  // openDir(path, encoding, undefined, ctx)
+    CHECK_EQ(argc, 4);
+    FSReqWrapSync req_wrap_sync;
+    FS_DIR_SYNC_TRACE_BEGIN(opendir);
+    int result = SyncCall(env, args[3], &req_wrap_sync, "opendir",
+                          uv_fs_opendir, *path);
+    FS_DIR_SYNC_TRACE_END(opendir);
+    if (result < 0) {
+      return;  // syscall failed, no need to continue, error info is in ctx
+    }
+
+    uv_fs_t* req = &req_wrap_sync.req;
+    uv_dir_t* dir = static_cast<uv_dir_t*>(req->ptr);
+    DirHandle* handle = DirHandle::New(env, dir);
+
+    args.GetReturnValue().Set(handle->object().As<Value>());
+  }
+}
+
+void Initialize(Local<Object> target,
+                Local<Value> unused,
+                Local<Context> context,
+                void* priv) {
+  Environment* env = Environment::GetCurrent(context);
+  Isolate* isolate = env->isolate();
+
+  env->SetMethod(target, "opendir", OpenDir);
+
+  // Create FunctionTemplate for DirHandle
+  Local<FunctionTemplate> dir = env->NewFunctionTemplate(DirHandle::New);
+  dir->Inherit(AsyncWrap::GetConstructorTemplate(env));
+  env->SetProtoMethod(dir, "read", DirHandle::Read);
+  env->SetProtoMethod(dir, "close", DirHandle::Close);
+  Local<ObjectTemplate> dirt = dir->InstanceTemplate();
+  dirt->SetInternalFieldCount(DirHandle::kDirHandleFieldCount);
+  Local<String> handleString =
+       FIXED_ONE_BYTE_STRING(isolate, "DirHandle");
+  dir->SetClassName(handleString);
+  target
+      ->Set(context, handleString,
+            dir->GetFunction(env->context()).ToLocalChecked())
+      .FromJust();
+  env->set_dir_instance_template(dirt);
+}
+
+}  // namespace fs_dir
+
+}  // end namespace node
+
+NODE_MODULE_CONTEXT_AWARE_INTERNAL(fs_dir, node::fs_dir::Initialize)
diff --git a/src/node_dir.h b/src/node_dir.h
new file mode 100644
index 00000000000000..e099fe55107064
--- /dev/null
+++ b/src/node_dir.h
@@ -0,0 +1,60 @@
+#ifndef SRC_NODE_DIR_H_
+#define SRC_NODE_DIR_H_
+
+#if defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS
+
+#include "node_file.h"
+#include "node.h"
+#include "req_wrap-inl.h"
+
+namespace node {
+
+namespace fs_dir {
+
+// Needed to propagate `uv_dir_t`.
+class DirHandle : public AsyncWrap {
+ public:
+  static constexpr int kDirHandleFieldCount = 1;
+
+  static DirHandle* New(Environment* env, uv_dir_t* dir);
+  ~DirHandle() override;
+
+  static void New(const v8::FunctionCallbackInfo<v8::Value>& args);
+  static void Open(const v8::FunctionCallbackInfo<Value>& args);
+  static void Read(const v8::FunctionCallbackInfo<Value>& args);
+  static void Close(const v8::FunctionCallbackInfo<Value>& args);
+
+  inline uv_dir_t* dir() { return dir_; }
+  AsyncWrap* GetAsyncWrap() { return this; }
+
+  void MemoryInfo(MemoryTracker* tracker) const override {
+    tracker->TrackFieldWithSize("dir", sizeof(*dir_));
+  }
+
+  SET_MEMORY_INFO_NAME(DirHandle)
+  SET_SELF_SIZE(DirHandle)
+
+  DirHandle(const DirHandle&) = delete;
+  DirHandle& operator=(const DirHandle&) = delete;
+  DirHandle(const DirHandle&&) = delete;
+  DirHandle& operator=(const DirHandle&&) = delete;
+
+ private:
+  DirHandle(Environment* env, v8::Local<v8::Object> obj, uv_dir_t* dir);
+
+  // Synchronous close that emits a warning
+  void GCClose();
+
+  uv_dir_t* dir_;
+  uv_dirent_t dirent_;
+  bool closing_ = false;
+  bool closed_ = false;
+};
+
+}  // namespace fs_dir
+
+}  // namespace node
+
+#endif  // defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS
+
+#endif  // SRC_NODE_DIR_H_
diff --git a/src/node_file.cc b/src/node_file.cc
index 185c7085170e27..fcb621ea761910 100644
--- a/src/node_file.cc
+++ b/src/node_file.cc
@@ -52,11 +52,9 @@ namespace node {
 namespace fs {
 
 using v8::Array;
-using v8::BigUint64Array;
 using v8::Context;
 using v8::DontDelete;
 using v8::EscapableHandleScope;
-using v8::Float64Array;
 using v8::Function;
 using v8::FunctionCallbackInfo;
 using v8::FunctionTemplate;
@@ -678,94 +676,6 @@ void AfterScanDirWithTypes(uv_fs_t* req) {
   req_wrap->Resolve(result);
 }
 
-
-// This class is only used on sync fs calls.
-// For async calls FSReqCallback is used.
-class FSReqWrapSync {
- public:
-  FSReqWrapSync() = default;
-  ~FSReqWrapSync() { uv_fs_req_cleanup(&req); }
-  uv_fs_t req;
-
-  FSReqWrapSync(const FSReqWrapSync&) = delete;
-  FSReqWrapSync& operator=(const FSReqWrapSync&) = delete;
-};
-
-// Returns nullptr if the operation fails from the start.
-template <typename Func, typename... Args>
-inline FSReqBase* AsyncDestCall(Environment* env,
-    FSReqBase* req_wrap,
-    const FunctionCallbackInfo<Value>& args,
-    const char* syscall, const char* dest, size_t len,
-    enum encoding enc, uv_fs_cb after, Func fn, Args... fn_args) {
-  CHECK_NOT_NULL(req_wrap);
-  req_wrap->Init(syscall, dest, len, enc);
-  int err = req_wrap->Dispatch(fn, fn_args..., after);
-  if (err < 0) {
-    uv_fs_t* uv_req = req_wrap->req();
-    uv_req->result = err;
-    uv_req->path = nullptr;
-    after(uv_req);  // after may delete req_wrap if there is an error
-    req_wrap = nullptr;
-  } else {
-    req_wrap->SetReturnValue(args);
-  }
-
-  return req_wrap;
-}
-
-// Returns nullptr if the operation fails from the start.
-template <typename Func, typename... Args>
-inline FSReqBase* AsyncCall(Environment* env,
-    FSReqBase* req_wrap,
-    const FunctionCallbackInfo<Value>& args,
-    const char* syscall, enum encoding enc,
-    uv_fs_cb after, Func fn, Args... fn_args) {
-  return AsyncDestCall(env, req_wrap, args,
-                       syscall, nullptr, 0, enc,
-                       after, fn, fn_args...);
-}
-
-// Template counterpart of SYNC_CALL, except that it only puts
-// the error number and the syscall in the context instead of
-// creating an error in the C++ land.
-// ctx must be checked using value->IsObject() before being passed.
-template <typename Func, typename... Args>
-inline int SyncCall(Environment* env, Local<Value> ctx, FSReqWrapSync* req_wrap,
-    const char* syscall, Func fn, Args... args) {
-  env->PrintSyncTrace();
-  int err = fn(env->event_loop(), &(req_wrap->req), args..., nullptr);
-  if (err < 0) {
-    Local<Context> context = env->context();
-    Local<Object> ctx_obj = ctx.As<Object>();
-    Isolate* isolate = env->isolate();
-    ctx_obj->Set(context,
-             env->errno_string(),
-             Integer::New(isolate, err)).Check();
-    ctx_obj->Set(context,
-             env->syscall_string(),
-             OneByteString(isolate, syscall)).Check();
-  }
-  return err;
-}
-
-// TODO(addaleax): Currently, callers check the return value and assume
-// that nullptr indicates a synchronous call, rather than a failure.
-// Failure conditions should be disambiguated and handled appropriately.
-inline FSReqBase* GetReqWrap(Environment* env, Local<Value> value,
-                             bool use_bigint = false) {
-  if (value->IsObject()) {
-    return Unwrap<FSReqBase>(value.As<Object>());
-  } else if (value->StrictEquals(env->fs_use_promises_symbol())) {
-    if (use_bigint) {
-      return FSReqPromise<AliasedBigUint64Array>::New(env, use_bigint);
-    } else {
-      return FSReqPromise<AliasedFloat64Array>::New(env, use_bigint);
-    }
-  }
-  return nullptr;
-}
-
 void Access(const FunctionCallbackInfo<Value>& args) {
   Environment* env = Environment::GetCurrent(args);
   Isolate* isolate = env->isolate();
diff --git a/src/node_file.h b/src/node_file.h
index 2ea5af025d1c2c..84f4032cc2f6a3 100644
--- a/src/node_file.h
+++ b/src/node_file.h
@@ -4,7 +4,9 @@
 #if defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS
 
 #include "node.h"
+#include "aliased_buffer.h"
 #include "stream_base.h"
+#include "memory_tracker-inl.h"
 #include "req_wrap-inl.h"
 #include <iostream>
 
@@ -450,6 +452,93 @@ int MKDirpSync(uv_loop_t* loop,
                const std::string& path,
                int mode,
                uv_fs_cb cb = nullptr);
+
+class FSReqWrapSync {
+ public:
+  FSReqWrapSync() = default;
+  ~FSReqWrapSync() { uv_fs_req_cleanup(&req); }
+  uv_fs_t req;
+
+  FSReqWrapSync(const FSReqWrapSync&) = delete;
+  FSReqWrapSync& operator=(const FSReqWrapSync&) = delete;
+};
+
+// TODO(addaleax): Currently, callers check the return value and assume
+// that nullptr indicates a synchronous call, rather than a failure.
+// Failure conditions should be disambiguated and handled appropriately.
+inline FSReqBase* GetReqWrap(Environment* env, v8::Local<v8::Value> value,
+                             bool use_bigint = false) {
+  if (value->IsObject()) {
+    return Unwrap<FSReqBase>(value.As<Object>());
+  } else if (value->StrictEquals(env->fs_use_promises_symbol())) {
+    if (use_bigint) {
+      return FSReqPromise<AliasedBigUint64Array>::New(env, use_bigint);
+    } else {
+      return FSReqPromise<AliasedFloat64Array>::New(env, use_bigint);
+    }
+  }
+  return nullptr;
+}
+
+// Returns nullptr if the operation fails from the start.
+template <typename Func, typename... Args>
+inline FSReqBase* AsyncDestCall(Environment* env, FSReqBase* req_wrap,
+                                const v8::FunctionCallbackInfo<Value>& args,
+                                const char* syscall, const char* dest,
+                                size_t len, enum encoding enc, uv_fs_cb after,
+                                Func fn, Args... fn_args) {
+  CHECK_NOT_NULL(req_wrap);
+  req_wrap->Init(syscall, dest, len, enc);
+  int err = req_wrap->Dispatch(fn, fn_args..., after);
+  if (err < 0) {
+    uv_fs_t* uv_req = req_wrap->req();
+    uv_req->result = err;
+    uv_req->path = nullptr;
+    after(uv_req);  // after may delete req_wrap if there is an error
+    req_wrap = nullptr;
+  } else {
+    req_wrap->SetReturnValue(args);
+  }
+
+  return req_wrap;
+}
+
+// Returns nullptr if the operation fails from the start.
+template <typename Func, typename... Args>
+inline FSReqBase* AsyncCall(Environment* env,
+                            FSReqBase* req_wrap,
+                            const v8::FunctionCallbackInfo<Value>& args,
+                            const char* syscall, enum encoding enc,
+                            uv_fs_cb after, Func fn, Args... fn_args) {
+  return AsyncDestCall(env, req_wrap, args,
+                       syscall, nullptr, 0, enc,
+                       after, fn, fn_args...);
+}
+
+// Template counterpart of SYNC_CALL, except that it only puts
+// the error number and the syscall in the context instead of
+// creating an error in the C++ land.
+// ctx must be checked using value->IsObject() before being passed.
+template <typename Func, typename... Args>
+inline int SyncCall(Environment* env, v8::Local<v8::Value> ctx,
+                    FSReqWrapSync* req_wrap, const char* syscall,
+                    Func fn, Args... args) {
+  env->PrintSyncTrace();
+  int err = fn(env->event_loop(), &(req_wrap->req), args..., nullptr);
+  if (err < 0) {
+    v8::Local<Context> context = env->context();
+    v8::Local<Object> ctx_obj = ctx.As<v8::Object>();
+    v8::Isolate* isolate = env->isolate();
+    ctx_obj->Set(context,
+                 env->errno_string(),
+                 v8::Integer::New(isolate, err)).Check();
+    ctx_obj->Set(context,
+                 env->syscall_string(),
+                 OneByteString(isolate, syscall)).Check();
+  }
+  return err;
+}
+
 }  // namespace fs
 
 }  // namespace node
diff --git a/test/parallel/test-bootstrap-modules.js b/test/parallel/test-bootstrap-modules.js
index ae69f5aef01da9..7ca48c49cb6742 100644
--- a/test/parallel/test-bootstrap-modules.js
+++ b/test/parallel/test-bootstrap-modules.js
@@ -17,6 +17,7 @@ const expectedModules = new Set([
   'Internal Binding contextify',
   'Internal Binding credentials',
   'Internal Binding fs',
+  'Internal Binding fs_dir',
   'Internal Binding inspector',
   'Internal Binding module_wrap',
   'Internal Binding native_module',
@@ -42,6 +43,7 @@ const expectedModules = new Set([
   'NativeModule internal/encoding',
   'NativeModule internal/errors',
   'NativeModule internal/fixed_queue',
+  'NativeModule internal/fs/dir',
   'NativeModule internal/fs/utils',
   'NativeModule internal/idna',
   'NativeModule internal/linkedlist',
diff --git a/test/parallel/test-fs-opendir.js b/test/parallel/test-fs-opendir.js
new file mode 100644
index 00000000000000..c9a6d657ed890d
--- /dev/null
+++ b/test/parallel/test-fs-opendir.js
@@ -0,0 +1,174 @@
+'use strict';
+
+const common = require('../common');
+const assert = require('assert');
+const fs = require('fs');
+const path = require('path');
+
+const tmpdir = require('../common/tmpdir');
+
+const testDir = tmpdir.path;
+const files = ['empty', 'files', 'for', 'just', 'testing'];
+
+// Make sure tmp directory is clean
+tmpdir.refresh();
+
+// Create the necessary files
+files.forEach(function(filename) {
+  fs.closeSync(fs.openSync(path.join(testDir, filename), 'w'));
+});
+
+function assertDirent(dirent) {
+  assert(dirent instanceof fs.Dirent);
+  assert.strictEqual(dirent.isFile(), true);
+  assert.strictEqual(dirent.isDirectory(), false);
+  assert.strictEqual(dirent.isSocket(), false);
+  assert.strictEqual(dirent.isBlockDevice(), false);
+  assert.strictEqual(dirent.isCharacterDevice(), false);
+  assert.strictEqual(dirent.isFIFO(), false);
+  assert.strictEqual(dirent.isSymbolicLink(), false);
+}
+
+const dirclosedError = {
+  code: 'ERR_DIR_CLOSED'
+};
+
+// Check the opendir Sync version
+{
+  const dir = fs.opendirSync(testDir);
+  const entries = files.map(() => {
+    const dirent = dir.readSync();
+    assertDirent(dirent);
+    return dirent.name;
+  });
+  assert.deepStrictEqual(files, entries.sort());
+
+  // dir.read should return null when no more entries exist
+  assert.strictEqual(dir.readSync(), null);
+
+  // check .path
+  assert.strictEqual(dir.path, testDir);
+
+  dir.closeSync();
+
+  assert.throws(() => dir.readSync(), dirclosedError);
+  assert.throws(() => dir.closeSync(), dirclosedError);
+}
+
+// Check the opendir async version
+fs.opendir(testDir, common.mustCall(function(err, dir) {
+  assert.ifError(err);
+  dir.read(common.mustCall(function(err, dirent) {
+    assert.ifError(err);
+
+    // Order is operating / file system dependent
+    assert(files.includes(dirent.name), `'files' should include ${dirent}`);
+    assertDirent(dirent);
+
+    dir.close(common.mustCall(function(err) {
+      assert.ifError(err);
+    }));
+  }));
+}));
+
+// opendir() on file should throw ENOTDIR
+assert.throws(function() {
+  fs.opendirSync(__filename);
+}, /Error: ENOTDIR: not a directory/);
+
+fs.opendir(__filename, common.mustCall(function(e) {
+  assert.strictEqual(e.code, 'ENOTDIR');
+}));
+
+[false, 1, [], {}, null, undefined].forEach((i) => {
+  common.expectsError(
+    () => fs.opendir(i, common.mustNotCall()),
+    {
+      code: 'ERR_INVALID_ARG_TYPE',
+      type: TypeError
+    }
+  );
+  common.expectsError(
+    () => fs.opendirSync(i),
+    {
+      code: 'ERR_INVALID_ARG_TYPE',
+      type: TypeError
+    }
+  );
+});
+
+// Promise-based tests
+async function doPromiseTest() {
+  // Check the opendir Promise version
+  const dir = await fs.promises.opendir(testDir);
+  const entries = [];
+
+  let i = files.length;
+  while (i--) {
+    const dirent = await dir.read();
+    entries.push(dirent.name);
+    assertDirent(dirent);
+  }
+
+  assert.deepStrictEqual(files, entries.sort());
+
+  // dir.read should return null when no more entries exist
+  assert.strictEqual(await dir.read(), null);
+
+  await dir.close();
+}
+doPromiseTest().then(common.mustCall());
+
+// Async iterator
+async function doAsyncIterTest() {
+  const entries = [];
+  for await (const dirent of await fs.promises.opendir(testDir)) {
+    entries.push(dirent.name);
+    assertDirent(dirent);
+  }
+
+  assert.deepStrictEqual(files, entries.sort());
+
+  // Automatically closed during iterator
+}
+doAsyncIterTest().then(common.mustCall());
+
+// Async iterators should do automatic cleanup
+
+async function doAsyncIterBreakTest() {
+  const dir = await fs.promises.opendir(testDir);
+  for await (const dirent of dir) { // eslint-disable-line no-unused-vars
+    break;
+  }
+
+  await assert.rejects(async () => dir.read(), dirclosedError);
+}
+doAsyncIterBreakTest().then(common.mustCall());
+
+async function doAsyncIterReturnTest() {
+  const dir = await fs.promises.opendir(testDir);
+  await (async function() {
+    for await (const dirent of dir) { // eslint-disable-line no-unused-vars
+      return;
+    }
+  })();
+
+  await assert.rejects(async () => dir.read(), dirclosedError);
+}
+doAsyncIterReturnTest().then(common.mustCall());
+
+async function doAsyncIterThrowTest() {
+  const dir = await fs.promises.opendir(testDir);
+  try {
+    for await (const dirent of dir) { // eslint-disable-line no-unused-vars
+      throw new Error('oh no');
+    }
+  } catch (err) {
+    if (err.message !== 'oh no') {
+      throw err;
+    }
+  }
+
+  await assert.rejects(async () => dir.read(), dirclosedError);
+}
+doAsyncIterThrowTest().then(common.mustCall());
diff --git a/test/sequential/test-async-wrap-getasyncid.js b/test/sequential/test-async-wrap-getasyncid.js
index bef6b050ff3178..cc823cc17fa706 100644
--- a/test/sequential/test-async-wrap-getasyncid.js
+++ b/test/sequential/test-async-wrap-getasyncid.js
@@ -306,3 +306,10 @@ if (process.features.inspector && common.isMainThread) {
 {
   v8.getHeapSnapshot().destroy();
 }
+
+// DIRHANDLE
+{
+  const dirBinding = internalBinding('fs_dir');
+  const handle = dirBinding.opendir('./', 'utf8', undefined, {});
+  testInitialized(handle, 'DirHandle');
+}
diff --git a/tools/doc/type-parser.js b/tools/doc/type-parser.js
index 4c3ec0503e7701..6cc60b04033a87 100644
--- a/tools/doc/type-parser.js
+++ b/tools/doc/type-parser.js
@@ -72,6 +72,7 @@ const customTypesMap = {
   'EventEmitter': 'events.html#events_class_eventemitter',
 
   'FileHandle': 'fs.html#fs_class_filehandle',
+  'fs.Dir': 'fs.html#fs_class_fs_dir',
   'fs.Dirent': 'fs.html#fs_class_fs_dirent',
   'fs.FSWatcher': 'fs.html#fs_class_fs_fswatcher',
   'fs.ReadStream': 'fs.html#fs_class_fs_readstream',

From df218ce066b3b4f981a197a60722bb85ebfd0964 Mon Sep 17 00:00:00 2001
From: Guy Bedford <guybedford@gmail.com>
Date: Sat, 28 Sep 2019 15:01:23 -0400
Subject: [PATCH 56/65] Revert "esm: remove experimental status from JSON
 modules"

This reverts commit ec8776da6fa77628e12718bb38cee687303d4137.

PR-URL: https://github.com/nodejs/node/pull/29754
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
---
 doc/api/cli.md                              |  8 ++++++++
 doc/api/esm.md                              | 19 ++++++++++++++++---
 doc/node.1                                  |  3 +++
 lib/internal/modules/esm/default_resolve.js |  7 +++++--
 src/node_options.cc                         |  9 +++++++++
 src/node_options.h                          |  1 +
 test/es-module/test-esm-json-cache.mjs      |  2 +-
 test/es-module/test-esm-json.mjs            |  3 +--
 8 files changed, 44 insertions(+), 8 deletions(-)

diff --git a/doc/api/cli.md b/doc/api/cli.md
index 0ef08ed7e37fc1..93dbd43c2172a9 100644
--- a/doc/api/cli.md
+++ b/doc/api/cli.md
@@ -165,6 +165,13 @@ added: v12.7.0
 
 Enable experimental resolution using the `exports` field in `package.json`.
 
+### `--experimental-json-modules`
+<!-- YAML
+added: v12.9.0
+-->
+
+Enable experimental JSON support for the ES Module loader.
+
 ### `--experimental-modules`
 <!-- YAML
 added: v8.5.0
@@ -1019,6 +1026,7 @@ Node.js options that are allowed are:
 * `--enable-source-maps`
 * `--es-module-specifier-resolution`
 * `--experimental-exports`
+* `--experimental-json-modules`
 * `--experimental-loader`
 * `--experimental-modules`
 * `--experimental-policy`
diff --git a/doc/api/esm.md b/doc/api/esm.md
index e0a548f0424410..951ce418195d72 100644
--- a/doc/api/esm.md
+++ b/doc/api/esm.md
@@ -587,11 +587,16 @@ syncBuiltinESMExports();
 fs.readFileSync === readFileSync;
 ```
 
-## JSON Modules
+## Experimental JSON Modules
 
-JSON modules follow the [WHATWG JSON modules specification][].
+Currently importing JSON modules are only supported in the `commonjs` mode
+and are loaded using the CJS loader. [WHATWG JSON modules specification][] are
+still being standardized, and are experimentally supported by including the
+additional flag `--experimental-json-modules` when running Node.js.
 
-The imported JSON only exposes a `default`. There is no
+When the `--experimental-json-modules` flag is included both the
+`commonjs` and `module` mode will use the new experimental JSON
+loader. The imported JSON only exposes a `default`, there is no
 support for named exports. A cache entry is created in the CommonJS
 cache, to avoid duplication. The same object will be returned in
 CommonJS if the JSON module has already been imported from the
@@ -604,6 +609,14 @@ Assuming an `index.mjs` with
 import packageConfig from './package.json';
 ```
 
+The `--experimental-json-modules` flag is needed for the module
+to work.
+
+```bash
+node --experimental-modules index.mjs # fails
+node --experimental-modules --experimental-json-modules index.mjs # works
+```
+
 ## Experimental Wasm Modules
 
 Importing Web Assembly modules is supported under the
diff --git a/doc/node.1 b/doc/node.1
index ee0647ad6993e3..dc29867a699b3c 100644
--- a/doc/node.1
+++ b/doc/node.1
@@ -108,6 +108,9 @@ Requires Node.js to be built with
 .It Fl -es-module-specifier-resolution
 Select extension resolution algorithm for ES Modules; either 'explicit' (default) or 'node'
 .
+.It Fl -experimental-json-modules
+Enable experimental JSON interop support for the ES Module loader.
+.
 .It Fl -experimental-modules
 Enable experimental ES module support and caching modules.
 .
diff --git a/lib/internal/modules/esm/default_resolve.js b/lib/internal/modules/esm/default_resolve.js
index 580419deac6c05..7686e3e003eede 100644
--- a/lib/internal/modules/esm/default_resolve.js
+++ b/lib/internal/modules/esm/default_resolve.js
@@ -8,6 +8,7 @@ const { getOptionValue } = require('internal/options');
 
 const preserveSymlinks = getOptionValue('--preserve-symlinks');
 const preserveSymlinksMain = getOptionValue('--preserve-symlinks-main');
+const experimentalJsonModules = getOptionValue('--experimental-json-modules');
 const typeFlag = getOptionValue('--input-type');
 const experimentalWasmModules = getOptionValue('--experimental-wasm-modules');
 const { resolve: moduleWrapResolve,
@@ -28,7 +29,6 @@ const extensionFormatMap = {
   '__proto__': null,
   '.cjs': 'commonjs',
   '.js': 'module',
-  '.json': 'json',
   '.mjs': 'module'
 };
 
@@ -36,7 +36,7 @@ const legacyExtensionFormatMap = {
   '__proto__': null,
   '.cjs': 'commonjs',
   '.js': 'commonjs',
-  '.json': 'json',
+  '.json': 'commonjs',
   '.mjs': 'module',
   '.node': 'commonjs'
 };
@@ -44,6 +44,9 @@ const legacyExtensionFormatMap = {
 if (experimentalWasmModules)
   extensionFormatMap['.wasm'] = legacyExtensionFormatMap['.wasm'] = 'wasm';
 
+if (experimentalJsonModules)
+  extensionFormatMap['.json'] = legacyExtensionFormatMap['.json'] = 'json';
+
 function resolve(specifier, parentURL) {
   try {
     const parsed = new URL(specifier);
diff --git a/src/node_options.cc b/src/node_options.cc
index caba0b28c7d1b1..d53ab2a4bfe873 100644
--- a/src/node_options.cc
+++ b/src/node_options.cc
@@ -135,6 +135,11 @@ void EnvironmentOptions::CheckOptions(std::vector<std::string>* errors) {
     }
   }
 
+  if (experimental_json_modules && !experimental_modules) {
+    errors->push_back("--experimental-json-modules requires "
+                      "--experimental-modules be enabled");
+  }
+
   if (experimental_wasm_modules && !experimental_modules) {
     errors->push_back("--experimental-wasm-modules requires "
                       "--experimental-modules be enabled");
@@ -320,6 +325,10 @@ EnvironmentOptionsParser::EnvironmentOptionsParser() {
             "experimental support for exports in package.json",
             &EnvironmentOptions::experimental_exports,
             kAllowedInEnvironment);
+  AddOption("--experimental-json-modules",
+            "experimental JSON interop support for the ES Module loader",
+            &EnvironmentOptions::experimental_json_modules,
+            kAllowedInEnvironment);
   AddOption("--experimental-loader",
             "(with --experimental-modules) use the specified file as a "
             "custom loader",
diff --git a/src/node_options.h b/src/node_options.h
index 0721a4fe2f8821..8937bfd9011e47 100644
--- a/src/node_options.h
+++ b/src/node_options.h
@@ -102,6 +102,7 @@ class EnvironmentOptions : public Options {
   bool abort_on_uncaught_exception = false;
   bool enable_source_maps = false;
   bool experimental_exports = false;
+  bool experimental_json_modules = false;
   bool experimental_modules = false;
   std::string es_module_specifier_resolution;
   bool experimental_wasm_modules = false;
diff --git a/test/es-module/test-esm-json-cache.mjs b/test/es-module/test-esm-json-cache.mjs
index 0f7d6804061bcd..d1fee4f444c2c0 100644
--- a/test/es-module/test-esm-json-cache.mjs
+++ b/test/es-module/test-esm-json-cache.mjs
@@ -1,4 +1,4 @@
-// Flags: --experimental-modules
+// Flags: --experimental-modules --experimental-json-modules
 import '../common/index.mjs';
 
 import { strictEqual, deepStrictEqual } from 'assert';
diff --git a/test/es-module/test-esm-json.mjs b/test/es-module/test-esm-json.mjs
index f196945b4b68f4..3d246124a9bdae 100644
--- a/test/es-module/test-esm-json.mjs
+++ b/test/es-module/test-esm-json.mjs
@@ -1,5 +1,4 @@
-// Flags: --experimental-modules
-
+// Flags: --experimental-modules --experimental-json-modules
 import '../common/index.mjs';
 import { strictEqual } from 'assert';
 

From a7113048e36476b6c231b52a246dc52f59cdf1e0 Mon Sep 17 00:00:00 2001
From: Shelley Vohr <shelley.vohr@gmail.com>
Date: Sun, 6 Oct 2019 11:40:24 +0200
Subject: [PATCH 57/65] worker: do not use two-arg NewIsolate

PR-URL: https://github.com/nodejs/node/pull/29850
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: David Carlier <devnexen@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
---
 src/node_worker.cc | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/node_worker.cc b/src/node_worker.cc
index 11e44a92757e41..3dce5e25980ce2 100644
--- a/src/node_worker.cc
+++ b/src/node_worker.cc
@@ -116,7 +116,10 @@ class WorkerThreadData {
     : w_(w) {
     CHECK_EQ(uv_loop_init(&loop_), 0);
 
-    Isolate* isolate = NewIsolate(w->array_buffer_allocator_.get(), &loop_);
+    Isolate* isolate = NewIsolate(
+        w->array_buffer_allocator_.get(),
+        &loop_,
+        w->platform_);
     CHECK_NOT_NULL(isolate);
 
     {

From adee99883a63d475d0239724b4d580eab7736bd6 Mon Sep 17 00:00:00 2001
From: Sam Roberts <vieuxtech@gmail.com>
Date: Wed, 2 Oct 2019 14:47:08 -0700
Subject: [PATCH 58/65] test: debug output for dlopen-ping-pong test

Make test failures easier to diagnose through progress logging, and
reporting of dlerror().

PR-URL: https://github.com/nodejs/node/pull/29818
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Christian Clauss <cclauss@me.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
---
 test/addons/dlopen-ping-pong/binding.cc | 1 +
 test/addons/dlopen-ping-pong/test.js    | 3 +++
 2 files changed, 4 insertions(+)

diff --git a/test/addons/dlopen-ping-pong/binding.cc b/test/addons/dlopen-ping-pong/binding.cc
index 6a6c297b52fff9..ecdabd5e0f4eef 100644
--- a/test/addons/dlopen-ping-pong/binding.cc
+++ b/test/addons/dlopen-ping-pong/binding.cc
@@ -26,6 +26,7 @@ static ping ping_func;
 void LoadLibrary(const FunctionCallbackInfo<Value>& args) {
   const String::Utf8Value filename(args.GetIsolate(), args[0]);
   void* handle = dlopen(*filename, RTLD_LAZY);
+  if (handle == nullptr) fprintf(stderr, "%s\n", dlerror());
   assert(handle != nullptr);
   ping_func = reinterpret_cast<ping>(dlsym(handle, "dlopen_ping"));
   assert(ping_func != nullptr);
diff --git a/test/addons/dlopen-ping-pong/test.js b/test/addons/dlopen-ping-pong/test.js
index c533593496090a..c5b8c16493f60f 100644
--- a/test/addons/dlopen-ping-pong/test.js
+++ b/test/addons/dlopen-ping-pong/test.js
@@ -9,12 +9,15 @@ const path = require('path');
 const os = require('os');
 
 const bindingPath = require.resolve(`./build/${common.buildType}/binding`);
+console.log('process.dlopen:', bindingPath);
 process.dlopen(module, bindingPath,
                os.constants.dlopen.RTLD_NOW | os.constants.dlopen.RTLD_GLOBAL);
+console.log('module.exports.load:', `${path.dirname(bindingPath)}/ping.so`);
 module.exports.load(`${path.dirname(bindingPath)}/ping.so`);
 assert.strictEqual(module.exports.ping(), 'pong');
 
 // Check that after the addon is loaded with
 // process.dlopen() a require() call fails.
+console.log('require:', `./build/${common.buildType}/binding`);
 const re = /^Error: Module did not self-register\.$/;
 assert.throws(() => require(`./build/${common.buildType}/binding`), re);

From 2bcde8309cd9691b728fc0e36593dbb3d9585e78 Mon Sep 17 00:00:00 2001
From: Anna Henningsen <anna@addaleax.net>
Date: Fri, 4 Oct 2019 20:37:51 +0200
Subject: [PATCH 59/65] http2: allow passing FileHandle to respondWithFD
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This seems to make sense if we want to promote the use
of `fs.promises`, although it’s not strictly necessary.

PR-URL: https://github.com/nodejs/node/pull/29876
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Minwoo Jung <minwoo@nodesource.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
---
 doc/api/http2.md                              |  9 ++-
 lib/fs.js                                     |  2 +-
 lib/internal/fs/promises.js                   | 56 ++++++++++---------
 lib/internal/http2/core.js                    |  6 +-
 .../test-http2-respond-file-fd-errors.js      |  3 +-
 .../test-http2-respond-file-filehandle.js     | 47 ++++++++++++++++
 6 files changed, 91 insertions(+), 32 deletions(-)
 create mode 100644 test/parallel/test-http2-respond-file-filehandle.js

diff --git a/doc/api/http2.md b/doc/api/http2.md
index 4be87eb6136230..04fdfe52167699 100644
--- a/doc/api/http2.md
+++ b/doc/api/http2.md
@@ -1439,13 +1439,16 @@ server.on('stream', (stream) => {
 <!-- YAML
 added: v8.4.0
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/29876
+    description: The `fd` option may now be a `FileHandle`.
   - version: v10.0.0
     pr-url: https://github.com/nodejs/node/pull/18936
     description: Any readable file descriptor, not necessarily for a
                  regular file, is supported now.
 -->
 
-* `fd` {number} A readable file descriptor.
+* `fd` {number|FileHandle} A readable file descriptor.
 * `headers` {HTTP/2 Headers Object}
 * `options` {Object}
   * `statCheck` {Function}
@@ -1491,8 +1494,8 @@ The `offset` and `length` options may be used to limit the response to a
 specific range subset. This can be used, for instance, to support HTTP Range
 requests.
 
-The file descriptor is not closed when the stream is closed, so it will need
-to be closed manually once it is no longer needed.
+The file descriptor or `FileHandle` is not closed when the stream is closed,
+so it will need to be closed manually once it is no longer needed.
 Using the same file descriptor concurrently for multiple streams
 is not supported and may result in data loss. Re-using a file descriptor
 after a stream has finished is supported.
diff --git a/lib/fs.js b/lib/fs.js
index 4e994775a3042d..a435470fa71401 100644
--- a/lib/fs.js
+++ b/lib/fs.js
@@ -1948,7 +1948,7 @@ Object.defineProperties(fs, {
     enumerable: true,
     get() {
       if (promises === null)
-        promises = require('internal/fs/promises');
+        promises = require('internal/fs/promises').exports;
       return promises;
     }
   }
diff --git a/lib/internal/fs/promises.js b/lib/internal/fs/promises.js
index 923ae97abdc26f..9843064efbc472 100644
--- a/lib/internal/fs/promises.js
+++ b/lib/internal/fs/promises.js
@@ -46,7 +46,7 @@ const {
 const pathModule = require('path');
 const { promisify } = require('internal/util');
 
-const kHandle = Symbol('handle');
+const kHandle = Symbol('kHandle');
 const { kUsePromises } = binding;
 
 const getDirectoryEntriesPromise = promisify(getDirents);
@@ -498,29 +498,33 @@ async function readFile(path, options) {
 }
 
 module.exports = {
-  access,
-  copyFile,
-  open,
-  opendir: promisify(opendir),
-  rename,
-  truncate,
-  rmdir,
-  mkdir,
-  readdir,
-  readlink,
-  symlink,
-  lstat,
-  stat,
-  link,
-  unlink,
-  chmod,
-  lchmod,
-  lchown,
-  chown,
-  utimes,
-  realpath,
-  mkdtemp,
-  writeFile,
-  appendFile,
-  readFile
+  exports: {
+    access,
+    copyFile,
+    open,
+    opendir: promisify(opendir),
+    rename,
+    truncate,
+    rmdir,
+    mkdir,
+    readdir,
+    readlink,
+    symlink,
+    lstat,
+    stat,
+    link,
+    unlink,
+    chmod,
+    lchmod,
+    lchown,
+    chown,
+    utimes,
+    realpath,
+    mkdtemp,
+    writeFile,
+    appendFile,
+    readFile,
+  },
+
+  FileHandle
 };
diff --git a/lib/internal/http2/core.js b/lib/internal/http2/core.js
index 73dc6a41e9930a..28c91ee22d8f6d 100644
--- a/lib/internal/http2/core.js
+++ b/lib/internal/http2/core.js
@@ -82,6 +82,7 @@ const {
   hideStackFrames
 } = require('internal/errors');
 const { validateNumber, validateString } = require('internal/validators');
+const fsPromisesInternal = require('internal/fs/promises');
 const { utcDate } = require('internal/http');
 const { onServerStream,
         Http2ServerRequest,
@@ -2545,7 +2546,10 @@ class ServerHttp2Stream extends Http2Stream {
       this[kState].flags |= STREAM_FLAGS_HAS_TRAILERS;
     }
 
-    validateNumber(fd, 'fd');
+    if (fd instanceof fsPromisesInternal.FileHandle)
+      fd = fd.fd;
+    else if (typeof fd !== 'number')
+      throw new ERR_INVALID_ARG_TYPE('fd', ['number', 'FileHandle'], fd);
 
     debugStreamObj(this, 'initiating response from fd');
     this[kUpdateTimer]();
diff --git a/test/parallel/test-http2-respond-file-fd-errors.js b/test/parallel/test-http2-respond-file-fd-errors.js
index 9508cfae9799c0..5de21e7855eac1 100644
--- a/test/parallel/test-http2-respond-file-fd-errors.js
+++ b/test/parallel/test-http2-respond-file-fd-errors.js
@@ -42,7 +42,8 @@ server.on('stream', common.mustCall((stream) => {
       {
         type: TypeError,
         code: 'ERR_INVALID_ARG_TYPE',
-        message: 'The "fd" argument must be of type number. Received type ' +
+        message: 'The "fd" argument must be one of type number or FileHandle.' +
+                 ' Received type ' +
                  typeof types[type]
       }
     );
diff --git a/test/parallel/test-http2-respond-file-filehandle.js b/test/parallel/test-http2-respond-file-filehandle.js
new file mode 100644
index 00000000000000..bc7bfbe356ff92
--- /dev/null
+++ b/test/parallel/test-http2-respond-file-filehandle.js
@@ -0,0 +1,47 @@
+'use strict';
+
+const common = require('../common');
+const fixtures = require('../common/fixtures');
+if (!common.hasCrypto)
+  common.skip('missing crypto');
+const http2 = require('http2');
+const assert = require('assert');
+const fs = require('fs');
+
+const {
+  HTTP2_HEADER_CONTENT_TYPE,
+  HTTP2_HEADER_CONTENT_LENGTH
+} = http2.constants;
+
+const fname = fixtures.path('elipses.txt');
+const data = fs.readFileSync(fname);
+const stat = fs.statSync(fname);
+fs.promises.open(fname, 'r').then(common.mustCall((fileHandle) => {
+  const server = http2.createServer();
+  server.on('stream', (stream) => {
+    stream.respondWithFD(fileHandle, {
+      [HTTP2_HEADER_CONTENT_TYPE]: 'text/plain',
+      [HTTP2_HEADER_CONTENT_LENGTH]: stat.size,
+    });
+  });
+  server.on('close', common.mustCall(() => fileHandle.close()));
+  server.listen(0, common.mustCall(() => {
+
+    const client = http2.connect(`http://localhost:${server.address().port}`);
+    const req = client.request();
+
+    req.on('response', common.mustCall((headers) => {
+      assert.strictEqual(headers[HTTP2_HEADER_CONTENT_TYPE], 'text/plain');
+      assert.strictEqual(+headers[HTTP2_HEADER_CONTENT_LENGTH], data.length);
+    }));
+    req.setEncoding('utf8');
+    let check = '';
+    req.on('data', (chunk) => check += chunk);
+    req.on('end', common.mustCall(() => {
+      assert.strictEqual(check, data.toString('utf8'));
+      client.close();
+      server.close();
+    }));
+    req.end();
+  }));
+}));

From c56f765cf6c2ccad24b077ef2e975904b65511c0 Mon Sep 17 00:00:00 2001
From: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Date: Wed, 9 Oct 2019 12:10:06 -0700
Subject: [PATCH 60/65] fs: remove options.encoding from Dir.read*()

This is unlikely to be necessary in any case, and causes much
unwarrented complexity when implementing further
optimizations.

Refs: https://github.com/nodejs/node/pull/29893#discussion_r333179482

PR-URL: https://github.com/nodejs/node/pull/29908
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
---
 doc/api/fs.md          | 25 ++++++-------------------
 lib/internal/fs/dir.js | 12 ++++--------
 2 files changed, 10 insertions(+), 27 deletions(-)

diff --git a/doc/api/fs.md b/doc/api/fs.md
index a6736d127e9bbc..885272724d2384 100644
--- a/doc/api/fs.md
+++ b/doc/api/fs.md
@@ -351,13 +351,11 @@ added: REPLACEME
 Synchronously close the directory's underlying resource handle.
 Subsequent reads will result in errors.
 
-### dir.read([options])
+### dir.read()
 <!-- YAML
 added: REPLACEME
 -->
 
-* `options` {Object}
-  * `encoding` {string|null} **Default:** `'utf8'`
 * Returns: {Promise} containing {fs.Dirent}
 
 Asynchronously read the next directory entry via readdir(3) as an
@@ -369,13 +367,11 @@ is completed.
 _Directory entries returned by this function are in no particular order as
 provided by the operating system's underlying directory mechanisms._
 
-### dir.read([options, ]callback)
+### dir.read(callback)
 <!-- YAML
 added: REPLACEME
 -->
 
-* `options` {Object}
-  * `encoding` {string|null} **Default:** `'utf8'`
 * `callback` {Function}
   * `err` {Error}
   * `dirent` {fs.Dirent}
@@ -385,25 +381,19 @@ Asynchronously read the next directory entry via readdir(3) as an
 
 The `callback` will be called with a [Dirent][] after the read is completed.
 
-The `encoding` option sets the encoding of the `name` in the `dirent`.
-
 _Directory entries returned by this function are in no particular order as
 provided by the operating system's underlying directory mechanisms._
 
-### dir.readSync([options])
+### dir.readSync()
 <!-- YAML
 added: REPLACEME
 -->
 
-* `options` {Object}
-  * `encoding` {string|null} **Default:** `'utf8'`
 * Returns: {fs.Dirent}
 
 Synchronously read the next directory entry via readdir(3) as an
 [`fs.Dirent`][].
 
-The `encoding` option sets the encoding of the `name` in the `dirent`.
-
 _Directory entries returned by this function are in no particular order as
 provided by the operating system's underlying directory mechanisms._
 
@@ -2658,8 +2648,7 @@ Creates an [`fs.Dir`][], which contains all further functions for reading from
 and cleaning up the directory.
 
 The `encoding` option sets the encoding for the `path` while opening the
-directory and subsequent read operations (unless otherwise overriden during
-reads from the directory).
+directory and subsequent read operations.
 
 ## fs.opendirSync(path[, options])
 <!-- YAML
@@ -2677,8 +2666,7 @@ Creates an [`fs.Dir`][], which contains all further functions for reading from
 and cleaning up the directory.
 
 The `encoding` option sets the encoding for the `path` while opening the
-directory and subsequent read operations (unless otherwise overriden during
-reads from the directory).
+directory and subsequent read operations.
 
 ## fs.read(fd, buffer, offset, length, position, callback)
 <!-- YAML
@@ -4835,8 +4823,7 @@ Creates an [`fs.Dir`][], which contains all further functions for reading from
 and cleaning up the directory.
 
 The `encoding` option sets the encoding for the `path` while opening the
-directory and subsequent read operations (unless otherwise overriden during
-reads from the directory).
+directory and subsequent read operations.
 
 Example using async interation:
 
diff --git a/lib/internal/fs/dir.js b/lib/internal/fs/dir.js
index c1a25f0de3cd38..175c632fc79948 100644
--- a/lib/internal/fs/dir.js
+++ b/lib/internal/fs/dir.js
@@ -48,18 +48,16 @@ class Dir {
     return this[kDirPath];
   }
 
-  read(options, callback) {
+  read(callback) {
     if (this[kDirClosed] === true) {
       throw new ERR_DIR_CLOSED();
     }
 
-    callback = typeof options === 'function' ? options : callback;
     if (callback === undefined) {
-      return this[kDirReadPromisified](options);
+      return this[kDirReadPromisified]();
     } else if (typeof callback !== 'function') {
       throw new ERR_INVALID_CALLBACK(callback);
     }
-    options = getOptions(options, this[kDirOptions]);
 
     const req = new FSReqCallback();
     req.oncomplete = (err, result) => {
@@ -70,7 +68,7 @@ class Dir {
     };
 
     this[kDirHandle].read(
-      options.encoding,
+      this[kDirOptions].encoding,
       req
     );
   }
@@ -80,11 +78,9 @@ class Dir {
       throw new ERR_DIR_CLOSED();
     }
 
-    options = getOptions(options, this[kDirOptions]);
-
     const ctx = { path: this[kDirPath] };
     const result = this[kDirHandle].read(
-      options.encoding,
+      this[kDirOptions].encoding,
       undefined,
       ctx
     );

From 20b9ef92d1f0e78e1c2fde3b061b100b1ab21ba3 Mon Sep 17 00:00:00 2001
From: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Date: Tue, 8 Oct 2019 13:18:08 -0700
Subject: [PATCH 61/65] doc: add more info to fs.Dir and fix typos

Some doc bits / fixes which were missing from
cbd8d715b2286e5726e6988921f5c870cbf74127

PR-URL: https://github.com/nodejs/node/pull/29890
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
---
 doc/api/fs.md | 29 +++++++++++++++++++----------
 1 file changed, 19 insertions(+), 10 deletions(-)

diff --git a/doc/api/fs.md b/doc/api/fs.md
index 885272724d2384..d7a4ebcc2e8604 100644
--- a/doc/api/fs.md
+++ b/doc/api/fs.md
@@ -293,8 +293,6 @@ A class representing a directory stream.
 
 Created by [`fs.opendir()`][], [`fs.opendirSync()`][], or [`fsPromises.opendir()`][].
 
-Example using async interation:
-
 ```js
 const fs = require('fs');
 
@@ -356,13 +354,13 @@ Subsequent reads will result in errors.
 added: REPLACEME
 -->
 
-* Returns: {Promise} containing {fs.Dirent}
+* Returns: {Promise} containing {fs.Dirent|null}
 
 Asynchronously read the next directory entry via readdir(3) as an
 [`fs.Dirent`][].
 
-A `Promise` is returned that will be resolved with a [Dirent][] after the read
-is completed.
+After the read is completed, a `Promise` is returned that will be resolved with
+an [`fs.Dirent`][], or `null` if there are no more directory entries to read.
 
 _Directory entries returned by this function are in no particular order as
 provided by the operating system's underlying directory mechanisms._
@@ -374,12 +372,13 @@ added: REPLACEME
 
 * `callback` {Function}
   * `err` {Error}
-  * `dirent` {fs.Dirent}
+  * `dirent` {fs.Dirent|null}
 
 Asynchronously read the next directory entry via readdir(3) as an
 [`fs.Dirent`][].
 
-The `callback` will be called with a [Dirent][] after the read is completed.
+After the read is completed, the `callback` will be called with an
+[`fs.Dirent`][], or `null` if there are no more directory entries to read.
 
 _Directory entries returned by this function are in no particular order as
 provided by the operating system's underlying directory mechanisms._
@@ -389,11 +388,13 @@ provided by the operating system's underlying directory mechanisms._
 added: REPLACEME
 -->
 
-* Returns: {fs.Dirent}
+* Returns: {fs.Dirent|null}
 
 Synchronously read the next directory entry via readdir(3) as an
 [`fs.Dirent`][].
 
+If there are no more directory entries to read, `null` will be returned.
+
 _Directory entries returned by this function are in no particular order as
 provided by the operating system's underlying directory mechanisms._
 
@@ -402,7 +403,15 @@ provided by the operating system's underlying directory mechanisms._
 added: REPLACEME
 -->
 
-* Returns: {AsyncIterator} to fully iterate over all entries in the directory.
+* Returns: {AsyncIterator} of {fs.Dirent}
+
+Asynchronously iterates over the directory via readdir(3) until all entries have
+been read.
+
+Entries returned by the async iterator are always an [`fs.Dirent`][].
+The `null` case from `dir.read()` is handled internally.
+
+See [`fs.Dir`][] for an example.
 
 _Directory entries returned by this iterator are in no particular order as
 provided by the operating system's underlying directory mechanisms._
@@ -4825,7 +4834,7 @@ and cleaning up the directory.
 The `encoding` option sets the encoding for the `path` while opening the
 directory and subsequent read operations.
 
-Example using async interation:
+Example using async iteration:
 
 ```js
 const fs = require('fs');

From ea6b6abb91f39ce11b43d88a4eb630fdab0b2bd5 Mon Sep 17 00:00:00 2001
From: Nick Schonning <nschonni@gmail.com>
Date: Mon, 26 Aug 2019 23:52:08 -0400
Subject: [PATCH 62/65] doc: remove spaces inside code span elements

Applies MarkdownLint MD038 rule

PR-URL: https://github.com/nodejs/node/pull/29329
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
---
 doc/STYLE_GUIDE.md                       | 2 +-
 doc/api/buffer.md                        | 2 +-
 doc/guides/contributing/pull-requests.md | 2 +-
 doc/guides/writing-tests.md              | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/doc/STYLE_GUIDE.md b/doc/STYLE_GUIDE.md
index 3cc162f6dc8300..6f98ad1fc8fb4e 100644
--- a/doc/STYLE_GUIDE.md
+++ b/doc/STYLE_GUIDE.md
@@ -43,7 +43,7 @@
 * Instances should use camelCase.
 * Denote methods with parentheses: `socket.end()` instead of `socket.end`.
 * Function arguments or object properties should use the following format:
-  * ``` * `name` {type|type2} Optional description. **Default:** `value`. ```
+  * ```* `name` {type|type2} Optional description. **Default:** `value`.```
   <!--lint disable maximum-line-length remark-lint-->
   * For example: <code>* `byteOffset` {integer} Index of first byte to expose. **Default:** `0`.</code>
   <!--lint enable maximum-line-length remark-lint-->
diff --git a/doc/api/buffer.md b/doc/api/buffer.md
index 2a254380f2b1f5..713024a21bd1ce 100644
--- a/doc/api/buffer.md
+++ b/doc/api/buffer.md
@@ -1458,7 +1458,7 @@ changes:
 * `value` {string|Buffer|Uint8Array|integer} What to search for.
 * `byteOffset` {integer} Where to begin searching in `buf`. If negative, then
   offset is calculated from the end of `buf`. **Default:**
-  [`buf.length`][]` - 1`.
+  [`buf.length`][] `- 1`.
 * `encoding` {string} If `value` is a string, this is the encoding used to
   determine the binary representation of the string that will be searched for in
   `buf`. **Default:** `'utf8'`.
diff --git a/doc/guides/contributing/pull-requests.md b/doc/guides/contributing/pull-requests.md
index a9ac6e42541b12..17257674a3b546 100644
--- a/doc/guides/contributing/pull-requests.md
+++ b/doc/guides/contributing/pull-requests.md
@@ -440,7 +440,7 @@ check with the contributor to see if they intend to continue the work before
 checking if they would mind if you took it over (especially if it just has
 nits left). When doing so, it is courteous to give the original contributor
 credit for the work they started (either by preserving their name and email
-address in the commit log, or by using an `Author: ` meta-data tag in the
+address in the commit log, or by using an `Author:` meta-data tag in the
 commit.
 
 ### Approving a change
diff --git a/doc/guides/writing-tests.md b/doc/guides/writing-tests.md
index f34c07cc151c59..584b1d2373ce1b 100644
--- a/doc/guides/writing-tests.md
+++ b/doc/guides/writing-tests.md
@@ -249,7 +249,7 @@ fs.readFile('test-file').then(
 ### Flags
 
 Some tests will require running Node.js with specific command line flags set. To
-accomplish this, add a `// Flags: ` comment in the preamble of the
+accomplish this, add a `// Flags:` comment in the preamble of the
 test followed by the flags. For example, to allow a test to require some of the
 `internal/*` modules, add the `--expose-internals` flag.
 A test that would require `internal/freelist` could start like this:

From 6a5d401f304e4b192e495f2cd9ee6483e2a59745 Mon Sep 17 00:00:00 2001
From: Nick Schonning <nschonni@gmail.com>
Date: Wed, 2 Oct 2019 01:18:17 -0400
Subject: [PATCH 63/65] test: remove spaces inside code span elements

Applies MarkdownLint MD038 rule

PR-URL: https://github.com/nodejs/node/pull/29329
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
---
 doc/api/buffer.md | 2 +-
 test/README.md    | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/doc/api/buffer.md b/doc/api/buffer.md
index 713024a21bd1ce..2d37c65b8d3b6b 100644
--- a/doc/api/buffer.md
+++ b/doc/api/buffer.md
@@ -1458,7 +1458,7 @@ changes:
 * `value` {string|Buffer|Uint8Array|integer} What to search for.
 * `byteOffset` {integer} Where to begin searching in `buf`. If negative, then
   offset is calculated from the end of `buf`. **Default:**
-  [`buf.length`][] `- 1`.
+  `buf.length - 1`.
 * `encoding` {string} If `value` is a string, this is the encoding used to
   determine the binary representation of the string that will be searched for in
   `buf`. **Default:** `'utf8'`.
diff --git a/test/README.md b/test/README.md
index fcfafb492bc5d8..ad9d87a7e93051 100644
--- a/test/README.md
+++ b/test/README.md
@@ -15,7 +15,7 @@ For the tests to run on Windows, be sure to clone Node.js source code with the
 
 | Directory           | Runs on CI      | Purpose         |
 | ------------------- | --------------- | --------------- |
-| `abort`             | Yes             | Tests for when the  ``` --abort-on-uncaught-exception ``` flag is used. |
+| `abort`             | Yes             | Tests for when the `--abort-on-uncaught-exception` flag is used. |
 | `addons`            | Yes             | Tests for [addon](https://nodejs.org/api/addons.html) functionality along with some tests that require an addon. |
 | `async-hooks`        | Yes            | Tests for [async_hooks](https://nodejs.org/api/async_hooks.html) functionality. |
 | `benchmark`          | No             | Test minimal functionality of benchmarks. |
@@ -28,12 +28,12 @@ For the tests to run on Windows, be sure to clone Node.js source code with the
 | `internet`           | No             | Tests that make real outbound network connections. Tests for networking related modules may also be present in other directories, but those tests do not make outbound connections. |
 | `js-native-api`      | Yes            | Tests for Node.js-agnostic [n-api](https://nodejs.org/api/n-api.html) functionality. |
 | `known_issues`       | Yes            | Tests reproducing known issues within the system. All tests inside of this directory are expected to fail. If a test doesn't fail on certain platforms, those should be skipped via `known_issues.status`. |
-| `message`            | Yes            | Tests for messages that are output for various conditions (```console.log```, error messages etc.) |
+| `message`            | Yes            | Tests for messages that are output for various conditions (`console.log`, error messages etc.) |
 | `node-api`           | Yes            | Tests for Node.js-specific [n-api](https://nodejs.org/api/n-api.html) functionality. |
 | `parallel`           | Yes            | Various tests that are able to be run in parallel. |
 | `pseudo-tty`         | Yes            | Tests that require stdin/stdout/stderr to be a TTY. |
 | `pummel`             | No             | Various tests for various modules / system functionality operating under load. |
 | `sequential`         | Yes            | Various tests that must not run in parallel. |
 | `testpy`             |                | Test configuration utility used by various test suites. |
-| `tick-processor`     | No             | Tests for the V8 tick processor integration. The tests are for the logic in ```lib/internal/v8_prof_processor.js``` and  ```lib/internal/v8_prof_polyfill.js```. The tests confirm that the profile processor packages the correct set of scripts from V8 and introduces the correct platform specific logic. |
+| `tick-processor`     | No             | Tests for the V8 tick processor integration. The tests are for the logic in `lib/internal/v8_prof_processor.js` and `lib/internal/v8_prof_polyfill.js`. The tests confirm that the profile processor packages the correct set of scripts from V8 and introduces the correct platform specific logic. |
 | `v8-updates`         | No             | Tests for V8 performance integration. |

From 5fdf4a474f011f745de1f924d470cdd2c0cd3382 Mon Sep 17 00:00:00 2001
From: cjihrig <cjihrig@gmail.com>
Date: Mon, 7 Oct 2019 11:11:36 -0400
Subject: [PATCH 64/65] test: remove extra process.exit()

process.exit() has a tendency to hide test failures because
it forces the process to exit. This test doesn't need the
process.exit(), so this commit removes it.

PR-URL: https://github.com/nodejs/node/pull/29873
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Yongsheng Zhang <zyszys98@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
---
 test/parallel/test-http2-connect-options.js | 1 -
 1 file changed, 1 deletion(-)

diff --git a/test/parallel/test-http2-connect-options.js b/test/parallel/test-http2-connect-options.js
index 1a7987621ab34e..0c7ec807b84d38 100644
--- a/test/parallel/test-http2-connect-options.js
+++ b/test/parallel/test-http2-connect-options.js
@@ -36,7 +36,6 @@ server.listen(0, '127.0.0.1', common.mustCall(() => {
     client.close();
     req.close();
     server.close();
-    process.exit();
   }));
   req.end();
 }));

From 921493e2287aa895679620155b5288b2e1587bfd Mon Sep 17 00:00:00 2001
From: Ruben Bridgewater <ruben@bridgewater.de>
Date: Thu, 10 Oct 2019 14:31:33 +0200
Subject: [PATCH 65/65] 2019-10-11, Version 12.12.0 (Current)

Notable changes:

* build:
  * Add `--force-context-aware` flag to prevent usage of native node
    addons that aren't context aware
    https://github.com/nodejs/node/pull/29631
* deprecations:
  * Add documentation-only deprecation for `process._tickCallback()`
    https://github.com/nodejs/node/pull/29781
* esm:
  * Using JSON modules is experimental again
    https://github.com/nodejs/node/pull/29754
* fs:
  * Introduce `opendir()` and `fs.Dir` to iterate through directories
    https://github.com/nodejs/node/pull/29349
* process:
  * Add source-map support to stack traces by using
    `--source-map-support` https://github.com/nodejs/node/pull/29564
* tls:
  * Honor `pauseOnConnect` option
    https://github.com/nodejs/node/pull/29635
  * Add option for private keys for OpenSSL engines
    https://github.com/nodejs/node/pull/28973

PR-URL: https://github.com/nodejs/node/pull/29919
---
 CHANGELOG.md                    |  3 +-
 doc/api/cli.md                  |  4 +-
 doc/api/deprecations.md         |  4 +-
 doc/api/errors.md               |  2 +-
 doc/api/fs.md                   | 24 ++++-----
 doc/api/http2.md                |  4 +-
 doc/api/modules.md              |  2 +-
 doc/api/tls.md                  |  2 +-
 doc/changelogs/CHANGELOG_V12.md | 87 +++++++++++++++++++++++++++++++++
 src/node_version.h              |  6 +--
 10 files changed, 113 insertions(+), 25 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index b6e21279f63122..4e90bf32d78341 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -28,7 +28,8 @@ release.
 </tr>
 <tr>
     <td valign="top">
-<b><a href="doc/changelogs/CHANGELOG_V12.md#12.11.1">12.11.1</a></b><br/>
+<b><a href="doc/changelogs/CHANGELOG_V12.md#12.12.0">12.12.0</a></b><br/>
+<a href="doc/changelogs/CHANGELOG_V12.md#12.11.1">12.11.1</a><br/>
 <a href="doc/changelogs/CHANGELOG_V12.md#12.11.0">12.11.0</a><br/>
 <a href="doc/changelogs/CHANGELOG_V12.md#12.10.0">12.10.0</a><br/>
 <a href="doc/changelogs/CHANGELOG_V12.md#12.9.1">12.9.1</a><br/>
diff --git a/doc/api/cli.md b/doc/api/cli.md
index 93dbd43c2172a9..600137150a2c30 100644
--- a/doc/api/cli.md
+++ b/doc/api/cli.md
@@ -137,7 +137,7 @@ Enable FIPS-compliant crypto at startup. (Requires Node.js to be built with
 
 ### `--enable-source-maps`
 <!-- YAML
-added: REPLACEME
+added: v12.12.0
 -->
 
 > Stability: 1 - Experimental
@@ -457,7 +457,7 @@ Silence all process warnings (including deprecations).
 
 ### `--force-context-aware`
 <!-- YAML
-added: REPLACEME
+added: v12.12.0
 -->
 
 Disable loading native addons that are not [context-aware][].
diff --git a/doc/api/deprecations.md b/doc/api/deprecations.md
index 9687f342b46141..83ef32ca1da6f6 100644
--- a/doc/api/deprecations.md
+++ b/doc/api/deprecations.md
@@ -2498,7 +2498,7 @@ Passing a callback to [`worker.terminate()`][] is deprecated. Use the returned
 ### DEP0133: http connection
 <!-- YAML
 changes:
-  - version: REPLACEME
+  - version: v12.12.0
     pr-url: https://github.com/nodejs/node/pull/29015
     description: Documentation-only deprecation.
 -->
@@ -2512,7 +2512,7 @@ Prefer [`response.socket`][] over [`response.connection`][] and
 ### DEP0134: process._tickCallback
 <!-- YAML
 changes:
-  - version: REPLACEME
+  - version: v12.12.0
     pr-url: https://github.com/nodejs/node/pull/29781
     description: Documentation-only deprecation.
 -->
diff --git a/doc/api/errors.md b/doc/api/errors.md
index 329c369d152a30..e3a3c10d6a774e 100644
--- a/doc/api/errors.md
+++ b/doc/api/errors.md
@@ -2071,7 +2071,7 @@ state, usually after `.close()` has been called.
 ### ERR_CRYPTO_HASH_DIGEST_NO_UTF16
 <!-- YAML
 added: v9.0.0
-removed: REPLACEME
+removed: v12.12.0
 -->
 
 The UTF-16 encoding was used with [`hash.digest()`][]. While the
diff --git a/doc/api/fs.md b/doc/api/fs.md
index d7a4ebcc2e8604..37518e46b0e1c1 100644
--- a/doc/api/fs.md
+++ b/doc/api/fs.md
@@ -286,7 +286,7 @@ performance implications for some applications. See the
 
 ## Class fs.Dir
 <!-- YAML
-added: REPLACEME
+added: v12.12.0
 -->
 
 A class representing a directory stream.
@@ -307,7 +307,7 @@ print('./').catch(console.error);
 
 ### dir.path
 <!-- YAML
-added: REPLACEME
+added: v12.12.0
 -->
 
 * {string}
@@ -317,7 +317,7 @@ The read-only path of this directory as was provided to [`fs.opendir()`][],
 
 ### dir.close()
 <!-- YAML
-added: REPLACEME
+added: v12.12.0
 -->
 
 * Returns: {Promise}
@@ -330,7 +330,7 @@ closed.
 
 ### dir.close(callback)
 <!-- YAML
-added: REPLACEME
+added: v12.12.0
 -->
 
 * `callback` {Function}
@@ -343,7 +343,7 @@ The `callback` will be called after the resource handle has been closed.
 
 ### dir.closeSync()
 <!-- YAML
-added: REPLACEME
+added: v12.12.0
 -->
 
 Synchronously close the directory's underlying resource handle.
@@ -351,7 +351,7 @@ Subsequent reads will result in errors.
 
 ### dir.read()
 <!-- YAML
-added: REPLACEME
+added: v12.12.0
 -->
 
 * Returns: {Promise} containing {fs.Dirent|null}
@@ -367,7 +367,7 @@ provided by the operating system's underlying directory mechanisms._
 
 ### dir.read(callback)
 <!-- YAML
-added: REPLACEME
+added: v12.12.0
 -->
 
 * `callback` {Function}
@@ -385,7 +385,7 @@ provided by the operating system's underlying directory mechanisms._
 
 ### dir.readSync()
 <!-- YAML
-added: REPLACEME
+added: v12.12.0
 -->
 
 * Returns: {fs.Dirent|null}
@@ -400,7 +400,7 @@ provided by the operating system's underlying directory mechanisms._
 
 ### dir\[Symbol.asyncIterator\]()
 <!-- YAML
-added: REPLACEME
+added: v12.12.0
 -->
 
 * Returns: {AsyncIterator} of {fs.Dirent}
@@ -2641,7 +2641,7 @@ this API: [`fs.open()`][].
 
 ## fs.opendir(path[, options], callback)
 <!-- YAML
-added: REPLACEME
+added: v12.12.0
 -->
 
 * `path` {string|Buffer|URL}
@@ -2661,7 +2661,7 @@ directory and subsequent read operations.
 
 ## fs.opendirSync(path[, options])
 <!-- YAML
-added: REPLACEME
+added: v12.12.0
 -->
 
 * `path` {string|Buffer|URL}
@@ -4818,7 +4818,7 @@ a colon, Node.js will open a file system stream, as described by
 
 ## fsPromises.opendir(path[, options])
 <!-- YAML
-added: REPLACEME
+added: v12.12.0
 -->
 
 * `path` {string|Buffer|URL}
diff --git a/doc/api/http2.md b/doc/api/http2.md
index 04fdfe52167699..0798d1ec896ff9 100644
--- a/doc/api/http2.md
+++ b/doc/api/http2.md
@@ -1439,7 +1439,7 @@ server.on('stream', (stream) => {
 <!-- YAML
 added: v8.4.0
 changes:
-  - version: REPLACEME
+  - version: v12.12.0
     pr-url: https://github.com/nodejs/node/pull/29876
     description: The `fd` option may now be a `FileHandle`.
   - version: v10.0.0
@@ -2360,7 +2360,7 @@ server.on('stream', (stream, headers) => {
 <!-- YAML
 added: v8.4.0
 changes:
-  - version: REPLACEME
+  - version: v12.12.0
     pr-url: https://github.com/nodejs/node/pull/29833
     description: The `maxConcurrentStreams` setting is stricter.
   - version: v8.9.3
diff --git a/doc/api/modules.md b/doc/api/modules.md
index 9ed9273e0b578f..816b463fcfa84c 100644
--- a/doc/api/modules.md
+++ b/doc/api/modules.md
@@ -986,7 +986,7 @@ requireUtil('./some-tool');
 
 ### module.syncBuiltinESMExports()
 <!-- YAML
-added: REPLACEME
+added: v12.12.0
 -->
 
 The `module.syncBuiltinESMExports()` method updates all the live bindings for
diff --git a/doc/api/tls.md b/doc/api/tls.md
index d90affa4c3b70d..70c6b96a0e471d 100644
--- a/doc/api/tls.md
+++ b/doc/api/tls.md
@@ -1358,7 +1358,7 @@ argument.
 <!-- YAML
 added: v0.11.13
 changes:
-  - version: REPLACEME
+  - version: v12.12.0
     pr-url: https://github.com/nodejs/node/pull/28973
     description: Added `privateKeyIdentifier` and `privateKeyEngine` options
                  to get private key from an OpenSSL engine.
diff --git a/doc/changelogs/CHANGELOG_V12.md b/doc/changelogs/CHANGELOG_V12.md
index 106034f97de207..3f82d4bf9fe9cd 100644
--- a/doc/changelogs/CHANGELOG_V12.md
+++ b/doc/changelogs/CHANGELOG_V12.md
@@ -9,6 +9,7 @@
 </tr>
 <tr>
 <td>
+<a href="#12.12.0">12.12.0</a><br/>
 <a href="#12.11.1">12.11.1</a><br/>
 <a href="#12.11.0">12.11.0</a><br/>
 <a href="#12.10.0">12.10.0</a><br/>
@@ -43,6 +44,92 @@
   * [io.js](CHANGELOG_IOJS.md)
   * [Archive](CHANGELOG_ARCHIVE.md)
 
+<a id="12.12.0"></a>
+## 2019-10-11, Version 12.12.0 (Current), @BridgeAR
+
+### Notable changes
+
+* **build**:
+  * Add `--force-context-aware` flag to prevent usage of native node addons that aren't context aware [#29631](https://github.com/nodejs/node/pull/29631)
+* **deprecations**:
+  * Add documentation-only deprecation for `process._tickCallback()` [#29781](https://github.com/nodejs/node/pull/29781)
+* **esm**:
+  * Using JSON modules is experimental again [#29754](https://github.com/nodejs/node/pull/29754)
+* **fs**:
+  * Introduce `opendir()` and `fs.Dir` to iterate through directories [#29349](https://github.com/nodejs/node/pull/29349)
+* **process**:
+  * Add source-map support to stack traces by using `--source-map-support`[#29564](https://github.com/nodejs/node/pull/29564)
+* **tls**:
+  * Honor `pauseOnConnect` option [#29635](https://github.com/nodejs/node/pull/29635)
+  * Add option for private keys for OpenSSL engines [#28973](https://github.com/nodejs/node/pull/28973)
+
+### Commits
+
+* [[`d09f2b4170`](https://github.com/nodejs/node/commit/d09f2b4170)] - **build**: build docs on Travis (Richard Lau) [#29783](https://github.com/nodejs/node/pull/29783)
+* [[`03ec4cea30`](https://github.com/nodejs/node/commit/03ec4cea30)] - **build**: do not link against librt on linux (Sam Roberts) [#29727](https://github.com/nodejs/node/pull/29727)
+* [[`f91778d2c7`](https://github.com/nodejs/node/commit/f91778d2c7)] - **build**: remove unused libatomic on ppc64, s390x (Sam Roberts) [#29727](https://github.com/nodejs/node/pull/29727)
+* [[`ab4c53e0ef`](https://github.com/nodejs/node/commit/ab4c53e0ef)] - **crypto**: remove arbitrary UTF16 restriction (Anna Henningsen) [#29795](https://github.com/nodejs/node/pull/29795)
+* [[`75f3b28d67`](https://github.com/nodejs/node/commit/75f3b28d67)] - **crypto**: refactor array buffer view validation (Ruben Bridgewater) [#29683](https://github.com/nodejs/node/pull/29683)
+* [[`5eb013b854`](https://github.com/nodejs/node/commit/5eb013b854)] - **deps**: update archs files for OpenSSL-1.1.1 (Sam Roberts) [#29550](https://github.com/nodejs/node/pull/29550)
+* [[`1766cfcb9e`](https://github.com/nodejs/node/commit/1766cfcb9e)] - **deps**: upgrade openssl sources to 1.1.1d (Sam Roberts) [#29550](https://github.com/nodejs/node/pull/29550)
+* [[`3d88b76680`](https://github.com/nodejs/node/commit/3d88b76680)] - **deps**: patch V8 to 7.7.299.13 (Michaël Zasso) [#29869](https://github.com/nodejs/node/pull/29869)
+* [[`600478ac13`](https://github.com/nodejs/node/commit/600478ac13)] - **dgram**: use `uv_udp_try_send()` (Anna Henningsen) [#29832](https://github.com/nodejs/node/pull/29832)
+* [[`ea6b6abb91`](https://github.com/nodejs/node/commit/ea6b6abb91)] - **doc**: remove spaces inside code span elements (Nick Schonning) [#29329](https://github.com/nodejs/node/pull/29329)
+* [[`20b9ef92d1`](https://github.com/nodejs/node/commit/20b9ef92d1)] - **doc**: add more info to fs.Dir and fix typos (Jeremiah Senkpiel) [#29890](https://github.com/nodejs/node/pull/29890)
+* [[`f566cd5801`](https://github.com/nodejs/node/commit/f566cd5801)] - **doc**: remove misleading paragraph about the Legacy URL API (Jakob Krigovsky) [#29844](https://github.com/nodejs/node/pull/29844)
+* [[`a5c2154534`](https://github.com/nodejs/node/commit/a5c2154534)] - **doc**: add explicit bracket for markdown reference links (Nick Schonning) [#29808](https://github.com/nodejs/node/pull/29808)
+* [[`ea9bf4a666`](https://github.com/nodejs/node/commit/ea9bf4a666)] - **doc**: implement minor CSS improvements (XhmikosR) [#29669](https://github.com/nodejs/node/pull/29669)
+* [[`a0498606a0`](https://github.com/nodejs/node/commit/a0498606a0)] - **doc**: fix return type for crypto.createDiffieHellmanGroup() (exoego) [#29696](https://github.com/nodejs/node/pull/29696)
+* [[`a00cd17b9e`](https://github.com/nodejs/node/commit/a00cd17b9e)] - **doc**: reuse link indexes for n-api.md (legendecas) [#29787](https://github.com/nodejs/node/pull/29787)
+* [[`aea0253697`](https://github.com/nodejs/node/commit/aea0253697)] - **doc**: unify place of stability notes (Vse Mozhet Byt) [#29799](https://github.com/nodejs/node/pull/29799)
+* [[`8b4f210bf5`](https://github.com/nodejs/node/commit/8b4f210bf5)] - **doc**: add missing deprecation code (cjihrig) [#29820](https://github.com/nodejs/node/pull/29820)
+* [[`bede98128f`](https://github.com/nodejs/node/commit/bede98128f)] - **doc**: remove reference to stale CITGM job (Michael Dawson) [#29774](https://github.com/nodejs/node/pull/29774)
+* [[`014eb67117`](https://github.com/nodejs/node/commit/014eb67117)] - **(SEMVER-MINOR)** **doc**: add documentation deprecation for process.\_tickCallback (Lucas Holmquist) [#29781](https://github.com/nodejs/node/pull/29781)
+* [[`62370efe7e`](https://github.com/nodejs/node/commit/62370efe7e)] - **doc**: add dash between SHA and PR in changelog (Nick Schonning) [#29558](https://github.com/nodejs/node/pull/29558)
+* [[`d1a4aa3ca2`](https://github.com/nodejs/node/commit/d1a4aa3ca2)] - **doc**: add missing reference link values (Nick Schonning) [#29558](https://github.com/nodejs/node/pull/29558)
+* [[`de4652f55e`](https://github.com/nodejs/node/commit/de4652f55e)] - **doc**: convert old changlogs SHA links to match newer format (Nick Schonning) [#29558](https://github.com/nodejs/node/pull/29558)
+* [[`60b1f6f303`](https://github.com/nodejs/node/commit/60b1f6f303)] - **doc**: complete cut off links in old changelog (Nick Schonning) [#29558](https://github.com/nodejs/node/pull/29558)
+* [[`906245e1a4`](https://github.com/nodejs/node/commit/906245e1a4)] - **doc**: clarify --pending-deprecation effects on Buffer() usage (Rich Trott) [#29769](https://github.com/nodejs/node/pull/29769)
+* [[`401f3e7235`](https://github.com/nodejs/node/commit/401f3e7235)] - **doc**: fix nits in dgram.md (Vse Mozhet Byt) [#29761](https://github.com/nodejs/node/pull/29761)
+* [[`bc48646206`](https://github.com/nodejs/node/commit/bc48646206)] - **doc**: improve process.ppid 'added in' info (Thomas Watson) [#29772](https://github.com/nodejs/node/pull/29772)
+* [[`0b46bcaaa5`](https://github.com/nodejs/node/commit/0b46bcaaa5)] - **doc**: security maintenance processes (Sam Roberts) [#29685](https://github.com/nodejs/node/pull/29685)
+* [[`f39259c079`](https://github.com/nodejs/node/commit/f39259c079)] - **doc**: remove redundant escape (XhmikosR) [#29716](https://github.com/nodejs/node/pull/29716)
+* [[`87fb1c297a`](https://github.com/nodejs/node/commit/87fb1c297a)] - **errors**: make sure all Node.js errors show their properties (Ruben Bridgewater) [#29677](https://github.com/nodejs/node/pull/29677)
+* [[`df218ce066`](https://github.com/nodejs/node/commit/df218ce066)] - ***Revert*** "**esm**: remove experimental status from JSON modules" (Guy Bedford) [#29754](https://github.com/nodejs/node/pull/29754)
+* [[`e7f604f495`](https://github.com/nodejs/node/commit/e7f604f495)] - **esm**: remove proxy for builtin exports (Bradley Farias) [#29737](https://github.com/nodejs/node/pull/29737)
+* [[`c56f765cf6`](https://github.com/nodejs/node/commit/c56f765cf6)] - **fs**: remove options.encoding from Dir.read\*() (Jeremiah Senkpiel) [#29908](https://github.com/nodejs/node/pull/29908)
+* [[`b76a2e502c`](https://github.com/nodejs/node/commit/b76a2e502c)] - **(SEMVER-MINOR)** **fs**: introduce `opendir()` and `fs.Dir` (Jeremiah Senkpiel) [#29349](https://github.com/nodejs/node/pull/29349)
+* [[`2bcde8309c`](https://github.com/nodejs/node/commit/2bcde8309c)] - **(SEMVER-MINOR)** **http2**: allow passing FileHandle to respondWithFD (Anna Henningsen) [#29876](https://github.com/nodejs/node/pull/29876)
+* [[`a240d45d1a`](https://github.com/nodejs/node/commit/a240d45d1a)] - **http2**: support passing options of http2.connect to net.connect (ZYSzys) [#29816](https://github.com/nodejs/node/pull/29816)
+* [[`3f153789b5`](https://github.com/nodejs/node/commit/3f153789b5)] - **http2**: set default maxConcurrentStreams (ZYSzys) [#29833](https://github.com/nodejs/node/pull/29833)
+* [[`6a989da6a0`](https://github.com/nodejs/node/commit/6a989da6a0)] - **http2**: use the latest settings (ZYSzys) [#29780](https://github.com/nodejs/node/pull/29780)
+* [[`b2cce13235`](https://github.com/nodejs/node/commit/b2cce13235)] - **inspector**: update faviconUrl (dokugo) [#29562](https://github.com/nodejs/node/pull/29562)
+* [[`60296a3612`](https://github.com/nodejs/node/commit/60296a3612)] - **lib**: make tick processor detect xcodebuild errors (Ben Noordhuis) [#29830](https://github.com/nodejs/node/pull/29830)
+* [[`9e5d691ee4`](https://github.com/nodejs/node/commit/9e5d691ee4)] - **lib**: introduce no-mixed-operators eslint rule to lib (ZYSzys) [#29834](https://github.com/nodejs/node/pull/29834)
+* [[`74a69abd12`](https://github.com/nodejs/node/commit/74a69abd12)] - **lib**: stop using prepareStackTrace (Gus Caplan) [#29777](https://github.com/nodejs/node/pull/29777)
+* [[`90562ae356`](https://github.com/nodejs/node/commit/90562ae356)] - **module**: use v8 synthetic modules (Guy Bedford) [#29846](https://github.com/nodejs/node/pull/29846)
+* [[`20896f74d6`](https://github.com/nodejs/node/commit/20896f74d6)] - **n-api,doc**: clarify napi\_finalize related APIs (legendecas) [#29797](https://github.com/nodejs/node/pull/29797)
+* [[`65c475269e`](https://github.com/nodejs/node/commit/65c475269e)] - **net**: emit close on unconnected socket (Robert Nagy) [#29803](https://github.com/nodejs/node/pull/29803)
+* [[`ae8b2b4ab7`](https://github.com/nodejs/node/commit/ae8b2b4ab7)] - **(SEMVER-MINOR)** **process**: add source-map support to stack traces (bcoe) [#29564](https://github.com/nodejs/node/pull/29564)
+* [[`3f6ce39acf`](https://github.com/nodejs/node/commit/3f6ce39acf)] - **src**: fix ESM path resolution on Windows (Thomas) [#29574](https://github.com/nodejs/node/pull/29574)
+* [[`6bfe8f47fa`](https://github.com/nodejs/node/commit/6bfe8f47fa)] - **(SEMVER-MINOR)** **src**: add buildflag to force context-aware addons (Shelley Vohr) [#29631](https://github.com/nodejs/node/pull/29631)
+* [[`6c75cc1b11`](https://github.com/nodejs/node/commit/6c75cc1b11)] - **stream**: do not deadlock duplexpair (Robert Nagy) [#29836](https://github.com/nodejs/node/pull/29836)
+* [[`320f649539`](https://github.com/nodejs/node/commit/320f649539)] - **stream**: add comment about undocumented API (Robert Nagy) [#29805](https://github.com/nodejs/node/pull/29805)
+* [[`5fdf4a474f`](https://github.com/nodejs/node/commit/5fdf4a474f)] - **test**: remove extra process.exit() (cjihrig) [#29873](https://github.com/nodejs/node/pull/29873)
+* [[`6a5d401f30`](https://github.com/nodejs/node/commit/6a5d401f30)] - **test**: remove spaces inside code span elements (Nick Schonning) [#29329](https://github.com/nodejs/node/pull/29329)
+* [[`adee99883a`](https://github.com/nodejs/node/commit/adee99883a)] - **test**: debug output for dlopen-ping-pong test (Sam Roberts) [#29818](https://github.com/nodejs/node/pull/29818)
+* [[`b309e20661`](https://github.com/nodejs/node/commit/b309e20661)] - **test**: add test for HTTP server response with Connection: close (Austin Wright) [#29836](https://github.com/nodejs/node/pull/29836)
+* [[`bf1727a3f3`](https://github.com/nodejs/node/commit/bf1727a3f3)] - **test**: add test for writable.write() argument types (Robert Nagy) [#29746](https://github.com/nodejs/node/pull/29746)
+* [[`3153dd6766`](https://github.com/nodejs/node/commit/3153dd6766)] - **test**: well-defined DH groups now verify clean (Sam Roberts) [#29550](https://github.com/nodejs/node/pull/29550)
+* [[`690a863aaa`](https://github.com/nodejs/node/commit/690a863aaa)] - **test**: simplify force-context-aware test (cjihrig) [#29705](https://github.com/nodejs/node/pull/29705)
+* [[`54ef0fd010`](https://github.com/nodejs/node/commit/54ef0fd010)] - **(SEMVER-MINOR)** **test**: --force-context-aware cli flag (Shelley Vohr) [#29631](https://github.com/nodejs/node/pull/29631)
+* [[`a7b56a5b01`](https://github.com/nodejs/node/commit/a7b56a5b01)] - **(SEMVER-MINOR)** **tls**: honor pauseOnConnect option (Robert Jensen) [#29635](https://github.com/nodejs/node/pull/29635)
+* [[`cf7b4056ca`](https://github.com/nodejs/node/commit/cf7b4056ca)] - **(SEMVER-MINOR)** **tls**: add option for private keys for OpenSSL engines (Anton Gerasimov) [#28973](https://github.com/nodejs/node/pull/28973)
+* [[`ba4946a520`](https://github.com/nodejs/node/commit/ba4946a520)] - **tools**: prohibit Error.prepareStackTrace() usage (Ruben Bridgewater) [#29827](https://github.com/nodejs/node/pull/29827)
+* [[`79f6cd3606`](https://github.com/nodejs/node/commit/79f6cd3606)] - **tools**: update ESLint to v6.5.1 (Rich Trott) [#29785](https://github.com/nodejs/node/pull/29785)
+* [[`6d88f0fef7`](https://github.com/nodejs/node/commit/6d88f0fef7)] - **vm**: refactor SourceTextModule (Gus Caplan) [#29776](https://github.com/nodejs/node/pull/29776)
+* [[`a7113048e3`](https://github.com/nodejs/node/commit/a7113048e3)] - **worker**: do not use two-arg NewIsolate (Shelley Vohr) [#29850](https://github.com/nodejs/node/pull/29850)
+
 <a id="12.11.1"></a>
 ## 2019-10-01, Version 12.11.1 (Current), @targos
 
diff --git a/src/node_version.h b/src/node_version.h
index 6fb15cabb3f7ed..a61a186edd3c92 100644
--- a/src/node_version.h
+++ b/src/node_version.h
@@ -23,13 +23,13 @@
 #define SRC_NODE_VERSION_H_
 
 #define NODE_MAJOR_VERSION 12
-#define NODE_MINOR_VERSION 11
-#define NODE_PATCH_VERSION 2
+#define NODE_MINOR_VERSION 12
+#define NODE_PATCH_VERSION 0
 
 #define NODE_VERSION_IS_LTS 0
 #define NODE_VERSION_LTS_CODENAME ""
 
-#define NODE_VERSION_IS_RELEASE 0
+#define NODE_VERSION_IS_RELEASE 1
 
 #ifndef NODE_STRINGIFY
 #define NODE_STRINGIFY(n) NODE_STRINGIFY_HELPER(n)