12 files changed, 311 insertions, 290 deletions

diff --git a/lib/libcrypto/pkcs7/Makefile.ssl b/lib/libcrypto/pkcs7/Makefile.ssl
index 37b72f08902..3f0c3452e52 100644
--- a/lib/libcrypto/pkcs7/Makefile.ssl
+++ b/lib/libcrypto/pkcs7/Makefile.ssl
@@ -5,13 +5,14 @@
 DIR=	pkcs7
 TOP=	../..
 CC=	cc
-INCLUDES= -I.. -I../../include
+INCLUDES= -I.. -I$(TOP) -I../../include
 CFLAG=-g
 INSTALL_PREFIX=
 OPENSSLDIR=     /usr/local/ssl
 INSTALLTOP=/usr/local/ssl
 MAKE=		make -f Makefile.ssl
-MAKEDEPEND=	$(TOP)/util/domd $(TOP)
+MAKEDEPPROG=	makedepend
+MAKEDEPEND=	$(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
 MAKEFILE=	Makefile.ssl
 AR=		ar r
 
@@ -25,8 +26,10 @@ TEST=
 APPS=
 
 LIB=$(TOP)/libcrypto.a
-LIBSRC=	pk7_lib.c pkcs7err.c pk7_doit.c pk7_smime.c pk7_attr.c pk7_mime.c
-LIBOBJ= pk7_lib.o pkcs7err.o pk7_doit.o pk7_smime.o pk7_attr.o pk7_mime.o
+LIBSRC=	pk7_asn1.c pk7_lib.c pkcs7err.c pk7_doit.c pk7_smime.c pk7_attr.c \
+	pk7_mime.c
+LIBOBJ= pk7_asn1.o pk7_lib.o pkcs7err.o pk7_doit.o pk7_smime.o pk7_attr.o \
+	pk7_mime.o
 
 SRC= $(LIBSRC)
 
@@ -58,8 +61,7 @@ verify: verify.o example.o lib
 
 lib:	$(LIBOBJ)
 	$(AR) $(LIB) $(LIBOBJ)
-	@echo You may get an error following this line.  Please ignore.
-	- $(RANLIB) $(LIB)
+	$(RANLIB) $(LIB) || echo Never mind.
 	@touch lib
 
 files:
@@ -98,121 +100,96 @@ clean:
 
 # DO NOT DELETE THIS LINE -- make depend depends on it.
 
+pk7_asn1.o: ../../e_os.h ../../include/openssl/asn1.h
+pk7_asn1.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+pk7_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+pk7_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+pk7_asn1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+pk7_asn1.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pk7_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pk7_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pk7_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pk7_asn1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+pk7_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pk7_asn1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pk7_asn1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pk7_asn1.o: ../cryptlib.h pk7_asn1.c
 pk7_attr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pk7_attr.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-pk7_attr.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-pk7_attr.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-pk7_attr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-pk7_attr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-pk7_attr.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-pk7_attr.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-pk7_attr.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-pk7_attr.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+pk7_attr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+pk7_attr.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+pk7_attr.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
+pk7_attr.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+pk7_attr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
 pk7_attr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-pk7_attr.o: ../../include/openssl/opensslv.h ../../include/openssl/pem.h
-pk7_attr.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
-pk7_attr.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-pk7_attr.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-pk7_attr.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-pk7_attr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pk7_attr.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-pk7_attr.o: ../../include/openssl/x509_vfy.h
-pk7_doit.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pk7_doit.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-pk7_doit.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-pk7_doit.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-pk7_doit.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-pk7_doit.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-pk7_doit.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+pk7_attr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pk7_attr.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
+pk7_attr.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+pk7_attr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pk7_attr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pk7_attr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pk7_attr.o: pk7_attr.c
+pk7_doit.o: ../../e_os.h ../../include/openssl/asn1.h
+pk7_doit.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+pk7_doit.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+pk7_doit.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+pk7_doit.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
 pk7_doit.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pk7_doit.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-pk7_doit.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-pk7_doit.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-pk7_doit.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-pk7_doit.o: ../../include/openssl/opensslconf.h
-pk7_doit.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-pk7_doit.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-pk7_doit.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-pk7_doit.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-pk7_doit.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-pk7_doit.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pk7_doit.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-pk7_doit.o: ../../include/openssl/x509v3.h ../cryptlib.h
-pk7_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pk7_lib.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-pk7_lib.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-pk7_lib.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+pk7_doit.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pk7_doit.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pk7_doit.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pk7_doit.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+pk7_doit.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+pk7_doit.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pk7_doit.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pk7_doit.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
+pk7_doit.o: ../cryptlib.h pk7_doit.c
+pk7_lib.o: ../../e_os.h ../../include/openssl/asn1.h
+pk7_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+pk7_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 pk7_lib.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-pk7_lib.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-pk7_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pk7_lib.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-pk7_lib.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-pk7_lib.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+pk7_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pk7_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
 pk7_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 pk7_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-pk7_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-pk7_lib.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-pk7_lib.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-pk7_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-pk7_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pk7_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-pk7_lib.o: ../cryptlib.h
-pk7_mime.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pk7_mime.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-pk7_mime.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-pk7_mime.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+pk7_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
+pk7_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+pk7_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pk7_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pk7_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pk7_lib.c
+pk7_mime.o: ../../e_os.h ../../include/openssl/asn1.h
+pk7_mime.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+pk7_mime.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
 pk7_mime.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-pk7_mime.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-pk7_mime.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pk7_mime.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-pk7_mime.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-pk7_mime.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+pk7_mime.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pk7_mime.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
 pk7_mime.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
 pk7_mime.o: ../../include/openssl/opensslconf.h
-pk7_mime.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-pk7_mime.o: ../../include/openssl/rand.h ../../include/openssl/rc2.h
-pk7_mime.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-pk7_mime.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-pk7_mime.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-pk7_mime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-pk7_mime.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-pk7_mime.o: ../cryptlib.h
-pk7_smime.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pk7_smime.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-pk7_smime.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-pk7_smime.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-pk7_smime.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-pk7_smime.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-pk7_smime.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+pk7_mime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pk7_mime.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h
+pk7_mime.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+pk7_mime.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pk7_mime.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pk7_mime.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pk7_mime.c
+pk7_smime.o: ../../e_os.h ../../include/openssl/asn1.h
+pk7_smime.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+pk7_smime.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h
+pk7_smime.o: ../../include/openssl/crypto.h ../../include/openssl/dh.h
+pk7_smime.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
 pk7_smime.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-pk7_smime.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-pk7_smime.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-pk7_smime.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-pk7_smime.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+pk7_smime.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+pk7_smime.o: ../../include/openssl/objects.h
 pk7_smime.o: ../../include/openssl/opensslconf.h
-pk7_smime.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-pk7_smime.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-pk7_smime.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-pk7_smime.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-pk7_smime.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pk7_smime.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-pk7_smime.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
-pk7_smime.o: ../cryptlib.h
+pk7_smime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pk7_smime.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
+pk7_smime.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+pk7_smime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pk7_smime.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+pk7_smime.o: ../../include/openssl/x509v3.h ../cryptlib.h pk7_smime.c
 pkcs7err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-pkcs7err.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-pkcs7err.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-pkcs7err.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
-pkcs7err.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+pkcs7err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
 pkcs7err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-pkcs7err.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-pkcs7err.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-pkcs7err.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-pkcs7err.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-pkcs7err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-pkcs7err.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-pkcs7err.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-pkcs7err.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
-pkcs7err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-pkcs7err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-pkcs7err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-pkcs7err.o: ../../include/openssl/x509_vfy.h
+pkcs7err.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+pkcs7err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
+pkcs7err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
+pkcs7err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+pkcs7err.o: pkcs7err.c
diff --git a/lib/libcrypto/pkcs7/bio_ber.c b/lib/libcrypto/pkcs7/bio_ber.c
index 5447e698186..42331f7ab0e 100644
--- a/lib/libcrypto/pkcs7/bio_ber.c
+++ b/lib/libcrypto/pkcs7/bio_ber.c
@@ -339,7 +339,7 @@ static long ber_ctrl(BIO *b, int cmd, long num, char *ptr)
 	case BIO_CTRL_RESET:
 		ctx->ok=1;
 		ctx->finished=0;
-		EVP_CipherInit(&(ctx->cipher),NULL,NULL,NULL,
+		EVP_CipherInit_ex(&(ctx->cipher),NULL,NULL,NULL,NULL,
 			ctx->cipher.berrypt);
 		ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
 		break;
@@ -376,7 +376,7 @@ again:
 			{
 			ctx->finished=1;
 			ctx->buf_off=0;
-			ret=EVP_CipherFinal(&(ctx->cipher),
+			ret=EVP_CipherFinal_ex(&(ctx->cipher),
 				(unsigned char *)ctx->buf,
 				&(ctx->buf_len));
 			ctx->ok=(int)ret;
@@ -458,7 +458,7 @@ void BIO_set_cipher(BIO *b, EVP_CIPHER *c, unsigned char *k, unsigned char *i,
 
 	b->init=1;
 	ctx=(BIO_ENC_CTX *)b->ptr;
-	EVP_CipherInit(&(ctx->cipher),c,k,i,e);
+	EVP_CipherInit_ex(&(ctx->cipher),c,NULL,k,i,e);
 	
 	if (b->callback != NULL)
 		b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,1L);
diff --git a/lib/libcrypto/pkcs7/enc.c b/lib/libcrypto/pkcs7/enc.c
index 2b56c2eff33..7417f8a4e00 100644
--- a/lib/libcrypto/pkcs7/enc.c
+++ b/lib/libcrypto/pkcs7/enc.c
@@ -128,7 +128,7 @@ char *argv[];
 	PKCS7_set_type(p7,NID_pkcs7_enveloped);
 #endif
 	if(!cipher)	{
-#ifndef NO_DES
+#ifndef OPENSSL_NO_DES
 		cipher = EVP_des_ede3_cbc();
 #else
 		fprintf(stderr, "No cipher selected\n");
diff --git a/lib/libcrypto/pkcs7/example.c b/lib/libcrypto/pkcs7/example.c
index f6656be28e1..c993947cc37 100644
--- a/lib/libcrypto/pkcs7/example.c
+++ b/lib/libcrypto/pkcs7/example.c
@@ -3,6 +3,7 @@
 #include <string.h>
 #include <openssl/pkcs7.h>
 #include <openssl/asn1_mac.h>
+#include <openssl/x509.h>
 
 int add_signed_time(PKCS7_SIGNER_INFO *si)
 	{
diff --git a/lib/libcrypto/pkcs7/pk7_attr.c b/lib/libcrypto/pkcs7/pk7_attr.c
index 6ae264cbf98..5ff5a88b5cf 100644
--- a/lib/libcrypto/pkcs7/pk7_attr.c
+++ b/lib/libcrypto/pkcs7/pk7_attr.c
@@ -1,9 +1,59 @@
 /* pk7_attr.c */
-/* S/MIME code.
- * Copyright (C) 1997-8 Dr S N Henson (shenson@bigfoot.com) 
- * All Rights Reserved. 
- * Redistribution of this code without the authors permission is expressly
- * prohibited.
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2001.
+ */
+/* ====================================================================
+ * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer. 
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
  */
 
 #include <stdio.h>
diff --git a/lib/libcrypto/pkcs7/pk7_doit.c b/lib/libcrypto/pkcs7/pk7_doit.c
index bf43d030ade..4a4ff340ce3 100644
--- a/lib/libcrypto/pkcs7/pk7_doit.c
+++ b/lib/libcrypto/pkcs7/pk7_doit.c
@@ -67,6 +67,38 @@ static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype,
 			 void *value);
 static ASN1_TYPE *get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid);
 
+static int PKCS7_type_is_other(PKCS7* p7)
+	{
+	int isOther=1;
+	
+	int nid=OBJ_obj2nid(p7->type);
+
+	switch( nid )
+		{
+	case NID_pkcs7_data:
+	case NID_pkcs7_signed:
+	case NID_pkcs7_enveloped:
+	case NID_pkcs7_signedAndEnveloped:
+	case NID_pkcs7_digest:
+	case NID_pkcs7_encrypted:
+		isOther=0;
+		break;
+	default:
+		isOther=1;
+		}
+
+	return isOther;
+
+	}
+
+static int PKCS7_type_is_octet_string(PKCS7* p7)
+	{
+	if ( 0==PKCS7_type_is_other(p7) )
+		return 0;
+
+	return (V_ASN1_OCTET_STRING==p7->d.other->type) ? 1 : 0;
+	}
+
 BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
 	{
 	int i,j;
@@ -165,7 +197,7 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
 			goto err;
 		xalg->algorithm = OBJ_nid2obj(EVP_CIPHER_type(evp_cipher));
 		if (ivlen > 0) RAND_pseudo_bytes(iv,ivlen);
-		EVP_CipherInit(ctx, evp_cipher, key, iv, 1);
+		EVP_CipherInit_ex(ctx, evp_cipher, NULL, key, iv, 1);
 
 		if (ivlen > 0) {
 			if (xalg->parameter == NULL) 
@@ -219,16 +251,23 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio)
 		}
 
 	if (bio == NULL) {
-		if (p7->detached)
+		if (PKCS7_is_detached(p7))
 			bio=BIO_new(BIO_s_null());
 		else {
-			if (PKCS7_type_is_signed(p7) &&
-				PKCS7_type_is_data(p7->d.sign->contents)) {
-				ASN1_OCTET_STRING *os;
-				os=p7->d.sign->contents->d.data;
-				if (os->length > 0) bio = 
-					BIO_new_mem_buf(os->data, os->length);
-			} 
+			if (PKCS7_type_is_signed(p7) ) { 
+				if ( PKCS7_type_is_data(p7->d.sign->contents)) {
+					ASN1_OCTET_STRING *os;
+					os=p7->d.sign->contents->d.data;
+					if (os->length > 0)
+						bio = BIO_new_mem_buf(os->data, os->length);
+				}
+				else if ( PKCS7_type_is_octet_string(p7->d.sign->contents) ) {
+					ASN1_OCTET_STRING *os;
+					os=p7->d.sign->contents->d.other->value.octet_string;
+					if (os->length > 0)
+						bio = BIO_new_mem_buf(os->data, os->length);
+				}
+			}
 			if(bio == NULL) {
 				bio=BIO_new(BIO_s_mem());
 				BIO_set_mem_eof_return(bio,0);
@@ -391,7 +430,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
 
 		evp_ctx=NULL;
 		BIO_get_cipher_ctx(etmp,&evp_ctx);
-		EVP_CipherInit(evp_ctx,evp_cipher,NULL,NULL,0);
+		EVP_CipherInit_ex(evp_ctx,evp_cipher,NULL,NULL,NULL,0);
 		if (EVP_CIPHER_asn1_to_param(evp_ctx,enc_alg->parameter) < 0)
 			goto err;
 
@@ -407,7 +446,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
 				goto err;
 				}
 		} 
-		EVP_CipherInit(evp_ctx,NULL,tmp,NULL,0);
+		EVP_CipherInit_ex(evp_ctx,NULL,NULL,tmp,NULL,0);
 
 		memset(tmp,0,jj);
 
@@ -419,7 +458,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
 		}
 
 #if 1
-	if (p7->detached || (in_bio != NULL))
+	if (PKCS7_is_detached(p7) || (in_bio != NULL))
 		{
 		bio=in_bio;
 		}
@@ -471,10 +510,9 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
 	EVP_MD_CTX *mdc,ctx_tmp;
 	STACK_OF(X509_ATTRIBUTE) *sk;
 	STACK_OF(PKCS7_SIGNER_INFO) *si_sk=NULL;
-	unsigned char *p,*pp=NULL;
-	int x;
 	ASN1_OCTET_STRING *os=NULL;
 
+	EVP_MD_CTX_init(&ctx_tmp);
 	i=OBJ_obj2nid(p7->type);
 	p7->state=PKCS7_S_HEADER;
 
@@ -528,7 +566,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
 				BIO_get_md_ctx(btmp,&mdc);
 				if (mdc == NULL)
 					{
-					PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_INTERNAL_ERROR);
+					PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_INTERNAL_ERROR);
 					goto err;
 					}
 				if (EVP_MD_CTX_type(mdc) == j)
@@ -539,7 +577,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
 			
 			/* We now have the EVP_MD_CTX, lets do the
 			 * signing. */
-			memcpy(&ctx_tmp,mdc,sizeof(ctx_tmp));
+			EVP_MD_CTX_copy_ex(&ctx_tmp,mdc);
 			if (!BUF_MEM_grow(buf,EVP_PKEY_size(si->pkey)))
 				{
 				PKCS7err(PKCS7_F_PKCS7_DATASIGN,ERR_R_BIO_LIB);
@@ -552,43 +590,41 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
 			 * attribute and only sign the attributes */
 			if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0))
 				{
-				unsigned char md_data[EVP_MAX_MD_SIZE];
-				unsigned int md_len;
+				unsigned char md_data[EVP_MAX_MD_SIZE], *abuf=NULL;
+				unsigned int md_len, alen;
 				ASN1_OCTET_STRING *digest;
 				ASN1_UTCTIME *sign_time;
 				const EVP_MD *md_tmp;
 
-				/* Add signing time */
-				sign_time=X509_gmtime_adj(NULL,0);
-				PKCS7_add_signed_attribute(si,
-					NID_pkcs9_signingTime,
-					V_ASN1_UTCTIME,sign_time);
+				/* Add signing time if not already present */
+				if (!PKCS7_get_signed_attribute(si,
+							NID_pkcs9_signingTime))
+					{
+					sign_time=X509_gmtime_adj(NULL,0);
+					PKCS7_add_signed_attribute(si,
+						NID_pkcs9_signingTime,
+						V_ASN1_UTCTIME,sign_time);
+					}
 
 				/* Add digest */
 				md_tmp=EVP_MD_CTX_md(&ctx_tmp);
-				EVP_DigestFinal(&ctx_tmp,md_data,&md_len);
+				EVP_DigestFinal_ex(&ctx_tmp,md_data,&md_len);
 				digest=M_ASN1_OCTET_STRING_new();
 				M_ASN1_OCTET_STRING_set(digest,md_data,md_len);
 				PKCS7_add_signed_attribute(si,
 					NID_pkcs9_messageDigest,
 					V_ASN1_OCTET_STRING,digest);
 
-				/* Now sign the mess */
-				EVP_SignInit(&ctx_tmp,md_tmp);
-				x=i2d_ASN1_SET_OF_X509_ATTRIBUTE(sk,NULL,
-					   i2d_X509_ATTRIBUTE,
-					   V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET);
-				pp=(unsigned char *)OPENSSL_malloc(x);
-				p=pp;
-				i2d_ASN1_SET_OF_X509_ATTRIBUTE(sk,&p,
-				           i2d_X509_ATTRIBUTE,
-					   V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET);
-				EVP_SignUpdate(&ctx_tmp,pp,x);
-				OPENSSL_free(pp);
-				pp=NULL;
+				/* Now sign the attributes */
+				EVP_SignInit_ex(&ctx_tmp,md_tmp,NULL);
+				alen = ASN1_item_i2d((ASN1_VALUE *)sk,&abuf,
+							ASN1_ITEM_rptr(PKCS7_ATTR_SIGN));
+				if(!abuf) goto err;
+				EVP_SignUpdate(&ctx_tmp,abuf,alen);
+				OPENSSL_free(abuf);
 				}
 
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
 			if (si->pkey->type == EVP_PKEY_DSA)
 				ctx_tmp.digest=EVP_dss1();
 #endif
@@ -608,7 +644,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
 			}
 		}
 
-	if (!p7->detached)
+	if (!PKCS7_is_detached(p7))
 		{
 		btmp=BIO_find_type(bio,BIO_TYPE_MEM);
 		if (btmp == NULL)
@@ -629,11 +665,9 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
 			(unsigned char *)buf_mem->data,buf_mem->length);
 #endif
 		}
-	if (pp != NULL) OPENSSL_free(pp);
-	pp=NULL;
-
 	ret=1;
 err:
+	EVP_MD_CTX_cleanup(&ctx_tmp);
 	if (buf != NULL) BUF_MEM_free(buf);
 	return(ret);
 	}
@@ -672,7 +706,11 @@ int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx, BIO *bio,
 		}
 
 	/* Lets verify */
-	X509_STORE_CTX_init(ctx,cert_store,x509,cert);
+	if(!X509_STORE_CTX_init(ctx,cert_store,x509,cert))
+		{
+		PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,ERR_R_X509_LIB);
+		goto err;
+		}
 	X509_STORE_CTX_set_purpose(ctx, X509_PURPOSE_SMIME_SIGN);
 	i=X509_verify_cert(ctx);
 	if (i <= 0) 
@@ -693,13 +731,14 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
 	{
 	ASN1_OCTET_STRING *os;
 	EVP_MD_CTX mdc_tmp,*mdc;
-	unsigned char *pp,*p;
 	int ret=0,i;
 	int md_type;
 	STACK_OF(X509_ATTRIBUTE) *sk;
 	BIO *btmp;
 	EVP_PKEY *pkey;
 
+	EVP_MD_CTX_init(&mdc_tmp);
+
 	if (!PKCS7_type_is_signed(p7) && 
 				!PKCS7_type_is_signedAndEnveloped(p7)) {
 		PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
@@ -723,7 +762,7 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
 		if (mdc == NULL)
 			{
 			PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY,
-							PKCS7_R_INTERNAL_ERROR);
+							ERR_R_INTERNAL_ERROR);
 			goto err;
 			}
 		if (EVP_MD_CTX_type(mdc) == md_type)
@@ -733,16 +772,16 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
 
 	/* mdc is the digest ctx that we want, unless there are attributes,
 	 * in which case the digest is the signed attributes */
-	memcpy(&mdc_tmp,mdc,sizeof(mdc_tmp));
+	EVP_MD_CTX_copy_ex(&mdc_tmp,mdc);
 
 	sk=si->auth_attr;
 	if ((sk != NULL) && (sk_X509_ATTRIBUTE_num(sk) != 0))
 		{
-		unsigned char md_dat[EVP_MAX_MD_SIZE];
-                unsigned int md_len;
+		unsigned char md_dat[EVP_MAX_MD_SIZE], *abuf = NULL;
+                unsigned int md_len, alen;
 		ASN1_OCTET_STRING *message_digest;
 
-		EVP_DigestFinal(&mdc_tmp,md_dat,&md_len);
+		EVP_DigestFinal_ex(&mdc_tmp,md_dat,&md_len);
 		message_digest=PKCS7_digest_from_attributes(sk);
 		if (!message_digest)
 			{
@@ -767,20 +806,13 @@ for (ii=0; ii<md_len; ii++) printf("%02X",md_dat[ii]); printf(" calc\n");
 			goto err;
 			}
 
-		EVP_VerifyInit(&mdc_tmp,EVP_get_digestbynid(md_type));
-		/* Note: when forming the encoding of the attributes we
-		 * shouldn't reorder them or this will break the signature.
-		 * This is done by using the IS_SEQUENCE flag.
-		 */
-		i=i2d_ASN1_SET_OF_X509_ATTRIBUTE(sk,NULL,i2d_X509_ATTRIBUTE,
-			V_ASN1_SET,V_ASN1_UNIVERSAL, IS_SEQUENCE);
-		pp=OPENSSL_malloc(i);
-		p=pp;
-		i2d_ASN1_SET_OF_X509_ATTRIBUTE(sk,&p,i2d_X509_ATTRIBUTE,
-			V_ASN1_SET,V_ASN1_UNIVERSAL, IS_SEQUENCE);
-		EVP_VerifyUpdate(&mdc_tmp,pp,i);
+		EVP_VerifyInit_ex(&mdc_tmp,EVP_get_digestbynid(md_type), NULL);
+
+		alen = ASN1_item_i2d((ASN1_VALUE *)sk, &abuf,
+						ASN1_ITEM_rptr(PKCS7_ATTR_VERIFY));
+		EVP_VerifyUpdate(&mdc_tmp, abuf, alen);
 
-		OPENSSL_free(pp);
+		OPENSSL_free(abuf);
 		}
 
 	os=si->enc_digest;
@@ -790,7 +822,7 @@ for (ii=0; ii<md_len; ii++) printf("%02X",md_dat[ii]); printf(" calc\n");
 		ret = -1;
 		goto err;
 		}
-#ifndef NO_DSA
+#ifndef OPENSSL_NO_DSA
 	if(pkey->type == EVP_PKEY_DSA) mdc_tmp.digest=EVP_dss1();
 #endif
 
@@ -806,6 +838,7 @@ for (ii=0; ii<md_len; ii++) printf("%02X",md_dat[ii]); printf(" calc\n");
 	else
 		ret=1;
 err:
+	EVP_MD_CTX_cleanup(&mdc_tmp);
 	return(ret);
 	}
 
@@ -847,7 +880,7 @@ static ASN1_TYPE *get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid)
 		xa=sk_X509_ATTRIBUTE_value(sk,i);
 		if (OBJ_cmp(xa->object,o) == 0)
 			{
-			if (xa->set && sk_ASN1_TYPE_num(xa->value.set))
+			if (!xa->single && sk_ASN1_TYPE_num(xa->value.set))
 				return(sk_ASN1_TYPE_value(xa->value.set,0));
 			else
 				return(NULL);
diff --git a/lib/libcrypto/pkcs7/pk7_lib.c b/lib/libcrypto/pkcs7/pk7_lib.c
index 45973fe8507..c00ed6833a5 100644
--- a/lib/libcrypto/pkcs7/pk7_lib.c
+++ b/lib/libcrypto/pkcs7/pk7_lib.c
@@ -84,7 +84,11 @@ long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg)
 	case PKCS7_OP_GET_DETACHED_SIGNATURE:
 		if (nid == NID_pkcs7_signed)
 			{
-			ret=p7->detached;
+			if(!p7->d.sign  || !p7->d.sign->contents->d.ptr)
+				ret = 1;
+			else ret = 0;
+				
+			p7->detached = ret;
 			}
 		else
 			{
@@ -144,7 +148,7 @@ int PKCS7_set_type(PKCS7 *p7, int type)
 	{
 	ASN1_OBJECT *obj;
 
-	PKCS7_content_free(p7);
+	/*PKCS7_content_free(p7);*/
 	obj=OBJ_nid2obj(type); /* will not fail */
 
 	switch (type)
@@ -165,18 +169,24 @@ int PKCS7_set_type(PKCS7 *p7, int type)
 		if ((p7->d.signed_and_enveloped=PKCS7_SIGN_ENVELOPE_new())
 			== NULL) goto err;
 		ASN1_INTEGER_set(p7->d.signed_and_enveloped->version,1);
+		p7->d.signed_and_enveloped->enc_data->content_type
+						= OBJ_nid2obj(NID_pkcs7_data);
 		break;
 	case NID_pkcs7_enveloped:
 		p7->type=obj;
 		if ((p7->d.enveloped=PKCS7_ENVELOPE_new())
 			== NULL) goto err;
 		ASN1_INTEGER_set(p7->d.enveloped->version,0);
+		p7->d.enveloped->enc_data->content_type
+						= OBJ_nid2obj(NID_pkcs7_data);
 		break;
 	case NID_pkcs7_encrypted:
 		p7->type=obj;
 		if ((p7->d.encrypted=PKCS7_ENCRYPT_new())
 			== NULL) goto err;
 		ASN1_INTEGER_set(p7->d.encrypted->version,0);
+		p7->d.encrypted->enc_data->content_type
+						= OBJ_nid2obj(NID_pkcs7_data);
 		break;
 
 	case NID_pkcs7_digest:
@@ -295,7 +305,7 @@ int PKCS7_add_crl(PKCS7 *p7, X509_CRL *crl)
 	}
 
 int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
-	     EVP_MD *dgst)
+	     const EVP_MD *dgst)
 	{
 	char is_dsa;
 	if (pkey->type == EVP_PKEY_DSA) is_dsa = 1;
@@ -343,7 +353,7 @@ err:
 	}
 
 PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509, EVP_PKEY *pkey,
-	     EVP_MD *dgst)
+	     const EVP_MD *dgst)
 	{
 	PKCS7_SIGNER_INFO *si;
 
@@ -415,9 +425,7 @@ int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509)
 		M_ASN1_INTEGER_dup(X509_get_serialNumber(x509));
 
 	X509_ALGOR_free(p7i->key_enc_algor);
-	p7i->key_enc_algor=(X509_ALGOR *)ASN1_dup(i2d_X509_ALGOR,
-		(char *(*)())d2i_X509_ALGOR,
-		(char *)x509->cert_info->key->algor);
+	p7i->key_enc_algor= X509_ALGOR_dup(x509->cert_info->key->algor);
 
 	CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509);
 	p7i->cert=x509;
diff --git a/lib/libcrypto/pkcs7/pk7_smime.c b/lib/libcrypto/pkcs7/pk7_smime.c
index 3d3214f5eee..f0d071e2824 100644
--- a/lib/libcrypto/pkcs7/pk7_smime.c
+++ b/lib/libcrypto/pkcs7/pk7_smime.c
@@ -115,17 +115,17 @@ PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
 			PKCS7err(PKCS7_F_PKCS7_SIGN,ERR_R_MALLOC_FAILURE);
 			return NULL;
 		}
-#ifndef NO_DES
+#ifndef OPENSSL_NO_DES
 		PKCS7_simple_smimecap (smcap, NID_des_ede3_cbc, -1);
 #endif
-#ifndef NO_RC2
+#ifndef OPENSSL_NO_RC2
 		PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 128);
 		PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 64);
 #endif
-#ifndef NO_DES
+#ifndef OPENSSL_NO_DES
 		PKCS7_simple_smimecap (smcap, NID_des_cbc, -1);
 #endif
-#ifndef NO_RC2
+#ifndef OPENSSL_NO_RC2
 		PKCS7_simple_smimecap (smcap, NID_rc2_cbc, 40);
 #endif
 		PKCS7_add_attrib_smimecap (si, smcap);
@@ -201,11 +201,20 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
 	if (!(flags & PKCS7_NOVERIFY)) for (k = 0; k < sk_X509_num(signers); k++) {
 		signer = sk_X509_value (signers, k);
 		if (!(flags & PKCS7_NOCHAIN)) {
-			X509_STORE_CTX_init(&cert_ctx, store, signer,
-							p7->d.sign->cert);
+			if(!X509_STORE_CTX_init(&cert_ctx, store, signer,
+							p7->d.sign->cert))
+				{
+				PKCS7err(PKCS7_F_PKCS7_VERIFY,ERR_R_X509_LIB);
+				sk_X509_free(signers);
+				return 0;
+				}
 			X509_STORE_CTX_set_purpose(&cert_ctx,
 						X509_PURPOSE_SMIME_SIGN);
-		} else X509_STORE_CTX_init (&cert_ctx, store, signer, NULL);
+		} else if(!X509_STORE_CTX_init (&cert_ctx, store, signer, NULL)) {
+			PKCS7err(PKCS7_F_PKCS7_VERIFY,ERR_R_X509_LIB);
+			sk_X509_free(signers);
+			return 0;
+		}
 		i = X509_verify_cert(&cert_ctx);
 		if (i <= 0) j = X509_STORE_CTX_get_error(&cert_ctx);
 		X509_STORE_CTX_cleanup(&cert_ctx);
@@ -327,7 +336,7 @@ STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags)
 
 /* Build a complete PKCS#7 enveloped data */
 
-PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, EVP_CIPHER *cipher,
+PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher,
 								int flags)
 {
 	PKCS7 *p7;
diff --git a/lib/libcrypto/pkcs7/pkcs7.h b/lib/libcrypto/pkcs7/pkcs7.h
index 1b817e605d1..5819700a850 100644
--- a/lib/libcrypto/pkcs7/pkcs7.h
+++ b/lib/libcrypto/pkcs7/pkcs7.h
@@ -59,16 +59,18 @@
 #ifndef HEADER_PKCS7_H
 #define HEADER_PKCS7_H
 
+#include <openssl/asn1.h>
 #include <openssl/bio.h>
-#include <openssl/x509.h>
+#include <openssl/e_os2.h>
 
 #include <openssl/symhacks.h>
+#include <openssl/ossl_typ.h>
 
 #ifdef  __cplusplus
 extern "C" {
 #endif
 
-#ifdef WIN32
+#ifdef OPENSSL_SYS_WIN32
 /* Under Win32 thes are defined in wincrypt.h */
 #undef PKCS7_ISSUER_AND_SERIAL
 #undef PKCS7_SIGNER_INFO
@@ -225,6 +227,7 @@ DECLARE_PKCS12_STACK_OF(PKCS7)
 #define PKCS7_get_attributes(si)	((si)->unauth_attr)
 
 #define PKCS7_type_is_signed(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_signed)
+#define PKCS7_type_is_encrypted(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_encrypted)
 #define PKCS7_type_is_enveloped(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_enveloped)
 #define PKCS7_type_is_signedAndEnveloped(a) \
 		(OBJ_obj2nid((a)->type) == NID_pkcs7_signedAndEnveloped)
@@ -235,6 +238,8 @@ DECLARE_PKCS12_STACK_OF(PKCS7)
 #define PKCS7_get_detached(p) \
 		PKCS7_ctrl(p,PKCS7_OP_GET_DETACHED_SIGNATURE,0,NULL)
 
+#define PKCS7_is_detached(p7) (PKCS7_type_is_signed(p7) && PKCS7_get_detached(p7))
+
 #ifdef SSLEAY_MACROS
 #ifndef PKCS7_ISSUER_AND_SERIAL_digest
 #define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \
@@ -268,19 +273,12 @@ DECLARE_PKCS12_STACK_OF(PKCS7)
 #define SMIME_BINARY	PKCS7_BINARY
 #define SMIME_NOATTR	PKCS7_NOATTR
 
-PKCS7_ISSUER_AND_SERIAL *PKCS7_ISSUER_AND_SERIAL_new(void );
-void			PKCS7_ISSUER_AND_SERIAL_free(
-				PKCS7_ISSUER_AND_SERIAL *a);
-int 			i2d_PKCS7_ISSUER_AND_SERIAL(
-				PKCS7_ISSUER_AND_SERIAL *a,unsigned char **pp);
-PKCS7_ISSUER_AND_SERIAL *d2i_PKCS7_ISSUER_AND_SERIAL(
-				PKCS7_ISSUER_AND_SERIAL **a,
-				unsigned char **pp, long length);
+DECLARE_ASN1_FUNCTIONS(PKCS7_ISSUER_AND_SERIAL)
 
 #ifndef SSLEAY_MACROS
 int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,const EVP_MD *type,
 	unsigned char *md,unsigned int *len);
-#ifndef NO_FP_API
+#ifndef OPENSSL_NO_FP_API
 PKCS7 *d2i_PKCS7_fp(FILE *fp,PKCS7 **p7);
 int i2d_PKCS7_fp(FILE *fp,PKCS7 *p7);
 #endif
@@ -289,71 +287,18 @@ PKCS7 *d2i_PKCS7_bio(BIO *bp,PKCS7 **p7);
 int i2d_PKCS7_bio(BIO *bp,PKCS7 *p7);
 #endif
 
-PKCS7_SIGNER_INFO	*PKCS7_SIGNER_INFO_new(void);
-void			PKCS7_SIGNER_INFO_free(PKCS7_SIGNER_INFO *a);
-int 			i2d_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO *a,
-				unsigned char **pp);
-PKCS7_SIGNER_INFO	*d2i_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO **a,
-				unsigned char **pp,long length);
-
-PKCS7_RECIP_INFO	*PKCS7_RECIP_INFO_new(void);
-void			PKCS7_RECIP_INFO_free(PKCS7_RECIP_INFO *a);
-int 			i2d_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO *a,
-				unsigned char **pp);
-PKCS7_RECIP_INFO	*d2i_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO **a,
-				unsigned char **pp,long length);
-
-PKCS7_SIGNED		*PKCS7_SIGNED_new(void);
-void			PKCS7_SIGNED_free(PKCS7_SIGNED *a);
-int 			i2d_PKCS7_SIGNED(PKCS7_SIGNED *a,
-				unsigned char **pp);
-PKCS7_SIGNED		*d2i_PKCS7_SIGNED(PKCS7_SIGNED **a,
-				unsigned char **pp,long length);
-
-PKCS7_ENC_CONTENT	*PKCS7_ENC_CONTENT_new(void);
-void			PKCS7_ENC_CONTENT_free(PKCS7_ENC_CONTENT *a);
-int 			i2d_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT *a,
-				unsigned char **pp);
-PKCS7_ENC_CONTENT	*d2i_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT **a,
-				unsigned char **pp,long length);
-
-PKCS7_ENVELOPE		*PKCS7_ENVELOPE_new(void);
-void			PKCS7_ENVELOPE_free(PKCS7_ENVELOPE *a);
-int 			i2d_PKCS7_ENVELOPE(PKCS7_ENVELOPE *a,
-				unsigned char **pp);
-PKCS7_ENVELOPE		*d2i_PKCS7_ENVELOPE(PKCS7_ENVELOPE **a,
-				unsigned char **pp,long length);
-
-PKCS7_SIGN_ENVELOPE	*PKCS7_SIGN_ENVELOPE_new(void);
-void			PKCS7_SIGN_ENVELOPE_free(PKCS7_SIGN_ENVELOPE *a);
-int 			i2d_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE *a,
-				unsigned char **pp);
-PKCS7_SIGN_ENVELOPE	*d2i_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE **a,
-				unsigned char **pp,long length);
-
-PKCS7_DIGEST		*PKCS7_DIGEST_new(void);
-void			PKCS7_DIGEST_free(PKCS7_DIGEST *a);
-int 			i2d_PKCS7_DIGEST(PKCS7_DIGEST *a,
-				unsigned char **pp);
-PKCS7_DIGEST		*d2i_PKCS7_DIGEST(PKCS7_DIGEST **a,
-				unsigned char **pp,long length);
-
-PKCS7_ENCRYPT		*PKCS7_ENCRYPT_new(void);
-void			PKCS7_ENCRYPT_free(PKCS7_ENCRYPT *a);
-int 			i2d_PKCS7_ENCRYPT(PKCS7_ENCRYPT *a,
-				unsigned char **pp);
-PKCS7_ENCRYPT		*d2i_PKCS7_ENCRYPT(PKCS7_ENCRYPT **a,
-				unsigned char **pp,long length);
-
-PKCS7			*PKCS7_new(void);
-void			PKCS7_free(PKCS7 *a);
-void			PKCS7_content_free(PKCS7 *a);
-int 			i2d_PKCS7(PKCS7 *a,
-				unsigned char **pp);
-PKCS7			*d2i_PKCS7(PKCS7 **a,
-				unsigned char **pp,long length);
+DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNER_INFO)
+DECLARE_ASN1_FUNCTIONS(PKCS7_RECIP_INFO)
+DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNED)
+DECLARE_ASN1_FUNCTIONS(PKCS7_ENC_CONTENT)
+DECLARE_ASN1_FUNCTIONS(PKCS7_ENVELOPE)
+DECLARE_ASN1_FUNCTIONS(PKCS7_SIGN_ENVELOPE)
+DECLARE_ASN1_FUNCTIONS(PKCS7_DIGEST)
+DECLARE_ASN1_FUNCTIONS(PKCS7_ENCRYPT)
+DECLARE_ASN1_FUNCTIONS(PKCS7)
 
-void ERR_load_PKCS7_strings(void);
+DECLARE_ASN1_ITEM(PKCS7_ATTR_SIGN)
+DECLARE_ASN1_ITEM(PKCS7_ATTR_VERIFY)
 
 
 long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg);
@@ -361,7 +306,7 @@ long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg);
 int PKCS7_set_type(PKCS7 *p7, int type);
 int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data);
 int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
-	EVP_MD *dgst);
+	const EVP_MD *dgst);
 int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i);
 int PKCS7_add_certificate(PKCS7 *p7, X509 *x509);
 int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509);
@@ -377,7 +322,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert);
 
 
 PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509,
-	EVP_PKEY *pkey, EVP_MD *dgst);
+	EVP_PKEY *pkey, const EVP_MD *dgst);
 X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si);
 STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7);
 
@@ -404,7 +349,7 @@ PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
 int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
 					BIO *indata, BIO *out, int flags);
 STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags);
-PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, EVP_CIPHER *cipher,
+PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher,
 								int flags);
 int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags);
 
@@ -422,6 +367,7 @@ int SMIME_text(BIO *in, BIO *out);
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.
  */
+void ERR_load_PKCS7_strings(void);
 
 /* Error codes for the PKCS7 functions. */
 
@@ -462,7 +408,6 @@ int SMIME_text(BIO *in, BIO *out);
 #define PKCS7_R_DIGEST_FAILURE				 101
 #define PKCS7_R_ERROR_ADDING_RECIPIENT			 120
 #define PKCS7_R_ERROR_SETTING_CIPHER			 121
-#define PKCS7_R_INTERNAL_ERROR				 102
 #define PKCS7_R_INVALID_MIME_TYPE			 131
 #define PKCS7_R_INVALID_NULL_POINTER			 143
 #define PKCS7_R_MIME_NO_CONTENT_TYPE			 132
@@ -502,4 +447,3 @@ int SMIME_text(BIO *in, BIO *out);
 }
 #endif
 #endif
-
diff --git a/lib/libcrypto/pkcs7/pkcs7err.c b/lib/libcrypto/pkcs7/pkcs7err.c
index 8ded8913dbf..5e51527a407 100644
--- a/lib/libcrypto/pkcs7/pkcs7err.c
+++ b/lib/libcrypto/pkcs7/pkcs7err.c
@@ -63,7 +63,7 @@
 #include <openssl/pkcs7.h>
 
 /* BEGIN ERROR CODES */
-#ifndef NO_ERR
+#ifndef OPENSSL_NO_ERR
 static ERR_STRING_DATA PKCS7_str_functs[]=
 	{
 {ERR_PACK(0,PKCS7_F_B64_READ_PKCS7,0),	"B64_READ_PKCS7"},
@@ -105,7 +105,6 @@ static ERR_STRING_DATA PKCS7_str_reasons[]=
 {PKCS7_R_DIGEST_FAILURE                  ,"digest failure"},
 {PKCS7_R_ERROR_ADDING_RECIPIENT          ,"error adding recipient"},
 {PKCS7_R_ERROR_SETTING_CIPHER            ,"error setting cipher"},
-{PKCS7_R_INTERNAL_ERROR                  ,"internal error"},
 {PKCS7_R_INVALID_MIME_TYPE               ,"invalid mime type"},
 {PKCS7_R_INVALID_NULL_POINTER            ,"invalid null pointer"},
 {PKCS7_R_MIME_NO_CONTENT_TYPE            ,"mime no content type"},
@@ -152,7 +151,7 @@ void ERR_load_PKCS7_strings(void)
 	if (init)
 		{
 		init=0;
-#ifndef NO_ERR
+#ifndef OPENSSL_NO_ERR
 		ERR_load_strings(ERR_LIB_PKCS7,PKCS7_str_functs);
 		ERR_load_strings(ERR_LIB_PKCS7,PKCS7_str_reasons);
 #endif
diff --git a/lib/libcrypto/pkcs7/sign.c b/lib/libcrypto/pkcs7/sign.c
index 22290e192cc..8b59885f7ea 100644
--- a/lib/libcrypto/pkcs7/sign.c
+++ b/lib/libcrypto/pkcs7/sign.c
@@ -76,16 +76,16 @@ char *argv[];
 	int i;
 	int nodetach=0;
 
-#ifndef NO_MD2
+#ifndef OPENSSL_NO_MD2
 	EVP_add_digest(EVP_md2());
 #endif
-#ifndef NO_MD5
+#ifndef OPENSSL_NO_MD5
 	EVP_add_digest(EVP_md5());
 #endif
-#ifndef NO_SHA1
+#ifndef OPENSSL_NO_SHA1
 	EVP_add_digest(EVP_sha1());
 #endif
-#ifndef NO_MDC2
+#ifndef OPENSSL_NO_MDC2
 	EVP_add_digest(EVP_mdc2());
 #endif
 
diff --git a/lib/libcrypto/pkcs7/verify.c b/lib/libcrypto/pkcs7/verify.c
index 49fc8d8bed6..5f7afe89336 100644
--- a/lib/libcrypto/pkcs7/verify.c
+++ b/lib/libcrypto/pkcs7/verify.c
@@ -85,16 +85,16 @@ char *argv[];
 
 	bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
 	bio_out=BIO_new_fp(stdout,BIO_NOCLOSE);
-#ifndef NO_MD2
+#ifndef OPENSSL_NO_MD2
 	EVP_add_digest(EVP_md2());
 #endif
-#ifndef NO_MD5
+#ifndef OPENSSL_NO_MD5
 	EVP_add_digest(EVP_md5());
 #endif
-#ifndef NO_SHA1
+#ifndef OPENSSL_NO_SHA1
 	EVP_add_digest(EVP_sha1());
 #endif
-#ifndef NO_MDC2
+#ifndef OPENSSL_NO_MDC2
 	EVP_add_digest(EVP_mdc2());
 #endif